Firefox

Today's Bits include anti-virus for Windows 7 Beta, hard drive failures, budget cutting, battling crsf and such, md5 collisions, and a pretty nifty joke by Microsoft developers. See below for details and have a great day.

  1. If, like me, you are running Windows 7 Beta and need an anti-virus solution, fear no more. You have three options.
    Windows 7 Beta Antivirus Packs Now Available -- InformationWeek
    Tags: ( microsoft anti-virus windows-7 )
  2. You may ask yourself why I am posting about hard drive failures. Never forget that one leg of the CIA triad is availability. If you have Seagate drives, you might want to check if you are effected.
    Seagate Barracuda Hard Drives Plagued By Failures -- Storage -- InformationWeek
    Tags: ( availability )
  3. "Mathias" has some option some of may want to consider as we are all faced with the impact the economy is having on our companies.
    Security Manager's Journal: Eyeing risks while cutting spending
    Tags: ( general budget )
  4. We have another tool to use against the evil hackers trying to hijack our browsers. This with NoScript should make your world quite a bit safer.
    RequestPolicy Firefox Extension ha.ckers.org web application security lab
    Tags: ( tools firefox crsf )
  5. Didier is at it again. Good thing he is on our side :0
    Playing With Authenticode and MD5 Collisions << Didier Stevens
    Tags: ( md5 malware )
  6. This is a hoot.
    Quickpost: Windows 7 Beta: ROT13 Replaced With Vigenere? Great Joke! << Didier Stevens
    Tags: ( general humor )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

Reblog this post [with Zemanta]

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This is nice to see.
    Yahoo to anonymize user data after 90 days | Security - CNET News
    Tags: ( privacy )
  2. Time to update Flash Player on Linux.
    Critical Flaw in Flash Player...For Linux! - Security Watch
    Tags: ( flash linux )
  3. Part 3 of SynJunkies' tale is ready for your perusal.
    Syn: The Story of an Insider - Part 3. Playing at CSI
    Tags: ( incident-response stories )
  4. New version. Haven't played with this one yet. Going to have to check it out.
    /dev/random >> Blog Archive >> OpenVAS 2.0.0. is out
    Tags: ( vulnerability openvas )
  5. Mike is getting involved it what appears to be a great new effort in training for penetration testers.
    Getting Information Security Training Right | Episteme
    Tags: ( training pentesting )
  6. Nifty new features.
    New Zenmap adds feature that does topology mapping | SecViz
    Tags: ( nmap zenmap )
  7. Done't forget folks. Firefox 2 is at end-of-life with 2.0.19 and you lost your safe-browsing capabilities too.
    Firefox 2 Users Will Get No More Security Updates - Security Fix
    Tags: ( firefox patches )
  8. I just like this post and Kees's approach.
    Making the world a little better - Kees Leune Information Security Blog
    Tags: ( awareness education )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Firefox, SQLite and DOM, oh my…

by kriggins on June 25, 2008

in General

I want to preface the following withLions, Tigers and Bears, oh my.

  1. I am probably late to the party and everybody already know all about this and
  2. There probably isn't any issue here.  Just got me to thinking.

I was reading the Firefox's Super Cookies post on the CERIAS Blog and it made me go hmmm. You should go read Pascal's post first because it is an interesting bit o' info, but here are the bits that are germane to my thoughts.

First:

DOM storage allows web sites to store all kinds of information in a persistent manner on your computer, much like cookies but with a greater capacity and efficiency.

Then:

To find out what information web sites store on your computer using DOM storage (if any)

and:

You should find a file named “webappsstore.sqlite”. To view the contents in human readable form, install sqlite3

So, this makes me think there is a sql interface somewhere in Firefox.  In light of all the SQL injections issues recently, I just have to wonder what kind of fun might exist here.

Kevin

Photo by annarchy1

{ 0 comments }