Mar 23
Normally $619 (!), this thin and sexy system packs dual-core horsepower into a 3.5-pound frame that measures just over half an inch thick.
Originally posted at The Cheapskate
Mar 23
Firefox Password Manager Exposes Passwords – Most Secure Browser?
Posted in: Freeware, Internet Explorer, Opera, Software, Today's ChiliThis article was written on July 23, 2007 by CyberNet.
We’ve shown you how easy it can be to retrieve passwords stored in your browser, provided that someone has access to your computer. Well, that’s not the only way for a hacker to gain access to some of the information stored in the Firefox Password Manager. A new flaw that was just revealed late last week can retrieve some of your passwords using a very small amount of JavaScript.
How does it work? Here’s a quick example of what could happen:
- User visits a site such as their own blog hosted on a popular network (something like Blogger).
- They login, and have Firefox remember their username/password.
- They visit someone else’s blog on the same domain, and a username/password form appears on the site. As expected Firefox autofills the information for the user (both the username and password) so that they can just hit enter to login.
- The site is able to use some JavaScript to store the username and password without the user even hitting the Submit button. This is done by having the JavaScript go and retrieve the values located in the text box (
document.<form>.<field>.value).
This flaw can only be used to expose the username and password that is entered into a form, and Firefox automatically does this for people who have stored a password. That means your information could be surrendered without you even realizing it.
If you want to try this out yourself, Heise has setup a demo site where you makeup a username/password, and then have Firefox store it. Then when you go to the “evil” page, Firefox will automatically fill out the form and a popup will reveal the username and password you stored.
To get around this happening, it is recommended that you either don’t store passwords in Firefox or you disable JavaScript. Of course, this is really only an issue on a “network” of sites that all have the same domain. The reason for that is because Firefox will not, for example, fill in your bank’s username and password here on CyberNet. So just be aware of what passwords you have stored, and you can always have Firefox prompt you for a master password before it autofills any information.
An alternative that xpgeek pointed out in the forum is to install the Secure Login extension to prevent Firefox from automatically filling in password forms.
Note: This vulnerability also affects the Safari browser.
– What’s the Most Secure Browser? –
I decided to lookup on Secunia, who tracks vulnerabilities for more than 14,000 applications, to see which browser is currently the most secure. Here’s what I came up with:
- Opera 9.x has had 8 advisories, all of which have been patched. [source]
- Firefox 2.0.x has had 13 advisories, and there are 6 that have not been patched. [source]
- Internet Explorer 7.x has had 14 advisories, and there are 8 that have not been patched. [source]
You can take that information for what it’s worth, but it goes to show that most browsers constantly have security-related flaws.
Source: Heise Security [via Slashdot]
Copyright © 2011 CyberNetNews.com
Related Posts:
- Microsoft Password CheckerGoogle Chrome Master Password Still Non-Existent?Tip for Saving Passwords in Internet Explorer or FirefoxTop 10 Most Common PasswordsGiveaway: RoboForm Pro Password & Form Filler
Mar 23
Solar Screens May Make Phone Chargers Obsolete
Posted in: R&D and Inventions, solar power, Today's ChiliHow would you like to have a cellphone that never needed to be charged? That’s the promise of French company Wysips, which wants to turn your phone’s screen into a solar charger.
It works like this: a transparent photovoltaic film covers the screen of your device, and provides 250mW of power to trickle-charge the battery. The film is thin — just 100 microns or 0.1mm — and won’t dim the screen when incorporated into the LCD panel. Wysips says the film will typically add just a dollar to the cost of a phone, and hopes to have shipping units within a year.
The beauty of the design is that it scales. The bigger the screen of a device, the bigger the solar panel. A typical phone will be fully charged in six hours, and the second-gen version will give you a half-hour’s worth of power with just one hour of charging.
The real winner here will be ebooks. These typically sip power anyway, and have pretty big screens. While you may still have to plug in an iPad to charge it at night, a Kindle with Wysips’ tech in its screen would likely never, ever need to be charged, especially as you can only read it when there’s enough light to do so.
Wysips product page (Wysips)
No More Chargers! Wysips Breakthrough Turns Phone Screens into Solar Panels [Laptop Mag]
Video: Laptop Mag
See Also:
- Blue Earth: Samsung's Solar Phone Made from Water Bottles
- Solar Charger For iPhone Swiftly Sucks Up The Sun
- Solar-Powered iPhone Battery Case: Apple Approves
- Recharge Your Phone With Solar Power
Mar 23
Console modder Ben Heck sweeps the Xbox into a ’70s time warp. Haul this mutant Xbox/Atari laptop to your next gaming gathering and listen to your friends weep with envy.
Mar 23
Firefox 4 clocks up 7.1 million downloads within first 24 hours, fails to beat Firefox 3 record (updated)
Posted in: download, launch, Mozilla, release, statistics, stats, Today's Chili
We noted Firefox 3’s spectacular eight million downloads in a day when discussing the recent launch of IE9, and that mark shall live on as a record for another day. Firefox 4 looks to have a had a thoroughly successful debut, going past the five million milestone within the first 24 hours of its release, but it hasn’t quite been able to overshadow its predecessor. And before you go comparing its numbers to the latest Internet Explorer, do be cognizant that FF4 released on a wider set of platforms, rendering direct stat comparisons a little dicey. That’s not stopping StatCounter, however, who notes that the latest Firefox already has a 1.95 percent share of the browser market, almost exactly double what IE9 can claim so far. Better get working on that XP compatibility, eh Microsoft?
Update: Mozilla CEO Gary Kovacs has the final stats for the first 24 hours and it’s actually even higher than we thought: 7.1 million downloads around the globe. That’s in addition to three million users already running the release candidate for Firefox 4, which turned into the final release. Good work!
Firefox 4 clocks up 7.1 million downloads within first 24 hours, fails to beat Firefox 3 record (updated) originally appeared on Engadget on Wed, 23 Mar 2011 08:57:00 EDT. Please see our terms for use of feeds.
Permalink | 
Mozilla | Email this | Comments
Mar 23
Firefox 4 clocks up 5 million downloads within first 24 hours, fails to beat Firefox 3 download record
Posted in: download, launch, Mozilla, release, statistics, stats, Today's ChiliWe noted Firefox 3’s spectacular eight million downloads in a day when discussing the recent launch of IE9, and that mark shall live on as a record for another day. Firefox 4 looks to have a had a thoroughly successful debut, going past the five million milestone within the first 24 hours of its release, but it hasn’t quite been able to overshadow its predecessor. And before you go comparing its numbers to the latest Internet Explorer, do be cognizant that FF4 released on a wider set of platforms, rendering direct stat comparisons a little dicey. That’s not stopping StatCounter, however, who notes that the latest Firefox already has a 1.95 percent share of the browser market, almost exactly double what IE9 can claim so far. Better get working on that XP compatibility, eh Microsoft?
Firefox 4 clocks up 5 million downloads within first 24 hours, fails to beat Firefox 3 download record originally appeared on Engadget on Wed, 23 Mar 2011 08:57:00 EDT. Please see our terms for use of feeds.
Permalink | Mozilla | Email this | Comments
Mar 23
Hands-on with the HTC HD7S
Posted in: Today's ChiliIf you’re looking for a Windows Phone 7 device for AT&T, you might want to check out the HTC HD7S. Read on for our hands-on impressions.
Originally posted at CTIA 2011
Mar 23
Bertrand Serlet, the guy who led the development of Mac OS X since the beginning, is leaving Apple. He was one of the heavyweights and a legendary figure at the company, even while he wasn’t well known by the general public. But why is he leaving? More »
Mar 23
Twist&Brush, A Kind of Reverse, Toothpaste-Filled Fountain Pen for Teeth
Posted in: household, Today's Chili
Twist&Brush complicates an easy chore
Imagine a beautiful old steel fountain pen, with its twist-to-suck pump that slurps in ink. Now imagine that instead of twisting the reservoir to fill the pen, you turn it in the other direction and force ink to seep out through the nib.
Now imagine that instead of ink, you are squeezing out toothpaste, and instead of a pen, you have a toothbrush. Finally, swap the metal for plastic and you have Kawamura Ganjavian’s Twist&Brush, a toothbrush with its own supply of toothpaste.
It’s made for travel. You fill it — probably quite messily — from a regular toothpaste tube and you’re ready to go. Twist the knob to deliver a dose of minty paste to the bristles and brush.
Because, you know, it’s so hard to carry the two separately. And while the cap may untwist from a tube of toothpaste and soil your luggage, this contraption may also twist and pump out a sticky mess into your suitcase, so you’ll still need a toiletry bag to keep it in.
Still, it looks neat, which is probably enough to make many people want one. Sadly, it is a one-off concept design, but it has given me an idea. Why not take the hollow head of this brush and cut a thread into its neck? Then you could just screw it onto the top of any toothpaste tube. Easier, and a lot less messy.
Twist&Brush [Studio KG]
See Also:
- Toothbrush Wobbles But it Won't Fall Down
- Unibody Aluminum Toothbrush Case is Tough, Pointless
- Water Fountain Toothbrush No Longer Costs $1750
- Solar Toothbrush Obsoletes Toothpaste
- Clever Low-Tech Toothbrush for the Lazy Scrubber
Mar 23
Hacker nets two years in jail after pilfering £7 million in virtual poker chips
Posted in: gaming, hack, hacking, Law, legal, money, Online, safety, security, Today's Chili, uk, united kingdom, UnitedKingdom, web
Crime, it just doesn’t pay. Well, actually it does, to the tune of £53,612, but then you get caught and you have to work off that salary with two years at Her Majesty’s pleasure. One Ashley Mitchell, an enterprising 29-year old from Devon, England, managed to break into Farmville maker Zynga‘s mainframe, hijack the identities of two of its staffers, and procure for himself a cool £7 million ($11.4m) in virtual poker chips. He then proceeded to sell about a third of them for the above sum, while consuming a big chunk of the rest in satisfying his own gambling habit. Ashley already had a history of digital malfeasance, having previously hacked into the systems of Torbay Council, his former employer, and is now on the receiving end of a two-year prison term for his current crime plus the activation of a 30-week suspended sentence. There’s a warning in this tale of woe for us all, however — Monsieur Mitchell piggybacked on his neighbors’ unsecured WiFi networks in order to do his dastardly deeds. Slap a password on that router, won’t you?
Hacker nets two years in jail after pilfering £7 million in virtual poker chips originally appeared on Engadget on Wed, 23 Mar 2011 08:09:00 EDT. Please see our terms for use of feeds.
Who's in charge here?
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.