Highly Critical Security Vulnerability Found in Firefox 3.5

Secunia reports of a new, unpatched, and highly critical security hole in Firefox 3.5 (possibly in other versions, too) that allows attackers to execute arbitrary code on the victim’s computer.

The vulnerability is caused due to an error when processing JavaScript code handling; for example, one could use simple HTML “font” tags to cause a memory corruption and then run arbitrary code.

Until Mozilla addresses this vulnerability, here’s a temporary fix: Type about:config in Firefox‘ address bar, and set “javascript.options.jit.content” to “false.”

Read the details about this security issue here.

Highly Critical Security Vulnerability Found in Firefox 3.5

Posted using ShareThis Follow me on twitter

Advertisements

Google Chrome, another browser in the block !

The Browser War is flaring up once again with the release of Google Chrome. Google Inc. has released its own Web browser in a long-anticipated move aimed at countering the dominance of Microsoft Corp.’s Internet Explorer and ensuring easy access to its market-leading search engine.

It is a new browser based on many freely available open source components such as WebKit and Firefox. Chrome is bare bones, chrome less, browser with very little UI fluff and decoration. It is interesting to note that the UI for the Google browser took a note from the companies colorful logo, the Chrome UI looks neat with a blue pastel color scheme.

They say, Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier. Many of the features that are high lighted in Chrome are not necessarily revolutionary. Chrome basically reduced the browser to the location bar, tabs, and content page.

The most notable features in Chrome are its crash control, incognito mode, and safe browsing. Chrome runs each web page on its own process so that if one page fails only that page is effected. Incognito mode is like Safari’s Private Browsing, aka Porn Mode, it allows you to surf the web without caching cookies and history of the sites you visit on your local computer. It’s safe browsing feature will help you to identify web sites with malicious code or applications. Many of these features are not entirely new.

What I think is new is that Google decided to release yet another browser. The browser space is already crowded with Firefox, IE, Safari, Opera, Konqueror, and Flock to name just a few. It is clear that Google will align Chrome with its properties, search, applications, development tools, and user generated content sites. Seeing Google take this approach I wonder if other companies follow suit and release internet browsers that compliment their business. Can you imagine a custom browser from Adobe, McAffee, Oracle, Amazon, or EBay? hell!

The news is that Chrome has already acquired nearly 1% of the market share. Now, thats impressive and I think Firefox is already feeling the heat.

Automate and extend Firefox with the Chickenfoot add-on

Tony Patton in his article on Chickenfoot speaks about manipulating the DOM of a webpage through which you can give additional features to a web page.

Chickenfoot is a Firefox add-on that allows you to automate user actions within the browser environment. It also lets you extend the browser interface to provide additional features to a Web page.

Before I delve into how this add-on can make your Web development work easier, I thought I’d take a moment to share the answer to the question I bet you’re asking yourself (I know I was): Why is it called Chickenfoot? Here is the answer from the Chickenfoot site:

“Chickenfoot is a game that you can play with dominoes. Since Chickenfoot does much of its work by manipulating the Document Object Model, or DOM, of a web page, Chickenfoot the Firefox extension is like a toy that lets you play with the DOMinoes of the web.”

Access the full article here

Chickenfoot is available as a free download. When you click the downloaded file, Chickenfoot is installed via the Firefox Add-ons dialog box. After installation, it is available as a sidebar selection (View | Sidebar). After you enable the sidebar, Chickenfoot appears on the left side of the browser adjacent to where pages load.

The top portion of the Chickenfoot sidebar contains a JavaScript editor that allows you to enter JavaScript as you would within a Web page. In addition, you can enter commands from the JavaScript superset that is part of Chickenfoot.

You may enter multiple code windows within the JavaScript editor. There are buttons at the top of the JavaScript editor that you can use to open/save scripts, create new scripts, and execute and stop scripts.

For more information about Chickenfoot scripts, check out the Chickenfoot Script Repository.

gOS: A new operating system is born

gOS Rocket is a Linux distribution created by ‘Good OS LLC’, a Los Angeles-based corporation. The company advertises it as “An alternative OS with Google Apps and other Web 2.0 apps for the modern user.

Google Operating System

gOS Rocket is based on the Ubuntu 7.10 distribution. It uses the Enlightenment 17 window manager instead of the usual GNOME or KDE desktops, allowing for lower memory and speed requirements.

Wal-Mart To Sell $399 Ubuntu Linux-based Laptop with Google Operating System
— The Ubuntu Linux-based gOS operating system from Good OS LLC (www.thinkgos.com) includes so many Google applications like Gmail, Google Docs, Google Calendar, Google News Google Maps and YouTube that it’s often referred to as the Google operating system. It also includes Firefox, Skype, Facebook and OpenOffice 2.3.

GooOS

Neat features from Firefox add-ons

 

Firefox has an extensible framework that enables developers to write add-ons, which provide several great features such as blocking ads, scrambling keystrokes, and blocking intrusion.

An excerpt from TechNewsWorld:

One big helper for surfing comfort and speed is provided through an add-on called “Adblock Plus.” As the name suggests, it eliminates ad banners. During installation, the user can subscribe to filter lists that are then automatically updated to recognize and block new domain Over 800,000 High Quality Domains Available For Your Business. Click Here. addresses used to transport ads.

The article talks about several more add-ons such as:

  • NoScript : Add-on that checks the running of scripts, which prevents Trojans and malware from sneaking in.
  • TrackMeNot: This one sends random queries to search engines to prevent the user’s query from being differentiated.
  • KeyScrambler: To encrypt key information and prevent key loggers from accessing keystroke data.
  • Bookmark Synchroniser: To organize bookmarks among several computers by loading them onto a server.
  • Foxy Tunes: A tool-bar to control music players.

Many more add-ons can be found at the Firefox Web site.