A lot of things javascript have made the “web 2.0” idea what it is (Ajax and all), well, the new Mozilla-Firefox supports a canvas tag. To my limited understanding of it (at this point), allows some javascript interactions with the web page. For example…. one demo is of a first person shooter game (well… first person walking around carrying a weapon game… no shooting), another is of a web based paint program.
Month: November 2005
-
Spyware news and musings
It’s funny, in the last couple days 180solutions had a blog post that was somewhat… what’s the term I’m looking for ? well they were quite defensive and concerned about “anti-spyware zealots” about “Scanning companies” and trying to work with them to explain their business model. Of course, legal action is not something they want to pursue, but if the business talks with the scanning companies fail, well it’s an option. Some months ago they claimed to be trying to clean up their act. Supposedly they were to crack down on “affiliates” using unscrupulous means to spread their ad content.
-
Windows Live Mail (Next generation Hotmail) get’s an update
Looks like Windows Live Mail Beta has seen an update, this beta program is open to those that request to partake from what I see and is Microsoft’s next generation replacement for Hotmail. It looks like it will be quite well Ajax-ified and some interesting features for classifying mail by senders (known/unknown/unsafe) is interesting.
-
Sony class-action suit picks up researcher Mark Russinovich as an expert witness
News continues on the Sony mess…. (Expect to hear about this for some time…) The researcher that informed the world about the Sony DRM rootkit, Mark Russinovich, has joined the class-action suit against Sony and First4Internet as an expert witness on the matter.
Russinovich said he opted to join the suit because he “wanted to make sure that a message was sent loud and clear to Sony and hopefully to the rest of the industry. And if a technical expert is required to back up the suit, then that’s what I’m willing to do to make sure that message gets driven home.”
-
Yahoo moves to offer RSS reading
Yahoo is offering RSS reading through email folders, in part countering moves by Google with their Reader web-based RSS aggregator. Apparently, posts show up looking like mail messages and can be forwarded or read in a way similar to the way mail is dealt with. They’ve also launched a beta of Yahoo Alerts which can send a text message, email or messenger alert when a feed updates.
-
MS IE Javascript exploit for zero-day (0-day) vulnerability
An exploit for last weeks zero-day (0-day) javascript vulnerability in Microsoft’s Internet Explorer is in the wild. I saw this post from Sunbelt a couple nights ago go up and disappear, at the time I didn’t have long enough to read it… It’s back today and there are instructions for mitigating the risk. However, there is still no patch from Microsoft and no word on when to expect one. According to the Sunbelt post the exploit in the wild is being used for browser hijacking/spyware install stuff.
-
Beware emails that sound too good to be true
A new phishing scheme is promising tax refunds in the amoutn of over $500 to recipients of the scam. Sophos has an advisory. It looks pretty devious – asking people to type in the link address (or copy and paste) and using URL redirect to make it use an official site to then redirect to the phony site.
-
Apple Security Update
13 Seperate vulnerabilities are addressed by the latest Apple security updates. 9 vulnerabilites exist in network facing services like the web server, a couple in the web browser, another couple in SSL (secure socket layer) handling. In other words, get updating.
-
Enabling logging in Microsoft Outlook
As a couple earlier posts showed having a log file of what happens when Microsoft Outlook checks mail can be essential to figuring out why something is not happening that should (or why something is happening that shouldn’t.) Anyway, to turn on logging.
-
Sun Java security updates/ Windows software update rant…
Incidents.org has the story on Sun’s release of new versions of the Java Runtime Environment and the Java SDK to fix some remote security vulnerabilities.
These security vulnerabilities could allow malicious, untrusted code to compromise a user’s computer. Sun recommends that users update to the newest version of the SDK and JRE available at http://java.sun.com .