There’s quite a bit more discussion on a DOS bug in Firefox 1.5.0.3, the link goes to a site where they’ve confirmed the issue and there is a link there to a POC, so be cautious. It turns out that using javascript, image tags can be made to have a mailto: link which can automatically launch tons of instances of whatever default mailhandler a system has (essentially one for each image tag.) Right now, this sounds more like a Denial of Service risk, as I don’t see at this point any evidence that anything WORSE could be done than really freezing up the system with too many copies of the mail program open.
Category: Computers
-
Wow, impressive comment spam storm
But perhaps you are not as powerful as the emporer has foreseen…. I just skimmed the stats and saw an abornmal spike in traffic over the last hour, so being curious…. I checked the server logs and saw trackback post after trackback post, all different Internet Explorer versions. It doesn’t seem to be the same ip address repeating, but several. (Could it be a bot net?) Anyway, not much time here to investigate on that. Fortunately though, the trackback spam defending jedi akismet has been holding it’s own quite well with the onslaught. This is frankly the biggest trackback spam storm I’ve seen EVER which makes me curious as to why I came up on the radar…
-
The spammers win a round
There is a company (well, unfortunately, WAS a company) called Blue Security. They had an innovative approach to stopping spam. A small download essentially sent opt-out return emails that were junk back to the REAL spam sender (clever concept huh? bouncing to the person that REALLY sent the message… Of course what was clever here was that they were coordinating the responses of all their users – herding a “white hat” network of sorts.) Anyway, it was a successful concept at getting several of the top 10 to clean their mailing lists.It looks as though 6 of the top 10 agreed to clean up their mailing lists. Unfortunately, they were the subject of a Massive DDOS. They managed to recover and come back, but the dDos took out other sites as well and there were threats of more it seems.
-
Quickbooks “An error has occurred in the script on this page”
I ran into an install of Quickboos Pro 2005 that was having a peculiar problem. When any company file was opened I was seeing an Internet Explorer Script Error message (quickbooks uses Internet Explorer to parse the company page ( Usually C:\Program Files\Intuit\Quickbooks\Components\Pages\Comppage.qpg ) The error basically said “An error has occurred in the script on this page” it gave a line and char number and there were three different Error: messages. One was Object Required and another was Class not registered. This is a Windows XP Pro system with all current updates for windows AND quickbooks.
-
Windows XP Print what’s on the screen or make a screenshot using the … print screen button
This is one that’s not as obvious as it should be. Every keyboard has a “print screen” button – usually it’s in the group over above the insert/home/pageup/delete/end/pagedown block. Sometimes (especially on laptops) it’s shared with something else. But…. most people will notice if they press “print screen” on a windows pc… not much seems to happen. (On my KDE/Linux desktop it pops up a program called ksnapshot…) If the print screen key is shared with another function (say on a laptop) you may need to press the function button at the same time as the print screen button to get the following to work.
-
Scansafe tries to make web browsing safer…
Scansafe is launching a new free product called scandoo which aims to tag search results with Green yellow and blow widgets so you know which sites are safe (green), dangerous (red) or uncertain (Yellow). ZDnet had news of the scandoo service which is not the first attempt at making the web safe… Siteadvisor from McAfee attempts to do the same (with installed software) and Symantec is working on a competitor as well. Further there are toolbars that attempt to protect users from phishing scams, but I’m not sure that this service will be as successful as hoped.
-
Netcubicle, you’re personalized network based linux desktop..
As they say on their site “Experience Linux without the hassles of installation and adminstration.” Inqub has a new product out called Netcubicle which basically is this…. for $4.50 a month, you can have a Gigabyte of storage and a linux desktop accessible from most any computer in the world. (Or command line SSH access too.) Apparently it’s based on Ubuntu/Kubuntu (They say gnome/kde are both available). The KDE Dot calls it a KDE Desktop Hosting Service.
-
Late afternoon test run of Google Notebook
So, I finally got down to about 5 tabs left in my firefox window and decided I could kill it off and restart it without really losing my place so I could get a good look at the Google Notebook plugin. First impression is that it’s fairly unobtrusive and is in the notification bar with the rest of my plugins (google mail notifier, google calendar notifier, noscript, adsense notifier and adblock…) Clicking on it gives the chance to create a new notebook and then loads a little Web 2.0 looking box complete with resize/close widgets and an Add note button and Actions menu.
-
Mandriva One 2006
I saw earlier today that Distrowatch was reporting that Mandriva One 2006 had been released and pushed to the ftp mirrors . It appears as though Mandriva One 2006 is a combination Live/Install cd based on (of course) Mandriva Linux. It looks as though it may only be available for download by Club members. There are 4 versions based on different languages….
-
Open Source Java and Linux distros redistributing java
For years, the call has been to open source Java…. it appears that day is, well… coming. Not at hand yet, but for startersJava can now be bundled with Linux distributions…. and is looking for advice on how to get from where they are to open source Java. So it sounds like they’re enlisting advice from developers on this and the day will at least be coming that Java will be open source.