Tuesday, June 16th, 2009
Torfox is a mash-up between Firefox and Tor. Ideally, we want to completely remove all direct communication between Firefox and the localhost. Instead, all address lookups are done through tor-resolve and all connections are made through tor socks server. Right now the project only works on Windows and relies on ...
Posted in Internet, Privacy, Security, Software | No Comments
Monday, June 15th, 2009
I recently came upon a few articles that once again offered the computer security tip to use onscreen keyboards to defeat keyloggers. Most of these tips are suggesting to install an onscreen keyboard or make use of the default one of the operating system to defeat keyloggers while making transactions ...
Posted in Hardware, Internet, Privacy, Security | No Comments
Thursday, June 11th, 2009
Firefox 3.0.11 fixes several security issues found in Firefox 3.0.10:
JavaScript chrome privilege escalation
XUL scripts bypass content-policy checks
Incorrect principal set for file: resources loaded via location bar
Arbitrary code execution using event listeners attached to an element whose owner document is null
Race condition while accessing the private data of a NPObject JS wrapper ...
Posted in Internet, Linux, Security, Windows | No Comments
Thursday, June 11th, 2009
Here is a great post from Jeff Moser over at Moserware that gives you a detailed walk-through of what exactly happens when you make an https connection to a server (in this example: amazon.com). So much more happens than just the URL changing from http to https and a padlock ...
Posted in Internet, Privacy, Security | No Comments
Thursday, June 11th, 2009
Australian researchers have described a new and faster way of provoking collisions of the SHA-1 hash algorithm. With their method, a collision can be found using only 252 attempts. This makes practical attacks feasible and could have an impact on the medium-term use of the algorithm in digital signatures.
SHA-1 is ...
Posted in Coding, Internet, Privacy, Security | 1 Comment