Thursday, September 11th, 2008
The invaluable NoScript for Firefox plug-in just got a tad better.
According to Giorgio Maone, the developer behind the popular browser extension, a new experimental feature called “Forced Secure Cookies” has been added to NoScript v1.8.0.5 to mitigate the HTTPS cookie hijacking attack vector discussed at DEFCON 16 last month.
Source:
http://blogs.zdnet.com/security/?p=1882
Posted in Internet, Privacy, Security | No Comments
Sunday, August 10th, 2008
A security researcher at the Defcon hacker conference in Las Vegas on Saturday demonstrated a tool he built that allows attackers to break into your inbox even if you are accessing your Gmail over a persistent, encrypted session (using https:// versus http://).
When you log in to Gmail, Google's servers will ...
Posted in Internet, Privacy, Security | No Comments
Thursday, August 7th, 2008
A recently found flaw in the internet's addressing system is worse than first feared, so Dan Kaminsky said when speaking publicly about his discovery at the Black Hat conference in Las Vegas.He said fixes for the flaw in the net's Domain Name System (DNS) had focused on web browsers but ...
Posted in Internet, Linux, Networking, Privacy, Security, Software, Windows | No Comments
Friday, July 25th, 2008
Google added a new feature to Gmail to always use a secure (https) connection. Switch to the settings/ general tab and scroll down to “Browser connection” to see if you got it already (if not, it may still be rolled out for you). While safer, Google in their blog announcement ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, July 1st, 2008
Working closely with the German hosting company – manitu, heise is making available with immediate effect a realtime DNS-based blacklist service for identifying weak SSL keys. The provider already runs the Realtime Blacklist for the iX spam filter NiX Spam, which enables mail servers to identify and filter spam.The principle ...
Posted in Internet, Security | No Comments
