2
POPSFirefox Bit.ly Preview extension tells Bit.ly EVERY SINGLE WEB PAGE YOU LOOK AT More: It's ironic. My last post described how URL shortening services can be abused for evil, but my point was that these abuses were a burden for the services, not that the services were abusive themselves. In fact, Bit.ly has probably done more than any shortening service to combat abuse and the Preview add-on is part of that anti-abuse effort. With Preview installed, users can safely check what's behind any of the short URLs they encounter by hovering over the link in question… a larger question remains. How do we make sure that the services we use everyday aren't leaking our info all over the place? The most widely deployed services- Google, Amazon, Facebook, etc. all deserve a higher level of ~scrutiny because of the quantity of data at their fingertips. All the privacy policies in the world aren't worth a dime if web sites can't be held accountable for the effects of sloppy coding.
0
POPSTopSurfer TopSurfer is one of the best Traffic Ehchanges about Check it out now. http://topsurfer.com/newuser.cgi?referer=deehomepage
0
POPSCross-Site Request Forgery (CSRF or XSRF) Related to the Firefox / SeaMonkey vulnerability noted in the previous clip. Please see source for excellent examples on how this is done. The Digg example is not well written, but explains well how this is accomplished.
0
POPSFirefox / Seamonkey HTTP Referer Vulnerability This issue relates to Cross-site Request Forgeries. One countermeasure is for the authenticating web site to check the HTTP Referer header to ensure the request is coming from an authorized site. This vulnerability permitted an attacker to delay the loading of the attack script until the intended (permitted) referring page was loaded, which would circumvent HTTP Referer checks to prevent CSRF. Solution: Update to Firefox 2.0.0.10 and latest version of SeaMonkey. See next post for explanation of CSRS (aka XSRF)
1
Pops
Newest Clips
Latest Comments
Most Pops
Print
Save
Turn on live update