The only browser that survived Pwn2Own this year was Google Chrome. This led to numerous news reports like this one suggesting that Google’s browser was somehow more secure than the others. This is far from the truth. In fact, the vulnerability that caused the iPhone’s downfall was in the WebKit engine and also affected the Google Chrome browser.
Browsing Author: Chris Brook
Despite the multitude of anti-exploit mitigations built into modern operating systems (ASLR, DEP, Sandboxing), hackers were able to compromise every major target this year. This is confirmation that dedicated attackers with the right (financial) motivation, will almost always find a way to break into computer systems. It also highlights the difficulties businesses face when trying to thwart targeted attacks that combine zero-day vulnerabilities/exploits with clever social engineering lures. The dedicated targeted attacker will, in almost every case, win.
The recent CanSecWest Pwn2Own contest saw successful hacking attacks against Microsoft Internet Explorer 8, Mozilla Firefox and Apple’s Safari and iPhone products. Now that the dust has settled and the vendors are starting to patch the vulnerabilities, Threatpost editor Ryan Naraine takes a look at the real-world implications of the contest and the lessons learned.
[img_assist|nid=4779|title=|desc=|link=none|align=right|width=100|height=100]Dennis Fisher and Ryan Naraine discuss the new vulnerability in Java, whether the Internet works without Java and the new operating system released by security researcher Joanna Rutkowska.[swf
[img_assist|nid=4779|title=|desc=|link=none|align=right|width=100|height=100]Dennis Fisher and Ryan Naraine preview this year’s CanSecWest conference, the Pwn2Own contest and talk about the recent zero-day flaw in Firefox.
Many people play games on Facebook. Some of them are fun. But if you’re not interested in a specific game and its messages are getting really annoying, you can make sure you get NO messages from them by going to their page and choosing to block the application.
You should be aware that when you type a status update, you can also set the privacy of that status posting like you were creating an album.
On the left is the default. You want to turn off Everyone. And change Networks so none of your networks will get automatic permission (unless you specifically want that, like old school pictures).
Then choose whether you want Friends of Friends, etc., or to customize, choose Some Friends.
Then start typing the names of your groups and choose the set(s) of people you will allow to see this album.
When you create a new album, you get this page. Click where it says Everyone so you can then choose to customize the settings to determine who can see this album.