posted by Kroc Camen on Wed 7th Apr 2010 08:19 UTC
Via Ha.ckers.org, we get news of a cross-domain flaw using Flash or Silverlight content that allows the attacker to use the victim's browser as a proxy, including access to the user's session. Erlend Oftedal, the developer, explains how the system works and demonstrates the concept with a video. The flaw stems from developers lackadaisically allowing cross-domain requests from Flash across their whole domain (which obviously includes the user-account interactions); even Flickr and YouTube were culprits at one point.
Related Articles
Technology White Papers
Features
Linked by Thom Holwerda on 05/25/12 19:09 UTC
Pocket-lint has a rumour up that Facebook is interested in acquiring Opera to kickstart their own move into the browser market, to compete with Mozilla, Google, and Microsoft. While it would mean much-deserved recognition for Opera, I actually hope such a deal does not go through - for entirely selfish reasons.
Linked by Thom Holwerda on 05/24/12 22:34 UTC
Google has released a treasure trove of data about takedown requests regarding possible copyright violations. What may surprise some - but is actually kind of logical if you think about it - is that most requests, by far, come from Microsoft. You'll be surprised about the total amount of requests, and looking at some of them in more detail, it becomes obvious just how much certain organisations would abuse takedown power if they had it.
Linked by Thom Holwerda on 05/23/12 16:13 UTC
Google CEO Larry Page was interviewed on Charlie Rose recently, and there was certainly some interesting stuff in there. Sadly, the interview suffers from the curse of modern journalism in that it was all a bit timid and civil (no truly harsh and confronting questions), but despite that, it's still a good watch. Two quotes from Page really stood out to me.
Linked by Thom Holwerda on 05/21/12 20:03 UTC
For Microsoft, the traditional desktop is old news. It's on its way out, it's legacy, and the harder they claim the desktop has equal rights, the sillier it becomes. With companies, words are meaningless, it's actions that matter, and here Microsoft's actions tell the real story. The company has announced the product line-up for Visual Studio 11, and the free Express can no longer be used to create desktop applications. Message is clear.
Linked by Howard Fosdick on 05/19/12 8:59 UTC
Smartphones have become the preferred computer of the masses. Sales surpassed
those of personal computers in 2010, having grown over 50% per year for
several years. Nearly 500 million smartphones shipped
in 2011. This radically shifts the terrain in the consumer operating
system competition that was, for years, firmly decided in favor of
Windows. This article analyzes the New OS Wars.
Linked by Thom Holwerda on 05/16/12 21:17 UTC
An interesting study has been making the rounds across the web these past 24 hours. The creators of OpenSignalMaps have been logging which new devices download their product, and they've collected data on 681900 devices. The results are... Diverse.
Linked by Thom Holwerda on 05/14/12 22:49 UTC
For weeks - if not months - I've been trying to come up with a way to succinctly and accurately explain why, exactly, Windows 8 rubs me the wrong way, usability-wise. I think I finally got it.
Linked by Thom Holwerda on 05/11/12 19:10 UTC
The next frontier for Apple - and other technology companies - to conquer: the television market. Terry Gou, chairman of Foxconn, has confirmed his company will be building a television for Apple in conjunction with Sharp. Since I bought a brand-new top-of-the-line TV late last year, I've been thinking a lot about what could be improved about the state of TV today, and as crazy as it seems, I'm actually not that dissatisfied.
Linked by Thom Holwerda on 05/10/12 18:06 UTC
Both Mozilla and Google have expressed concern over Windows 8. Microsoft's next big operating system release restricts access to certain APIs and technologies browsers need - only making them available to Internet Explorer. Looking at the facts, it would seem Mozilla and Google have a solid case - coincidentally, the responses on the web are proof of the slippery slope we're on regarding ownership over our own machines.
Linked by Thom Holwerda on 05/08/12 17:55 UTC
This is fun. The number one iOS carrier duking it out with the company behind the world's most popular smartphone operating system. Last month, Google's lead for the Android Open Source Project, Jean-Baptiste Queru, more or less blamed carriers (see comments) for Android's upgrade woes. Yesterday, AT&T's CEO Randall Stephenson retaliated, blaming Google for the delays. And yes, Google already responded to that, too.More Features »
Sponsored Links
