June 20, 2005
Whois Spam
Looks like whois is now even prone to spam. Look at what google.com returns:
me@server$ whois google.com
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
GOOGLE.COM.ZZZZ.DNSW.COM
GOOGLE.COM.VN
GOOGLE.COM.SUCKS.FIND.CRACKZ.WITH.SEARCH.GULLI.COM
GOOGLE.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET
GOOGLE.COM.IS.APPROVED.BY.NUMEA.COM
GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM
GOOGLE.COM.AU
GOOGLE.COM
To single out one record, look it up with "xxx", where xxx is one of the
of the records displayed above. If the records are the same, look them up
with "=xxx" to receive a full display for each record.
Posted by 0xFF3300 at 01:13 PM | Comments (0) | TrackBack
March 31, 2005
Google Results Prefetching for Firefox
On some searches, Google automatically instructs your browser to start downloading the top search result before you click on it. If you click on top result, the destination page will load faster than before.
Google uses a special prefetching feature in Firefox and Mozilla web browsers to provide this functionality, so results prefetching is not available in Internet Explorer or other web browsers. You can disable prefetching in your web browser preferences, as described in the Mozilla Prefetching FAQ. In Firefox, you can disable prefetching by doing the following:
1. Type "about:config" the address bar.
2. Scroll down to the setting "network.prefetch-next" and set the value to "False".
With prefetching enabled, you may end up with cookies and web pages in your web browser's cache from web sites that you did not click on since prefetching happens automatically when you view Google search results pages. You can delete these files by clearing your browser's cache and cookies.
Posted by 0xFF3300 at 09:12 AM | Comments (0) | TrackBack
February 24, 2005
Claria Privacy Officer Named to Homeland Security Committee
If this doesn't disturb you, you need to get your head checked.
"The Department of Homeland Security named Claria's chief privacy officer Reed Freeman, a former Federal Trade Commission staff attorney, to its 20-member committee on privacy, according to CNET. The CNET piece heavily implies that Claria, as an adware firm that doesn't publish its own web content, is a "parasite" and that the appointment may be inappropriate."
Posted by 0xFF3300 at 01:51 PM | Comments (0) | TrackBack
February 08, 2005
Google Maps BETA Released
Google has released there latest killer app, http://maps.google.com/.
Posted by 0xFF3300 at 11:41 AM | Comments (0) | TrackBack
February 07, 2005
LA Earthquake
Just felt an earthquake here in the Sherman Oaks area, waiting for the results on usgs.gov.
Posted by 0xFF3300 at 02:07 PM | Comments (0) | TrackBack
January 27, 2005
Man Jailed for using a Nonstandard Browser
From BoingBoing:
A Londonder made a tsnuami-relief donation using lynx -- a text-based browser used by the blind, Unix-users and others -- on Sun's Solaris operating system. The site-operator decided that this "unusual" event in the system log indicated a hack-attempt, and the police broke down the donor's door and arrested him. From a mailing list:
For donating to a Tsunami appeal using Lynx on Solaris 10. BT [British Telecom] who run the donation management system misread an access log and saw hmm thats a non standard browser not identifying it's type and it's doing strange things. Trace that IP. Arrest that hacker.
Armed police, a van, a police cell and national news later the police have gone in SWAT styley and arrested someone having their lunch.
Out on bail till next week and preparing to make a lot of very bad PR for BT and the Police....
So just goes to show if you use anything other than Firefox or IE and you rely on someone else to interogate access logs or IDS logs you too could be sitting in a paper suit in a cell :(
:Link:
Posted by 0xFF3300 at 10:09 AM | Comments (0) | TrackBack
December 30, 2004
HOWTO Make Firefox Faster
Here's something for broadband people that will really speed Firefox up:
1.Type "about:config" into the address bar and hit return. Scroll down and look for the following entries:
network.http.pipelining network.http.proxy.pipelining network.http.pipelining.maxrequests
Normally the browser will make one request to a web page at a time. When you enable pipelining it will make several at once, which really speeds up page loading.
2. Alter the entries as follows:
Set "network.http.pipelining" to "true"
Set "network.http.proxy.pipelining" to "true"
Set "network.http.pipelining.maxrequests" to some number like 30. This means it will make 30 requests at once.
3. Lastly right-click anywhere and select New-> Integer. Name it "nglayout.initialpaint.delay" and set its value to "0". This value is the amount of time the browser waits before it acts on information it receives.
If you're using a broadband connection you'll load pages MUCH faster now!
:Link:
Posted by 0xFF3300 at 04:12 PM | Comments (0) | TrackBack
December 17, 2004
Serious Spoofing Bug in IE Reported
Security advice firm Secunia has released information concerning a new flaw with Microsoft's web browser, Internet Explorer.
The exploit allows cross site scripting attacks to be performed on users. In the scenario that Secunia have published, users can follow a link to xyz.com, have xyz.com in the address bar yet have content being fed to the browser from another site. Clicking on the "Pad-lock" SSL icon in the bottom corner of internet explorer also reveals xyz.com.
The problem is caused by "DHTML Edit ActiveX control when handling the "execScript()" function in certain situations. This can be exploited to execute arbitrary script code in a user's browser session in context of an arbitrary site". The issue affects the most recent releases of Internet Explorer 6.0, including Service Pack 2 patched systems. To avoid the exploit affecting you, it's advised that you disable ActiveX. Microsoft have yet to comment or release a patch for the problem.
View the demonstration.
Posted by 0xFF3300 at 09:34 AM | Comments (0) | TrackBack
December 13, 2004
Microsoft Debuts Desktop Search Tool
Microsoft has released a Desktop Search tool in answer to the recent developments in the ever-burdgeoning desktop search arena. First Google drops with Google Desktop search, Yahoo teams up with X1, and now MS has released their first search beta.
So far I have to say I like it; the Web results however, don't look so good. Google has just plain dominated this area. Entering the search term Desktop revealed 6-10 of the first search results were Microsoft related. I'm not saying the product pushes company related items to the top, as I don't have the knowledge to speculate. But see for yourself: results. Entering Desktop on Google, is equally as interesting their http://desktop.google.com is the first result.
Posted by 0xFF3300 at 02:22 PM | Comments (0) | TrackBack
December 11, 2004
Firefox 1.0 (Rules)
I have been using Firefox 1.0 since it came out and have been really impressed. Of most interest, is Firefox is visibly faster than IE 6, especially on slower systems. This may have to do with the overall footprint of the application.
The tabbing feature is great, built-in pop-up protection, skinable, and tons of plugins. Next week I'm going to try the new Mozilla email application that claims to be an "Outlook Killer", if it's anything like Firefox, I'm already sold.
Posted by 0xFF3300 at 10:23 AM | Comments (0) | TrackBack
October 27, 2004
Bush Blocks Access to Website
Bush has blocked access his website, georgewbush.com to non-US visitors. Netcraft spotted the international exclusion on Oct 25 when users from London, Amsterdam and Sydney were unable to connect to the site. The Bush campaign has stated, they see no reason to distrubute content to people that will not be voting. This has excluded Americans who are currently overseas. It is unknown if the site is blocked to troops currently stationed in Iraq. On the opposing side, the website for John Kerry is available to international visitors.
Posted by 0xFF3300 at 09:59 AM | Comments (0) | TrackBack
June 19, 2004
How to Encode Audio...
Think you know how to encode your favorite audio? Read this.
Posted by 0xFF3300 at 10:05 PM | Comments (0) | TrackBack
May 18, 2004
Kibuv Worm, Bobax Trojan Hit the Net
This looks pretty nasty. TCP port 420 what are these guys smoking?
Security experts are tracking two new threats that have emerged in the past few days, including a worm that uses seven mechanisms to spread itself.
The worm is known as Kibuv, and researchers first noticed its presence Friday. Kibuv affects all versions of Windows from 98 through Windows Server 2003 and attempts to spread through a variety of methods, including exploiting five Windows vulnerabilities and connecting to the FTP server installed by the Sasser worms.
Once it's installed on a PC, Kibuv starts its own FTP server that can be used to distribute copies of the worm. It also connects to a remote IRC chat server and listens for commands, according to an analysis done by Symantec Corp. Kibuv also listens on TCP port 420 for commands.
The worm has not spread too widely as of yet, but with its variety of infection methods, experts say the potential exists for it to infect a large number of machines.
The second piece of malware that has surfaced is a Trojan that is capable of spreading semi-automatically. Known as Bobax, the Trojan can only infect machines running Windows XP and seems to exist solely for the purpose of sending out large amounts of spam, according to an analysis by LURHQ Corp., a managed security services provider.
The Trojan is dropped onto target systems via a file named Svc.exe, which then extracts a DLL and places it in the process space of Explorer.exe. Once executed, Bobax copies itself to the Windows system folder and creates two registry keys.
The Trojan then tries to connect to four Web sites, and if it gets a connection, it looks for one of four specific commands from the remote Web server.
The server, apparently controlled by the Trojan's creator, can instruct the program to download and run another program, scan and infect other machines, stop scanning or send spam from a preloaded e-mail template and address list.
The interesting thing about this command sequence is that it enables the Trojan's creator to send spam from remote machines without having to connect to the PCs to send each separate piece of e-mail.
Posted by 0xFF3300 at 03:15 PM | Comments (1) | TrackBack