Area5Xp

Just when you thought it was safe to troll in the WWW waters with Firefox, comes this article on TechRepublic about a new flaw that has the potential to cause problems reminiscent of IE.

Window Snyder, Mozilla’s chief of security confirmed a data leak vulnerability in Firefox’s directory traversal mechanism. The flaw has been graded as a low-risker and was brought to light as a proof of concept.

Wait, what?? (and Mozilla's main security guru has a first name of "Window"??????)

When a “flat” add-on is present, an extension which stores its information within Javascript files as opposed to .jar files, an attacker exploiting this flaw may be able to retrieve data or profile a compromised system. Extensions such as Greasemonkey and Download Statusbar may be affected.

Sounds rather IE-ish to me. At least they say it's a low risk flaw.....

Check the TechRepublic article for links to the full report.

Return radar screens to normal scanning mode.

God Bless the folks over at Cisco.  Their new "Nexus 7000" data center switch certainly appears to be able to bring about the end to the aggravating beast known as "network congestion".  If this article turns out to be true, then bye bye congestion.

Cisco Systems Inc. introduced on Monday a new data-center switch that the company says can copy all the searchable data on the Internet in less than eight minutes, or run 5 million concurrent high-quality videoconferences between New York and San Francisco.

See what I mean??

If you think those numbers are crazy, look at these:

Cisco says that the new data-center switch would be able to copy all the searchable data on the Internet in 7.5 minutes, download Wikipedia's database in 10 milliseconds or download 90,000 Netflix movies in less than 40 seconds. It also can run 5 million concurrent transcontinental videoconferences using the company's Telepresence Collaboration systems, a company spokeswoman said.

I WANT that sort of power in my house....NOW!!!  But I'm afraid I'd have to get the 100Mbps fiber optic service that Verizon offers to even think about having a switch like that to use.  None the less though, ISPs need to seriously consider getting this switch when it is released later this year.

Dismissed^TM

Ahhh, I bet you thought your Windows computer was safe from those meddling fingers by locking the desktop when you run to the water cooler, bathroom, or snack machine. 

Think again!!

This article shows that doing just that is no longer a deterrent.

A security researcher has released an easy-to-use tool that accesses locked Windows computers in seconds without entering a password.

The tool, which was released Tuesday by Adam Boileau, works by connecting a Linux machine to the Firewire port of the target PC and modifying the password protection that's stored in local memory.

Well that's just the sort of news I needed to hear today......

Of course, the attack depends on having physical access to the targeted machine, and as most El Reg readers know, anyone who has physical control of the PC owns it. Then again, password protections have been a useful way to briefly secure a machine while a user runs to the bathroom. Until now. As Boileau's tool makes clear, such protections can be bypassed in a matter of seconds.

And that's supposed to reassure me???  Luckily though, all the computers in the Battle Staff War Room have the additional security layer which cannot be discussed in public.  We could tell you, but then we'd have to send out those black, unmarked helicopters to "take care of things".

Guess the Tech Department is going to be busy for the next couple of weeks making sure the Firewire ports get locked out.

Dismissed^TM.