search.internet.com

Become a Marketplace Partner internet.commerce Be a Commerce Partner Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Technology Jobs LinuxToday Newsletters Subscribe News Subscribe PR Subscribe Security internet.com IT Developer Internet News Small Business Personal Technology Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers

Current Newswire: Cracking open five of the best open source easter eggs Top 100 sites in 2010: Search giants, shopping, Facebook and a bit of porn Debian: DebConf10 & 2010 Project Leader Elections Shuttleworth heir opens up on Ubuntu biz CrossOver Linux 9: Run Windows apps without Windows HP Deskjet D2680 Review KDESC 4.3+: Video, Music, Image and Document Preview in Dolphin Testing The Different Ubuntu 10.04 Kernels Turn Firefox into an Ebook Reader with EPUBReader The Microsoft Elephant in the Open Source Room HPC Linux Administrator (IL) Next Step Systems US-IL-Chicago Post A Job | Post A Resume Zero-Day Vulnerabilities in Firefox Extensions Discovered Nov 20, 2009, 18 :33 UTC (0 Talkback[s]) (3207 reads) [ Thanks to An Anonymous Reader for this link. ] "At the SecurityByte & OWASP AppSec Conference in India, Roberto Suggi Liverani and Nick Freeman, security consultants with security-assessment.com, offered insight into the substantial danger posed by Firefox extensions. "Mozilla doesn't have a security model for extensions and Firefox fully trusts the code of the extensions. There are no security boundaries between extensions and, to make things even worse, an extension can silently modify another extension. "Any Mozilla application with the extension system is vulnerable to same type of issues. Extensions vulnerabilities are platform independent, and can result in full system compromise." Complete Story Related Stories: Mozilla Firefox plugin check will make the web a safer place(Oct 15, 2009) Cool things with SELinux... Introducing sandbox -X(Sep 17, 2009) How to Run 32-bit Apps in 64-bit Linux(Aug 12, 2009) Using Firefox to download flash movies without any extra extensions on Linux(Jun 18, 2009) FireFox 3.5, Plugins and the Meaning of Life(Jun 12, 2009) Walsh: Introducing the SELinux Sandbox(May 27, 2009) Browser Plugins May Strip SELinux Protections(Apr 23, 2009) How to Install Adobe Flash in Debian Etch/Lenny/Sid(Jan 05, 2009) IE, Firefox, and the Add-on Security Problem(Nov 24, 2008) No talkbacks posted.   Home | Search Talkbacks | Customize View    Top of Page   Enter your comments below: * Your Name: * Your Email Address: * Subject: CC: [will also send this talkback to an E-Mail address] * Comments: Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content. Fields marked with * are required!

All times are recorded in UTC. Linux is a trademark of Linus Torvalds. Powered by Linux, Apache and PHP The Network for Technology Professionals Search: About Internet.com Legal Notices, Licensing, Permissions, Privacy Policy. Advertise | Newsletters | E-mail Offers Solutions Whitepapers and eBooks Intel Whitepaper: 2010 Intel Core vPro Processors Overview Article: Adobe Helps PHP Developers Create Rich Internet Applications Article: Reduce Your Infrastructure Costs with Microsoft System Center Intel Brief: Five-Star IT Support--Intel Core 2 processor with vPro Delivers ROI of 524 Percent Article: Security Enhancements Abound in Windows Server 2008 Intel Whitepaper: Implementing Intel vPro Technology to Drive Down Client Management Costs Microsoft Whitepaper: Improve Communications and Collaboration Intel Article: Intel Core i5 vPro Brings Intelligence to the Processor Microsoft Personalized Whitepapers and Resources for You Microsoft Articles: Visual Studio 2010 Adobe Article: Java Developers Finding a Home at Adobe Flex Microsoft Whitepaper: Make Better Decisions - SQL Server 2008 Business Intelligence. MORE WHITEPAPERS, EBOOKS, AND ARTICLES Webcasts Micro Focus Webcast: Boosting the Impact and Effectiveness of Software Development QA and Testing Microsoft Webcast: Simplified Access and Single Sign-On Intel Video: 2010 Intel Core Processor Technologies MORE WEBCASTS, PODCASTS, AND VIDEOS Downloads and eKits Adobe Download: Tour de Flex Application and Explore Flex Get Started: Create Applications Without Infrastructure Limits with the Windows Azure Platform HP PartnerONE | SolutionsINFINITE Visit us at hp.com/partners/us Iron Speed Designer Application Generator MORE DOWNLOADS, EKITS, AND FREE TRIALS Tutorials and Demos Free Adobe Online Flex Training: Check Out this Video Training Course Here Develop Cloud Applications - Get Started Now with the Windows Azure Platform Learn Unified Communications Learn SQL Server 2008 Learn Windows Server 2008 R2 Internet.com Hot List: Get the Inside Scoop on IT and Developer Products Learn Forefront Learn System Center All About Botnets Learn SharePoint MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES