Before everyone freaks out, take a look at the bug notes to get the details.
Exploitation requires the javascript bug AND a whitelisted site. The only default whitelisted site is the update.mozilla.org, and they have made changes to mitigate the problem on their end.
So unless you've whitelisted a lot of extra sites to install themes or extensions, this is not a huge risk. To be sure, disable install "Allow websites to install software" under options | web features, and if really worried, disable javascript.
Well that was ridiculously easy.
I hit the page information button in firefox, then to the media tab, selected particular image, and save as. Very uncopyable....
Agreed, I didn't say it was an optimal solution, but if you're at the point of turning off your box with the point of bouncing -everything-, then isn't something like that a better solution?
Between Spamassasin and Spambayes most of my spam problems are well handled.
That's fine, then let the company that employs those folks (whoever or wherever they may be) move and incorporate there, why should they enjoy the benefits my tax dollars provide and yet not contribute to their own local (of varying scales) community.
It's about time we stopped letting Corporations milk the country dry, and give something back from all they take.
As a network/security engineer from Arkansas who had to move to get a job, this gives me hope. Not in the immediate, but its good to see things spread out, and some tech hit the rural south. Hopefully better things to come eventually.
Slashdot Mirror
Before everyone freaks out, take a look at the bug notes to get the details.
Exploitation requires the javascript bug AND a whitelisted site. The only default whitelisted site is the update.mozilla.org, and they have made changes to mitigate the problem on their end.
So unless you've whitelisted a lot of extra sites to install themes or extensions, this is not a huge risk. To be sure, disable install "Allow websites to install software" under options | web features, and if really worried, disable javascript.
Former Master CNE here. I haven't updated the resume in awhile, but I haven't bothered to keep my MCNE current.
Planet Side
Well that was ridiculously easy.
I hit the page information button in firefox, then to the media tab, selected particular image, and save as. Very uncopyable....
Got this link from Platinum support. UPX Parsing Engine Heap Overflow
It provides a bit more information on the specific builds that are a problem. Affects a great deal of their software.
Agreed, I didn't say it was an optimal solution, but if you're at the point of turning off your box with the point of bouncing -everything-, then isn't something like that a better solution?
Between Spamassasin and Spambayes most of my spam problems are well handled.
Or just bounce the emails while continuing to use email normally.
Check out Mailwasher.
Has a great bounce function, although in my experience bounces don't neccesarily always cause a removal from spam lists.
That's fine, then let the company that employs those folks (whoever or wherever they may be) move and incorporate there, why should they enjoy the benefits my tax dollars provide and yet not contribute to their own local (of varying scales) community.
It's about time we stopped letting Corporations milk the country dry, and give something back from all they take.
As a network/security engineer from Arkansas who had to move to get a job, this gives me hope. Not in the immediate, but its good to see things spread out, and some tech hit the rural south. Hopefully better things to come eventually.
Ya, lets not bother calling out the company who made the piece and for business reasons didn't want to release the specs.
Should NASA have pushed harder? Maybe, but that also gets them grief from the other side, too hard to work with, etc.
Pleace read the FAQ.
Isn't a big part of punishment meant to be deterance, both for repeat offenders, and folks looking on?
What kind of message does this send, regardless of talent, shade of grey, or field.
Cause and effect. Do a crime, get punished.
The only effect of this is a better reason for these potentially skilled folks to eschew a more practical path, and go for the easy route.
Even the Asgard had problems with the replicators....
I've always been a big fan of UltraEdit. (Free neither unfortunately, but very solid.)
Anyone have suggestions for a bit more uh, quality sites on the topics? Seen plenty of coding sites, but none particular to security of this combo.