The web for me is a hobby where standards and best practices are daily bread. Security is a concern that everybody must be aware of its details for IT in general, and the web in particular, to be a safer place. My life, on the other hand, is that of a regular Lebanese citizen where politics and social issues are discussed on a daily basis. I hope you enjoy reading my blog and make sure to drop me a comment about any topic you find interesting.
The Ghost in Internet Explorer 6, 7 and even 8 (Beta)
Printable Versionvictor | 24 September, 2008 16:06
Whether you believe in ghosts or not is irrelevant from a browser point of view. The matter is that you'd better start believing because Microsoft's browsers allow "ghosts" to take more than a peek over your shoulder, in fact, it permits them to see and register every move associated with the browsing process. Secunia has published an advisory titled "Internet Explorer 7 Frame Location Handling Vulnerability" warning of the risks faced by IE users, but not only IE7 is affected. Exploits have also been tested with success on IE6 and even on IE8 Beta 1. And to top it all off, a sample proof of concept is available in the wild at (http://sirdarckcat.blogspot.com/2008/05/ghosts-for-ie8-and-ie75730.html) [You must be using Internet Explorer for this demo to work]. (More)
Security |
Permalink |
Add comment |
Trackbacks (0)
Menu
Search
Calendar
| « | September 2008 | » | ||||
|---|---|---|---|---|---|---|
| Mo | Tu | We | Th | Fr | Sa | Su |
| 1 | 2 | 3 | 4 | 5 | 6 | 7 |
| 8 | 9 | 10 | 11 | 12 | 13 | 14 |
| 15 | 16 | 17 | 18 | 19 | 20 | 21 |
| 22 | 23 | 24 | 25 | 26 | 27 | 28 |
| 29 | 30 | |||||
Who am I?
I am experienced in Internet technologies, Web Services and Online Interactive solutions. I am very interested in challenges related to web services engineering especially complex and hybrid online solutions (Intranet, Extranet, e-Commerce, etc.) and algorithms (search engines, security, etc.)
I am experienced in security as well. My expertise is mainly in network and Internet security. I am also experienced in the fields of cryptography, security assessment techniques, security design (policies, profiles, architectures, etc.) as well as security auditing and ethical hacking.
I am a Linux fan (by nature :). Period.
Poll
Recently...
- Alfa Statement Roaming Charges
- Google Analytics vs Log File Based Statistics
- Ziad Baroud Spamming?
- A Couple of Amazing Tricks!
- A New Speed Radar That You Cannot Fool!
- Standard Chartered Email & Website Phishing
- Huge Lighters Security Alert
- Few Blog Updates to Share
- NetDesignPlus in Kuwait
- Hidden Fees with Malev Hungarian Airlines Online Booking System
- IEEE High Availability Database Workshop
- Halloween 2009
- One-Million Dolar Picture
- Google Wave: Social Networking or Cloud Computing?
- How To Recover Your Hotmail / MSN / Live Passport Account?
- Beirut: CNN's Best Party City
- The Future of Web Programming
- Ecosystem Virtual Implementation
- The 45 Lessons of Life
- Lynn's Birth