Simon Willison’s Weblog

Subscribe

445 items tagged “security”

2005

Chris Shiflett: Google XSS Example (via) UTF-7 is a nasty vector for XSS. # 24th December 2005, 5:21 pm

Don’t be eval()

JavaScript is an interpreted language, and like so many of its peers it includes the all powerful eval() function. eval() takes a string and executes it as if it were regular JavaScript code. It’s incredibly powerful and incredibly easy to abuse in ways that make your code slower and harder to maintain. As a general rule, if you’re using eval() there’s probably something wrong with your design.

[... 431 words]

Zero-Day Exploit Targets IE (via) Remote code execution. No patch yet; disable Active Scripting instead. # 22nd November 2005, 6:24 am

Social engineering and Orange

I had a call on my mobile earlier today from a lady claiming to be from Orange (my phone service provider) who told me that my contract was about to expire. She asked me for my password.

[... 311 words]

Understanding the Greasemonkey vulnerability

If you have any version of Greasemonkey installed prior to 0.3.5, which was released a few hours ago, or if you are running any of the 0.4 alphas, you need to go and upgrade right now. All versions of Greasemonkey aside from 0.3.5 contain a nasty security hole, which could enable malicious web sites to read any file from your hard drive without you knowing.

[... 809 words]

Cross-site request forgery (CSRF). Somehow this vulnerability is news to me. # 6th May 2005, 11:07 pm

Fighting RFCs with RFCs

Google’s recently released Web Accelerator apparently has some scary side-effects. It’s been spotted pre-loading links in password-protected applications, which can amount to clicking on every “delete this” link — bypassing even the JavaScript prompt you carefully added to give people the chance to think twice.

[... 353 words]

Giving away the index

My final year project is due in two weeks, and I’m going to be running on silent for most of them. I have, however, upgraded to Tiger and playing with Spotlight has given me plenty to think about.

[... 414 words]

Usable Security: Look Beyond the “Fundamental Conflict”. Security and usability are not conflicting goals. # 18th March 2005, 2:27 am

Not linking is not security. Ridiculous: Harvard rejects applicants who “hacked” by guessing a URL. # 8th March 2005, 8:47 pm

Schneier on Security: Cryptanalysis of SHA-1. If you want to understand the “breaking” of SHA-1, this is the place to go. Surprisingly accessible. # 19th February 2005, 3:12 pm

Internet Explorer 7. It’s been announced, but the stated focus is security and anti-phishing. No news on improved CSS. # 15th February 2005, 7:04 pm

Secure wireless email on Mac OS X. Doug Bowman’s tutorial on SSH Tunnel Manager and wireless security. # 8th February 2005, 11:20 am

2004

The Register hit by XSS

Here’s a nasty one: popular tech news site The Register was hit on Saturday by the Bofra exploit, a nasty worm which uses an iframe vulnerability in (you guessed it) Internet Explorer to install nasty things on the victim’s PC. Where it gets interesting is that the attack wasn’t against the Register themselves; it came through their third party ad serving company, Falk AG.

[... 262 words]

User Education Is Not the Answer to Security Problems. Smart thinking on security from Jakob Nielsen. # 1st November 2004, 1:22 pm

Net security threats growing fast. 30,000+ PCs a day are being compromised for botnets. # 20th September 2004, 6:44 pm

OS X Security Update 2004-09-07 (via) Plenty of important fixes; a must-have. # 8th September 2004, 3:45 pm

The bookmarklet solution to the password problem

Anyone who makes heavy use of the internet has run in to the password problem: dozens of user accounts on sites with varying degrees of trustability, leading to an unmanageable proliferation of username and password combinations. The temptation is to use the same combination on multiple sites, but doing so opens you up to the horrifying prospect of a security flaw in one site compromising al of your other accounts.

[... 366 words]

IE in Windows XP SP2. An overview of the new security changes. # 10th August 2004, 7:39 pm

Race conditions in security UI. A vulnerability that is even more effective against advanced users (i.e. fast typists). # 2nd July 2004, 4:14 pm

Bruce vs. Bruce (via) Schneier and Sterling discuss security and technology. # 15th June 2004, 10:04 pm

Daring Fireball: Security Cannot Be Spun. Apple’s communication handling of the recent security problem was atrocious. # 31st May 2004, 4 am

Background Images Security Flaw? Styling :visited links can reveal a user’s browser history. # 24th May 2004, 8:24 pm

Mac OS X helpviewer security flaw fixed. Hit Software Update. Not sure if this fixes the telnet: variety though. # 22nd May 2004, 5:08 am

Defending against the OS X help: vulnerability

There’s a nasty OS X vulnerability under discussion at the moment which lets a web page execute code on your machine by taking advantage of a flaw in the “help:” protocol. There’s a non-malicious demonstration of the exploit on this page, and Jay Allen is hosting a discussion on the exploit and ways to avoid it.

[... 253 words]

Mac OS X URI Handler Arbitrary Code Execution (via) Very nasty: affects all web browsers, allows compromise by malicious web sites. # 18th May 2004, 3:39 pm

Why Windows is a Security Nightmare. The pain of Windows Update over a 56K modem. # 18th May 2004, 5:50 am

Bruce Schneier: We are all security customers. How can the US get the best return on investment for homeland security? # 4th May 2004, 6:34 pm

M.I.T Card Information (via) Who’s bright idea was it to introduce a poorly secured swipe card system in a school full of hard-core techies? # 25th April 2004, 8:58 pm