Author: sjan

Browsers

Code for IE exploit posted

Hackers Post Code for New IE Attack

Although the hackers are calling it a 0day exploit, it seems that it isn’t really. It is one of many that can be easily found using the AxMan ActiveX fuzzing engine. It seems that the guys over at xsec.org are trying to take more than reasonable credit for writing code to exploit a known vulnerability.

HD Moore, head of the Metasploit project was quoted in the article as saying:

“This is one of the many exploitable bugs that can be discovered using AxMan and one of the few that I didn’t include in Month of Browser bugs due to the ease of exploitation. I still have three or four left in IE that have similar impact.”

There is also a Secunia Advisory related to this exploit.

Read More

  • September 17, 2006
  • January 23, 2007
  • sjan
Alaska

Open House

We are having an open house this weekend, which pretty much means that I spent 14 hours yesterday scrubbing everything top to bottom, rearranging closets and storage spaces, and heping my wife stage everything, and I will spend the better portion of today and tomorrow trying to occupy my time away from the house. It was pouring buckets the last couple days which means the lawn is a little shaggier than I would have liked, but it will have to do. Now if we could just get a buyer . . ..

We have decided how we are going to proceed – my wife is going to finish her Fine Arts degree at the University of Victoria after which it will be my turn. I have my sights set on the combined Physics/Computer Science degree, also at UVic. I will probably be the oldest freshman on campus when I start, but that also means I will probably be the most used to buckling down and working to get what I want. All in all, it is more than a little nerve-wracking.

–>

Read More

  • September 16, 2006
  • January 23, 2007
  • sjan
Browsers

Security fixes for Firefox

Firefox 1.5.0.7 was released this morning which fixes the following security issues:

MFSA 2006-64 Crashes with evidence of memory corruption (rv:1.8.0.7)
MFSA 2006-62 Popup-blocker cross-site scripting (XSS)
MFSA 2006-61 Frame spoofing using document.open()
MFSA 2006-60 RSA Signature Forgery
MFSA 2006-59 Concurrency-related vulnerability
MFSA 2006-58 Auto-Update compromise through DNS and SSL spoofing
MFSA 2006-57 JavaScript Regular Expression Heap Corruption

Read More

  • September 14, 2006
  • January 23, 2007
  • sjan
Community

XHTML Friends Network

If you haven’t yet heard of it, promises a simple way to harness XHTML rel attributes to define relationships on the web. With simple additions to urls such as rel=”friend met colleague neighbor” you could define a link as going to a site owned by someone you consider a friend, who works in the same field as you, that you have met in person, and in fact, lives close to you.

To see where all this is going, be sure to check out the XFN: What’s Out There? page, and take a look at the new XFN lookup service at . And of course, I had to add bookmarklets to make things easy to search RubHub.
Search RubHub
Search RubHub in a new window

In other news I have seen a plugin for Blosxom (the Perl kind) that checks links in stories against a tab-delimitted list of values to add XFN information to links within the story. While the simplicity of having that handled automatically is nice, I have to wonder what kind of perfomance hit that would make. I first thought about doing something like that for PyBlosxom, but I think I will look into other ways to do it, rather than to require extra pre-processing on every story display.

Read More

  • September 3, 2006
  • January 23, 2007
  • sjan
Best Practices

A simple intro to database normalization

I found a very clear, well-written introductory example to database normalization on devshed. Although it is in the MySQL portion of the site, it applies equally well across the board to other RDBMSs.

To get more details on normalization, the normal forms, and general good database development in general, check out Database Design for Mere Mortals: A Hands-On Guide to Relational Database Design, Second Edition by Michael J. Hernandez. Without a doubt the most useful db development book I’ve ever laid my hands on.

Security

Here they come . . .

In the eEye security bulletin for today the news of not just one, but two worms in the wild based on the Server Service vulnerability. If you still haven’t patched do it now, unless you’ve been infected, in which case eEye recommends “to wipe the system clean and rebuild it from the last uninfected backup.”

Security

Patch! Patch! Patch!

As much as this should be ingrained in our computing habits, this still needs to be said: Apply patches when they come out!

The Microsoft Security Bulletin MS06-040 came out on the 8th, and a module to exploit the flaw came shortly after. Tech e-zine eWeek reported that Immunity and Core Security Technologies had both released what they deemed “reliable exploits” for the flaw and declared it wormable on all Windows versions.

Dave Aitel, CEO of Immunity said in an interview with eWeek “A worm is coming. This bug is just too easy to exploit.”

This is a vulnerability that would allow for remote takeover of an unpatched Windows machine. It will be interesting to see how widespread the damage is when (not if) a worm is released.

Patches are available from the bulletin (follow the links) or from Windows Update.

Linux

Ultimate Boot CD

Anyone who has ever had need of bootable recovery tools knows what a pain it is to try to build a bootable CD containing all the needed tools. Why do it all the hard way? There is a very handy one already built and ready for download at . This is a Linux-based live CD with lots of Linux tools. There is a Windows-based version as well. While the Linux-based version comes with its own kernel, and allows for adding modules (available at SourceForge) the Windows version requires that you have your own WindowsXP CD with SP1 (and preferably 2) – although they also have a utility to help you slipstream the service packs if your disk doesn’t have them.

Best Practices

10 Windows Password Myths

I saw this article (Ten Windows Password Myths) over at Security Focus and thought it was worth sharing. And something I didn’t know about Windows (2000/XP) passwords:

If your password is 15 characters or longer, Windows stores the constant AAD3B435B51404EEAAD3B435B51404EE as your LM hash, which is equivalent to a null password.

The nice thing about that is that it then becomes impossible for your password to be cracked from the SAM database, since we kow it isn’t actually null.

Perhaps the most interesting point the article makes, (and though it has been made many times before it bears repeating) is that despite every other security measure we put into place, without strong passwords our defenses are easily overcome.

IDE

Tabbed Python editing with PythonCard

While I have been partial to IDLE for developing Python I recently came across on SourceForge while looking for some help building a Python GUI. While PythonCard has plenty of tools and examples to help with GUI construction, it was the Tabbed Code Editor that really got my attention.

One thing that I look for in any development environment is the ability to open mutiple files in tabs. While IDLE is extremely useable, it lacks this feature. And yes, there are other tabbed IDE’s that can parse Python syntax, but none of them seem to do as good of a job as IDLE.

While I can’t claim that the PythonCard tabbed editor is as good IDLE in terms of hinting and code completion, (at least as far as Python builtins) it does a rather decent job of that for objects/scripts that are imported.

While I may or may not end up actually building Python GUIs with it, PythonCard has definitely found a permanent place in my toolbox.