The loophole exploits a feature of HTML 5 which defines how websites are made and what they can do.
Developer Faross Aboukhadijeh found the bug and set up a demo page that fills visitors hard drives with pictures of cartoon cats.
In one demo, Mr Aboukhadijeh managed to dump one gigabyte of data every 16 seconds onto a vulnerable Macbook.
Most major browsers, Chrome, Internet Explorer, Opera and Safari, were found to be vulnerable to the bug, said Mr Aboukhadijeh.
While most websites are currently built using version 4 of the Hyper Text Markup Language (HTML), that code is gradually being superseded by the newer version 5.
One big change brought in with HTML 5 lets websites store more data locally on visitors' PCs. Safeguards built into the "local storage" specification should limit how much data can be stored. Different browsers allow different limits but all allow at least 2.5 megabytes to be stored.
One gigabyte of data every 16 seconds onto a vulnerable Macbook!!
Public cloud computing, such as that offered by Amazon, Microsoft, RackSpace and others, is the most prevalent deployment model in use today. The costs to enter are the lowest of the three models, and because it is heavily commoditized, it offers effective self-service options. This minimizes the need for on-site technology staff.
Private cloud computing, where the organization creates its own cloud computing infrastructure internally, or has it hosted/managed by a large scale data center provider, is an option that larger enterprises make use of. The costs are not trivial, and it can take a fair amount of time to put into place. It offers the most security and privacy and customization of the three models.
Hiring great people and creating a culture of achievement that is fun, focused and able to get challenging tasks done is not an easy task.
Keeping that culture strong and focused on the customer takes a unique leader that consistently earns trust and respect. Those are the qualities I think of whenever I’m asked to recommend the best cloud computing companies to work for. Using the scores from Glassdoor.com I’ve put together the table below comparing cloud computing companies and when available, the percentage of employees who approve of their CEO.
Cloud computing companies are sorted based on the percentage of employees would recommend their company to a friend. I added in CEO scores to get a sense of which companies have a significant gap between morale and the perception of the CEO. As of today according to employee rankings, Microsoft has the largest gap between percentage of employees who would recommend the company to a friend (77%) and CEO rating (48%).
I was checking this list and I really like box.net, in ThinkHR.com we did an amazing job integrating that service, sad for box that their don't have a free service like Dropbox, another amazing startup, and Google amazing as usual... but Appdynamics mmmm all the Java stuff had so good marketing and the worst religious brain washed programmers so what we can expect ;)
Intel will not be left out of the party when it comes to being central in the mobile app ecosystem. The company today acquired a set of HTML5 development tools, originally created by appMobi and used by some 150,000 developers, and has hired staff from appMobi that worked on the product to continue to maintain it. appMobi, meanwhile, is going to forge ahead as a standalone company, focused on the remaining part of its business as a provider of cloud services for mobile applications. Financial terms of the deal were not disclosed.
The acquisition was first made public by appMobi in a letter sent out to the 150,000+ developers that use its platform. A copy of that letter was sent to TechCrunch and is below.
In it, appMobi spells out the basics of what Intel has now taken under its wing. In short, it’s a set of app creation and testing tools that cover mobile web, Windows 8 and Windows Phone, iOS, Android and more.
International Business Times Apple suffers largest hacking attack in its history San Jose Mercury News BOSTON/SAN FRANCISCO -- Apple (AAPL) was recently attacked by hackers who infected Macintosh computers of some employees, the company said...
Fast Company Space Station Communications Outage Due To Software Update Fast Company NASA lost communication with the International Space Station today for nearly three hours because of a software update gone wrong.
what It's next? a computer virus going to the moon?
BackTrack is my chooise for a computer security audit or a Linux desktop is intended for all audiences from the most savvy security professionals to early newcomers to the information security field. BackTrack promotes a quick and easy way to find and update the largest database of security tools collection to-date.
Feedback from all industries and skill levels allows us to truly develop a solution that is tailored towards everyone and far exceeds anything ever developed both commercially and freely available. The project is funded by Offensive Security. Whether you’re hacking wireless, exploiting servers, performing a web application assessment, learning, or social-engineering a client, BackTrack is the one-stop-shop for all of your security needs.
BackTrack is my chooise for a computer security audit or a Linux desktop
Jetpacks, flying cars, hybrid cloud. Which one will be ubiquitous in two years? Here’s a hint: It’s the one that doesn’t involve personal air travel.
In two years, the cloud-computing-enabled enterprise will have the enviable luxury to take much for granted, including accelerated time to market, seamless deployment, true polyglot coding and agile-as-you-want development.
And the technology that will enable that bright future? Here’s another hint: It starts with “private PaaS” or private Platform- as-a-Service. Think of private PaaS as cloud middleware for the enterprise — Platform-as-a-Service technology for on-premise service delivery behind a firewall, or an operating system for an enterprise private cloud.
Here are six ways private PaaS will change the enterprise cloud space by 2015:
1. Mobile apps will drive enterprise cloud and private PaaS adoption.
Two years from now, the biggest driver for cloud adoption won’t be traditional applications, it’ll be mobile apps. Disparate workforces already make Bring Your Own Device (BYOD) a cost of doing business for the enterprise: More types of enterprise work will require more types of mobile applications. And that will burden IT leaders mandated with managing the cloud. To retain control (and sanity), those IT leaders will embrace private PaaS technologies to provide integrated application management of mobile (and Web and cloud) applications.
Facebook Inc., operator of the largest social network with more than 1 billion members, is working with the U.S. Federal Bureau of Investigation to probe a malware attack, people with knowledge of the matter said.
Facebook said yesterday that it was subjected to a “sophisticated attack” by hackers last month, without saying where the attack originated. Investigators haven’t found any evidence that user data was compromised, Menlo Park, California- based Facebook said on its website. The people who discussed the FBI’s involvement asked not to be identified, citing the sensitive nature of the probe.
“As soon as we discovered the presence of the malware, we remediated all infected machines, informed law enforcement, and began a significant investigation that continues to this day,” Facebook said.
Malware infected laptops used by Facebook employees when they visited a mobile developer’s website, the company said.
Facebook fell less than 1 percent to $28.32 at yesterday’s close in New York
The idea behind Greasemonkey is pretty simple. It's a Firefox extension, installed in the same way as any other Firefox extension (find it via the Tools > Addons menu and hit Install).
However, it doesn't do anything in and of itself: what it does is to enable you to run scripts, either by other people or by yourself, which will alter the way web pages look and function.
Black Hat Asia 2014: Dangers of hacking IoT devices ElectronicsWeekly.com We all know that computers can be hacked and so three presentations at Black Hat Asia 2014 in Singapore later this month on the dangers of hacking internet-enabled hardware...
Hacking Cameras, Doors or all Electric systems that use an Internet Control Panel, like in a movie.
SEOUL (Reuters) - South Korean authorities were investigating a hacking attack that brought down the servers of three broadcasters and two major banks on Wednesday, and the army raised its alert level...
A thread on the Dropbox forums is filling up with reports of users getting sent spam email to addresses that have exclusively been used for the service. The uptick in spam has grown beyond just a few users, sparking some comparisons to last year’s data leak.
Dropbox has taken notice and is now investigating.
The thread indicates a couple of things that make this more interesting than ‘I’m getting spam’. First, many of the users complaining about the issue claim to be using email addresses exclusively for Dropbox. This means that they aren’t public emails and shouldn’t be on any other lists anywhere. Second, the spam coming to those emails spring into existence over the space of the last few days, indicating that there was some sort of incident (like a leak of emails) that allowed spammers access to them
Probably the leak of information is not only about emails, bad for DropBox
OK, so you and your company have decided that this Big Data is more than a buzzword, and that you’re going to jump feet first into this. You’ve worked with various business leaders, planned out a pilot project, and set aside a budget. But then things come to a grinding halt! Where do you find the skills to actually deploy this?
Despite the activity around Big Data, there is still a significant shortage of skilled professionals who can truly be called Data Scientists who can evaluate business needs and impact, write the algorithms and program platforms such as Hadoop.
The Hadoop framework is broad, and is a new menagerie of jargon and projects: HDFS, Hbase, Hive, Pig, Zookeeper, Map/Reduce, and R just to name a few.
During my trip to the Bay Area this week, I was very encouraged to hear and speak to several companies who have taken some very positive steps towards helping the IT community bridge this gap.
The most significant one to me, are those companies who provide the libraries or interfaces that allow traditional database administrators (DBAs) who have spent years learning, honing and perfecting their skills on well known platforms such as Oracle, IBM DB/2 and others. This traditional database platforms, known as relational database management systems (RDBMS) all use a language called SQL (structured query language). Some Big Data companies are beginning to look at ways of taking the SQL language and allow these queries to be performed on Hadoop.
Now, RDBMS and SQL somewhat goes directly against the principles that forced Hadoop to be created in the first place, which is requirement to have a predefined structure (known as a schema) of the data being stored. The basic idea behind Big Data systems is to breakdown these traditional schemas so that data can be queried and analyzed by any number of factors.
Science hasn’t been easy on the paranormal, routinely deflating fantastic claims by hucksters purporting psychic abilities. So wouldn’t it be ironic if scientists were on the verge of making paranormal-like abilities a reality?
Imagine controlling an object with your mind. Or don’t, because you probably already have. I did when I was a (pretty little) kid. It never worked, of course, but boy did I stare daggers at several unsuspecting flower pots, pencils and sticks of chalk.
The trouble, of course, is that your brain works a whole lot better when it’s motivating things it’s actually wired to, say your eyeballs, tongue, fingers or toes. But aha, you’re saying, we have wireless technology in 2013. We live in the future! Can’t we just cut that cord, too?
We already have: If you want to get technical about it, when using a handheld remote control with old-school antennae to pilot a hobby-style airplane across a field, you don’t actually touch the radio-controlled plane; the brain-interface includes your hands and the control box. But that assumes you have hands to work with, and working a control box to drive a wireless drone around is hardly “telekinetic” — not half as cool-sounding as it might be if you could simply think that drone into action.
You’ve probably heard of brain implants acting as biomedical prostheses in what’s sometimes referred to as a “brain-computer interface,” allowing someone to manipulate neuroprosthetic arms and legs or simply nudge a mouse cursor using nothing but thought. We’re doing that stuff today. But you’re still talking about interfaces that usually involve invasive technology, often drilled into the skull and attached directly to the brain itself — Jean Grey, it’s not. What if you could reduce the interface to something that didn’t require brain surgery, something not only noninvasive, but roughly the size of a tiny, removable tattoo?
Science hasn't been easy on the paranormal, routinely deflating fantastic claims by hucksters purporting psychic abilities. So wouldn't it be ironic if scientists were on the verge of making paranormal-like abilities a reality?
Amazing. I hope in some point I can record my dreams ^_^
We have some individuals here in the U.S. with military and/or intelligence agency employment or past employment that have engaged in hacking attacks on their own. The U.S. gov't had nothing to do with it.
Zee News Apple company computers hacked with malicious software Deutsche Welle Tech giant Apple on Tuesday said a "small number" of its company computers were hit by hackers who took advantage of flaws in the Java plug-in for Web browsers.
Don't be fooled by this terrible social media marketing advice.
There are a lot of so-called “social media experts” out there. Dishing out advice, sometimes based on limited experiences, and sometimes based on nothing at all. Even the true social media experts sometimes share some misguided advice based on their beliefs and experiences. So with all this bad advice floating around the web, how do you distinguish between what you should -- and shouldn't -- believe?
Have no fear! We’re here to share some of the worst pieces of social media advice we've seen to debunk all those misguided "best practices" and steer you in the right direction toward social media marketing truth and justice.
Here we have four important Nmap Scripts for Hunting 2012 popular vulnerabilities including MS12-020 RDP vulnerability,Php-cgi vulnerability, Samba heap overflow vulnerability and Bypassing authentication in MySQL and MariaDB servers...
Sharing your scoops to your social media accounts is a must to distribute your curated content. Not only will it drive traffic and leads through your content, but it will help show your expertise with your followers.
How to integrate my topics' content to my website?
Integrating your curated content to your website or blog will allow you to increase your website visitors’ engagement, boost SEO and acquire new visitors. By redirecting your social media traffic to your website, Scoop.it will also help you generate more qualified traffic and leads from your curation work.
Distributing your curated content through a newsletter is a great way to nurture and engage your email subscribers will developing your traffic and visibility.
Creating engaging newsletters with your curated content is really easy.