Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

NEWS - December 24, 2012

by Carol~ Dec 24, 2012 1:52AM PST
Google blocks silent Chrome extension installation

Google has announced that when Google Chrome 25 for Windows arrives, attempts by third party applications to silently install extensions will now trigger a dialog window to be displayed and, until the user confirms the extension is legitimate, the extension will remain disabled. The company says the technique, known as sideloading extensions, was originally designed to make it easier for applications to add appropriate extensions to Chrome by modifying the registry when being installed.

The feature has, however, been "widely abused by third parties" say the company. The abuse of the extension or add-on system is nothing new; over a year ago Firefox 8 introduced similar features that slowed the install of add-ons, Mozilla's version of extensions. Another change in Chrome 25 which is similar to Firefox's solution is the disabling of all previously installed third-party extensions. The idea behind this change is to ensure that users audit their installed extensions and are aware of what has already been added to their browser's configuration.

Continued : http://www.h-online.com/security/news/item/Google-blocks-silent-Chrome-extension-installation-1774354.html

Also: Chrome 25 blocks sneaky add-ons

Discussion is locked

3 Posts
- Collapse + Expand Details
- Collapse -
Mozilla compromises on x64 Firefox after user backlash
by Carol~ Dec 24, 2012 2:25AM PST

Mozilla on Friday backtracked from a decision to suspend all work on a 64-bit version of Firefox for Windows, acknowledging that user criticism had changed its mind.

"After I announced my decision to disable 64-bit Windows nightlies, there was significant negative feedback," admitted Benjamin Smedberg, a contributor to the open-source browser, in a message to a Mozilla planning discussion group. "After reviewing that feedback, and consulting with Release Engineering, I believe that we can keep a set of users happy by making a modification to the original plan."

In November, after months of debate, Mozilla suspended development of 64-bit (x64) Firefox for Windows, citing add-on incompatibilities, problems deciphering crash reports, and a low priority for the project.

At the time, Smedberg said that Mozilla had already decided not to ship an x64 Windows Firefox in the first half of 2013, and perhaps not at all during the year.

Continued : http://www.computerworld.com/s/article/9234997/Mozilla_compromises_on_x64_Firefox_after_user_backlash

- Collapse -
Hacker, Verizon duel over customer record claims
by Carol~ Dec 24, 2012 3:05AM PST

" A hacker said he has acquired more than 3 million Verizon customer records -- but leaks only 10 percent of them, after the phone and broadband giant fails to fix a security flaw. Verizon disagrees."

Updated on December 22 at 8:00 p.m. ET: Verizon spokesperson Alberto Canal told ZDNet in an emailed statement: "We have examined the posted data and we have confirmed that it is not Verizon Wireless customer data. Our systems have not been hacked."

The hacker said in a later tweet the data likely belongs to Verizon FiOS fiber customers, rather than Verizon Wireless cellular customers. We've updated the post to reflect these changes. We've put in more questions to Verizon and will update again once we hear back.

A hacker has posted around 300,000 database entries of Verizon customers to the Web, after exploiting a vulnerability in the cellular giant's network.

The hacker, going by the name @TibitXimer on Twitter, told ZDNet earlier this evening that the hack was carried out earlier this year on July 12, which allowed him to gain root access to the server holding the customer data. Tibit gained access to a server with little difficulty after working with another hacker to identify the security flaw.

Continued : http://www.zdnet.com/hacker-verizon-duel-over-customer-record-claims-7000009151/

Related:
After hacker disappears from Twitter, Verizon reveals customer data was leaked by a marketing firm
After claiming Verizon attack, hacker and the spoils disappear

- Collapse -
Security experts warn of 'January Effect' cyberattacks
by Carol~ Dec 24, 2012 3:05AM PST

The world didn't end with the Mayan calendar. But it still might be a good idea for those in the information security business to be wary of this time of year.

Jeffrey Carr, an author on cyberwarfare and founder and CEO of Taia Global, noted in a post on Infosec Island this week that he has noticed a major breach or act of cyber warfare that kicks off the New Year—every year since 2009.

Carr calls it "The January Effect," a well-established term in the investment world that refers to an expected price rise in securities after the first of the year. The effect, he said, is viewed as an opportunity for the bad guys.

He listed four major events as evidence:

Continued : http://www.pcworld.com/article/2023252/security-experts-warn-of-january-effect-cyberattacks.html

Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info