kaos.theory: fractal blog

Not sure how this one was overlooked in the latest build… seems a trivial, though devastating, error.

Spoofing Flaw Resurfaces in Mozilla Browsers:

“GregThePaladin writes ”A 7-year-old flaw that could let an attacker place malicious content on trusted Web sites has resurfaced in the most recent Firefox browser, Secunia has warned. The flaw, which also affects some other Mozilla Foundation programs, lies in the way the software handles frames. The applications don’t check whether the frames displayed in a single window all originate from the same Web site.“ Commentary on this at whitedust as well.”

I really do like Firefox, though I must admit, it’s painfully slow on my Mac as soon I turn on any extensions. Considering that one of Firefox’s greatest strengths is it’s extensibility, I’ve once again reverted to Safari.

Just saw this at Techdirt, and it looks like Shostack just posted a write up as well:

Citigroup division tells 3.9M customers personal info lost - Jun. 6, 2005:

Citigroup said Monday that personal information on 3.9 million consumer lending customers of its CitiFinancial subsidiary was lost by UPS while in transit to a credit bureau — the biggest breach of customer or employee data reported so far.

Citigroup, the nation’s biggest financial services company, said that UPS lost the tapes while shipping them to a credit bureau in Texas.

[...snip...]

“We deeply regret this incident, which occurred in spite of the enhanced security procedures we require of our couriers,” Kevin Kessinger, executive vice president of Citigroup (Research), said in a statement. “Beginning in July, this data will be sent electronically in encrypted form,” said Kessinger, who heads the company’s consumer finance business in North America.

In its letter, New York-based Citigroup told the people affected there was “little risk of your account being compromised because you have already received your loan.”

Have a cell phone, but no PDA?

The other day, while engaging in a conversation with digunix via SMS, a thought occurred to me — with AIM’s new SMS bridge, it’s remarkably easy to use a cell phone with SMS/MMS messaging capabilities as a simple PDA.

Have a phone number you need to remember, or a task you need to perform? Need a quick and easy way to take driving directions or a grocery list with you?

(more…)

In an earlier post, I made brief mention of a tool that I’ve come to depend on now that I’m using a Mac, but I spent no real time describing it, which does not do this extraordinary program justice. The tool of which I speak is Quicksilver, a tool that has brought me closer to my keyboard and virtually eliminated my dependence on a mouse in and of itself.

The program itself is sheer brilliance. It is, to put it simply, the most powerful search tool, application launcher, bookmark manager, addressbook assistant, file transfer application, folder browser, music player and email manager… all hidden behind a single-panel interface into which I type that which I desire. Not only does it find what I’m looking for, but it learns along the way, identifying those things that I request most often and delivering them to me with fewer keystrokes on each subsequent request.

The developers describe it as “An evolving framework for accessing and manipulating many forms of personal data,” and though I think the description is accurate, to someone who’s never experienced Quicksilver it’s probably inadequate.

(more…)