Symantec warns of router compromise

Security company Symantec has warned of an attack involving the subversion of routers.

The security company said this was the first time it had seen such an attack "in the wild," although the concept had been discussed a year ago by Symantec researchers, according to a Symantec blog post.

In the attack, which targeted users of an undisclosed Mexican bank, the intended victims received a spam e-mail claiming they had received an e-card, directing them to gusanto.com, a Spanish-language e-card site. However, the e-mail also had embedded HTML image tags that contained an HTTP get-request to the router to change its Domain Name System settings, according to Symantec's U.K. manager of quality assurance, Thomas Parsons.

The HTTP get-request redirects traffic flowing over the router to a specific IP address when the user attempts to access six domain names that are banking-related. Symantec requested that ZDNet UK not publish the IP address.

The attack is made possible by a cross-site scripting vulnerability in routers made by broadband-equipment company 2Wire that was reported in August last year, according to Symantec. Parsons said this was "a simple hack" and advised small to medium-size businesses to change default security settings on routers and educate users about clicking on suspicious links.

What if Open Source ain't "Open" no more

We all have somewhere and sometime heard the word Open source. If anyone of you haven't then for you "Ignorance is a bliss". We all love, Firefox, Flock, SeaMonkey, Linux, and MySQL. These are a few to name among the others. Go check out if you are curious about others at SourceForge. This is a great site that's the hub for all the open source projects.

Now wonder what would happen if all the open source suddenly becomes closed source. That's nightmarish to be sure, but I have to ask how much of the nightmare is not wholly real.

Tell me what you feel and go crazy with the idea and it's reprecussions.

Technorati Tags: Hold on Please

Firefox Ultimate Optimizer Update

I was using Norton 360 with all the updates when I started using Firefox Ultimate Optimizer with no problem. However, as I moved to BitDefender Total Security 2008 with a compelete update it triggered an alert and removed Firefox Ultimate Optimizer. It was idenified as a Trojan. Following is the snapshot of the log (scratched the user name):



Make sure you scan the file with your antivirus and use it at your own risk.

Technorati Tags: Optimize Firefox, Firefox Ultimate Optimizer

Extension compatiblity for Firefox 3 Beta

Life isn't all that easy when you have updates and upgrades available at such rapid pace as Mozilla Firefox project. With an upgrade usually the framework is so much modified that your current Firefox extensions don't work with the Alpha or Beta release. Now if you have an intermitent problem of testing newer non-stable versions of softwares then you miss out on the extensibility feature.

For example, there are very few extensions of Firefox 2.0.* which are compatible with Firefox 3 Beta. Hold on please, there is a tweak to get all your extensions working with Firefox 3 beta release. From what I have experienced the so called and much awaited FF 3 has some cool features. I have not played around with it much, but the first problem that I faced was to get all my extensions working with this new release. Here's what you have to do to get all your extensions working. I must caution you though that there could be extensions that might make your firefox unstable and make it crash. From what I have read All-in-one gestures when used with this tweak makes it crash for the first time. Also, this can cause some security glitch as well. So please use it at your own risk. Following are the steps:

• In a new tab type about:config. You get a beautiful (and funny) window which looks like this.

• You know which button to hit. Once you reach the about:config page look for an entry named extensions.checkCompatibility.
• If you see the entry then change the value to false.
• However, if you did not find an entry, then right click any where on the page and under new select boolean.
• Set it's value to false.
• That's all. Now you should have an entry that looks like this

• Close Firefox and restart. See the magic, all your old extesions are now working and are visible.

You see a warning message marked with an arrow like the following:

Help yourself with further experimentation. And remember it's a tweak that means it's not suppose to be tweaked to avoid any glitches. I am sure with the final release all the extensions will be compatible. There is another way as well to make extensions compatible, but for that you have to make code level changes and I am not discussing them. Let me know if someone wants to do it that way.

Technorati Tags: Incompatible Firefox extensions, Firefox Extension compatibility, Firefox Beta 3