You are here: Home / Archives for Researcher

Mozilla to add built-in PDF viewer to Firefox – Computerworld

June 17, 2011 By Leave a Comment

Mozilla is working on a project that will add PDF rendering to Firefox using HTML5 and JavaScript, eliminating the need for users to run Adobe’s own plug-in.

The PDF reader may be included in Firefox within three months, said Andreas Gal, a Mozilla researcher who on Wednesday unveiled work the company had done quietly for the last month.

If Mozilla follows through on its plans, it would make Firefox the second major browser — after Google’s Chrome — to offer in-browser PDF rendering.

But while Chrome relies on an API (application programming interface) to craft its own native-code plug-in, Mozilla will exclusively use HTML5 and JavaScript to display Adobe’s popular document format.

via Mozilla to add built-in PDF viewer to Firefox – Computerworld.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

Google pays record bounty for Chrome bug – Computerworld

January 13, 2011 By Leave a Comment

Google patched 16 vulnerabilities in Chrome on Thursday, and it paid one researcher a record $3,133 for reporting a single bug. The flaws fixed in Chrome 8.0.552.334 were in several components, including the browser’s support for extensions, its built-in PDF viewer, and the way it processes cascading style sheets (CSS).

Thirteen of the bugs were labeled as “high” threats, Google’s second-most-serious rating, and two were pegged “medium.” Only one was tagged as “critical,” the company’s highest threat rating.

As it always does, Google locked its bug tracking database to bar outsiders from reading the technical details of the just-patched vulnerabilities. The company usually opens access to a flaw later — sometimes within weeks, often only after months — to give users time to update before the information goes public.

Researcher Sergey Glazunov was credited with reporting the single critical vulnerability, described by Google as a “stale pointer in speech handling.” A “stale pointer” is a bug in an application’s memory allocation code.

via Google pays record bounty for Chrome bug – Computerworld.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

Security concerns prompt D.C. to suspend Web-based overseas voting – Computerworld

October 6, 2010 By Leave a Comment

Security issues have prompted election officials in the District of Columbia to suspend a service that aimed to allow overseas voters to cast their ballots via the Web in the November elections.

The vulnerabilities in D.C.’s new Digital Vote by Mail system were discovered during public testing last week by several security researchers.

Details of the flaws were not immediately available. However one of them, discovered by a researcher at the University of Michigan, was so serious it allowed the researcher to take complete control of the system hosting the Web application and tweak it so users who voted would hear a rendition of “Hail to the Victors,” a University of Michigan fight song, said one observer of the tests.

via Security concerns prompt D.C. to suspend Web-based overseas voting – Computerworld.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

AFP: Hack attack hits ATM jackpots

July 31, 2010 By Leave a Comment

Computer security researcher Barnaby Jack jokes that he has resorted to hiding cash under his bed since figuring out how to crack automated teller machines remotely using the Internet.

The New Zealand native on Saturday demonstrated his “ATM jackpotting” discovery for an overflow crowd of hackers during a presentation at the infamous DefCon gathering in Las Vegas.

“You don’t have to go to the ATM at all,” Jack told AFP after briefing fellow software savants. “You can do it from the comfort of your own bedroom.”

Jack proved his findings using two kinds of ATMs typically found in corner stores, bars or other “stand-alone” venues in the United States but said the flaw likely exists in machines at banks.

Banks use “remote management” software to monitor and control their ATMs, and Jack used a weakness in that kind of code to take control of machines by way of the Internet.

via AFP: Hack attack hits ATM jackpots.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,