Mozilla beefs up security with Firefox 3

Mozilla beefs up security with Firefox 3
The Mozilla Foundation released on Monday a beta version of the group's latest open-source Firefox browser, rewriting parts of the code and enhancing security.

Firefox 3 Beta 1 adds anti-malware features to the browser, using a similar mechanism as the anti-phishing feature in Firefox 2, harnessing a Google-generated blacklist of sites that are hosting malicious code. The beta version of the browser also checks plugins to make sure they are compatible with the software and uses a secure download mechanism for updates.

"There is a lot of code that has changed, but I don't think there is a lot more code," Mike Schroepfer, vice president of engineering for the group, told SecurityFocus. "We have actually excised old code, and there are couple of areas were we dug out the component and rewrote the whole thing."

Web sites have become an increasingly important vector for malicious and fraudulent software. Earlier this month, attackers defaced hundreds of Web sites -- and thousands of pages -- embedding hidden iframe code to redirect visitors to malicious download sites. Yet, while such techniques can affect Firefox as well as Internet Explorer, attackers have generally left the open-source browser alone, despite it having a greater number of flaws.

Security features have become a point of competition between Mozilla and Microsoft. A year ago, when both organizations launched their latest browsers, they both claimed to have a better -- albeit, very similar -- anti-phishing solution.

Mozilla has included several user interface improvements to help users understand the risks of a particular Internet site. Clicking on the favicon, the small icon for the site at the left of the URL (uniform resource locator), will drop down a box containing identity information about the site. The group also rewrote the Password Manager in JavaScript from C++ to eliminate memory errors, Schroepfer said.

The Mozilla Foundation has not given a release date for the final version of the Firefox 3 browser.

What is Cross Site Scripting?

What is Cross Site Scripting?
Cross Site Scripting (or XSS) is one of the most common application-layer web attacks. XSS commonly targets scripts embedded in a page which are executed on the client-side (in the user’s web browser) rather than on the server-side. XSS in itself is a threat which is brought about by the internet security weaknesses of client-side scripting languages, with HTML and JavaScript (others being VBScript, ActiveX, HTML, or Flash) as the prime culprits for this exploit. The concept of XSS is to manipulate client-side scripts of a web application to execute in the manner desired by the malicious user. Such a manipulation can embed a script in a page which can be executed every time the page is loaded, or whenever an associated event is performed.

A basic example of XSS is when a malicious user injects a script in a legitimate shopping site URL which in turn redirects a user to a fake but identical page. The malicious page would run a script to capture the cookie of the user browsing the shopping site, and that cookie gets sent to the malicious user who can now hijack the legitimate user’s session. Although no real hack has been performed against the shopping site, XSS has still exploited a scripting weakness in the page to snare a user and take command of his session. A trick which often is used to make malicious URLs less obvious is to have the XSS part of the URL encoded in HEX (or other encoding methods). This will look harmless to the user who recognizes the URL he is familiar with, and simply disregards and following ‘tricked’ code which would be encoded and therefore inconspicuous.

Top 10 Web application vulnerabilities for 2007

Top 10 Web application vulnerabilities for 2007
A1 - Cross Site Scripting (XSS) XSS flaws occur whenever an application takes user supplied data and sends it to a web browser without first validating or encoding that content. XSS allows attackers to execute script in the victim's browser which can hijack user sessions, deface web sites, possibly introduce worms, etc.
A2 - Injection Flaws Injection flaws, particularly SQL injection, are common in web applications. Injection occurs when user-supplied data is sent to an interpreter as part of a command or query. The attacker's hostile data tricks the interpreter into executing unintended commands or changing data.
A3 - Malicious File Execution Code vulnerable to remote file inclusion (RFI) allows attackers to include hostile code and data, resulting in devastating attacks, such as total server compromise. Malicious file execution attacks affect PHP, XML and any framework which accepts filenames or files from users.
A4 - Insecure Direct Object Reference A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, database record, or key, as a URL or form parameter. Attackers can manipulate those references to access other objects without authorization.
A5 - Cross Site Request Forgery (CSRF) A CSRF attack forces a logged-on victim's browser to send a pre-authenticated request to a vulnerable web application, which then forces the victim's browser to perform a hostile action to the benefit of the attacker. CSRF can be as powerful as the web application that it attacks.
A6 - Information Leakage and Improper Error Handling Applications can unintentionally leak information about their configuration, internal workings, or violate privacy through a variety of application problems. Attackers use this weakness to steal sensitive data, or conduct more serious attacks.
A7 - Broken Authentication and Session Management Account credentials and session tokens are often not properly protected. Attackers compromise passwords, keys, or authentication tokens to assume other users' identities.
A8 - Insecure Cryptographic Storage Web applications rarely use cryptographic functions properly to protect data and credentials. Attackers use weakly protected data to conduct identity theft and other crimes, such as credit card fraud.
A9 - Insecure Communications Applications frequently fail to encrypt network traffic when it is necessary to protect sensitive communications.
A10 - Failure to Restrict URL Access Frequently, an application only protects sensitive functionality by preventing the display of links or URLs to unauthorized users. Attackers can use this weakness to access and perform unauthorized operations by accessing those URLs directly.

Akhirnya Lima Siswa SMAN 34 Diberhentikan

Akhirnya Lima Siswa SMAN 34 Diberhentikan
Dinas Pendidikan Menengah dan Tinggi (Dikmenti) DKI Jakarta akhirnya memutuskan untuk memberhentikan lima siswa SMAN 34 yang diduga melakukan tindakan kekerasan terhadap adik kelasnya.

“Mereka dinilai telah melanggar tata tertib yang telah disepakati saat menjadi siswa baru,” tegas Margani Mustar, Kepala Dinas Dikmenti DKI Jakarta di Balai Kota, Rabu (14/11).

Margani menuturkan, saat masa penerimaan siswa baru, semua siswa menandatangani surat pernyataan yang intinya bersedia untuk mematuhi tata tertib. “Salah satu peraturan itu yakni tidak berkelahi,” jelasnya.

(www.dikmentidki.go.id)