Sign up for our Technology Newsletter 
Apple Website Is Ripe For Hacking
July 4, 2011 by admin
Filed under Around The Net
Comments Off on Apple Website Is Ripe For Hacking
According to the Ethical Hacking group YGN, Apple’s website for developers is virtually wide open and gives the opportunity for hackers to introduce malware such asphishing attacks to gain access to subscriber’s vital personal information.
One group known as Networkworld identified three holes on Apple’s website that arbitrary URL redirects, cross-site scripting and HTTP response splitting. That said, these holes could allow hackers to arbitrarily redirect to other websites and make phishing attacks against developers login credentials more successful.
Download Defense Added To Chrome Browser
Comments Off on Download Defense Added To Chrome Browser
Google has updated Chrome to version 12, adding a new feature that warns users when they’ve downloaded files from dangerous Web sites.
New to Chrome 12 is a tool that flags questionable files pulled from the Web. Chrome now shows an alert when users download some file types from sites that are on the Safe Browsing API (application programming interface) blacklist, which Google maintains.
The messages reads: “This file is malicious. Are you sure you want to continue?” If they wish, users can ignore the warning and install the file on their system’s hard drive.
“This warning will be displayed for any download URL that matches the latest list of malicious websites published by the Safe Browsing API,” said Google last April when it debuted the feature in an earlier edition of Chrome.
Safe Browsing already identifies suspicious or unsafe sites, then adds them to a blacklist. Chrome, Mozilla’s Firefox and Apple’s Safari all tap into Safe Browsing to warn users of risky sites before they actually visit them.
Google SEARCH Goes SSL
Google is finally taking privacy seriously to a degree by offering its users a secure form of searching while using Google Search. Moving forward users will have the opportunity to enable SSL (Secure Socket Layer) for added security. Be advised, the service will only cover the Google search and clicks made through Google to other non-secured sites will be visible.
FTC Singles Out Google’s Chrome
Federal Trade Commission Chairman Jon Liebowitz this week singled out Google for not adopting “Do Not Track,” the privacy feature that allows consumers the ability to opt out of online tracking by Web sites and marketing entities.
In an interview Monday with Politico, Liebowitz called out Google for not supporting Do Not Track in its Chrome browser.
Noting that Do Not Track had gathered momentum, Liebowitz said, “Apple just announced they’re going to put it in their Safari browser. So that gives you Apple, Microsoft and Mozilla. Really the only holdout — the only company that hasn’t evolved as much as we would like on this — is Google.”
Do Not Track has been promoted by the FTC and by privacy advocates including the Electronic Frontier Foundation (EFF), as the best way to help consumers protect their privacy.
The technology requires sites and advertisers to recognize incoming requests from browsers as an opt-out demand by the user. The information is transmitted as part of the HTTP header.
As Liebowitz said, Microsoft and Mozilla have added Do Not Track header support to their Internet Explorer 9 (IE9) and Firefox 4 browsers. While Apple hasn’t confirmed that the next version of Safari will include Do Not Track, developers have reported finding the feature in early editions bundled with Mac OS X 10.7, aka “Lion,” the upgrade slated to ship this summer.