Firefox spoofing flaw goes international

Filed under: — Aviran Mordo

A security loophole in Mozilla and Firefox browser could be used to spoof the URL displayed in the address bar, SSL certificate and status bar. The vulnerability also affects Opera and Konqueror and stems from a flawed IDN (International Domain Name) implementation within the browsers.

The bug could be exploited by registering domain names with certain international characters - which look like other commonly-used characters - in order to hoodwink users into believing they on a different, trusted site. As such, the bug creates a new wheeze for phishing attacks. For Germans to use national German characters in “.de” domains, for example, is one thing, but the use of national characters has been extended to the international domain space (.com, .net an .org) and extends the scope for confusion.

Thomas Kristensen, CTO at Secunia told El Reg: “This issue is not a traditional vulnerability, but a serious security issue which is caused by an inappropriate implementation of IDN.”

“We have all heard about the “problems” with “o” that looks like “0″ or “l” and “1″, allowing people to register “MlCR0S0FT.com” and abusing that to trick people. Using IDN which support Unicode characters gives the phishers and scamsters thousands of more characters to play around with, some resemble “normal” characters to the point where not even the trained and paranoid eye will spot the difference, ” he said.

The bug has been confirmed in Mozilla 1.7.5, Firefox 1.0, Konqueror 3.2.2 and Opera 7.54. Other versions may also be affected, Secunia reports. Internet Explorer users are in the clear from this one, although subject to flaws that have a similar effect. You can check if your browser is affected using Secunia’s test.

Secunia advises users not to follow links from untrusted sources and to manually type in the URL they wish to visit in the address bar as workaround prior to the availability of more comprehensive fixes

Source: The Register

CinemaNow to screen NBC titles

Filed under: — Aviran Mordo

Movies and other content from NBC is now available on video-on-demand service CinemaNow. Under the deal, CinemaNow will offer NBC Universal’s new films on the same day they become available through conventional pay-per-view channels. Other content such as previously released movies and pay-per-view TV shows from NBC will also be available through streaming on CinemaNow’s site. All titles will be made available for streaming for 24 hours.

CinemaNow, which has struck alliances with several other companies including 20th Century Fox, Disney, Lions Gate, MGM, Sony and Warner Bros., said it has distribution rights to about 6,500 titles from 200 licensors. Recently, Microsoft TV said its broadband service will support CinemaNow’s movie-rental site.

Source: News.com

Disney Trashed Disposable DVD

Filed under: — Aviran Mordo

Disney has stopped selling its movies on 48-hour DVDs, but that doesn’t mean the technology is disappearing.

Flexplay developed the technology that renders a DVD unreadable after a set period of time. The company has been sold to Atlanta-based Convex Group, which plans to release content in this format.

environmentalists criticized Disney for releasing its films on EZ-D, charging that the product would lead to unnecessary waste in landfills. They didn’t buy the argument that movie fans looking for convenience would take the time to send their expired DVDs to a recycling center.

A spokesman for Buena Vista Home Entertainment, the division of Disney that released the films, confirmed that its disposable DVD pilot program is over. He said they are now evaluating what they want to do next.

Source: Wired

eBay to cut fees

Filed under: — Aviran Mordo

Online auctioneer eBay will lower the fees it charges to list items for sale, the company said Sunday, as it also announced other changes in pricing and customer service policies in response to user feedback.

In a message posted to eBay’s Web site, North America President Bill Cobb said that, effective at midnight, eBay.com and eBay.ca will lower the minimum insertion fees for auction-style listings and fixed price categories, among others, from 30 cents to 25 cents.

The company says it’s standing by its move to hike final value fees on store inventory format listings, but it will credit $15.95 in May to all sellers who operated an eBay Store in April.

Source: News.com

MSN Music Offers Free GRAMMY-Nominated Songs

Filed under: — Aviran Mordo

For the first time ever, top GRAMMY-nominated songs are being given away free, as MSN(R) Music celebrates the GRAMMY Awards with free downloads of top Best Song nominees. Every day from Feb. 8 through Feb. 12, in the United States only, MSN Music will give away the MSN Music team’s pick for Best Song in pop, rock, rap/hip-hop, soul/R&B, or country, with a different genre highlighted each day.

The songs will be announced each day and selected by MSN Music’s editorial team, which consists of professional musicians and producers, record label executives, music journalists, DJs, promoters, and artist managers with a total of more than 300 years in the music industry, based on their predictions of which one will take home the GRAMMY in the respective categories.

Powered by WordPress