Ok here is a quick update. Ive created Xanda’s Twitter Archive which allows me and you to search my previous tweets (reply tweets are excluded) for future use 🙂
Mozilla just approved the sandbox version of DontPhishMe and now it is public 🙂 Get the latest version of DontPhishMe (v0.3.2) and feel free to comment and report bug
Mikko H. Hypponen: What do you consider to be the most secure desktop operating system at the moment in theory?
Charlie Miller: Probably Windows 7, although most are pretty comparable.
Source: Ekspress
IronFox is firefox in a sandbox, or more correctly, an application shell script wrapper that starts firefox in a sandbox. The policy is bundled within the app, should there be any desire to inspect the policy before use.
The goal of the policy is to let the user browse the web without interfering, but still protect the users privacy and system integrity from vulnerabilities that may exist in firefox or its plugins. The only restrictions that Ironfox gives the user is that downloads and uploads may only recide in the users download directory, and that ironfox itself can not launch any other applications.
Read more HERE
rule FlashNewfunction: decodedPDF { meta: ref = "CVE-2010-1297" hide = true impact = 5 strings: $unescape = "unescape" fullword nocase $shellcode = /%u[A-Fa-f0-9]{4}/ $shellcode5 = /(%u[A-Fa-f0-9]{4}){5}/ $cve20101297 = /\/Subtype ?\/Flash/ condition: ($unescape and $shellcode and $cve20101297) or ($shellcode5 and $cve20101297) } |