It seems it does matter, at least for Tablizer.
Link to Original Source
One of the problems I have with nuclear fission technology is the fact that old plants are still on-line. With new plants we know how to make them secure.
In a major departure for both Mozilla and Yahoo, Firefox's default search engine is switching from Google to Yahoo in the United States.
"I'm thrilled to announce that we've entered into a five-year partnership with Mozilla to make Yahoo the default search experience on Firefox across mobile and desktop," Yahoo Chief Executive Marissa Mayer said in a blog post Wednesday. "This is the most significant partnership for Yahoo in five years."
The change will come to Firefox users in the US in December, and later Yahoo will bring that new "clean, modern and immersive search experience" to all Yahoo search users. In another part of the deal, Yahoo will support the Do Not Track technology for Firefox users, meaning that it will respect users' preferences not to be tracked for advertising purposes.
With millions of users who perform about 100 billion searches a year, Firefox is a major source of the search traffic that's Google's bread and butter. Some of those searches produce search ads, and Mozilla has been funded primarily from a portion of that revenue that Google shares. In 2012, the most recent year for which figures are available, that search revenue brought in the lion's share of Mozilla's $311 million in revenue."
Link to Original Source
“Would a moat, water six feet around, be kind of attractive and effective?” Rep. Steve Cohen, D-Tenn., asked with trepidation.
What is likely to happen, though, is that the 7 foot 6-inch fence currently circling the White House gets heightened, Clancy said. Renderings of the new fence are expected in the next few months.
Until then, the Secret Service is relying on a low-tech solution.
“We have a bike rack there now, which we know is not going to prevent someone from jumping the fence, but it’s going to allow us to have a little more time to react,” Clancy said.
C'mon Slashdotters . . . surely we have wackier ideas than a moat . . . ?"
Link to Original Source
No, this law should have tabs!
The vulnerability lies in java.io.ObjectInputStream, which fails to check whether an object that is being deserialized is actually a serialized object. Security researcher Jann Horn discovered the vulnerability and reported it to Google earlier this year.
Horn said via email that the exploitability of the vulnerability is difficult to judge.
“An attacker would need to get a malicious app onto the device in order for this to work. The app would need no permissions,” he said. “However, I don’t have a full exploit for this issue, just the crash PoC, and I’m not entirely sure about how predictable the address layout of the system_server really is or how easy it is to write a large amount of data into system_server’s heap (in order to make less accurate guesses for the memory position work). It might be necessary to crash system_server once in order to make its memory layout more predictable for a short amount of time, in which case the user would be able to notice the attack, but I don’t think that’s likely.”"
In firefox, you have various options to disable parts of HTML5:
And if there is demand to disable HTML5 for certain websites on a click-to-play basis, either somebody will write an addon or the browser does it already itself. For example getusermedia asks for your permission before giving access to the camera.
but the platform was intentionally designed to make it impossible for security reasons.
Perhaps thats true for some technologies, but as user agents didn't add those features to the web, all of those shiny features landed in flash or silverlight and ended up being less secure and more broken than before. Soon every website told you to install flash because it was so new and so cool.
So browser vendors had the choice: either add the features to the browsers themselfes, or rely on one company (Adobe, silverlight came later) and their "Browser inside a Browser".
Of course HTML5 is less secure, and especially WebGL allows the web (traditionally a very dangerous place) to access the graphics card without a dense safety net. But otherwise you would have unity web player or other technologies, which are basically punching holes exactly there where you build your safety net.
HTML5 isn't less secure because people wanted it to be less secure. They wanted to obsolete plugins, but still meet the Web's users demands. Do you have flash installed?
Getting access to the wire should be only the first step of a successful MITM, but yes the WiFi attack is the easiest if you know your target.
VPN is a good idea whenever using a public Internet service, since not all sites are encrypted and you don't really know who you're connecting to.
And you know your VPN better? You know and trust every of the stations appearing on the traceroute list when run on your VPN-ed network interface?