CrazyCanucklehead - Slashdot User

Submission + - Watered Down Phishing Protection in iPhone OS 3.1?

Submitted by CrazyCanucklehead on Thursday September 10, 2009 @12:25AM

CrazyCanucklehead writes: Security Researcher Michael Sutton discusses his findings when looking at the advertised anti-phishing features in the recently released iPhone OS 3.1. It turns out that the protection is far less than what is provided in OS X and the feature may not provide any protection at all.

Comment Did they break the law? (Score 1) 457

by CrazyCanucklehead on Friday March 13, 2009 @07:35AM (#27179069) Attached to: BBC Hijacks 22,000 PCs In Botnet Demonstration

The question is, did they break the law? http://research.zscaler.com/2009/03/botnets-for-everybody.html

Submission + - Attacking Local Browser Storage

Submitted by

CrazyCanucklehead

on Thursday February 19, 2009 @03:48PM

CrazyCanucklehead writes: "At the Blackhat security conference in Washington, DC, researcher Michael Sutton has detailed how common XSS flaws in web applications employing (Google) Gears and HTML 5 Database Storage can leave local databases wide open to attack. This comes just as Gears is starting to take off and just yesterday Google demonstrated a beta version of offline Gmail on phones, thanks to HTML 5 support in WebKit based browsers such as those used by Android and the iPhone. Sutton drove home the point by walking through an real world example on commercial site Paymo.biz which has thankfully since been fixed."

Slashdot Top Deals