Is Internet Explorer Making A Comeback?
May 8, 2012 by admin
Filed under Around The Net
Comments Off on Is Internet Explorer Making A Comeback?
Microsoft’s Internet Explorer (IE) in April again managed to grab more user share, the third time in the year’s first four months, to stay well above the 50% mark and remain the world’s top browser, a Web analytics company said on Tuesday.
Google’s Chrome’s share also climbed in April, said Net Applications, ending that browser’s three-month decline.
IE boosted its share by about three-tenths of a percentage point last month to average 54.1% in April. That returns IE to a mark comparable to its September 2011 share.
Since Jan.1, IE has increased its usage share by 2.2 percentage points for a 4% gain since the end of 2011. The turnaround has been IE’s largest and longest since the browser began shedding share years ago to Firefox, then later, Chrome.
Microsoft has pinned its hopes almost entirely on IE9, the 2011 edition that runs only on Windows Vista and Windows 7.
On Tuesday, Microsoft again stayed on message, highlighting the gains made by IE9 on Windows 7 — the pairing the firm has said is the only metric it cares about — but ignoring the overall IE increases this year.
Yahoo Goes-DO NOT TRACK
April 6, 2012 by admin
Filed under Around The Net
Comments Off on Yahoo Goes-DO NOT TRACK
Yahoo websites worldwide will comply with users “do not track” settings starting later this year, Yahoo announced Wednesday.
Most major browsers are now able to send a message to sites visited, indicating whether users want their surfing behavior to be tracked by cookies for the purposes of displaying personalized ads. In February the last major hold-out, Google, announced that its Chrome browser will include do-not-track support by the end of the year.
That message, an HTTP (hypertext transfer protocol) header accompanying a request to display a Web page, avoids the awkward paradox that to store a visitor’s preference not to be tracked by cookies, sites had to store a cookie containing that preference, and provides a consistent way to store and indicate such preferences across all Web sites that respect the do-not-track header.
Support for the do-not-track header has been in the works since last year, Yahoo said. All Yahoo sites will respect the header, including those of Right Media and Interclick, two Yahoo subsidiaries specializing in behavioral or data-driven advertising, the company said.
The company’s announcement comes the same day that the U.S. House of Representatives’ Subcommittee on Commerce, Manufacturing, and Trade is set to hold a hearing on balancing privacy and innovation, and in the same week that the U.S. Federal Trade Commission called for creation of a do-not-track tool for Internet users.
In a statement announcing its plans for allowing visitors to opt out of tracking, Yahoo maintained that allowing advertisers to regulate themselves was the best and quickest way to introduce protections to the market place without sacrificing innovation or value creation.
Did Google Bypass Privacy Rules?
February 28, 2012 by admin
Filed under Around The Net
Comments Off on Did Google Bypass Privacy Rules?
In the wake of reports that Google had circumvented privacy settings in Apple’s Safari browser, Microsoft announced today it had discovered that the Web giant had done the same with Internet Explorer.
“When the IE team heard that Google had bypassed user privacy settings on Safari, we asked ourselves a simple question: is Google circumventing the privacy preferences of Internet Explorer users too?” IE executive Dean Hachamovitch wrote in a blog post this morning. “We’ve discovered the answer is yes: Google is employing similar methods to get around the default privacy protections in IE and track IE users with cookies.”
The blog post, which details Microsoft’s findings and offers privacy protection tips, said it has contacted Google about its concerns and asked it to “commit to honoring P3P privacy settings for users of all browsers.”
Google countered that Microsoft backs a system that is dated and impractical.
“It is well known–including by Microsoft–that it is impractical to comply with Microsoft’s request while providing modern Web functionality,” Rachel Whetstone, senior vice president of communications and policy for Google, said in a statement to CNET this evening. “We have been open about our approach, as have many other Web sites.”
P3P, or Platform for Privacy Preferences, is an official recommendation of the World Wide Web Consortium that sites use to summarize their privacy policies.
Apple Website Is Ripe For Hacking
July 4, 2011 by admin
Filed under Around The Net
Comments Off on Apple Website Is Ripe For Hacking
According to the Ethical Hacking group YGN, Apple’s website for developers is virtually wide open and gives the opportunity for hackers to introduce malware such asphishing attacks to gain access to subscriber’s vital personal information.
One group known as Networkworld identified three holes on Apple’s website that arbitrary URL redirects, cross-site scripting and HTTP response splitting. That said, these holes could allow hackers to arbitrarily redirect to other websites and make phishing attacks against developers login credentials more successful.
Download Defense Added To Chrome Browser
Comments Off on Download Defense Added To Chrome Browser
Google has updated Chrome to version 12, adding a new feature that warns users when they’ve downloaded files from dangerous Web sites.
New to Chrome 12 is a tool that flags questionable files pulled from the Web. Chrome now shows an alert when users download some file types from sites that are on the Safe Browsing API (application programming interface) blacklist, which Google maintains.
The messages reads: “This file is malicious. Are you sure you want to continue?” If they wish, users can ignore the warning and install the file on their system’s hard drive.
“This warning will be displayed for any download URL that matches the latest list of malicious websites published by the Safe Browsing API,” said Google last April when it debuted the feature in an earlier edition of Chrome.
Safe Browsing already identifies suspicious or unsafe sites, then adds them to a blacklist. Chrome, Mozilla’s Firefox and Apple’s Safari all tap into Safe Browsing to warn users of risky sites before they actually visit them.
Microsoft’s IE Latest Flaw: ‘Cookiejacking’
Comments Off on Microsoft’s IE Latest Flaw: ‘Cookiejacking’
A technology security researcher has discovered a flaw in Microsoft Corp’s widely used Internet Explorer browser that he said may allow hackers to steal credentials to access FaceBook, Twitter and other websites.
He coined the technique as ”cookiejacking.”
“Any website. Any cookie. Limit is just your imagination,” said Rosario Valotta, an independent Internet security researcher based in Italy.
Hackers can exploit the flaw to access a data file stored inside the browser known as a “cookie,” which holds the login name and password to a web account, Valotta wrote.
Once a hacker has that cookie, he or she can use it to access the same site, said Valotta, who calls the technique “cookiejacking.”
The vulnerability affects all versions of Internet Explorer, including IE 9, on every version of the Windows operating system.
To take advantage of this flaw, the hacker must first persuade the victim to drag and drop an object across the PC’s screen before the cookie can be hijacked.
That sounds like a difficult task, but Valotta said he was able to do it fairly easily. He built a puzzle that he put up on Facebook in which users are challenged to “undress” a photo of an attractive woman.
“I published this game online on FaceBook and in less than three days, more than 80 cookies were sent to my server,” he said. “And I’ve only got 150 friends.”
Microsoft said there is little risk a hacker could succeed in a real-world cookiejacking scam.
“Given the level of required user interaction, this issue is not one we consider high risk,” said Microsoft spokesman Jerry Bryant.
Google SEARCH Goes SSL
Google is finally taking privacy seriously to a degree by offering its users a secure form of searching while using Google Search. Moving forward users will have the opportunity to enable SSL (Secure Socket Layer) for added security. Be advised, the service will only cover the Google search and clicks made through Google to other non-secured sites will be visible.
‘Do Not Track’ Internet Legislation, Advances
Comments Off on ‘Do Not Track’ Internet Legislation, Advances
California is a moving closer to making into law the first Do Not Track legislation in the U.S., aimed at protecting Internet users from invasive advertising.
The proposed Senate bill, SB-761, passed a Senate Judiciary Committee vote late Tuesday, but it still has a long road ahead before having a chance of being signed into law. It now moves on to the Appropriations Committee, and must also pass the Senate and State Assembly before being sent to Governor Jerry Brown’s desk.
Still, it’s the first time such a bill has made it out of committee, and that’s a big deal, according to John Simpson, director of Consumer Watchdog’s Privacy Project. “This is the first time that a ‘do not track’ bill has actually had a hearing and been debated and then voted forward in the legislative process,” he said.
The bill would give California consumers a simple way of opting out of data collection systems that keep track of their online activities. “It puts up a no trespassing sign on our device,” Simpson said.
Opponents of the bill, including Google, the Direct Marketing Association, and the wireless industry group CTIA, say it puts an unnecessary burden on online commerce.
Online marketers love this type of data because it helps them fashion highly effective targeted advertising. But many consumers don’t want to hand marketers every detail of what they do on the Web.
Under the proposed law, users would have a way — possibly a through a browser setting — of telling Web sites not to track them. If a company disregarded this and collected data without permission, it could face stiff fines.
FTC Singles Out Google’s Chrome
Federal Trade Commission Chairman Jon Liebowitz this week singled out Google for not adopting “Do Not Track,” the privacy feature that allows consumers the ability to opt out of online tracking by Web sites and marketing entities.
In an interview Monday with Politico, Liebowitz called out Google for not supporting Do Not Track in its Chrome browser.
Noting that Do Not Track had gathered momentum, Liebowitz said, “Apple just announced they’re going to put it in their Safari browser. So that gives you Apple, Microsoft and Mozilla. Really the only holdout — the only company that hasn’t evolved as much as we would like on this — is Google.”
Do Not Track has been promoted by the FTC and by privacy advocates including the Electronic Frontier Foundation (EFF), as the best way to help consumers protect their privacy.
The technology requires sites and advertisers to recognize incoming requests from browsers as an opt-out demand by the user. The information is transmitted as part of the HTTP header.
As Liebowitz said, Microsoft and Mozilla have added Do Not Track header support to their Internet Explorer 9 (IE9) and Firefox 4 browsers. While Apple hasn’t confirmed that the next version of Safari will include Do Not Track, developers have reported finding the feature in early editions bundled with Mac OS X 10.7, aka “Lion,” the upgrade slated to ship this summer.
Microsoft Delivers Massive Security Updates
Comments Off on Microsoft Delivers Massive Security Updates
Microsoft today patched a whopping 64 vulnerabilities in Windows, Office, Internet Explorer (IE), and other software, including 30 bugs in the Windows kernel device driver and one in IE that was exploited at the Pwn2Own hacking contest last month.
The company also delivered a long-discussed “backport” to Office 2003 and Office 2007 that brings one of the newer security features in Office 2010 to the older editions.
The 17 updates, which Microsoft dubs “bulletins,” tied a record set late last year, but easily beat the October 2010 mark for the total number of flaws they fixed. Altogether, today’s updates patched 64 vulnerabilities, 15 more than in October and 24 more than in the former second-place collection of December 2010.
Nine of the 17 bulletins were pegged “critical,” Microsoft’s highest threat ranking, while the remainder were marked “important,” the next-most-serious label.
Microsoft and virtually every security expert pegged several updates that users should download and install immediately.
“There are three we think are top priorities,” said Jerry Bryant, group manager with the Microsoft Security Response Center (MSRC), in an interview earlier today. Bryant tagged MS11-018, MS11-019 and MS11-020 as the ASAP updates.