Cleaning up Firefox... somewhat.

  configuration firefox howto linux maintenance web_browsers cleanup

Chances are you're running one of two major web browsers on the desktop to read my website - Firefox or Google's Chrome.

Chrome isn't bad; I have to use it at work (it's the only browser we're allowed to have, enforced centrally).  In point of fact, I'd have switched to it a long time ago if it wasn't for one thing.  I make heavy use of a plugin for Firefox called Scrapbook Plus, which make it possible to take a full snapshot of a web page and store it locally so that it can be read offline, annotated, and full-text searched …

Read more...

Saving stuff before it vanishes down the memory hole.

  addons archival bots howto plugins web web_browsers websites saving

UPDATE - 20170302 - Added Firefox plugin for the Internet Archive.

UPDATE - 20170205 - Added Chrome plugin for the Internet Archive.

Note: This article is aimed at people all across the spectrum of levels of experience with computers.  You might see a lot of stuff you already know; then again, you might learn one or two things that hadn't showed up on your radar yet.  Be patient.

In George Orwell's novel 1984, one of his plot points of the story was something called the Memory Hole. They were slots all over the building in which Winston Smith worked, into which documents which the …

Read more...

Source code to Javascript botnet agent leaked!

  agent botnet hoffman javascript jikto leaked noscript schroll shmoocon web_browsers

Remember the software that Billy Hoffman demo'd at Shmoocon 2007 - the Javascript that turns any capable web browser into a zombie?

One Mike Schroll snagged a copy while in the audience and posted it to his website. From there, about 100 somebodies downloaded copies, which no doubt have spread farther.

You can bet that this is going to find illicit use soon. For Firefox users, I strongly suggest that you look into installing a plug-in called NoScript, which lets you decide whether or not to execute the Javascript embedded in a particular web page.

As always, read the documentation.

Cross-platform droneware: Bots written in Javascript.

  agent botnet hoffman javascript jikto shmoocon web_browsers

Billy Hoffman of the security outfit SPI Dynamics unveiled the fruits of his research at Shmoocon last weekend (which I'm still miffed about not being able to attend), botnet software written in Javascript that runs on any modern web browser. His prototype botnet agent is called Jikto, and it searches for cross-site scripting vulnerabilities in websites after beginning execution when the user looks at a malicious website or e-mail message. Periodically, it will phone home with vulnerable URLs and details of same. This means that even Net-capable cellphones can unwittingly be turned into botnet members.

Javascript can hypothetically be dropped …

Read more...