[ Main ] [ Home ] [ Work ] [ Code ] [ Rants ] [ Readings ] [ Links ] |
[2024] [2023] [2022] [2021] [2020] [2019] [2018] [2017] [2016] [2015] [2014] [2013] [2012] [2011] [2010] December November October September August July June May April March February January [2009] [2008] [2007] [2006] [2005] [2004] [2003] |
[Tue Oct 26 18:44:26 CEST 2010]Now, this is something. Somebody has released a plugin for the Firefox browser called Firesheep that makes it possible to intercept unencrypted cookies from certain websites that are transmitted over public Wi-Fi connections and hijack the online identities that were sniffed from the wire. It is only a proof of concept but also a great headache, especially since it pretty much guarantees that all public Wi-Fi networks out there are completely insecure. Sure, we all knew that. The problem is that there is now a tool that is simple to use, so that any punk out there can hijack your identity on Facebook or Twitter without needing to know his TCP from his UDP. Yeah, start shaking. {link to this story} [Fri Oct 22 17:36:41 CEST 2010]I recently ran into a clear example of the power of open source and how much easier it is to deal with it than with closed products. After coming across of a bug affecting a distributed filesystem product that shall remain unnamed, the kernel engineers who were trying to figure out the ultimate cause of the problem discovered that it was due to the behavior of some applications running on the Mac OS. Now, since Apple's operating system is truly running on top of XNU, which is fully open source, the engineers just had to poke in the source code to quickly find out the cause of the problem, design a strategy to test it and write a patch that fixes it. One can imagine the endless hours they could have spent chasing the bug in the case of a closed source, fully proprietary operating system. {link to this story} |