Skip to main content

Web

Softpedia Exclusive Interview: Roberto Suggi Liverani on Browser Vulnerabilities

posted onJune 20, 2012
by l33tdawg

During the 2012 edition of the Hack in the Box (HITB) security conference in Amsterdam, we had the pleasure of speaking to Roberto Suggi Liverani, a researcher who focused his efforts on finding vulnerabilities in some of the most popular web browsers.

Security holes in web browsers are nor something new, but part of his research is based on finding flaws in Chinese web browsers, an area that hasn’t been targeted by many experts.

Take a look at what he discovered and the difficulties he came across while trying to report his findings to various vendors.

Onion Browser: Encrypted Web on the iPhone

posted onApril 26, 2012
by l33tdawg

In an era when security is at the top of our minds, mobile web browsers seem to be lagging behind. There are few options for secure web sessions on smartphones, but a new iPhone app called Onion Browser is changing that. Onion Browser connects to the Tor network to encrypt all your data.

13 Tips for Better Joomla CMS Security

posted onApril 11, 2012
by l33tdawg

As Joomla grows in popularity as an open source CMS more and more individuals and businesses of all sizes rely on the platform to get their products and services online. In fact, more than 2.5 percent of websites are running on a Joomla CMS -- and for good reason. 

Researchers find serious flaws in Single Sign On (SSO) services

posted onMarch 21, 2012
by l33tdawg

Researchers at Microsoft and Indiana University have uncovered some serious security flaws in Web-based single sign-on (SSO) services that could allow access to users accounts. Citing poor integration by website developers, the report states that a lack of end to end security checks is the main reason for the issue. 

51% of website traffic on the Internet is "non human"

posted onMarch 14, 2012
by l33tdawg

A study released today shows that an alarming 51% of website traffic on the Internet are not actually humans but come from automated programs, most of which are malicious.

The study done by Incapsula, a provider of cloud security for websites, claims that most of this "non human" traffic is invisible because it does not show up on analytics software. The data was apparently collected from a sample of 1000 websites that are enrolled in to the Incapsula service. The breakdown of the 51% of "non-human" traffic is as follows:

Google, Microsoft, Netflix: We Want To Add DRM To HTML5

posted onFebruary 29, 2012
by l33tdawg

Google, Microsoft and Netflix have proposed changes to the HTML5 standard that could see DRM added to HTML5 videos.

In a document titled "Encrypted Media Extensions v0.1", which was submitted to W3C's HTML Working Group, the group responsible for handling HTML5 standards, the web giants called for DRM to be added to HTML5 streaming videos, in the same way DRM is available for Flash videos.

New 'HTTPS Everywhere' Web browser extension released

posted onFebruary 29, 2012
by l33tdawg

The Electronic Frontier Foundation (EFF) has launched the new and improved HTTPS Everywhere 2.0 for the Firefox browser . HTTPS Everywhere helps keeps you safe on the Web by encrypting connections to more than 1,400 Web sites. The program uses carefully crafted rules to automatically switch sites from HTTP to HTTPS whenever possible, This new version also includes an important new update that warns users about web security holes and there’s also finally a version for Google’s Chrome Web browser.

HTML5 bullets: Sencha issues developer scorecard for Chrome on Android

posted onFebruary 13, 2012
by l33tdawg

Google issued a beta release of Chrome for Android last week. The port, which brings Chrome's feature set and excellent support for Web standards to Android, is a major improvement over the mobile platform's current default browser.

As we reported in our coverage of the beta, Android's default browser has historically had difficulty handling sophisticated application-like Web experiences. The new port of Chrome has the potential to remedy that weakness and bring highly competitive HTML5 support to Android.

Three Ways a Test Crawl Could Uncover Hidden SEO Dangers

posted onJanuary 11, 2012
by l33tdawg

In November I wrote a post explaining how just one line of code could destroy your SEO.  It underscored the fact that sometimes hidden dangers can kill your SEO efforts.  In addition, it also explained how a thorough audit can reveal those issues and get your site back on track SEO-wise.  Well, I’m back with a new post about audits and SEO gremlins.  And as part of this post, I’m going to include information about one of my favorite tools (one that I’ve used for a long time – Xenu Link Sleuth).