This timeline of the discovery of a critical flaw in Mozilla is amazing. It took a scant 31 hours between the moment the bug was first reported to the moment that you could download a patched version of all different Mozilla flavours and derivatives.
July 7 - 13:46 GMT - Keith McCanless files a bug in the Bugzilla Database reporting a new vulnerability. It exploits the windows "shell:" handler and allows a malicious web page to execute a program on a client's computer (The program has to already be present on the computer). McCanless notes that the bug is "BOTH a security concern and a DOS," since if the link points to a nonexistent file, it makes the Mozilla browser spawn off endless amounts of new windows. The bug is marked private since it is security-related; only developers with proper clearance can see it. (source)...
July 7 - 18:16 GMT - Mozilla developer "timeless" creates patch closing vulnerability. He posts the patch on the Bugzilla Database so that other developers can approve it. (source) The bug had been known to the world for a matter of hours before a patch was created to fix it
Looking for a tiny PC that still has space for a gaming-quality video card? SFF PC Cases is a remarkably detailed spreadsheet listing dozens of models, complete with cost, dimensions, volume and even important build tips. The very smallest are not practical for powerful builds, but the critical “Maximum GPU length” field is right there […]
Enjoy Michael Mullany’s review of the Gartner Hype Cycle, with all the things tech predictors got right and all the things they got wrong: “we’re terrible at making predictions.” Lesson 6: Some technologies keep receding into the future There are some notable technologies that recur on the Hype Cycle and every time they appear they […]
Why we secretly love our cords. Tamara Warren: There’s a certain security in the cord. It’s the idea of connection, perhaps even dating back to our days in the womb. … A battery, no matter how sophisticated, is fleeting. When we have our cords with us, we are in constant pursuit of power, even when […]
The Pry.Me Bottle Opener holds tens of thousands of times its own weight, and you can pick one up now from the Boing Boing Store.This remarkable keychain is considerably smaller than any of your keys, but don’t let that fool you: it can easily open any bottle, and could even tow a trailer full of […]
Guaranteeing your privacy online goes way beyond checking the “Do Not Track” option in your browser’s settings. To ensure that your internet activity is totally hidden from Internet Service Providers, advertisers, and other prying eyes, take a look at Windscribe’s VPN protection. It usually costs $7.50 per month, but you can get a 3-year subscription […]
This project management bundle will help you get organized and learn how to lead a team to success. You can pay what you want for these five courses when you pick them up from the Boing Boing Store.To help you become an invaluable asset for your company, this bundle includes a curated collection of professional […]