≡ Menu

digg

Yet Another Reason To Get Open Source Software

The USB Overdrive is a device driver for Mac OS X that handles any USB mouse / trackball / joystick / gamepad and any Bluetooth mouse from any manufacturer and lets you configure them either globally or on a per-application basis. Some one posted a screen shot of USB Overdrive software. If you are a sensitive pirate you might feel guilty (found via Digg). Maybe it is a time to switch to Linux.

Get Free CodeWeavers CrossOver License

Codeweavers Logo

CodeWeavers is a company that sells a proprietary version of Wine called CrossOver, for running Windows applications on Mac OS X and Linux. The Codeweavers "Great American Lame Duck Presidential Challenge" has ended as average gasoline prices in the Twin Cities to $2.79 a gallon. You can download full unlocked version for Mac or Linux.

The goals focused on President Bush making specific positive accomplishments in areas such as the economy, home values, the stock market, the war on terror and other key issues. Specifically, one goal called for President Bush to help bring down prices.

According to wikipedia:

On October 14, gas prices in Minneapolis and St. Paul did just that (2.79 a gallon). Codeweavers were true to their word, and on October 28, a combination of Slashdot and Digg took down their website as people rushed to get the free software. According to Codeweavers, "You will be able to unlock your serial number that was emailed to you for an extended time, (an additional 48 hours), due to this downtime.

Direct download links

For Tuesday, October 28, 2008 only, they are putting up fully unlocked builds:

Really scary exploit attack in wild, which affects all browsers under any desktop operating systems including MS IE, Linux, Apple safari, Opera, Firefox and Adobe flash. Any website that uses CSS, flash and IFRAME (used to serve ads) can be used to attack on end users. Attacker is able to take control of the links that your browser visits. From the article:

In a nutshell, it’s when you visit a malicious website and the attacker is able to take control of the links that your browser visits. The problem affects all of the different browsers except something like lynx. The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you. It’s a fundamental flaw with the way your browser works and cannot be fixed with a simple patch. With this exploit, once you’re on the malicious web page, the bad guy can make you click on any link, any button, or anything on the page without you even seeing it happening.

According to victims on several Web forums, the attack is coming from Adobe Flash-based advertising on legitimate sites — including Newsweek, Digg and MSNBC.com.

How do I stop Clickjacking under Firefox?

There are two solutions.

Option #1: Disable everything

Disable scripting and plugins such as flash and others for the time being under Firefox (except adblock plus or no-script plugin). I've no idea how to do this under IE or other browsers. Under Firefox clock on Tools > Add-ons > Select each plugin and disable it.

Fig.01: Disable scripting and plugins

Fig.01: Disable scripting and plugins


Shutdown browser. Next, remove Adobe flash from system using apt-get or from your directory. If firefox 3 installed at /opt/firefox/, change directory to /opt/firefox/plugins:
# cd /opt/firefox/plugins
Delete flash and other plugins files:
# rm *
This should work for other browsers too.

Option #2: Use Noscript To Stop Attack

Download latest version of NoScript firefox plugin. NoScript for Firefox pre-emptively blocks malicious scripts and allows JavaScript, Java and other potentially dangerous content only from sites you trust. Once installed restar firefox. Click on NoScript icon located on bottom right status bar > Select options > Click on Forbid [IFRAME] > Ok

Fig.01: Mitigation for Clickjacking under Firefox with NoScript Plugin

Fig.02: Mitigation for Clickjacking under Firefox with NoScript Plugin

Bonus option # 3: Use lynx

Lynx and other text based browsers are not affected by this exploit. Lynx is a free open-source, text-only Web browser. Recent version works under Mac OS X, All versions of Windows and UNIX like operating systems. You install lynx using apt-get or yum command:
# apt-get install lynx
OR
# yum install lynx

Further readings:

  1. More info about clickjacking
  2. NoScript plugins
  3. Clickjacking demo / proof of concept demo (warning it will hijack your clipboard, to stop just close browser.)
  4. Clickjacking: Researchers raise alert for scary new cross-browser exploit


(Fig.01: Keep your friends close, and your enemies closer [click to enlarge image]).

The Microsoft Internet Explorer Team sent a cake for the release of Firefox 2 in 2006 and now they did it again. Thanks Ryan Paul for posting image and information (via Digg).

PS: Mozilla will be eating cake as well as Internet Explorer's marketshare ;)

Reddit is a social news website (just like digg) on which users can post links to content on the web. Today (June 18, 2008), became an open source project. All of the code and libraries written for Reddit became freely available. Here's a quick list of the open source products that reddit is built and runs upon:

Debian, lighttpd, HAProxy, PostgreSQL, Slony-I, various python libraries, Psychopg, pylons, Solr, Tomcat, Ganglia, Mercurial, Git, gettext (translation), daemontools, and memcached

Today we're excited to announce that we're open sourcing reddit.

All reddit code is licensed under the Common Public Attribution License, which is basically the Mozilla license with a handful of changes. Specifically, the CPAL stipulates that when running reddit's code publicly, any changes to the code must be made available publicly and the site must make clear that it is running reddit code.

View Reddit code online here.

Pop culture: Firefox Car and Bus Pictures

Mozilla Firefox web browser getting lot of popularity.

Firefox bus

While coming from Mysore, we suddenly saw a big Firefox logo pasted on a bus. We stopped the car and and stopped the bus which was about to leave and took these photographs. I wonder if the artist knew where the logo came from:

Firefox bus pictures
(click to enlarge)

Firefox car

The Firefox car (logo posted on a car) was debuted ar Mozilla 24 "Firefox Rock Festival" in Tokyo on Sept. 15th (via digg):

The Firefox car (logo posted on a car) was debuted ar Mozilla 24 “Firefox Rock Festival” in Tokyo