Google Adsense College

There are a few voices in group of French rich passenger recently: Personalized homepage serves Netvibes to was exposed to give a blemish, developer of a component can use this blemish to accept Google account (the Google user that passes a few carelessness, if I understand correctly) the information of the Netvibes developer with privacy. “This blemish now already by repair, ” guest of Netvibes government gain announces in this week, additional line ” before that component developer is informing us immorally, go up in oneself rich guest revealed this flaw. ” French Google the TomHTML of Zorgloob summed up rich guest the thing of place happening.

– — – — – –

This French says he is to was Netvibes to develop a package first, and obtain agree to be released to the net. Next, you can revise your component without the test and verify of Netvibes. This is absolutely and foolish…

“I checked a website and discovered a flaw. I revise my component to collect the data of the user that uses this component. Need 10 code only. Because this is in this one pace, the mailing address that I can acquire an user, his Feed list (and move the limits of authority that divides Feed) , the note of calendar, network, Gmail ticket that through Mail.google.com/mail/feed/atom this Feed gets… the parameter when I still got this component moves, if go seeing the growth of your Adsense while you use this component,particularly dangerous is… “

Next the rich guest that he founded him, and think of: “In the user of the component that uses me, where is the developer that has Netvibes? ” he is searched ” @netvibes.com ” , next unexpectedly win a prize in a lottery! He finds the developer of a Netvibes.

Next he was examined whats are there in the network note of this developer, lest be forgotten,anybody can write something over… ” over there the develops a site disembarkation that has Netvibes and Wiki name and password! ! ! Useful still will back up the entry name of the database / password, with the database that includes all user data! ” really fab, if not be the screen cut picture that sees him, nobody believes him.

“Through browsing them (private) Wiki page, I discovered the from east to west that Netvibes is developing. Here does not have exclusive newspaper stuff: Of a mobile edition, small to Google part compositive, with well-known trademark (Google, AOL, Skype… ) collaboration, ‘ Netvibes community ‘ found and user information and friend circle. Of a mobile edition, small to Google part compositive, with well-known trademark (Google, AOL, Skype… ) collaboration, ‘ Netvibes community ‘ found and user information and friend circle..

“Next, I can examine all PHP documents, also can find out more flaw! ! ! … finally, I entered those who include an user to log onto a name / the backup database of the password. The password is to use MD5 to add close… but acknowledgment resembles Md5.c.la such website, I can decode the password of 1/5. The worst is very big one part user uses same code in Netvibes and Google account… resemble me same! The worst is very big one part user uses same code in Netvibes and Google account… resemble me same!!

“So I released this text, admonished the safe group of Netvibes next. Admonished the safe group of Netvibes next..

“Give Netvibes the proposal of the group:

? All develops a website codes of modification Netvibes
? Have safe education to developer
? Delete all networks that contain confidential data to take notes
? Intercept is all the entry name that saves tripartite website / the component of the password
? Let all users amend a code
? Contact with me, let me tell you where flaw is

Give the proposal of the user:

? Often change your code
? Do not input confidential data in network note
? Be careful these are new ” 2 ” website, even if they resemble Netvibes same popularity… “

The rich customer that releases this text now had been expunged, I think is him himself of cutout (fear the thing that he reveals) , perhaps may be other what person expunged it…

Tags: , netvibes, problem, safe, The

Ionut discovered a few remarkable things in the PDF file of a Google, the caption of this file is ” the safety of Google Apps and the full-scale investigation that the weakness protects. ” below cite from “Physical safety” part:

Google is running one of centers of the world’s largest distributed network data, and protect the data in these centers and intellectual property. Limits of Google alive bound can run the data center with this unspecified amount. A lot of main data centers are complete be had by Google and manage, ensure can receive without alien. The choice of the situation of data center considered all sorts of catastrophic event. Data center is in classified, sealed place, be regarded as in order to prevent user data target. These establishment are being protected by the armed personnel all round. Additional, the powerful safeguard such as card of device, safe like biology mark is used to ensure can be entered by the employee of accredit only. Pick the Google employee that come out only can the establishment of center of data of bring into contact with and the server inside, and the contact can be controlled by firm ground and examine and verify.

The hacker just does not care a weapon, because they won’t take front door. Google knows these, so about “Logic is safe” added these content:

In the computation that is based on a network, the logistic safety of data and application is as important as physical safety. Google ensures all sorts of application are safe to the utmost extent, process data with safety and calculable means, and any coming from external of pair of clients without accredit and user data be being received is impossible to finish. To achieve this goal, google used standard of a few industry technology and a few unique, the method of innovation. One of methods are opposite the special aim technology at current software.

A lot of technologies of Google provide special aim capability, calculate at common goal relatively for. For example, the laid of network server is by Google special design is mixed carry out, answer the operation of specific application only. Come so, the large-scale attack that it suffers easily not easily by most business software.

Google still revises core Library for safe purpose. Because Google framework is system of an appropriative application, is not a general computational platform, a few services that provide by Linux operating system of the standard can be mixed to stop by limitation. For instance, google engineer had been GNU Linux Libraries and the system that include Ssh, Python, Initscripts, Fsck and Libc to do great upgrade. Google developed in-house log circulatory system and a special edition of Cron. These modification is to increase systematic capacity.

The server of Google still is being protected by multilayer firewall, lest suffer attack. The data that flow into and pours out of is scanned ceaselessly, atttack in order to ensure without the ill will that is aimed at Google application.

For all that, still had exposed deadly weakness in the product of Google in the past — period a few mediumer the data that allows baleful hacker to receive personal user. The data that says to resemble Email and so on when Google ” be stored by the format with defeating solution hard ” when, the hacker can atttack the weakest link. No matter Google locked up how many, an onefold user always needs to open all those keys (nobody wants to read the Email that defeats solution hard! ) … accordingly, hijack the key to get data with respect to enough.

Tags: , armed, google, protection, safe, statement, The

Edition of Google advertisement alliance 360 safe bodyguard are a safety kind get online auxiliary software
Software information
File size: 4.81MB
Applicable system: Windows XP/2000/2003

It is free, “Main function has edition of ” of Google advertisement alliance:
· intercept ill will angles fishnet stands, date of account of account of the silver that prevent a net, game, QQ is missing
· is checked in the round kill more than 9000 popular vaulting horse, 370 baleful software
· releases information of Microsoft government flaw, rehabilitate 388 systems flaw, prevent ill will effectively soft
Travel through flaw
· informs against baleful software, with experience of millions netizen shareware
· gives value 320 yuan authorised edition blocks Basiji to kill poisonous V6.0, 7*24 hour serves in the round
· reads the rich customer of " of "Google advertisement alliance, grab sofa for a short while

Download address: Http://my.360safe.com/download.html? Id=953025

Tags: , advertisement, alliance, bodyguard, Download, edition, google, safe

Of Mozilla foundationFirefox browserthe search page that silent of the homepage that start thinks international searchs engine tycoon Google, this brought the convenience that the network searchs for the user, but newest message shows this also brought safe hidden trouble for the user.

Google of Firefox acquiescent homepage searchs engine 　
　　
This Zhou San, the software engineer Reza Behforooz of Google expresses, because link a function through be being installed beforehand, google search engine can hold the first search beforehand as a result inFirefox browserin high speed cache, can achieve more search results so. Make the search rate that the user uses Google to search engine in Firefox or Mozilla browser should be compared before fast.
　　
Behforooz says in company network log: “ uses Google to search engine on the browser of Mozilla at present than allowing when to be awaited before fast, when undertaking searching through Firefox browser, we search the command engine to download more search results to you beforehand. Pass it so, the achieves need inquiry webpage result with your more rapid aux will be able to. ”

At present of Google install link function to apply to Firefox and Mozilla browser only beforehand, because IE and other browser do not provide such function, pack link function beforehand because of what this user cannot use Google.

But while this one function is raising search rate, also may put in network safety hidden danger. Google is solved in its “ common problem”(FAQ) middle finger goes out, the Cookies that those websites that did not click may leave in the high speed cache of “ browser and webpage ” , although the user did not click a website,this makes clear, because was used,pack link function beforehand, its Cookies and webpage also can appear in the amortize of user browser.

Partial Firefox user is opposite this to install link function to show concern beforehand on the network records site of Mozilla. They say, link a function to may exist beforehand have safe hidden trouble, people may download illegal content below the circumstance of know the inside story none, and took up likely more bandwidth.

User of browser of a Firefox expresses: If the first matchs those who search a result,be website of a pornography, although you did not open this webpage, but your acting server recorded this website however, downloaded it all Cookies, this meeting makes you encounter a trouble.

Another user Alex Bishop says, of user use Google when packing link function beforehand, although be in,illegal content did not download below circumstance of know the inside story, the content mark that these content also choose actively with them can differ somewhat, because Google searchs the request that engine sends to have “x-moz: Prefetch” head indicates.

Author: Computer tiger origin: IT168

Tags: , FIrefox, google, rate, safe, want