Skip to main content

Thread: Man in the Browser

-

see: http://www.csoonline.com/article/717...goes-universal

understanding "man in browser" attack succeed attacker need compromise victim's browser. covertly installing plug-in...

...these browser attacks may main reason i'm building me new big hammer can switch online activity linux

in windows have run "winpatrol" -- detect , stop these requests update browser... ugly

in linux browser, e.g. firefox -- running in "userland" -- , cannot updated without permission install software -- , apply "plug-ins" -- -- in windows -- uac not object ... think because such updates updates browser -- , not system

please forgive me if chew on many of type of question...

all applications run userland. updates handled centrally operating system have option choose ones or don't update. won't stop mitb attack though - make easier if you're late on patching.

attacker exploits firefox controls firefox - in browser @ point in virtually every way (without getting technical). best bet prevent attacks on browser using apparmor. apparmor confines firefox process capabilities, prevent many exploits working. stop files being written without explicit permission - way prevent attacker doing type of mitb attack won't able write new extensions/plugins if you've set right. there guide apparmor @ top of forum, sticky.

there's no need worry asking many questions.


Forum The Ubuntu Forum Community Ubuntu Specialised Support Security [ubuntu] Man in the Browser


Ubuntu

Comments

Post a Comment

Popular posts from this blog

Could not place because the source rectangle is empty

-
up until 3pm yesterday, illustrator cs6 , photoshop cs6 worked without hitch @ 3pm, of sudden message 'could not place because source rectangle empty'. doing dragging 1 of our company logos photoshop illustrator .eps file holds our graphics. have done hundreds of timnes before , either way or highlight image in illustrator , paste photoshop. either way still getting error message.   nothing has happened in settings (that aware of) , google gives me numerous results of point @ fact may have corrupt .eps file. not case. if try , drag , drop or copy , paste various different fiele .jpg .png , .eps or .ai have same issue.   i uninstalled photoshop morning re-installed see if fix issue no such luck.   as is, affecting work , sure there workarounds ie. if go file/open , open file way works no eps file holds many seperate graphics once opened in photoshop, seperate images become 1 image.   can this? are getting problem when copying/dragging 1 specific illustrator document or affecti
Read more

Thread: Using smartcard reader with vpnc

-
Image
anyone know how smartcard reader talk vpnc under ubuntu? i've got omnikey 3121 lsusb finds code: bus 004 device 003: id 076b:3021 omnikey ag cardman 3121 opensc-tool ignores ("no smart card readers found"). posted bkline anyone know how smartcard reader talk vpnc under ubuntu? i've got omnikey 3121 lsusb finds code: bus 004 device 003: id 076b:3021 omnikey ag cardman 3121 opensc-tool ignores ("no smart card readers found"). bump. Forum The Ubuntu Forum Community Ubuntu Official Flavours Support Hardware [all variants] Using smartcard reader with vpnc Ubuntu
Read more

Adobe Font Folio 7.0 or just 7?

-
someone deleted my question about adobe font folio 7. looking informations related adobe font folio 7 released march 13, 1995 , can not find ( not even a picture of original packaging). know if, later versions, called 7.0 or 7. thank much. i seem recall called adobe font folio v7.0 , , @ age memory fails me enough can't state under oath; quick google searck on precisely adobe font folio v7.0 returns bunch of hits on pirate software sites.  don't know if that's reliable enough you, until adobe staff chimes in, that's best got far.  More discussions in Type & Typography adobe
Read more