On February 18. Secunia announced a zero-day-exploit for Firefox 3.6. A serios bug in Mozilla Firefox offers the possibility for remote code execution with administrator rights on Windows. It is possible that earlier versions of Firefox are affected too.

Evgeny Legerov about the result of his work: "People who've seen firefox exploit agree with me - it is a really cool bug, it was an interesting challenge to find and exploit it."

read more

A team of scientists that has already informed about other unusual possibilities of espionage has now discovered a new method to obtain personal information: they analyzed the noises of a dot matrix printer and were thus able to reconstruct a large part of the printed information.

read more

Philosophy and technology

Do we need JonDonym? The question seems to be out of place, since this is the blog of the company which co-develops that software. But nevertheless, if we have a look at western democracies just a very small minority of people is using services like JonDonym and the majority does not miss anything at all surfing the Web. So, do we need JonDonym?

read more

As analogon to the "all-in-one device suitable for every purpose", they now really exist: the "pirate copying child porn terrorists" as Times Online states in a recent article (17.10.2008). Terrorists are supposed to hide secret messages in child pornographic images and to thereby spread them over the internet. We suppose that they also lack opyrights among other legal deficiencies - that's why the new term PCCPT may be established.

As the german web site Heise reports, companies might now be able to contact arbitrary visitors of their web sites using a new technology. This may be realised by a software of the company demandandbase, which may in many cases even identify individual employees of a specific company.

read more

According to a report on Spiegel-Online, the german Federal Office for Information Security (BSI) explicitly warns from using the new Google browser "Chrome" productively. The browser may be half-baked (explicit beta, not a complete product) and had been released to market far too early. Moreover, Google may very probably use this browser to collect private surf information and other personal user data.

Since a while, a new profiling system named Phorm is in beta test at U.S. american and british access providers. Without asking the customers meanwhile some hundred thousand, partially quite detailed, data sets about visited websites and requested content (e.g. also from web e-Mails) have been created. It might be just a matter of time until such a technology will be applied in other european countries.

After recent reports about the german BKA looking for suspects in the visitors of their web sites, now even more threatening measures against web surfers have been uncovered to be used by the U.S. FBI. After clicking on prepared web links (or after automatic download by browser prefetching...). the FBI searches the houses of those people whose IP addresses could be backtraced to their identities.

The FakeNameGenerator makes ist quite easy to create plausible identities for exploring the web. This service is free and does not need any registration.

For synchronizing Firefox bookmarks we have been developing an extension that should - in contrast to all other existing ones - keep the privacy of its users. As Mozilla is now developing a far more flexible concept, Weave, that fulfills the same requirements, we have decided to stop our own development without releasing it.