We couldn’t help but poke a little fun in the headline. This is [Alex Miller], a twelve year old who claimed a $3000 bounty from Mozilla. See, [Alex] is a self-taught security guru. When Mozilla upped the reward for discovering and reporting critical security flaws in their software he went to work searching for one. He estimates that he spent an hour and a half a day for ten days to find the hole. Fifteen hours of work for $3000? That’s pretty good!
Is it good or bad to pay for these kind of submissions? The real question: Is the bounty high enough to get blackhats to report vulnerabilities, rather than selling software that exploits them? Let us know what you think in the comments.
[via Zero Day]
Often, software hackers are the activists that push software giants towards updating vulnerable applications. In todays example, [Eric Butler] is pushing Facebook, Twitter, Flickr, and more all at the same time. By creating a user script-kiddie friendly extension for Firefox, he has allowed just about anyone to sniff unsecured connections on public Wi-Fi access points and log into these unprotected accounts.
Right now the extension is available for Windows and Mac, with a Linux port coming soon. Temporarily, the best way for a user to avoid getting taken advantage of would be to not use these social networking sites on a public connection, or to implement a secure proxy for these connections that would keep your data safe. Hopefully these websites will have a quick rebuttal that allows for security without workarounds. With all of the bad press they are recieving, they certainly have incentive to.
Are there any software or security buffs out there? We would love to see someone port this to an iPhone or Android app that could check and log open Wi-Fi points. We’ll leave the foot work to the experts out there, but do be sure to give us a heads up if anyone manages to make it happen, okay?
Does anyone else find it a little ironic the electronic retailer SparkFun is advocating scripts to help Digikey have a Sort By Price function? Regardless, to reiterate now Firefox (and we hear Google Chrome too) users with the Greasemonkey plugin can sort Digikey items. Personally, some of us here are just Mouser fans at heart.
[Thanks Charper and Mohonri and Satiagraha, image credit Make]
We picked up a great Firefox bookmark tip from [Colin]. He wanted an easier way to look up bug numbers on the launchpad bug tracker. Because the url is always the same with the bug number at the end of the address, he replaced the final portion of the url with %s. Now, when he types the keyword followed by the bug number in the address bar the bug page loads right up.
We don’t do all that many bug searches but it’s immediately obvious that this can be useful in a lot of ways. In the photo above you can see we’ve set up a shortcut to the tag pages for hackaday.com. Now we just type “hack” with the tag we want after it. Add this to your bookmarks and try typing “hack firefox” into the address bar.
Google’s Gmail is a highly viable option for email. With numerous features and options like widgets, a task list, labels, and chat, Gmail has a slight tendency to get overwhelming and might force us to loose focus on what it is really all about: email.
What can make Gmail better? For starters, how about no ads; they are cluttering and distracting. What about getting rid of the widgets and unnecessary features like labels and chat that we think are supposed to make us more productive but really only make us lose our focus to send, read and reply to email? Nobody knows Zen better than [Leo] at Zen Habits. We weren’t surprised that he and his friends (with Firefox and Greasemonkey) have found a way to trim all the unnecessary elements from Gmail and make it into an email powerhouse that focuses on a basic productive email client. The minimalist inbox for Gmail consists of Greasemonkey scripts for:
- Removing gadgets
- Hiding labels, chat and footer
- Removing ads
- Removing stars
- Getting rid of the Gmail logo and searchbar
- Removing menu navigation bar
- Cleaning up and removing unnecessary buttons
To get started focusing on email, and only email, head on over to ZenHabits for a list of associated scripts and what exactly they can do to help you on your road to the minimalist Gmail.
[related: Google Chrome roundup]