冰灵博客

For the longest time in hacker folklore Internet Explorer and Microsoft Windows were the key targets and most exploitable while Macintosh and Safari were virtually ignored. But times they are a-changin’, roles are reversing, and Google’s Chrome comes out as a dark horse.

Researchers entering the Pwn2Own browser exploit contest at CanSecWest in Vancouver delivered bad news to all three major Web browsers. IE, Safari, and Firefox were all cracked, leaving Google’s Chrome unbroken. When the researchers took a crack at smartphones like the iPhone, Blackberry, and Android, they also fell short.
But the bigger news is the insight Charlie Miller, a security researcher for Independent Security Evaluators who cracked a fully patched MacBook Air through Safari, gave ZDNet in an interview. Miller labeled Mac OS as the easiest of the bunch to exploit while naming Firefox on Windows machines one of the most difficult, and Chrome as almost impossible.

The difficulty Chrome presents, said Miller, is a reason why hackers, especially those in the contest, largely ignore it. Google’s browser is just too much work.

“There are bugs in Chrome but they’re very hard to exploit,” he explained. “I have a Chrome vulnerability right now but I don’t know how to exploit it.  It’s really hard.  The’ve [sic] got that sandbox model that’s hard to get out of… I might have this bug and I might be able to get code execution.  But now you’r ein [sic] a sandbox and you have no permissions to do anything. You need another bug to get out of the sandbox. Now you need two bugs and two exploits.  That raises the bar. “

On the other hand, Mac OS is the easiest, and with rising popularity of Apple machines, it becomes a more attractive target. Over the decades, the sheer ubiquity of Windows machines made Microsoft the biggest target, leaving Mac machines virtually ignored by the hacker community.

Miller suggests it’s the operating system more than the browser these days, and the folks at Microsoft have made it very difficult to exploit Windows via anti-exploit mitigations and randomization, “two hurdles” lacking on Macs.

While Firefox is just slightly more difficult to exploit than IE 8, in Miller’s estimation, the killer combination is Firefox on Windows. “It’s really hard to exploit Firefox on Windows,” he said. “For all the browsers on operating systems, the hardest target is Firefox on Windows.  With Firefox on Mac OS X, you can do whatever you want.  There’s nothing in the Mac operating system that will stop you.”

For all those designers who want fonts of their own handwriting can now make them for free! Previously, you needed complex tools and softwares to make them, but since this is the age of the Internet, everything is now online!

YourFonts.com is a free online generator that lets you create high quality fonts in just a few minutes. You can easily create OpenType fonts in your own handwriting.

This service allows you to upload high quality templates of up to 4000 x 5000 pixels and then using its advanced raster to vector conversion algorithm, produces high quality fonts of your own handwriting.

Features

• Your own handwriting turned into your very own font for free
• Optionally include your signature
• You’ll have your very own font within 15 minutes
• Make as many fonts as you like
• Use your fonts on Windows, Mac OS X and Linux
• Personalize your digital scrapbook
  

  pages

• Make your own “family handwriting history”
• Use your fonts in Microsoft Word, PowerPoint and every program that you own

YourFonts.com is a 100% fee service and have no catches at all. I’m sure everyone is going to enjoy digitizing their handwriting!

YourFonts.com