Firefox 2.0.0.4 Security Release
The Mozilla web browser Firefox and derived products like Thunderbird, SeaMonkey and the Netscape Browser contain several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.
To solve this problem, Mozilla Foundation, the nice people behind Firefox have just released a very important security release, so if you’re running Firefox, you need to go grab the latest release right away.
The following security issues have been fixed:
- XUL Popup Spoofing
- XSS using add Event Listener
- Path Abuse in Cookies
- Persistent Auto complete Denial of Service
- Crashes with evidence of memory corruption
According to Mozilla, also in this release are more enhancements and fixes for Windows Vista with the following caveats:
Clicking links in some applications (e.g. some instant messaging programs) might not open them in Firefox, even if you have set it as your default browser. To workaround this problem, go to Start -> Default Programs -> Set default programs for this computer, expand custom, select the radio button next to the app you want to set as the system wide default app (e.g. Firefox, etc.), and apply.
A Windows Media Player (WMP) plugin is not provided with Windows Vista. As a workaround, in order to view Windows Media content, you can follow these instructions. Note that after installing you may have to get a security update and apply it before you can see the content in the browser.
Vista Parental Controls are not completely honored. In particular, file downloads do not honor Vista’s parental control settings. This will be addressed in an upcoming Firefox release.
When migrating from Internet Explorer 7 to Firefox, cookies and saved form history are not imported.
I personally think you shouldn’t be running Vista on your machine as it’s still so very buggy and Windows XP SP2 is pretty solid these days.
For those of you wondering, on my computers I run both Windows XP Pro SP2 and Fedora Core 5 and 6.
WP-DBManager 2.11 Released
Today Lester ‘GaMerZ’ Chan updated his WP-DBManager WordPress plugin.
If you’re not familiar with this very useful WordPress plugin from GaMerZ, here’s a feature list of what you can expect, taken from his official plugin description:
Manages your Wordpress database. Allows you to optimize database, repair database, backup database, restore database, delete backup database , drop/empty tables and run selected queries. Supports automatic scheduling of backing up and optimizing of database.
Here is what’s new in his latest 2.11 release:
- Sort Database Backup Files By Date In Descending Order
- Added Repair Database Feature
- Automatic Scheduling Of Backing Up And Optimizing Of Database
Keep in mind that his 2.x series of the plugin only works with WordPress 2.1.x and above. If you’re running the 2.0.x branch of WordPress, you’ll need to use WP-DBManager 2.05.
Americans Buy Low-Tech Phones And Keep Them Forever
According to J.D. Power and Associates, Americans are keeping their phones an average of 17.5 months, up from 16.6 months since last fall. That means more and more people are opting for 2-year contracts…and opting against the latest technology. Do people care about high tech?
If you believe J.D. Power and Associates’ latest study:
It’s clear that wireless service carriers are using mobile phones as bait to increase consumer traffic, applying discounts either through rebates or free limited-time offers.
“The problem with this strategy is that, in most cases, the discounted handsets being offered are older models, which typically lack the latest technological advancements or desired design features.
- Kirk Parsons, senior director of wireless services at J.D Power
That’s kind of depressing.
What’s even more depressing is that people are allowing themselves to be roped into long contracts by purchasing subsidized handsets. This is a double-edged sword for the carriers.
“While these longer contracts help wireless carriers recover the costs associated with offering subsidized cell phones, customers tend to hold on to their current cell phones longer to avoid termination fees when switching service, which may ultimately lead to lower renewal rates,” said Kirk Parsons.
The drop in average handset prices underscores the fact that people are buying cheaper, less-advanced phones.
The price a customer pays for their wireless mobile phone has dropped from an average of $103 in 2002 to $93 in 2007. The decline is primarily due to discounts given by handset providers and wireless service carriers to incentivize sales. Currently, 36 percent of customers report receiving a free mobile phone when subscribing to a wireless service — up considerably from 28 percent in the 2002 study.
Over one-third of Americans opt for the cheap-o free phone. So does that mean advanced phones like the iPhone or BlackBerry Curve (which retail for $500 and $200, respectively) have a future? Only in certain circles, it appears.
The subsidization model has deceived Americans about the real cost of cell phones and actually set the bar lower for the entire industry. With one-third of people choosing the free phone, it’s obvious that they don’t expect to have to pay anything for a phone.
Heaven forbid carriers move away from the subsidization model (like Korea has done and Japan is doing). People won’t know what to do with themselves if they have to actually fork over some cash for their phones.
eBay Pays $75 Million For Search Site StumbleUpon
Web auction leader eBay Inc. has acquired Web surfing recommendation site StumbleUpon for $75 million in cash, matching the highest value reported as under discussion weeks ago.
StumbleUpon Inc. is an online review site that recommends Web pages within sites such as Flickr, MySpace or YouTube, based on “thumbs up” or “thumbs down” votes from other Web users with shared interests. It counts 2.3 million users and is growing at 150 percent a year.
The service helps people find Web sites, videos, products, people and other online information according to their tastes.
Community members add more than 5 million recommendations per day, meaning StumbleUpon’s depth improves the more often it is used.
StumbleUpon combines peer recommendations with search features and as such presents an alternative to Web search leader Google.
So why would eBay want to acquire StubleUpon?
My take is they plan to use the recommendation features built into the StubleUpon service as a referral system for eBay users to locate Web auctions that interest them.
Thoughts?
Is The Next Generation iPhone Already In Production?
The iPhone rumors are non-stop today.
The iPhone supposedly will have more features than Steve Jobs announced in January but get this, Microsoft has a new patent with which to challenge the iPhone and possibly block its path to market.
Yes folks, Apple’s iPhone might be at the mercy of a patent just granted to Microsoft… judging by U.S. Patent 7,225,409, “Graphical User Interface For A Screen Telephone,” which was awarded to Microsoft on Tuesday.
More potential worries for Apple: The patent isn’t just for a phone but for the underlying software and the patent document even includes a helpful flowchart.
It gets better. Now reports claim that the iPhone II, the European version of the iPhone, is about to begin production.
According to the rumors, Quanta Computer has been awarded a contract manufacture the second-generation iPhone. Quanta will reportedly make five million iPhone units starting in September 2007.
The deal, however, may not be closed:
Although the company would not confirm the rumors citing confidentiality agreements with their clients, Quanta is the largest contract manufacturer of notebook PCs in the world. A conflicting report in DigiTimes states that Quanta has not yet won the G2 iPhone but is currently bidding on the contract.
Quanta has manufactured many of Apple’s notebooks, including the PowerBook.
What do you think? Will Quanta make the iPhone II? And is the iPhone II ready for production?
SRG Clean Archives 4.0.3 Released
As most users would agree, the plugin was in major need of some love and attention from the original 2.1 release which was released back in January 2007.
That’s the major reason why since April 30, 2007 when I took over the development of the plugin there’s been a ton of releases from me. Things needed to be brought up to the current needs and standards for the majority of WordPress users.
Basically after version 3.0 which I released on May 15, 2007 I’ve mostly been adding in features from user requests and optimizing the source code.
Ok, now the meat and potatoes of the SRG Clean Archives version 4.0.3 release…
Per a user feature request and sort of a bug that was caught by Owen Kelly, I’ve added an option to the plugin admin menu so you can toggle on/off showing a link to your detailed monthly post archive.
If you were wondering, detailed monthly archives are just the standard WordPress paged archives and the link will appear below the month link if toggled on.
Special thanks goes out to Owen for helping me get this bug/feature option working properly and doing some late night (or morning depending on your timezone) testing.
Seriously, I think this is going to be the final release for a little while… at least for more then 24-48 hours like I’ve been doing.
Thank you for your continued support and use of SRG Clean Archives.
PayPal donations are never expected but always appreciated: 
Thanks to Weblog Tools Collection for helping spread the word about SRG Clean Archives.
Updated: There was a small code validation error pointed out by a user which is now fixed as of version 4.0.4. Not a major release but wanted to let everyone know.