Technology
Firefox gets another major security upgrade

Firefox gets another major security upgrade
Firefox gets another major security upgrade
In a recent blog post on the Mozilla Security Blog, the Firefox-maker revealed the steps it has taken to protect users from code injection attacks by making its browser more secure.
The company has hardened its browser by removing “potentially dangerous artifiacts” from the Firefox codebase, including inline scripts and eval()-like functions, according to the firm’s platform security and privacy engineer Christoph Kerschbaumer.
Inline scripts were removed in an effort to improve the protection of Firefox’s ‘about’ protocol which is often referred to as about: pages. These about: pages allow users to do things such as display network information, view how their browser is configured and see which plug-ins they’ve installed.
However, since these about: pages are written in HTML and JavaScript, they employ the same security used by web pages, which are also vulnerable to code injection attacks. For instance, an attacker could inject code into an about:page and use it to change configuration settings in Firefox.
Code injection attacks
To help protect Firefox users against code injection attacks, Mozilla decided to rewrite all of its inline event handlers and to move all inline JavaScript code for all 45 of its about: pages to “packaged files”. The company also set a strong Content Security Policy to make sure that any injected JavaScript code is unable to execute.
Kerschbaumer explained how this new measure can help protect against code injection attacks, saying:
“Instead JavaScript code only executes when loaded from a packaged resource using the internal chrome: protocol. Not allowing any inline script in any of the about: pages limits the attack surface of arbitrary code execution and hence provides a strong first line of defense against code injection attacks.”
Additionally, Mozilla has warned developers against using the eval() function which it described as a “dangerous function, which executes the code it’s passed with the privileges of the caller”. By rewriting all eval()-like functions, the company has reduced the attack surface in Firefox further.
Via ZDNet
Crypto News
Tech Gaint Samsung plans to launch NFT feature for TVs
Samsung said that starting with its 2022 TV lineup, it would provide broad support for NFTs.
This was disclosed in Samsung press releases titled, “Samsung Electronics Unveils Its 2022 MICRO LED, Neo QLED and Lifestyle TVs, With Next-Generation Picture Quality and Range of Cutting-Edge Personalization Options.”
Samsung becomes the first major TV manufacturer to support NFTs to such a significant degree.
Samsung is introducing the world’s first TV screen-based NFT explorer and marketplace aggregator. This would be a groundbreaking platform that lets you browse, purchase, and display your favourite art all in one place.
“NFT Platform: This application features an intuitive, integrated platform for discovering, purchasing and trading digital artwork through MICRO LED, Neo QLED and The Frame,” Samsung said.
The need for a solution to today’s fragmented viewing and purchase landscape has never been higher, according to Samsung.
What you should know
- Non-fungible token (NFT) assets were extremely popular in YTD with about $20 billion in volume recorded in terms of NFT sales among 100 collections.
- While many single NFTs sold for millions of dollars, a number of NFT projects and collections saw hundreds of millions and even billions in all-time volume.
- According to defillama.com metrics, the popular NFT collection Cryptopunks captured $2.98 billion in all-time volume.
- Numerous NFT collections have been very prominent in 2021 and have been the topic of various discussions
- Hence with the growing popularity of NFTs, Samsung saw that the need for a solution to today’s fragmented watching and purchase landscape has never been higher.
Technology
Microsoft’s Bid To Purchase TikTok Is Rejected
Microsoft’s Bid To Purchase TikTok Is Rejected
Microsoft will not be purchasing the wildly influential social media app, Tik-Tok, the company announced, Sunday. ByteDance, according to a statement from Microsoft, refused to sell to them.
“ByteDance let us know today they would not be selling TikTok’s US operations to Microsoft,” the company said in the statement. “We are confident our proposal would have been good for TikTok’s users, while protecting national security interests. To do this, we would have made significant changes to ensure the service met the highest standards for security, privacy, online safety, and combatting disinformation, and we made these principles clear in our August statement. We look forward to seeing how the service evolves in these important areas.”
Instead, ByteDance has reportedly reached an agreement with the software giant, Oracle.
TikTok was desperate to be sold after the Trump administration put pressure on the company, considering TikTok to be a threat to national security.
“The U.S. government is forcing one of China’s most successful global media companies to sell under a less than ideal timeframe, and China is trying to avoid having this set a precedent,” said Paul Triolo, head of global technology policy at the Eurasia Group. “The TikTok ban has to be viewed as part of this longer-term effort by the U.S. to police the boundaries of its technology ecospheres with China.”
Technology
Sony Officially Confirms Date For PS5 Showcase
Sony Officially Confirms Date For PS5 Showcase
Sony has adamantly teased the PlayStation 5 for months now, and it looks like the time is nearly among us.
The tech giant has prepared its rival products to compete against the XBox Series X and Series S, just in time for the Black Friday/Christmas/ever-lasting quarantine rush. Wednesday at 1 PM (PDT), the company is set to hold a 40-minute showcase, detailing news among Sony’s first-party game studios and its third-party partners.
PlayStation 5 Showcase broadcasts live this Wednesday at 1pm Pacific Time: https://t.co/W4gkVp7pdv pic.twitter.com/Nn33RT0yki
— PlayStation (@PlayStation) September 12, 2020
While sensational drips of information have leaked ahead of the showcase, including Sony’s apparent intent to produce two separate models of the console at two different price-points, technological specification potentially making it worth the upgrade has yet to come to the mainstream circle.
In addition to unveiling the functionality of the console, Sony is expected to announce its price(s) and release date(s).
All eyes are especially open to see if the company plans to match, undercut, or exceed the relatively bare-bones price tag of $299 USD placed on the XBox Series S.
After having already opened pre-registration for preorders of the console, Sony seems confident it can deliver upon its own hype as they provide “one more look at some of the great games coming to PS5 at launch (and beyond!)” This coming Wednesday.