Cross-site scripting request forgeries
Attack of the CSRF
Sometimes, even ING, YouTube, The New York Times, and Google get it wrong.
A CSRF Attack Example
So you go to your favorite social networking site to chat with friends. Unfortunately, the site in question allows users to insert images into web-based conversations (e.g., avatars for a forum). Instead of using a URL such as:
<img src="http://random-site/ image.jpg">
Read full article as PDF:Security_Lessons_Cross-site_Scripting_Request_Forgeries.pdf (259.83 kB)
Longtime litigator revives an ancient suit against IBM alleging Linux infringes on Unix copyrights.
Specialty distro keeps the focus on advanced learning.
The openSUSE Conference will be held July 18-22, 2013, at the Olympic Museum in Thessaloniki, Greece.
Security breached at home sites of the CMS project.
Lead Java developer vows policy changes and more attention to fixing problems.
Vendor D-Wave scores big with a sale to NASA's Quantum Intelligence Lab.
Many package updates and Steam integration highlight the latest from the Mandriva-based community Linux.
Richard Stallman calls for the W3C to remain independent of vendor interests.
The new release supports nine architectures, 73 human languages, and zero non-Free components.
Fedora developers release the first alpha version of Fedora 19, known as Schrödinger’s Cat, for general testing. The final release is expected in July 2013.