Tuesday, March 28, 2006

This guy gave me a laugh.

Remember a couple weeks ago when I posted that gmail vulnerability.

If you don't just go down a couple stories...

If you do here's the ironic part.

This guy thought I was faking it and decided to fake it himself.

I don't think he will be convincing anyone but he sure gave me a laugh.

If you want proof look in the comments of the original post or in the Digg Story

Made my day.

Monday, March 13, 2006

Easter Egg in Microsoft Word

Microsoft's evil little characters are giving us the Microsoft Word tip of the day...

"You can hurt yourself if you run with scissors".



This is my brothers computer by the way.

Sunday, March 12, 2006

Extraterrestrials in the red rain? You decide...

Pretty Cool Stuff...

read more | digg story

Tuesday, March 07, 2006

Digg to CoralCDN - The Digg coralizer - reaches 10,000 coralized links


Digg2Coral Link

Help support this project, go download it.

By the way don't be afraid to submit this or that to digg.

Wednesday, March 01, 2006

Vulnerability in Gmail

I was recently attempting to mail some javascript code from my yahoo account to my gmail when I came across this vulnerability.

Apparently javascript will run if it is withing the preview of the message.

I only tested this sending from a yahoo account. Sending gmail to gmail appears to filter this out.

This is what the message has to compose of

  • A short subject to increase the ammount of code to run

  • A short bit of text in the body so that the code isn't treated as quoted text

  • And your code

My simple test was : Subject: a Body: asdfasdf<script>alert("asdF");</script>

Here is the screen: NOTE I JUST PUT IT BACK UP! : screenshot

Last time I killed my friends server so I uploaded it to flickr instead.

This vulnerability could be used to gather email addresses. Or even possibly to compromise the account.