Week in Geek: Chromium may Replace Firefox as the Default Browser in Ubuntu 13.10

By Akemi Iwaya on May 19th, 2013

This week’s edition of WIG is filled with news link coverage on topics such as Microsoft has confirmed that ‘Blue’ will be free for existing Windows 8 users, Firefox 21 has added support for new services via its Social API, malicious Chrome and Firefox extensions that hijack Facebook profiles have been found, and more.

Special Note: This is our final edition of ‘Week in Geek’ and we hope that you have found the weekly posts to be informative as well as helpful.

Weekly News Links

Security News

Fractured glass photo effect courtesy of PhotoFunia.

  • Critical Linux vulnerability imperils users, even after “silent” fix
    For more than two years, the Linux operating system has contained a high-severity vulnerability that gives untrusted users with restricted accounts nearly unfettered “root” access over machines, including servers running in shared Web hosting facilities and other sensitive environments.
  • Malicious Chrome and Firefox extensions found hijacking Facebook profiles
    Malicious extensions for Google Chrome and Mozilla Firefox that hijack Facebook profiles to post messages have been flagged up by Microsoft Malware Protection Center.
  • Future Firefox takes tougher stance on mixed content
    Mozilla might be fine with mixed company, but it’s not fond of mixed content. A new tool to block unsecured content on secure sites makes its debut in the latest update to Firefox Aurora.
  • Mozilla delays turning on third-party cookie killer in Firefox
    With Firefox 22 now in beta Mozilla has decided not to enable its new third-party cookie-blocking feature by default. The feature, aimed at preventing cross-site tracking of browser users with cookies not originating from the sites users visit, will still be available in the next Firefox release (due in June) but will be turned off by default.
  • OneNote Web App Gets Support for Password-Protection Sections
    Microsoft has recently introduced a new important update for OneNote Web App, allowing users of its browser-based productivity suite to access content in password-protection sections.
  • Dangerous Trojan can redirect your browser to a malicious web page
    Trojan.Mods.1 works by intercepting the system functions necessary for translating DNS names to IP addresses. It does so via a special algorithm. The effect of this is that instead of the site the user has requested, they are redirected to fraudulent pages or certain group of addresses that seek your personal information.
  • New Mac spyware found in the Oslo Freedom Forum
    F-secure is reporting on new malware found for OS X, which appears to be a backdoor application that so far is known to take screenshots of the user’s computer and then attempt to upload them to remote servers. The malware is being called OSX/KitM.A.
  • Name.com domain registrar hacked
    US domain registrar and web hosting service Name.com has fallen victim to a hacker attack. In a recent email, the company informed its customers of an incident that potentially enabled unknown attackers to gain access to “email addresses, encrypted passwords and encrypted credit card details”.
  • Is your laptop still unencrypted? Perhaps 7 seconds of CCTV might change your mind…
    Lots of people don’t worry much about encryption. After all, security companies only promote encryption as a way of life because they’ve got encryption products to sell, right? Perhaps or perhaps not.
  • “SpecialisRevelio!” Macs use Harry Potter spell to unlock secret “backdoor”
    The Mac on your desk or on the cafe table next to you has a chip with secret functions that can be unlocked only by inputting a spell from the Harry Potter series. The SMC, or system management controller, is a chip used to regulate a Mac’s current and voltage, manage its light sensor, and temporarily store FileVault keys.
  • Lost+Found: Hacking Smart TVs, scammer hotlines and Vaccination
    Too small for news, but too good to lose, Lost+Found is a compilation of the other stories that have been on The H’s radar over the last seven days: taking apart Samsung’s Smart TV software, phone scammers with their own hotline, tricking malware with Vaccination, Qualcomm is pre-installing Kaspersky on Android phones, and Twitter account security.
  • U.S. government becomes ‘biggest buyer’ of malware
    Amid a growing battle between federal government agencies and hackers, cyberwarriors, and cyber-enemy nation states, the U.S. is ramping up its malware stockpile to ‘hack back’ at those who attack it.
  • It’s official: Password strength meters aren’t security theater
    If you’ve ever been nagged about the weakness of your password while changing account credentials on Google, Facebook, or any number of other sites, you may have wondered: do these things actually make people choose stronger passcodes? A team of scientists has concluded that the meters do work—or at least they have the potential to do so, assuming they’re set up correctly.
  • Updated data shows prevalence of Java malware in 2012
    From Microsoft: Recently we released the Microsoft Security Intelligence Report volume 14. The report initially presented data showing reduced Java malware detections in Q3 2012 and gaining prevalence in Q4 of 2012. During a later review of the backend data, we found that we were missing some detection counts from our initial calculations. We have revised the data.
  • Rising risk of cyberattacks on U.S. companies tests public-private collaboration
    A cyberattack could disrupt the companies that provide critical infrastructure services in the U.S., a government agency warns. The challenge? They’re in the private sector.
  • DDoS Services Advertise Openly, Take PayPal
    The past few years have brought a proliferation of online services that can be hired to knock Web sites and individual Internet users offline. Once only found advertised in shadowy underground forums, many of today’s so-called “booter” or “stresser” services are operated by U.S. citizens who openly advertise their services while hiding behind legally dubious disclaimers.

TinyHacker Links

How-To Geek Weekly Article Recap

Geeky Goodness from the ETC Side

Daily App Downloads

How-To Geek Weekly Trivia Roundup

One Year Ago on How-To Geek

How-To Geek Comics Weekly Roundup

Akemi Iwaya is a devoted Mozilla Firefox user who enjoys working with multiple browsers and occasionally dabbling with Linux. She also loves reading fantasy and sci-fi stories as well as playing "old school" role-playing games. You can visit her on Twitter and .

  • Published 05/19/13
More Articles You Might Like

Enter Your Email Here to Get Access for Free:

Go check your email!