Firefox Critical update - get it now!

From Mozillazine

More Details on Arbitrary Code Execution Vulnerability
Monday May 9th, 2005

Yesterday, we reported that an arbitrary code execution vulnerability has been discovered in Mozilla Firefox. Today, the Mozilla Foundation published an advisory, MFSA 2005-42, which we urge all our readers to examine carefully. In summary, there are two separate issues that can be combined to execute arbitrary code on a victim's computer: one relating to JavaScript code injection and another involving the icon URL used in the software installation dialogue. However, as described below, the potential for arbitrary code execution is no longer a threat for most users.

The first flaw is less serious, though it can potentially lead to sensitive data being stolen and makes the second flaw easier to exploit. The vulnerability allows a malicious site to use frames and JavaScript to inject arbitrary JavaScript code into another site. This allows the malicious site to steal data like cookies or perform actions such as launching the software installation dialogue without being on the user's software installation whitelist (note that this does not allow software to be installed without user intervention). This flaw affects both Mozilla Firefox and the Mozilla Application Suite and can be eliminated by disabling JavaScript.

The second flaw is more serious and involves the software installation dialogue, which is used to ask the user if they wish to install software (such as an extension) from a website. In Mozilla Firefox (but not the Mozilla Application Suite), this dialogue can include an icon, which is supplied by the site as a URL to an image file. Due to insufficient checking, this icon URL can actually be a piece of JavaScript code, which is run with no further prompting. As this code actually runs from the software installation dialogue, rather than a webpage, it is executed with 'full chrome privileges', meaning that it can do anything that the user running Firefox can, including installing software or deleting files. This is the more serious flaw, allowing arbitrary software execution, and only affects Mozilla Firefox. It can prevented by disabling software installation.

On its own, the second flaw can only be exploited by a site on the user's software installation whitelist. However, a malicious site can combine the first and second attacks to execute arbitrary code if it knows the details of one of the sites on the whitelist. In a standard Firefox installation, only the Mozilla Update sites (update.mozilla.org and addons.mozilla.org) are on the whitelist by default. This has allowed the Mozilla Foundation to apply a server-side change that prevents attackers from exploiting the code execution flaw using its systems. Therefore, if you have not added any additional sites to the whitelist, you are not at risk from the code execution exploit and have not been since yesterday. However, you will still be vulnerable to the less serious JavaScript injection flaw.

The server-side change to Mozilla Update and the workarounds described in MFSA 2005-42 (if you still haven't read it, please do) are temporary measures. We understand that the Mozilla Foundation is currently testing builds that include a better fix for this problem, so we expect that a security update will be issued shortly.

In short someone out there can install code using Firefox that can install programs unknown to you. To fix it go to the Firefox update page and download version 1.04.

You want to keep up with your web browsers homepage at all time to be aware of any updates. To keep your computer safe you have to be proactive. This is you neighborhood Internet superhero signing off...

Tommie Hu$tle presents - Cribs Iraqi style: Frat House

The single most often asked question I get is where/how do you live so I'm starting a new edition called Cribs. As some of you may know I travel the country a lot and I live in very different environments and locations. I've sat on actually sending up pictures of these places just becasue I didn't have the energy to actually snap a picture.


So let me introduce you to my Cribs. This place is known as the Frat House it is probably one of the better locations becasue it is isolated from the Marines and Soliders and it give us a bit of peace and quiet as well as atomony. It is also rare becasue it is an old Iraqi hangar usually they dole these out to their pet units. The Marines don't care about Civilians at all and would just as likely have us sleeping on dirt rather than give us a proper area for working. I hope we can keep this place but I'm sure some wide-eyed Lt is going to want this place for their own playground. It's only a matter of time.




This is the entrance. If you look at the very top that's where I usually am when I'm making a call back home. It has some damn good reception when I'm out here.


This is the office and living area. As you can see. it has stairs to the top floor. We haven't decided how to properly utilize that top area but, I'm sure we will in the near future. One thing is that we have to clean the place up ourselves and there is a lot of junk up there and we don't have the manpower or incilnation to want to clean it up so...


This is where I sleep. This is not my main location so it is pretty threadbare. I'm only here mostly to lay my head.


This is the other side of the office/room not much to it but again this isn't my main place so I just use it to set up. The door over there that says "Point of no Return" There is a service closet that is back there but, I'm not pressed to go back there figuring what I've had to deal with in the past.


This is a projector bay. We use this to test the projectors after we get done cleaning the optics. The test is usually to play video games or watch a movie. Yes, it may sound like fun to you but it isn't we do that so we can stress test the projectors as far as keeping it running for a long time and testing the colors to make sure that the images are clean. I'm sure we could plug a laptop up to it and run a screen saver for 4 hours but what fun would that be?




This area here is connects to another field engineer's office as you can see it as a cargo container and a fan set up next to it. We use the fan and the cargo container to create a vaccuum that way we can clean the equipment a bit better.



This is the entrance to the batcave. We call it the batcave because actual bats live down there. Or they used to, on Marine while he was down there running wire killed a damn bat and the other two left as a result we have had an increase of rodents and insects in this area. It is a true example of the ecological system. But once we get the area down there cleaned up (and for me that mean throwing about 10 fumagator cans down the hole and see what happens) I'm not taking a step into that creep hole.

And that ladies and gentlemen is the Frat House, our next slide show will be of the Alamo.

God my head hurts so bad

I got caught out in the middle of probably the worst sandstorm since I have been here. Sandstoms are horrible because they kick up sand that you have to breath through to get air. As a result of all the sand you get less oxygen, less oxygen equals less life. You can see where I'm going with this. We were caught out without our masks and were forced to breath pure cane sand for hours. My sinuses were KILLING me I mean I seriously wanted to cry because I was in so much pain. I had to lay down and try to go to sleep.

Anyone that knows me, knows that I don't like to take drugs of any kind. However last night I had to down a few sleeping pills so I could pass out from the pain. It was that bad.

Here is a picture of the inside of the sandstorm.

Good feeing, bad feeling, worse feeling

Good Feeling - Taking a shower

Bad Feeling - Watching live bugs fall off your naked body

Worse Feeling - Wondering how long said bugs have been on your body.



Just another day in Pardise.

I am the traveler

As part of my job I travel a great deal. It is wild I was talking to one lady and I had Al Asad on it. It is one of the places I have been too. She was asked me if I had been there and she was excited to share with me that she had been there once.

Then it dawned on me that I travel at a rate that is MUCH greater than the average American in Iraq. Most people here go to one base and they stay there the entire time they are stationed here.

When I think about it am very traveled its funny I'll always hear about things in the news about this location or that location and I know exactly what and where they are talking about. Most people in country that couldn't tell you that.

It's kinda neat to know about those things.

This is Tommie - Playa Playa

Well the summer came and I was already set with school and senior year was basically a cakewalk I had already met all my requirements for graduation except my last year of English so I was just at school for fun. Well during the summer she wanted to try to convince me to go to Dartmouth with her. The more she talked about it the more I didn't want to hear that shit. I was like you could have it and it was in cold weather city too? Fuck that.

During that summer I started messing around with some of the girls that worked at Kroger with me nothing serious but it was just to do it. The thing about it was I could do it. I was truly amazed that more than one girl could like me at one time. I realized if I could wrap some broad up in a story that I pulled out of the air they ate it up. So I started becoming more of a storyteller. They tell me that my Granddaddy Freddie was a storyteller and he’d sell a freezer to an Eskimo. I guess I was the guy that came back around and sold them ice cube trays by the gross.

J and I hooked up with this other cat named B AKA Capt. Curfew this kid was cool as hell and he went to Riverdale and he had a lot of girls but this kid had to be home at 11:30 on the dot. He would get you in the all the cool parties but we had to leave at 10:30 if we were with him. By the mid summer time I had broken the will of my parents and I could stay out till midnight but to get to the parties you had to ride with Bobby. Plus my folks would let me ride with Bobby because they knew I'd be home at 11:00 every time we went out. I think they were secretly paying him off. Between hanging with B's friends at Riverdale and J’s friends who went to Bannaker I was getting known. This was a feeling I never had known before I liked it. I still wasn't cool but I realized that I could be if I worked at it. Daria didn't like what I was turning into because I was hanging with people that she didn't like because they were "cool".

Well we made it to senior year and I was wild I had little freshman and sophomore girls that had crushes on me I was eating it up. I still was in a relationship and no one at my school knew I was messing around off. I'd had seen too many relationships fuck off in school by people messing with girls in at school. Girls at my school were persona non grata. I mean there was this one girl I liked named in my class but I never had the stones to talk to her or to break up with Daria. As much as a killjoy as she was becoming she was still my best source of booty on top of that I didn't want to hurt her feelings. I knew how that felt,

Well that didn't last long.

There was some dance that we were supposed to go to and her Mom dropped her off and I was supposed to go and take her home. Well Bobby knew of a party on the other side of town that was going to be the shit. Well Bobby never came short when it came to the ladies so I figured that I'd go there for an hour and then go to the dance. I would have been late but I still would have been cool. Well we get to Bobby's party and these chicks were fucking awesome they were sexy/slutty as hell I would suspect that 87% of those girls had career plans that involved a pole. The other 13% were heading straight to porn. Well you how time goes when you are having fun. So we Capt. Curfew has to go home and then I realize that I have left Daria at the dance all night. Whoops. Well I rush over to the school where the dance was and the school was pitch black. The dance had been over. I get home and my folks just looked at me so disappointed they weren't mad because I got home before curfew but, they couldn't believe that I would have done Daria like that. It was a shitty thing to do. I knew that then so I called her and you could tell she had been crying so she tells me she doesn't want to talk and hangs up the phone. Now I've done it. So I go to school the next day and it's like the walk of shame. Daria didn't want to talk me and on top of that EVERYONE was there so EVERYONE knew I stood her up. I mean she knew I wasn't at work. My folks didn't know exactly where I was. No one knew where I was and I couldn't say I went to a JR. stripper party. So I told her I was hanging with my boys. Well that didn't go over too well.

She calls me at home that evening at home and tells me she is breaking up with me. I start pleading my case and she wasn't hearing it. She hung up on me and I felt so low I remember being at the dinner table and choking up. I asked if I could be excused from the table so I could grieve in peace and my Dad said you are excused and on my way out I could hear my folks laughing at me.

Oh the shame.

Now then this is a real holiday worth celebrating.

Brazilian Town Declares Orgasm Day

Mon May 9, 4:34 PM ET

RIO DE JANEIRO, Brazil - Sex rarely makes the news in Brazil's conservative Northeast — until a small town declared an official Orgasm Day on Monday.


Espertantina Mayor Felipe Santolia endorsed the May 9 holiday, which he said was intended to improve relationships between married couples.

"We're celebrating orgasm in all its senses. There's even a panel discussion on premature ejaculation. But from what I've seen, women have more trouble achieving orgasm than men, especially in marriage," Santolia said by telephone from Esperantina, 1,300 miles north of Rio de Janeiro.

Santolia said the remote town of 38,000 people has been unofficially celebrating orgasm day for years, but that the town's former mayor had vetoed a bill making it an official municipal holiday.

The city council passed a law Saturday creating the holiday. Santolia, who took office earlier this year, said he would sign the bill later Monday.

"I'm 32, single and I have an open mind. Beside the theme is very much of the moment," he said.

Orgasm Day celebrations include a series of panel discussions by sexologists from across Brazil and a presentation of Eve Ensler's play "The Vagina Monologues."

Santolia said the idea of celebrating Orgasm Day at first created a scandal in this poor region, known for its religious fervor. But he said residents gradually residents warmed to the idea.

"I've seen scientific studies that show when a woman is unloved, when her husband can bring her to orgasm, it affects all aspects of her life, her relationships with her children, at home, with the city and at work," Santolia said.

I try and celebrate this holiday as often as possible all for scientific research of coures

*Books ticket to Brazil for next year*


This post is Cimarron approved.

This is Tommie - First love/first chip.

It finally came and I was out like a bat out of hell over to my girlfriend's house. You know how it goes. Oh I miss you baby, I miss you too. Oh you smell so good baby, you smell so good too. You know how that goes I mean we went back to having sex all the time but I bet you I was home on time (well with in 15 minutes of my time) or I called. Really all you had to do is call and you could get some more time. So it worked out cool my Dad and I still got into it. However, I knew there was a limit. I would say things like I can't wait to get out of here and he would say I can't wait till you leave.

Well having a car as you know puts you up one on the social scale so now girls were starting to pay attention to me. On top of that I had a girlfriend for about a year so in high school I was beginning to reach cute status. One thing I have learned is that women only like men with women. You might as well cut your dick off if you don't have the appearance of a woman because you won't be using it.

Girls would flirt with me every now and again and sometimes they would show up to my job. I'm getting a serious high off of this action I hadn't stepped out at this point simply because I didn't know at the time how easy it was to have sex. I thought it was some magical event so I said might as well stick with what I know.

The thing about Daria was that she was competitive in academia and she always had to be the smartest, well so did I. In 11th grade that's when you start thinking about what college you are going to go to. So now our conversations started to be less about us and more about the grades you got in Calculus or Advanced Placement History. We stopped being lovers (if you can be that at 17) and started being competitors. Well I was having too much fun being a boyfriend she turned the fun dial down a notch and the summer was coming up. So anyways I knew I wanted to go to the University of Miami (in Florida) for their architecture program and she was willing to entertain going to U of M. So she when with my parents and I to some function they had in Atlanta for potential students I send in my application and I think I was already accepted and I had a scholarship for their architecture program I just had to keep a 3.0 average.

Well she was totally unimpressed U of M wasn't good enough for her or "us". I'm thinking , have you gone batshit insane! This is the University of MIAMI in MIAMI, Florida. You don't have to like it it's in Miami.

She wanted "us" to go to an Ivy League school. See we had totally divergent lifestyles she grew up around all Blacks who didn't like her because she acted "white" I grew up around all whites that didn't like me because I was "Black" this was around the first time in my life I was being accepted for being me. I refused to go back to living the life of a second-class citizen so that was the first chip in our relationship.

The good days

Believe it or not there are good days here in Iraq. For example I love calling my family. I love the sound in their voice when they hear from me. Especially my Mom. She is so excitable and sounds like a little school girl whenever she picks up the phone. That always feels good.

My Dad, he tries to be smooth and all fatherly and stuff but you can hear it in his voice too. I like talking to my Dad, he always has something wise to say and because he is one of the few people that I know that likes to discuss current events, religion, philosophy, money, all those things it's nice to have a conversation with him not just as a Dad but as a man. It's cool to know someone like that.

My Brother, he's cool too. I mean when he isn't at Kirklands picking up a wicker toilet brush he's funny too. Like my Dad I can talk to him about the same things but we often get to talking about our first love, cars. But, it's always nice to talk to him becasue he always has something funny to say.

And the there are the days here in Iraq when you get that panic "emergency" call when the whole place has gone to shit and you are the only person that can fix it. It's great to be able to go into this places armed only with your mind and a screwdriver and with that you can get the war back up and running. What I like about it most is that the people, the Marines, that I help are genuinely thankful for the work that I do. I mean to me it is really nothing it just part of the job and I get paid to make them look good. But, to them it's more than that, they depend on the systems I support and it's really do or die for someone somewhere. It is nice to do a good job and be appreciated for doing that job. I've never really worked a job where you get that gratification for doing a good job and knowing that what you are doing is good.

It is nice. I like it.

Today is a glorious day!

Ahhh, they finally reopened the showers! Man this feels great, I didn't know I could feel this clean. I didn't know there was this much clean to be had.