Firefox 'riddled` with security flaws

A pair of hackers demonstrated at this year`s ToorCon that Firefox is loaded with security flaws, reports ars technica.

Mischa Spiegelmock and Andrew Wbeelsoi used a session at the show to highlight what they have called "a complete mess" that is "impossible to patch" in Firefox`s JavaScript implementation, the report says.

According to the hackers, the implementation is home to at least 30 possible exploits. They have, however, declined to give full details of the possible exploits, leaving Mozilla a bit in the dark. Mozilla`s head of security, Window Snyder, indicated Mozilla believes the exploit to be real.

Remote XT has developed a security system for cellphones which sets off a high-pitch scream, permanently locks the handset and wipes all data if stolen, reports CNET News.

The report says the security system works by installing software onto the operating system of the phone, which is then activated via a call to a call centre once users realise their phone has been snatched or lost.

"It makes a loud squealing noise which is enough to distract a restaurant if it went off and it completely locks the phone," said Remote XT MD, Mark Whiteman.

Toshiba`s Storage Device Division has released an HD-DVD writer for integration into mobile PCs. It enables notebook PC users to write high-definition video content while enjoying backward compatibility with all DVD and CD formats, reports EETimes.

The SD-L902A, which integrates a blue-violet laser diode to read and write HD DVD-R discs, supports high-density HD DVD-ROM discs, including high-definition movie and video images, the report says.

The drive can also read and write standard DVD and CD discs.

Computer code that exploits a flaw in Apple Computer`s Mac OS X was released over the weekend, reports CNET News.

The code takes advantage of a weakness in core parts of Mac OS X and could let a user gain additional privileges, the report says.

"The risk presented by this exploit is limited by the fact that it can only be exploited by a logged-in user, although the user may also be logged in remotely," said Dino Dai Zovi, a researcher with Matasano Security, who was credited by Apple with discovering the flaw when the patch was released.