Web browser anonymity threats

Anonymity in important for many people. Few years ago, it was problematic issue only for hackers, human rights workers and anonymity freaks. They want to keep they identity in secret for obvious reasons. They were traced only by law enforcement agencies and government. Today everything is much more difficult. Hundreds of advertising agencies trying to reveal identity of people to target their commercials better.

Web browser can give them so many information. For example in which languages you speak (browser shares your language preferences with sites you visit)., in which city you live (this can be obtained from IP), how big is your computer display (web page can get your display resolution), what video player or office suite you have installed (they can query installed browser plugins) and much more...

Continue reading "Web browser anonymity threats"

O tym jak to Chuck Norris skopiował dane z Naszej Klasy na dyskietkę

Hacking.pl opublikował artykuł Nasza-Klasa.pl – pobierz sobie dane milionów Polaków. Zasugerowano w nim, że każdy może pobrać dane wszystkich użytkowników Naszej-Klasy. Na alarm uderzył również Dziennik Internautów i Computerworld. Wszyscy zwrócili uwagę na fakt, że prosty robot internetowy może skopiować strony z portalu, przefiltrować ciekawe informacje i zapisać je na dysku. Niestety większości umknął jeden ważny problem… czas potrzebny do skopiowania 8 milionów stron.

Continue reading “O tym jak to Chuck Norris skopiował dane z Naszej Klasy na dyskietkę”

Apache suEXEC support for PHP scripts without FastCGI

suEXEC feature provides Apache users the ability to run CGI programs under user IDs different from the web server user ID. Normally, when a CGI program executes, it runs as the same user who is running the web server. In most configurations PHP scripts are handled by mod_php and cannot suEXEC. After switching to php-cgi we are able to use suEXEC.

Continue reading “Apache suEXEC support for PHP scripts without FastCGI”