I love how the news jumps on shit before confirming it.

Here is the story from Ars Technica

Firefox is loaded with security flaws, according to a hacker duo that presented at this year's ToorCon. Mischa Spiegelmock and Andrew Wbeelsoi used a session at the show to highlight what they have called "a complete mess" that is "impossible to patch" in Firefox's JavaScript implementation. According to the pair, the implementation is home to at least 30 possible exploits, all of which they plan to keep to themselves. CNet's Joris Evers brought the story to light this past weekend, but reports are surfacing everywhere.

Here is the Mischa Spiegelmock's repsonse as posted on the mozilla developer network site.

Update: Possible Vulnerability Reported at Toorcon

We got a chance to talk to Mischa Spiegelmock, the Toorcon speaker that reported the potential javascript security issue referenced earlier. He gave us more code to work with and also made this statement and agreed to let me post it here:

The main purpose of our talk was to be humorous.

As part of our talk we mentioned that there was a previously known Firefox vulnerability that could result in a stack overflow ending up in remote code execution. However, the code we presented did not in fact do this, and I personally have not gotten it to result in code execution, nor do I know of anyone who has.

I have not succeeded in making this code do anything more than cause a crash and eat up system resources, and I certainly haven't used it to take over anyone else's computer and execute arbitrary code.

I do not have 30 undisclosed Firefox vulnerabilities, nor did I ever make this claim. I have no undisclosed Firefox vulnerabilities. The person who was speaking with me made this claim, and I honestly have no idea if he has them or not.

I apologize to everyone involved, and I hope I have made everything as clear as possible.

Sincerely,

Mischa Spiegelmock

Katie dropped off a box of letters that came to the 444. In them was a letter from UB dated Sept 21st that said they regret to inform me that I was removed from the list of graduation candidiates. So after freaking out for 5 minutes, I called them up and they said it was a mistake and that I really am graduating. I am so glad it is really over. For a minute I thought I was going to have to go back to UB. Frankly, I never want to see UB again. (e:shawnr) IMed me about something similar the other day. I wonder if his was a mistake too.

I got a new light fixture for my office at Royalite on Maple. It looks so much better now. The old one was so messed up. I switched to a new camera app for my phone, it takes such better quality pictures which proves its all in the software.

This was the old light fixture.





The new one.







We went to linens and things. We didn't use the coupon my mother gave me because it expired on Sept 6th. My mother apparently told me they accepted expired coupons but I forgot that part.



Curtains are ridiculously expensive. It is ridculous that they come in panels and not in pairs. (e:matthew) really wants this mirror but we had to draw the line somewhere


Wow the camera gets good details.

Apparently, if you get a letter saying you are COMMAND TO APPEAR IN COURT, it is not that important. The prosecutor said no one ever shows up for something like this. I assumed commanded meant that we had to show up but the police man said we were not material witnesses, eaning there would be punishment for not showing up. I guess I do not watch enough crime drama.

I a glad I went because I just wanted to know who the dude was. The dude who robbed the credit card from my house was in fact the dude that asked me and (e:mike) for money when we were leaving the house. The story was that he need $4 to get to Medina. Not as bad as the woman who stopped by to ask for $35 twice on Sunday. They had to drop the felony charges because the police office searched him without a warrant when he found our credit cards.

The police officer said that he is from a whole crime family but in a crackhead not clamorous mafia way like my own. I am wondering if his brother is the guy who asked us if we were keeping the plants in our living roo today. Maybe, he was forshadowing to when he removes them!

I bought a new chair. It was great from the scratch and dent section at FWS. I also bought the rug for the Lisa Wist Room. I hope that white shag is appropriate for the room. (e:matthew) said it is tacky italian.







Sneak preview of the rug rolled up



The windows finished



And (e:matthew) painting.



We bought the paint at Value and it was mixed wrong so that of the five cans of the same color, none of them were excatly the same. They said we should have known to mix them ourselves, but frankly, I never had this problem at home depot where they use a computer to mix instead of a human. Is it worht the additional $7 - maybe it is because now we have to repaint a huge section of the house tonight. Luckily, they are giving us new paint free and mixed into a five gallon container.

::Download Flash Video::

(e:terry) and I cleaned out and painted the former blue room and made it into the green room in honor of (e:twisted)'s arrival. I tried to style it in a way that I thought she would like. I am going to go get carpet tonight, finish painting and scarping the paint off the windows, and repairing a rather large hole in the way that the former owner's son cut in the wall to fit his monitor on his desk. Who does shit like that? I seriously spent about 30 hours scraping the texture paint, painting, and spackling this room over the weekend. You have no idea how much we have painted. (e:mike) helped scrape the crunchy texture paint off the main hall walls.





While searching for what caused some water damage in the past of the 3rd floor hallway we found that there is a trap door out onto the roof. We wanted to go out here yesterday but couldn't because of the high wind. It seems as though my vision of a third floor roof porch ay happen after all. There is a ~ 20 foot square flat area right on top of the roof. I had to get up there anyways in order to remove a baby tree that decided to try and grow in our fireplace.



It seems as though the trap door was leaking at some point in the house's history and the water cause massive damage before anyone noticed. It seems like such a simple problem to let get out of control, but I guess for anyone not spry enough to climb around in the rafters it might seem like a bigger problem. I cannot wait to finish the non-finished part of the attic. It seems capable of supporting an additional floor/loft as a fourth floor? The ceilings are about 30 feet high in the middle.



Here is where the damage was the worst, there were even some dried up mushroom like in the crack mansion down the street. Thank god it is all dried up and fixed. I wonder when the damage occurred and how long it took some one to notice. The problem caused damage two floor down. The damage all seems fixable.