Thursday, July 23, 2009

Mozilla Foundation

The Mozilla Foundation is a non-profit organization that exists to support and provide leadership for the open source Mozilla project. The organization sets the policies that govern development, operate key infrastructure and control trademarks and other intellectual property. It owns two taxable for-profit subsidiaries: the Mozilla Corporation, which employs several Mozilla developers and coordinates releases of the Mozilla Firefox web browser, and Mozilla Messaging, Inc., which primarily develops the Mozilla Thunderbird email client. The Mozilla Foundation is based in the Silicon Valley city of Mountain View, California, USA.

The Mozilla Foundation describes itself as "a non-profit organization dedicated to preserving choice and promoting innovation on the Internet". Mozilla Europe, Mozilla Japan and Mozilla China are non-profit organizations whose mission is to help promote and deploy Mozilla products and projects. They are independent of, but affiliated with, the Mozilla Foundation.

Mozilla Corporation

On August 3, 2005, the Mozilla Foundation launched a wholly owned subsidiary called the Mozilla Corporation to continue the development and delivery of Mozilla Firefox and Mozilla Thunderbird. The Mozilla Corporation takes responsibility for release planning, marketing and a range of distribution-related activities. It also handles relationships with businesses, many of which generate income. Unlike the Mozilla Foundation, the Mozilla Corporation is a taxable entity, which gives it much greater freedom in the revenue and business activities it can pursue.

Monday, July 13, 2009

Web application Technology

Server 50938

Global Media Technology World Sphere

Icon Button Set For Navigation

Background, Business, Businessman, Caucasian, Cellphone

The internet shorthands

Tuesday, July 7, 2009

Hacker breaks into Ecuador’s presidential website

Quito, Feb 11 (IANS) An investigation has been launched to find the hacker who broke into the website of Ecuador’s presidential office while it was undergoing maintenance, senior officials have said.

“Unscrupulous persons managed to enter the website and leave messages that had nothing to do with the national government,” said Carlos Medina, a member of the presidential communications office, Spain’s EFE news agency reported Monday.

The unidentified hacker entered the presidential website Saturday.

“We are currently conducting the necessary investigations to find out who was responsible,” Medina said.

According to media reports, the message left by the hacker on the presidential website expressed support for Ecuador’s President Rafael Correa and condemned corruption on the part of Jaime Nebot, the best-known opposition leader and mayor of Guayaquil, the largest and most populous city in the country.

However, the authorities quickly clarified that the message which appeared on the website did not represent the views of the government.

Monday, June 29, 2009

Web Application Security Consortium

It can be Web Application Security Consortium (WASC) is in search of contributed 'Guest Articles' by industry professionals on the latest in trends, techniques, defenses, best practices and lessons learned relevant to the field of web application security.

The value of web application security has very much increased in recent years due to the exponential increase in threats plaguing the application layer of the network. To properly protect systems from application-level attacks, the understanding of today's issues has never been more critical. It's imperative the industry work together by sharing first-hand experiences to combat the growing number of issues. Your contributed articles will assist in the advancement of the field of web application security and the education of the issues we all face.

Contributed articles may include industry best practices, technical information about current issues, innovative defense techniques, etc. NO VENDOR PITCHES OR MARKETING GIMMICKS PLEASE. We are only soliciting concrete information from the experts on the front lines of the web application security field.

Goals & Objectives provide a venue for the information security community to publish and obtain up-to-date web security content.

Our readers are very important to WASC. The readers come from a wide range of professional backgrounds and have a high expectation for quality educational material. As such, WASC contributed articles are not to be used as a venue for marketing purposes. Articles are assumed op-ed; they should be succinct, and direct while presenting details and solutions.

Monday, June 22, 2009

Web Security Mailing List

Web Security Mailing List is an open information discussion for discussing topics applicable to web security. Topics include, but are not limited to, industry news and technical discussions hard by web applications, proxies, honey pots, new attack types, methodologies, application firewalls, discoveries, experiences, web servers, application servers, database security, tools, solutions, and others.

The Web Security Mailing List is maintained by the Web Application Security Consortium (WASC)

The Web Application Security Consortium (WASC) is an international group of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon best-practice security standards for the World Wide Web.

As an active community, WASC facilitates the exchange ideas and organizes several industry projects. WASC consistently releases technical information, contributed articles, security guidelines, and other useful documentation. Businesses, educational institutions, governments, application developers, security professionals, and software vendors all over the world utilize our materials to assist with the challenges presented by web application security.

Monday, June 15, 2009

File Server Application

In computing, a file server is a computer attached to a network that has the primary purpose of providing a location for the shared storage of computer files (such as documents, sound files, photographs, movies, images, databases, etc.) that can be accessed by the workstations that are attached to the computer network. The term server highlights the role of the machine in the client-server scheme, where the clients are the workstations using the storage. A file server is usually not performing any calculations, and does not run any programs on behalf of the clients. It is designed primarily to enable the rapid storage and retrieval of data where the heavy computation is provided by the workstations.

History of file servers

In the mid-1980s enterprises became increasingly interested in ways to connect a rapidly growing population of personal computers. Novell proposed an approach using software to connect each workstation to a network file server that would manage both the network and access to network resources. At the same time 3Com Corporation was creating Ethernet adapter cards, building hardware connectivity needed for such approach.

Novell grew upon the strength of its Netware operating system, used for file serving, and by the late 1980s had a 50% market share of local area networks. Seeing the potential growth in this arena IBM and Microsoft both introduced their own file server strategies.

Twenty years after its peak, Novell and 3Com have virtually disappeared from the Server market; today disk servers (a NAS or a SAN) supplied by one of the leading vendors such as EMC or NetApp are typically attached to a file server running the Microsoft Windows or Linux operating systems. Large data centers, that serve millions of customers (such as Google's), run server farms on specialized equipment with large, complex operating systems.

Thursday, June 4, 2009

Server application

A server is any arrangement of hardware or software designed to present services to clients. When used alone, the term typically refers to a computer which may be running a server operating system, but is commonly used to refer to any software or committed hardware capable of providing services.


The word server is used quite generally in information technology. Consider the multi platform software known as the "Apache HTTP Server". This software runs on many modern computers which may not normally be called servers (like laptops for instance), but the host computer is also a server. particularly, the combination of the
Hardware computer and the Apache software can be called a web server.

Inside the hardware sense, the word server classically designates computer models intended for running software applications under the heavy demand of a network surroundings. In this client-server configuration one or more machines, either a computer or a computer appliance, share information with each other with one acting as a host for the other.

While nearly any personal computer is skilled of acting as a network server, a committed server will contain features making it more suitable for production environments. These features may include a faster CPU, increased high-performance RAM, and typically more than one large hard drive. More obvious distinctions include marked redundancy in power supplies, network connections, and even the servers themselves.

Among the 1990s and 2000s an increase in the use of dedicated hardware saw the arrival of self-contained server appliances. One well-known creation is the Google Search Appliance, a unit which combines hardware and software in an out-of-the-box packaging. Simpler examples of such appliances include switches, routers, gateways, and print server, all of which are available in a near plug-and-play configuration.

Friday, May 29, 2009

Object animation

Object animation is a form of end movement animation that involves the animated movements of any non-drawn objects such as toys, blocks, dolls, etc. which are not fully malleable, such as clay or wax, and not planned to look like a identifiable human or animal nature.

Object animation is measured a different form of animation distinct from model animation and puppet animation, as these two forms of stop-motion animation usually use recognizable characters as their subjects, rather than just objects like static toy soldiers, or construction toys such as Tinker Toys, LEGO brand bricks (Brick film), Lincoln Logs, Erector Sets, Play Mobil, etc.

Object animation is frequently combined with other forms of animation, usually for a more realistic effect (e.g., Model Animation or Puppet Animation to add more complex movement or depth to the characters). For example; A toy car can be animated, but is more often animated with a character easily seen driving the car.

An example of present object animation can be seen on Robot Chicken, part of the regular Adult Swim block on the Cartoon Network, which combines object animation with a variation of puppet animation, in this case the puppets are made to resemble plastic action figures from various TV shows, movies, and pop culture.

Wednesday, May 20, 2009

Traditional animation

Traditional animation was the process used for most animated films of the 20th century. The individual frames of a traditionally animated film are photographs of drawings, which are first drawn on paper. To create the illusion of movement, each drawing differs slightly from the one before it. The animators' drawings are traced or photocopied onto transparent acetate sheets called cels, which are filled in with paints in assigned colors or tones on the side opposite the line drawings. The completed character cels are photographed one-by-one onto motion picture film against a painted background by a rostrum camera.

The traditional cel animation process became obsolete by the beginning of the 21st century. Today, animators' drawings and the backgrounds are either scanned into or drawn directly into a computer system. Various software programs are used to color the drawings and simulate camera movement and effects. The final animated piece is output to one of several delivery mediums, including traditional 35 mm film and newer media such as digital video. The "look" of traditional cel animation is still preserved, and the character animators' work has remained essentially the same over the past 70 years. Some animation producers have used the term "tradigital" to describe cel animation which makes extensive use of computer technology.

Monday, May 11, 2009

custom web application development

Webworld Experts can develop customized web applications that are more useful than just a nice looking websites and customize the web applications to guarantee quality, competence and rapid development. Our web application development team brings experience in virtually all major platforms and environments to your custom applications.We can develop powerful web applications customized with features such as content management, shopping carts, forums, affiliate management, add/banner management, and much more.

We believe that clearly defined purpose and a careful planning are the keys to successful web application design and development, particularly when work is being done by a web application development team.After successful web application development and delivery of the project, as an after sale service offer, we also provide maintenance and minor changes of the web application at no cost. It is something which distinguishes us from other web development firms, and thus helps us deliver custom website solutions to all our customers.

Monday, May 4, 2009

Pesticide Disposal

How to get rid of excess or unused pesticides, fungicides, rodenticides, and herbicides.

Summary of Federal Requirements

Waste or excess pesticides must be disposed of as either hazardous waste or universal waste.

Disposal as a universal waste is only possible if they are pesticides that are either:

  1. recalled pesticides that are stocks of a suspended and canceled pesticide that are a part of a voluntary or mandatory recall under FIFRA Section 19(b), including, but not limited to, those owned by the registrant responsible for conducting the recall,
  2. the total amount of the restricted-use pesticide that was applied
  3. recalled pesticide that are stocks of suspended or canceled pesticides, or a pesticide that is not in compliance with FIFRA, that are part of a voluntary recall by the registrant, or
  4. stocks of other unused pesticide products that are collected and managed as a part of a waste pesticide collection.

FotoVision Web Application

Different pages on the website

Web Application Overview

FotoVision Overview

Monday, April 27, 2009


The Slideshow is a modern concatenation of "Slide Show". A slideshow is a display of a series of chosen images, which is done for artistic or instructional purposes. When Slideshows conducted by a presenter using an apparatus, such as a carousel slide projector, an overhead projector or in more recent years, a computer running presentation software. The term originates from the use of slides which have been around for many years. Slides originally were projected on movie theater screens by magic lanterns as part of the program of early moving picture shows.

A well organized slideshow allows a presenter to lend visual images to an oral presentation. The old adage "A picture is worth a thousand words" holds true, in that a single image can save a presenter from speaking a paragraph of descriptive details. As with any public speaking or lecturing, a certain amount of talent, experience, and rehearsal is required to make a successful slideshow presentation.

Wednesday, April 15, 2009

Web operating system

In metacomputing, WebOS and Web operating system are terms that describe network services for internet scale distributed computing, as in the WebOS Project at UC Berkeley, and the WOS Project. In both cases the scale of the web operating system extends across the internet, like the web.

However, the terms WebOS and Web operating system have been employed more broadly and with far greater popularity in the context of "the web as in HTTP", and for many meanings ranging from singular systems to collections of systems. In April 2002, Tim O'Reilly spoke of "the emergent Internet operating system" as an open collection of Web services.

Common to uses for collections of systems, a Web operating system is distinct from Internet operating systems in that it is independent of the traditional individual computer operating system. This conception of the system reflects an evolution of research in the field of operating systems into the increasingly minimized (for example, TinyOS and Exokernel) and distributed (for example, Inferno), and for distributed systems increasingly defined in terms of the specification of their network protocols more than their implementations (for example, Plan9's 9P).

Monday, April 6, 2009

HTTP cookies

HTTP cookies (also referred to as Web cookies, tracking cookies, or cookies) are small text files containing a user's settings and other data used by websites, and are stored on the user's computer. They are transmitted as parcels of text sent by a server to a Web client (usually a browser) and then sent back unchanged by client each time it accesses that server. HTTP cookies are used for authenticating, session tracking (state maintenance), and maintaining specific information about users, such as site preferences or the contents of their electronic shopping carts.

The term "cookie" is derived from "magic cookie," a well-known concept in UNIX computing which inspired both the idea and the name of HTTP cookies. Some alternatives to cookies exist, but each has its own uses, advantages, and drawbacks.

Monday, March 30, 2009

Speed up ur Acrobat Reader

1. Go to the installation folder of acrobat reader
(C:\program files\adobe\acrobat\reader\.. whatever)

2. Move all the files and folders from the "plugins" directory to the "Optional" directory. (I repeat.. cut and paste the files NOT copy & paste).

Also make sure that acrobat reader is not open else it will lock the files and not allow you to move the files).Now your acrobat reader will load very fast and almost as good as notepad..

Monday, March 23, 2009


SWiSH Max is a program that utilises Adobe Flash technology to create cross-platform compatible presentations. It is developed and distributed by Pty Ltd, based in Sydney, Australia.

SWiSH Max is a reasonably high power program that incorporates many features which give the application a wide scope of uses.SWiSH Max primarily outputs to the .swf format created by Adobe Systems (formerly Macromedia) for the purposes of displaying their content on the web within the parameters set by the W3C. SWiSH Max uses a variation of ActionScript for scripting.

SWISH Max works, in particular, to make use of objects, vector graphics, keyframes and scripting. It incorporates a number of automated effects and transitions, which make building certain Flash elements such as buttons, advanced transition effects and interactive Flash sites possible.

Monday, March 16, 2009


A temporary storage area, usually in RAM. The purpose of most buffers is to act as a holding area, enabling the CPU to manipulate data before transferring it to a device.

Because the processes of reading and writing data to a disk are relatively slow, many programs keep track of data changes in a buffer and then copy the buffer to a disk. For example, word processors employ a buffer to keep track of changes to files. Then when you save the file, the word processor updates the disk file with the contents of the buffer. This is much more efficient than accessing the file on the disk each time you make a change to the file.

Note that because your changes are initially stored in a buffer, not on the disk, all of them will be lost if the computer fails during an editing session. For this reason, it is a good idea to save your file periodically. Most word processors automatically save files at regular intervals.

Buffers are commonly used when burning data onto a compact disc, where the data is transferred to the buffer before being written to the disc.

Monday, March 9, 2009

Multitier architecture

In software engineering, multi-tier architecture (often referred to as n-tier architecture) is a client-server architecture in which, the presentation, the application processing and the data management are logically separate processes. For example, an application that uses middleware to service data requests between a user and a database employs multi-tier architecture. The most widespread use of "multi-tier architecture" refers to three-tier architecture.

The concepts of layer and tier are often used interchangeably. However, one fairly common point of view is that there is indeed a difference, and that a layer is a logical structuring mechanism for the elements that make up the software solution, while a tier is a physical structuring mechanism for the system infrastructure.

Typically, the user interface runs on a desktop PC or workstation and uses a standard graphical user interface, functional process logic may consist of one or more separate modules running on a workstation or application server, and an RDBMS on a database server or mainframe contains the computer data storage logic. The middle tier may be multi-tiered itself (in which case the overall architecture is called an "n-tier architecture").

Monday, March 2, 2009

LexisNexis Data Breach


* Attack Method: Insufficient Anti-automation
* Country: USA
* Outcome: Leakage of Information
* Vertical: Information Services

The LexisNexis data breach is not new, but we have recently decided to start tracking abuse of insufficient automation measures and are adding historical incidents.

In this incident a group of people opened accounts at data broker LexisNexis and used automated tools to extract a large amount of personal information provided by the service.

As usual in such cases there is a question of whether the attack was a criminal activity, violation of the license agreement of the information provider or plainly legal. In this regard it is interesting to note that the group arrested in the incident was also responsible for the hacking to Paris Hilton Vodafone account, which was clearly an unlawful act.

Monday, February 23, 2009


Acronym for the American Standard Code for Information Interchange. Pronounced ask-ee, ASCII is a code for representing English characters as numbers, with each letter assigned a number from 0 to 127. For example, the ASCII code for uppercase M is 77. Most computers use ASCII codes to represent text, which makes it possible to transfer data from one computer to another.

For a list of commonly used characters and their ASCII equivalents, refer to the ASCII page in the Quick Reference section.

Text files stored in ASCII format are sometimes called ASCII files. Text editors and word processors are usually capable of storing data in ASCII format, although ASCII format is not always the default storage format. Most data files, particularly if they contain numeric data, are not stored in ASCII format. Executable programs are never stored in ASCII format.

The standard ASCII character set uses just 7 bits for each character. There are several larger character sets that use 8 bits, which gives them 128 additional characters. The extra characters are used to represent non-English characters, graphics symbols, and mathematical symbols. Several companies and organizations have proposed extensions for these 128 characters. The DOS operating system uses a superset of ASCII called extended ASCII or high ASCII. A more universal standard is the ISO Latin 1 set of characters, which is used by many operating systems, as well as Web browsers.

Monday, February 16, 2009

Ajax (programming)

Ajax, or AJAX (Asynchronous JavaScript and XML), is a group of interrelated web development techniques used to create interactive web applications or rich Internet applications. With Ajax, web applications can retrieve data from the server asynchronously in the background without interfering with the display and behavior of the existing page. The use of Ajax has led to an increase in interactive animation on web pages.

Data is retrieved using the XMLHttp Request object or through the use of Remote Scripting in browsers that do not support it. Despite the name, the use of JavaScript and XML is not actually required, nor do the requests need to be asynchronous. The acronym AJAX has thus changed to the term Ajax, which does not represent these specific technologies.

While the term AJAX was coined in 2005, alternative techniques for the asynchronous loading of content date back to the mid 1990s. Java applets were introduced in the first version of the Java language in 1995. These allow compiled client-side code to load data asynchronously from the web server after a web page is loaded.

Monday, February 9, 2009


In computing, a hacker is a person in one of several distinct (but not completely disjoint) communities and subcultures:

* People committed to circumvention of computer security. This primarily concerns unauthorized remote computer break-ins via a communication networks such as the Internet (black hats), but also includes those who debug or fix security problems (white hats), and the morally grey hats. See "Hacker (computer security)".

* A community of enthusiast computer programmers and systems designers, originated in the 1960s around the Massachusetts Institute of Technology (MIT)'s Tech Model Railroad Club (TMRC) and MIT Artificial Intelligence Laboratory. This community is notable for launching the free software movement. The World Wide Web and the Internet itself are also hacker artifacts. The Request for Comments RFC 1392 amplifies this meaning as “person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular." See "Hacker (programmer subculture)".

* The hobbyist home computing community, focusing on hardware in the late 1970s (e.g. the Homebrew Computer Club) and on software (computer games, software cracking, the demo scene) in the 1980s/1990s. The community included Steve Jobs, Steve Wozniak and Bill Gates and created the personal computing industry. See "Hacker (hobbyist)".

Monday, February 2, 2009

Adobe Flash

Adobe Flash (previously called Macro media Flash) is a multimedia platform created by Macro media and currently developed and distributed by Adobe Systems. Since its introduction in 1996, Flash has become a popular method for adding animation and interactivity to web pages; Flash is commonly used to create animation, advertisements, and various web page components, to integrate video into web pages, and more recently, to develop rich Internet applications.

Flash can manipulate vector and raster graphics and supports bi-directional streaming of audio and video. It contains a scripting language called Action Script. Several software products, systems, and devices are able to create or display Flash content, including Adobe Flash Player, which is available for most common web browsers, some mobile phones and other electronic devices (using Flash Lite). The Adobe Flash Professional multimedia authoring program is used to create content for the Adobe Engagement Platform, such as web applications, games and movies, and content for mobile phones and other embedded devices.

Monday, January 26, 2009


In computer graphical user interfaces, drag-and-drop or DnD is the action of (or support for the action of) clicking on a virtual object and dragging it to a different location or onto another virtual object. In general, it can be used to invoke many kinds of actions, or create various types of associations between two abstract objects.

As a feature, support for drag-and-drop is not found in all software, though it is sometimes a fast and easy-to-learn technique for users to perform tasks. However, the lack of affordances in drag-and-drop implementations means that it not always obvious that an item can be dragged.

Monday, January 19, 2009

Technical vulnerabilities

• Unvalidated input:
o Tainted parameters - Parameters users in URLs, HTTP headers, and forms are often used to control and validate access to sensitive information.
o Tainted data
• Cross-Site Scripting flaws:
o XSS takes advantage of a vulnerable web site to attack clients who visit that web site. The most frequent goal is to steal the credentials of users who visit the site.
• Content Injection flaws:
o Data injection
o SQL injection - SQL injection allows commands to be executed directly against the database, allowing disclosure and modification of data in the database
o XPath injection - XPath injection allows attacker to manipulate the data in the XML database
o Command injection - OS and platform commands can often be used to give attackers access to data and escalate privileges on backend servers.
o Process injection
• Cross-site Request Forgeries

Monday, January 12, 2009

Web Applications Issues

* Scripting issues
* Sources of input: forms, text boxes, dialog windows, etc.
* Multiple Charest Encoding (UTF-8, ISO-8859-15, UTF-7, etc.)
* Regular expression checks
* Header integrity (e.g. Multiple HTTP Content Length, HTTP Response Splitting)
* Session handling/fixation
* Cookies
* Framework vulnerabilities(Java Server Pages, .NET, Ruby On Rails, Django, etc.)
* Success control: front door, back door vulnerability assessment
* Penetration attempts versus failures.

Monday, January 5, 2009

Web Template System

Dynamic web pages usually consist of a static part (HTML) and a dynamic part, which is code that generates HTML. The code that generates the HTML can do this based on variables in a template, or on code. The text to be generated can come from a database, thereby making it possible to dramatically reduce the number of pages in a site.

Consider the example of a real estate agent with 500 houses for sale. In a static web site, the agent would have to create 500 pages in order to make the information available. In a dynamic website, the agent would simply connect the dynamic page to a database table of 500 records.

In a template, variables from the programming language can be inserted without using code, thereby losing the requirement of programming knowledge to make updates to the pages in a web site. Syntax is made available to distinguish between HTML and variables. E.g. in JSP the tag is used to output variables, and in Smarty, {$variable} is used.

Many template engines do support limited logic tags, like IF and FOREACH. These are to be used only for decisions that need to be made for the presentation layer, in order to keep a clean separation from the business logic layer, or the model in the MVC pattern.