Pakistan has faced political crisis from the day of its inception; the Quaid died just over an year after independence, the first prime minister was murdered in 2 years time and then started the pendulum of one government taking oath and within an year another takes its place. It continued till Ayub Khan took over. In his 11 year, there was political stability but he wasn't a elected member so the progress made in his regime reduced it to none - at least politically.
Then came another civilian role and then a military take over by Gen. Zia (who many in Pak Army believe don't even deserve to be even promoted to Major level). Anyways, his mysterious death opened the way for Benazir government and then another to-and-fro motion of regime change started which ended with Gen. Musharaf taking over as role of Chief Executive of Pakistan.
Look at the irony of this country; our military governments were more stable than our political governments...
Now after learning a lot from their mistakes - both PPPP and PML(N) have realize that from there conflict only one organization takes the benefit (though at least that's what they think) . So now there survival in longer run is only possible if they don't give any reason for people of Pakistan or Pak Army to get annoyed with their policy. Unless and until our politicians, beaurocrats and military don't feel that their prime responsibility is to serve the people not their personal interests; only then we can see progress and political harmony.
Monday, September 8, 2008
Friday, September 5, 2008
September 6 - Defense Day
I am bit confused today; today is September 6 and officially it's defense day of Pakistan which I've celebrated throughout my childhood with the high spirits of defending my homeland from all evils coming from inside or outside. And how can I (we) forget the war heroes who sacrifice their lives for our better tomorrow (they were my childhood heroes and today is no different).
I'm not writing this blog to honor those who fought for defense back in September 6, 1965 but another political defense day approaching us today. Yes, today our assemblies will decide next president of Pakistan - the symbol of federation, unity. The tragedy is one who was considered to be most corrupt in Pakistan almost 10 years back, will going to win this election. I voted for PPPP in this year election but never wanted Zardari to contest for President; he is no match to his predecessor - Gen(R) Pervaiz Musharaf.
I am not sure how to celebrate this day; my cherished defense victory or prepare myself for another defense day?
I'm not writing this blog to honor those who fought for defense back in September 6, 1965 but another political defense day approaching us today. Yes, today our assemblies will decide next president of Pakistan - the symbol of federation, unity. The tragedy is one who was considered to be most corrupt in Pakistan almost 10 years back, will going to win this election. I voted for PPPP in this year election but never wanted Zardari to contest for President; he is no match to his predecessor - Gen(R) Pervaiz Musharaf.
I am not sure how to celebrate this day; my cherished defense victory or prepare myself for another defense day?
Thursday, September 4, 2008
Chrome hits with DoS vulnerability...
Whoa! Google Chrome has crashed. Restart now? While Google’s Chrome team is cheering, Rishi Narang from Evil Fingers is typing and releasing a proof of concept for a denial of service vulnerability that is successfully crashing the Chrome browser with all tabs. According to Narang’s advisory :
“An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a ’special’ character, the chrome crashes with a Google Chrome message window “Whoa! Google Chrome has crashed. Restart now?”. It crashes on “int 3″ at 0×01002FF3 as an exception/trap, followed by “POP EBP” instruction when pointed out by the EIP register at 0×01002FF4.”
Nothing’s impossible the impossible just takes a little longer.
Whenever a new product is in its introduction stage, it would logically attract a lot of attention from security researchers trying to a make a point that it’s vulnerable, and that some of the vulnerabilities are pretty trivial. For instance, yesterday David Maynor from Errata Security pin pointed possibilities for exploitation in Google’s Chrome, saying that :
“Google just released Chrome, their own web browser. We decided to run it through Looking Glass and it doesn’t look half bad. They at least have ASLR enabled on a few of their libraries, no NX though. Chrome is not as bad as some apps I have seen but that is not saying much.”
What’s important though, is whether or not the browser release would also start attracting the attention of cybercrimals. Being anything but old fashioned, they too do their homework and take into consideration the market share of a particular browser in order to increase the impact of exploiting it. Consequently, for the time being the level of exploitability of Google’s Chrome is right after Opera’s from the perspective of the malicious attacker taking into consideration Chrome’s non-existent market share.
Would the level of exploitability change? In the fist quarter of 2009, Google would presumably release stats of the number of people who downloaded Chrome, demonstrating nothing else but the introduction stage of their browser. The question is, how many of those who downloaded it would actually stick with it, and would companies embrace it if it does gets popular enough, potentially increasing the exploitability level of any upcoming vulnerabilities?
Considering the fact that according to public statistics of usage share of web browsers, IE6 users are just as many as IE7 ones, converting from Firefox or IE to Google’s Chrome is not going to happen overnight.
Note: Source taken from ZDNet blog.
“An issue exists in how chrome behaves with undefined-handlers in chrome.dll version 0.2.149.27. A crash can result without user interaction. When a user is made to visit a malicious link, which has an undefined handler followed by a ’special’ character, the chrome crashes with a Google Chrome message window “Whoa! Google Chrome has crashed. Restart now?”. It crashes on “int 3″ at 0×01002FF3 as an exception/trap, followed by “POP EBP” instruction when pointed out by the EIP register at 0×01002FF4.”
Nothing’s impossible the impossible just takes a little longer.
Whenever a new product is in its introduction stage, it would logically attract a lot of attention from security researchers trying to a make a point that it’s vulnerable, and that some of the vulnerabilities are pretty trivial. For instance, yesterday David Maynor from Errata Security pin pointed possibilities for exploitation in Google’s Chrome, saying that :
“Google just released Chrome, their own web browser. We decided to run it through Looking Glass and it doesn’t look half bad. They at least have ASLR enabled on a few of their libraries, no NX though. Chrome is not as bad as some apps I have seen but that is not saying much.”
What’s important though, is whether or not the browser release would also start attracting the attention of cybercrimals. Being anything but old fashioned, they too do their homework and take into consideration the market share of a particular browser in order to increase the impact of exploiting it. Consequently, for the time being the level of exploitability of Google’s Chrome is right after Opera’s from the perspective of the malicious attacker taking into consideration Chrome’s non-existent market share.
Would the level of exploitability change? In the fist quarter of 2009, Google would presumably release stats of the number of people who downloaded Chrome, demonstrating nothing else but the introduction stage of their browser. The question is, how many of those who downloaded it would actually stick with it, and would companies embrace it if it does gets popular enough, potentially increasing the exploitability level of any upcoming vulnerabilities?
Considering the fact that according to public statistics of usage share of web browsers, IE6 users are just as many as IE7 ones, converting from Firefox or IE to Google’s Chrome is not going to happen overnight.
Note: Source taken from ZDNet blog.
Subscribe to:
Posts (Atom)
