GZip is a formidable way to save up on bandwidth, without hindering your users. It allows any script to pass its content by the compression tool first, before being sent out. The receiver will then receive the compressed file, and unpack it to show its content.
Browsers that don’t support GZip will automatically fall back to the normal way of sending out content: unzipped.
It’s a win-win situation. You save bandwidth, and don’t bother your users. So, let’s enable it. Read more…
Matti PHP bandwidth, compression, gzip, htaccess, PHP
Perhaps it’s more a question of wanting to return, instead of actually making it back … Not quite thinking about the return just yet, but definately looking forward to leaving tomorrow! Read more…
Matti Personal egypt, hurghada sunseabeach, trip
*Edit: It’s a false alarm. The CSS files that were included belonged to Facebook, but apparantly the domain they reside on (fbcdn.net) got tagged as “Phishing Site”. The notifications are gone from FireFox & Google’s Chrome.
It seems as if Facebook has been compromised, and is serving several .CSS files that have been identified as “Phishing Sites“.
Google Chrome users will see a message, similar to this one (but probably in their own language).
Facebook Phishing
There seems to be some malicious javascript code on the homepage, as well as several very weird .CSS includes (carefull when you try to load these!).
<link type=”text/css” rel=”stylesheet” href=”http://static.ak.fbcdn.net/rsrc.php/< INSERT RANDOM GIBBERISH CODE HERE>.css” />
The .CSS files are loaded from a static website: http://static.ak.fbcdn.net/
The main domain, http://fbcdn.net/, is already reported. Both links will alert FireFox & Chrome users of the Phishing Site.
If you want to see the source code, I suggest you browse to Facebook with Google’s Chrome, and upon seeing the message shown above click on the shortcut “CTRL + U” (View Source). This trick doesn’t work in FireFox.
Matti Security facebook, phishing, Security
Recent Comments