Interesting Snippets from 2012-05-23

• Chromium Blog: A Tale of Two Pwnies (Part 1)

  Just over two months ago, Chrome sponsored the Pwnium browser hacking competition. We had two fantastic submissions, and successfully blocked both exploits within 24 hours of their unveiling. Today, we’d like to offer an inside look into the exploit submitted by Pinkie Pie.

  So, how does one get full remote code execution in Chrome? In the case of Pinkie Pie’s exploit, it took a chain of six different bugs in order to successfully break out of the Chrome sandbox.

• xing/wysihtml5 · GitHub

  wysihtml5 is an open source rich text editor based on HTML5 technology and the progressive-enhancement approach. It uses a sophisticated security concept and aims to generate fully valid HTML5 markup by preventing unmaintainable tag soups and inline styles. The code is completely library agnostic: No jQuery, Prototype or similar is required.

• You Call That Innovation? - WSJ.com

  Got innovation? Just about every company says it does.

  Businesses throw around the term to show they're on the cutting edge of everything from technology and medicine to snacks and cosmetics. Companies are touting chief innovation officers, innovation teams, innovation strategies and even innovation days.

  But that doesn't mean the companies are actually doing any innovating. Instead they are using the word to convey monumental change when the progress they're describing is quite ordinary.

[/snippets] permanent link