Technology Insights

Double Encoding – One Of The Biggest Enemies While Fixing Cross-Site Scripting (XSS)

“You have X amount of Cross-Site Scripting¬†vulnerabilities”. That is a phrase most web developers have heard at least one time, what is a Cross-Site Scripting vulnerability?

OWASP defines Cross-Site Scripting as:

“Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user in the output it generates without validating or encoding it.”

Technology Insights

DirecTV HR21: A Problem Has Been Detected In The Storage Device

I was watching a television show late last night via my DirecTV account. The show I was watching has previously been recorded on my DVR and at the time two other shows were recording. When the show I was watching was over I attempted to delete it which it appeared to do but then it locked up one of the shows I was currently recording. Once locked up I was unable to use my DirecTV HD DVR HR21-700 remote to do anything. I waited for about 15 minutes to make sure it wasn’t recover since I had never had one of my DirecTV HD receivers do this before. After waiting that initial time period I decided to go ahead and reboot the receiver which I did by unplugging the power, waiting 15 seconds, and then watching it reboot through its normal cycle. The receiver appeared to be starting as it typically does until it got to the last two steps and after a couple seconds at the final¬†step 1 of 2 the receiver got a blue screen with the message “A problem has been detected in the storage device” message as shown below.

Technology Errors

Problem opening files created in earlier versions of MS Office in Office 2007

I was helping a user out today who had issues opening a .doc Word file in MS Word 2007. The user was getting the following error.  

“You are attempting to open a file that was created in an earlier version of Microsoft Office. This file type is blocked from opening in this version by your registry policy setting.”

It appears the document he was opening was probably created in a very old version (pre-97) of Word, so the standard Compatability Mode in Word 2007 wasn’t picking it up. The easiest way to allow these older .doc files to open in Word 2007 is to follow the steps below. If you are new to editing the registry, you may want to back it up first. You should also make sure that any Office applications are closed before starting this process.