Security

ID theft, vulnerabilities, privacy issues, etc

Interesting Blog

Filed under
Security

Interesting Spam: Old school Ascii art making a comeback?

"Two days ago I got my first Ascii spam which is undoubtedly just another technique to get past email filters. The spam consists of the staples, forged To: and From: with the intended recipient on the BCC. Then it starts its HTML tags, and uses the PRE tags to format the Ascii text so that it views correctly in a variety of email clients."

Link with pictures.

Companies Should Give Online Consumers More Privacy

Filed under
Security

"To quell the privacy-invasion fears that are stunting the growth of e-commerce, Web marketers need to give consumers more control of the personal information collected about them, according to research by Naresh Malhotra, Regents' professor of marketing at Georgia Tech College of Management."

Big Brother is Watching your Toyota Sienna

Filed under
Security

"The 2005 Toyota Sienna (I'm not sure about earlier models) has an Event Data Recorder (EDR) which is a black box of sorts (sans the audio recording). In the event of a crash, near crash, or airbag deployment, it records various data such as vehicle speed, engine speed, driver seat position, gear selector position, etc."

One in four 'touched' by ID fraud

Filed under
Security

"A quarter of UK adults have had their identity stolen or know someone who has fallen victim to ID fraud, a Which? magazine survey has suggested."

Hacker taps into business school files"

Filed under
Security

"A computer hacker gained access to internal admissions records at Harvard, Stanford and other top business schools, then helped applicants log on and learn their fate weeks ahead of schedule, officials said Thursday."

ChoicePoint was victim of ID theft in '02

Filed under
Security

Despite recent denials, it has been revealed that ChoicePoint was indeed victim to identity thieves earlier than had been previously reported.

Media Player Flaw Speaks Volumes on M$ Security

Filed under
Microsoft
Security

I'm sure everyone's read of M$ latest security blunder relating to it's media player, but I particularly like David Coursey's stance. He says, "By focusing not on the largest number of potential victims but on patching its most current software, Microsoft reveals its tendency to "encourage" customers to buy new software by letting them sway in the breeze for a while."

ID Thieves Robbing the Cradle

Filed under
Security

The Seattle Times is running an interesting piece on a new trend of targetting children and young adults by identity thieves. They contend it's because so many years may pass before it's discovered.

Newest Vulnerabilities in php apps

Filed under
Security

"Multiple vulnerabilities in two popular open-source projects-phpMyAdmin and phpBB-could put users at risk of cross-site scripting and information disclosure attacks, security researchers warned Thursday."

FBI Being Spoofed in Email

Filed under
Security

"The FBI warned Tuesday that a computer virus is being spread through unsolicited e-mails that purport to come from the FBI."

security breach affects every state

Filed under
Security

"ChoicePoint, under fire for being duped into allowing criminals to access its massive database of personal information, said yesterday that consumers in all 50 states, the District of Columbia and three U.S. territories may have been affected by the breach of the company's credentialing process."

Typing Style Can Be Password

Filed under
Security

"The way you type is as unique as your eye color or speech patterns and can be used instead of a password to protect your computer, researchers at Louisiana Tech and Penn State say."

Security Showdown: Back & Forth

Filed under
Linux
Microsoft
Security

Battles continue today in the M$ security war. Yesterday news began circulating that M$ Windows2003 server was found to be more secure than Redhat Enterprise. I'm skeptical until details of the study are released, as apparently they used the criteria of

Whoops: KDE fliccd Buffer Overflow Vulnerabilities

Filed under
KDE
Security

"Erik Sjölund has reported some vulnerabilities in KDE, which can be exploited by malicious, local users to gain escalated privileges and potentially by malicious people to compromise a vulnerable system."

Firefox Putting on the Pressure

Filed under
Microsoft
Security

Microsoft must be feeling the pressure from competing browsers as they are putting a lot of thought into how to improve Internet Explorer. However, they probably won't have a new version ready until Longhorn goes gold planned for 2006. Eweek is carrying more on this story.

In other news, Bill Gates' trip to Turkey only proved that Linux is cutting into his profits more and more as well. The newer Turkix was found to be quite popular there and is picking up speed as other European nations begin to show interest.

UPDATE: More Passing the Buck from M$.

Firefox to Blame for Increased Attacks on M$

Filed under
Security

My first reaction was OMG, but after reading the article it actually makes sense. It's a matter of doing the math I suppose. I guess the thing to do is for everyone to stop using Internet Explorer! Big Grin

A new Windows Media Player virus is being reported this morning as well. At least they are getting their viagra, but don't forget your Trojans boys!

On the Redmond Front

Filed under
Microsoft
Security

It's being reported that Microsoft has had to issue more patches for several vulnerabilities. In fact "six of the patches deal with code that was updated in Windows Service Pack 2." I wonder if this has been addressed. This comes on the heels of announcing the purchase of an anti-virus software company and being countersued by ITAC for libel. Here's that story. Makes one really glad they use Linux huh?

97 bugs found in MySQL

Filed under
Security

"Coverity analyzed MySQL 4.1.8 last month and found a total of 97 bugs among the open source database's approximately 425,000 lines of code." That's a quote from Sean Michael Kerner's article over on internetnews.com. Seems like a low percentage to me, yet I think I better update!

New O'Reilly Security Book Released

Filed under
Security

Linux Server Security has recently been made available as a follow-up to last falls Building Secure Servers with Linux. Here's a nice little review.

Moooore Spam!

Filed under
Security

Spam has new way to evade security

E-mails via service providers clogging system

Yep, just what we need, more spam. Apparently they aren't as concerned with hiding from their isps as getting the mail out as they are now just sending it through their isps servers. Read the gory details here.

Syndicate content