Conficker did not cause chaos on April Fool’s Day 2009
Thursday, April 2nd, 2009 |There was concern something big would happen.
It didn’t, but as the guy at Symantec said, “we will be on high alert for a long time“.
Archive for the ‘Uncategorized’ Category
Clickjacking / UI redress vulnerability: the biggest IT security problem ever?
Friday, October 10th, 2008 |For now, from what I read, there’s no “elegant” solution to any browser yet.
Apparently, the only sure way to protect yourself is disabling JavaScript, plugins/ActiveX and iFRAMEs, but I think that would severely affect usability.
The most elegant solution available is for Firefox, ie to install the NoScript add-on but even that is not perfect (not foolproof), because at the end, it’s still up to the user i.e. “users can decide for themselves whether to continue clicking, or free up the mouse from the underlying — and potentially exploitive — content.”
Get NoScript add on here:
https://addons.mozilla.org/en-US/firefox/addon/722
I cannot find any details on how to deal with clickjacking for IE from Microsoft’s website, the best step-by-step info I could get is here:
http://hackademix.net/2008/09/29/clickjacking-and-other-browsers-ie-safari-chrome-opera/
Researchers See Privacy Pitfalls in No-Swipe Credit Cards
Monday, October 23rd, 2006 |The New York Times reports on 23rd Oct that university researchers found that next generation RFID based cards info are not encrypted and easily culled:
"They could skim and store the information from a card with a device the size of a couple of paperback books, which they cobbled together from readily available computer and radio components for $150. They say they could probably make another one even smaller and cheaper: about the size of a pack of gum for less than $50. And because the cards can be read even through a wallet or an item of clothing, the security of the information, the researchers say, is startlingly weak. ‘Would you be comfortable wearing your name, your credit card number and your card expiration date on your T-shirt?’ Mr. Heydt-Benjamin, a graduate student, asked."
Tags: RFID, credit cards
The Devil’s Guide to Google
Sunday, June 25th, 2006 |There’s an interesting list at Google Blogoscoped that lists several ways in which to be a "totally evil, worm-like creature with Google’s array of services in under a month". Why would you want to do that? To get money comes to mind.
Number 4 suggests an (of course illegal) way to get money via Adsense:
Pay a 12-men army of Russian click-workers to click on your AdSense. Tell them how to switch proxies so they won’t show the same IP to Google. Cash in the check.
Another 9 is suggested in the list.
ref
