Skip to content

{ Category Archives } Security

Pot o’ Honey

Project Honeypot has been collecting data about spam harvesters for a long time. Today, they announced that they’re suing harvesters.

2007 04 26 Spam Comments (0)

You talkin’ to me?

In this post, the Internet Storm Center reports on a possible attack vector for Vista systems on which the speech system has been activated. Microsoft says “Yeah, but it’s not dangerous.”
Didn’t Captain Kirk fool a computer with this trick?
Listen to this post Vista

2007 02 01 Microsoft Comments (0)

Encryption, validation, and Public Key Infrastructure

I’ve just set up a new computer at the office and despite a careful archive of all downloaded installation files, I’ve lost the files necessary to install the commercial version of PGP. It turns out that the commercial PGP is not really necessary anymore. I’ve used these tools:

Windows Privacy Tray (WinPT): WinPT [...]

2006 11 23 Comments (0)

Pump and Dump

I’ve noticed a recent upsurge in stock related spam. Our anti-spam filters have been tweaked and they’re keeping out more of the mail. This story in EWeek dissects a network of compromised computers that can easily pump out 1 billion stock spam messages in a day.
Listen to this post spam

2006 11 17 Spam Comments (0)

At AOL, heads roll

Just when you thought someone was going to get a Presidential Medal of Freedom, it seems that wiser heads have prevailed. AOL fired the two people most closely involved with posting the search data and allowed the CTO to “resign”.
Listen to this post AOL, search, privacy

2006 08 21 Comments (0)

What does a search engine know about you?

What does a search engine know about you? Who knows it? And do they know it’s you?
It’s said that you can tell a person by the company he keeps or, in this case, by the questions she asks. The New York Times was able to identify a supposedly anonymous individual, three months of whose [...]

2006 08 09 Comments (0)

Project HoneyPot

It’s been a while since I checked in with them. It looks like Project HoneyPot is doing a good job of collecting data about spam, spammers, and the way they collect email addresses.
In brief, the project asks webmasters to embed non-visible links on their websites. These links generate pages with non-visible [...]

2006 07 18 Spam
Technology Comments (0)

Firefox: Security Update

Time to update:
From the HELP menu, use “Check for Updates”.
Read the Mozilla Firefox 1.5.0.2 Release Notes. There are Notable Bug Fixes and security-related patches.
Listen to this post Firefox

2006 04 14 Comments (0)

Kitten-based authentication

The Register has a story, linking to this website about a replacement for the standard captcha, test to separate humans from robots. We’re all familiar with captchas: They’re a series of numbers and letters produced as a slightly obscured graphic that we have to decode and enter into a field on a form. [...]

2006 04 12 Technology Comments (0)

Internet Explorer Address Bar Spoofing

Yet another one. A flaw in IE allows a website to display content with an incorrect location in the address bar. Thus, a phisher can display his own content but set the address bar to http://yourbank.com. Check to see if your browser is vulnerable with the Secunia Spoofing Vulnerability Test
Listen to [...]

2006 04 06 Comments (0)