1  |  2  |  3  |  4  |  5  |  6  |  7  |  8  |  9  |  10  |  11  |  12  |  13  |  14  |  15  |  16  |  17  |  18  |  19  |  20  |  21  |  22  |  23  |  24  |  25  |  26  |  27  |  28  |  29  |  30  |  31  |  32  |  33  |  34  |  35  |  36  |  37  |  38  |  39  |  40  |  41  |  42  |  43  |  44  |  45  |  46  |  47  |  48  |  49  |  50  |  51  |  52  |  53  |  54  |  55  |  56  |  57  |  58  |  59  |  60  |  61  |  62  |  63  |  64  |  65  |  66 

May 31, 2011

Hackers take on PBS, Lockheed, dozens of other enormous corporations

Lockheed, PBS Join Roster of Hacking Victims - WSJ.com
Over the weekend, the website for the PBS show "NewsHour" was altered by hackers to include a fake article claiming that rapper Tupac Shakur, who was murdered 15 years ago, was alive in New Zealand. The hackers also posted login information that stations and other entities use to access PBS sites. . . . So-called hactivists, who take revenge on companies for perceived slights, also have moved from simply knocking websites offline to stealing data. "There are enough people out there who aren't worried about the consequences that they are willing to wage a sustained campaign against a global company," Mr. Stamos said. Corporate executives said they no longer can take a passive approach to cybersecurity. Ted Chung chief executive of Hyundai Card/Hyundai Capital Co., an auto finance provider in South Korea that was hacked in April, blamed himself for not paying enough attention to the importance of information-technology security. "When it comes to big companies or big banks, no CEO is that stupid not to pay attention. But maybe they pay the same attention I did, which is giving encouragement and budget to IT but then saying 'What do I know about programming?' " he said in an interview Monday. "That is the wrong support." The latest attacks demonstrate a diversity of motives. Those who attacked Hyundai Capital tried to extract ransom for a database they stole. With Epsilon, the hackers made off with email addresses that could be used to send "phishing" emails that trick recipients into disclosing personal information.

May 29, 2011

The iPhone app that tricks thieves into revealing where they've taken your phone

Trap a Thief : Credit Cards Trap for iPhone, iPod touch, and iPad on the iTunes App Store
Credit Cards Trap can track down your iPhone if it is stolen. If stolen and the thief tries to go through your device, he will find this icon saying CREDIT CARDS staring at him. If he means evil (most of them are after your identity and credit cards), he will surely click on the icon to check it out. Once in, he will see a list of authentic looking credit card details scrolling on his screen. He does not know that in the background, Credit Cards Trap is detecting the exact device location and mailing you the details. Soon you will get an email with the location details of the device. Just click on the direct Google maps link to zoom into the location where the thief is using it. As the account details scroll (to keep him busy as the app tries to get more accurate location), you get a first estimate location by email and then more and more accurate emails. After we are done, the thief will see a "Database sync error: Try after 30 minutes" message. If the thief falls for it, he will try again after 30 minutes !

May 15, 2011

California Assembly may force social-networking sites to revise privacy standards

This seems like a great idea, which is why Facebook is spending a lot of money to oppose it. Particularly I like that the default is to not share anything at all and that one has to opt-in to share your personal data with the world. Social-networking sites face new privacy battle
California could force Facebook and other social-networking sites to change their privacy protection policies under a first-of-its-kind proposal at the state Capitol that is opposed by much of the Internet industry. Under the proposal, SB242, social-networking sites would have to allow users to establish their privacy settings - like who could view their profile and what information would be public to everyone on the Internet - when they register to join the site instead of after they join. Sites would also have to set defaults to private so that users would choose which information is public. Currently, some sites, like Facebook, have default settings that make certain information - such as photos, biographical information and family information - available to everyone on the Internet after a user registers, unless the user changes those privacy settings. . . . The legislation would require that privacy controls be explained in "plain language." Willful violations of the law would result in a $10,000 fine for each violation. "You shouldn't have to sign in and give up your personal information before you get to the part where you say, 'Please don't share my personal information,' " Corbett said. . . .

May 10, 2011

Medieval Tally Stick Discovered in Germany

Schneier on Security: Medieval Tally Stick Discovered in Germany
The well-preserved tally stick was used in the Middle Ages to count the debts owed by the holder in a time when most people were unable to read or write. "Debts would have been carved into the stick in the form of small notches. Then the stick would have been split lengthways, with the creditor and the borrower each keeping a half," explained Hille. The two halves would then be put together again on the day repayment was due in order to compare them, with both sides hoping that they matched.