Posts by EJ
87 posts • joined Monday 9th July 2007 20:59 GMT
Re: Coincidence?
Let me know how that Flash ban goes. I foresee pitchforks and torches-wielding crowds outside someone's cubicle.
BS charge for a BS offense.
Are we to infer from the story this was a Chinese crim?
Re: Tesla Motors CEO Elon Musk arguments are pathetic
"Read better" - hmm. By that you mean read only Musk's account and not the journalist's account.
And as we all know from reading accounts of people driving into lakes using GPS, Apple phones inflating the bars of cell signal strength, Nissan's TPMS systems reporting low tire pressures when actually the aluminum wheels corroded around the TPMS sensors and interfered with their operation, BMWs that their oil level sensors report oil overfills or low oil when their oil levels are fine.... telemetry is always fail-proof and 100% accurate.
Calling Batman
The Riddler has popped up, this time in Japan.
Posted in US nuke lab drops Chinese networking kit
Outsourcing
It makes as much sense to rely on foreign-made equipment for the critical infrastructure of your nation's defenses as it does to outsource your spy network. If you want it done in a way you trust, you do it yourself.
No one should have raised an eyebrow when China announced the Red Flag Linux initiative. Nor should people be surprised by other nations' objections to RIM being in charge of their communication, or the US dictating their Internet access.
It all boils down to: who do you trust? Anyone who is trusting the Chinese these days are fools.
The American Midwest...
A place where Hezbollah sticks out? Or is it where a a paranoid delusional oddball would better fit in with the existing paranoid and delusional armed populace?
Qualys laughs at your BEAST
Even if your banking website is vulnerable, you still get an 'A'...
https://www.ssllabs.com/ssltest/analyze.html?d=onlinesefcu.com
Patch is out
Version 7 Update 7 is out. Oracle: "Problem? What problem?"
Ironic this is Skype pointing this out
Secunia's OSI and PSI products are items I preach to every home user I come in contact with. For friends and relatives, I'll show them how to use those simple, free products to make sure their software is updated. Skype is always a problem because inexplicably Skype requires you to log into your account before you download the software update. This is a hurdle when the Skype user of the house isn't present when you attempt to update the software. Why not just let a user download the patch/update without logging into their Skype account?
Posted in Small banking Trojan poses major risk
Why I like independent researchers and loathe vendors
I'm sure CSIS sees the revelation of the hardcoded URLs as giving away proprietary info that gives them an advantage, and thus they'd lose their chance at getting a few panicked users to buy licenses of their product. It'll come out once an independent gets their hands on it.
I was waiting for the hypocrisy of the Maldives situation to enter into this...
Hmm...
http://www.timesunion.com/local/article/Local-stay-China-charge-3479978.php
Re: Errata
Well, that would explain why they're such bad dressers.
Handing the defense a gift
If I was the alleged hacker's lawyer, I'd use that Tweet to my advantage, that's for sure.
Posted in So, what IS the worst film ever made?
Spaced Invaders
It's the only movie I ever attended that I requested a refund on from the theater. The lone funny line/scene from the previews on TV was discovered to be edited for the preview and thus never was actually said as part of the movie dialog.
Files removed
I'm guessing Anon fans aren't happy the Stratfor files were removed.
"Demo" - perhaps it means something
"He also dug up this page, which appears to show IP address lookups for the subdomains vzw-collector.demo.carrieriq.com, vzw-dis.demo.carrieriq.com and hupload-vzw99.carrieriq.com."
The logical assumption would be these were created as part of a marketing presentation to VZW to get them on board as a customer, don't ya think? Perhaps VZW even did a trial implementation to see what they thought of the service. With all the uproar we'll probably never get an admission from VZW as to the origination of them.
Pricing is killing them
We just got done with an evaluation of secure web gateways, and Blue Coat was by far the priciest of vendors we looked at. Bigger venders were significantly cheaper. They'll need to address their pricing strategy in order to get back into the game. Even the Feds can't afford to just keep shoveling money to a vendor without paying attention to the other vendors.
It's a wonder it took only 5 days
According to Netcraft, the impacted site is ranked 1,139,437th of the most popular destinations. I'd hazard a guess that not many web surfers were exposed to said crud. In fact, I'm surprised anyone even noticed.
Ain't that something
Sounds like my government has taken a page from the Chinese government.
The "wrong" is they allow humans to operate them
Until Apple figures out how to get around that weakness, then you'll have this issue.
What's up with Australia?
Seems like I keep hearing tale after tale of an overcontrolling, police state-like stance being taken down under. Next thing you'll tell me is they're adopting the Juche calendar.
"the North East, Pennsylvania company"
Erie is located in northwestern Pennsylvania, not northeastern PA.
Posted in Botnets claim 7-fold increase in victims
That's easy!
Dumb down those other 2 OSes in your list so they can attract the knuckle-dragging computing mouth breathers, and your also-ran OSes can be part of the pwned party, too.
Posted in Palin webmail hacker conviction upheld
Complete and utter BS
There's no way this kid should be doing time. Probation? Sure. Fines? Sure. Jail time? Ridiculous waste of taxpayer money. And how are the charges against Palin for violating rules for conducting state business through a personal email account coming along?
Who ya gonna call?
Gregory D. Evans - he's the best and can sort this all out.
Firefox w/ Adblock Plus
This is why Firefox w/ Adblock Plus is a step forward on the security front. It takes the malicious ad server angle out of the picture.
I've seen this real world
We routinely get hits on previous incidents when scanning a workstation. The AV signatures can't keep up with the pace with which new threats are churned out. So we'll detect incidents, but only a week or two after the incident actually occurred, and by that time it's too late.
Make the check out to "Eldrick T Woods"
After Tiger's details, this all seems like wholesome activities. Phillips should send him a thank you gift.
RU hypocritical?
Haha! Love these ironic stories.
This guy needs to go to prison
There's no conspiracy going on here - he's getting caught by small town police units. Sure, they're all operating under the control of the FBI/CIA/NSA/<insert right wing militia of choice here>. This guy needs to be put in jail. He's obviously got a problem, and the fact he's been caught in random stings tells me he is doing this a lot in order to get nabbed twice. He's a local guy here in upstate NY, and the first time he thought he was meeting a minor at a Burger King restaurant in Menands/Watervliet NY. This time he was under the impression he was performing on his webcam for a 15yo girl. The dude is sick, and can't control himself. It's time for society to help him control himself.
Enough already - this guy is obviously a danger, and needs to be dealt with. Hopefully they won't allow him to sweep his offenses under the rug this go around.
Tiger Effect
The ghosts of Tiger and Elin are busy in Sweden.
Oracle & Flash
Oracle just built their entire support website on Flash. It stinks.
Posted in Sophisticated parcel mule scam unpicked
No innocent victims amongst the mules
I saw those email pitches in my own inbox, and it was quite evident they were not legitimate. It did not take much intelligence to surmise it was a criminal operation. These mules need to be handed the appropriate punishments.
Posted in Auto thief foiled by guardian satellite
Is that a chase or are you just lapping the track?
A buddy of mine recently took his brand-new Chevy Camaro to Watkins Glen International for a track day. During his laps, a voice came over the OnStar system saying his car was registering g-forces outside normal parameters and asking if he was he alright. He waited until he was off the track to call them back and explain he was in the middle of high speed laps at a track. OnStar suggested that when he next goes to the track to give them a heads up and they'd note it so as not to attempt to contact him in that situation. :)
He said he'd been to Monticello Motor Club (just north of NYC) a week or 2 prior, but they didn't try to contact him during that session.
The problem here
At first my reaction was "Why doesn't the Gmail user reveal their identity and tell the bank they've destroyed the file?" But the can of worms that opens up is if any ID theft occurs with those accounts involved in the pursuing months, the possibility exists that the bank could then somehow come back at the Gmail user holding them responsible or attempting to claim damages. And given how careful the bank seems to protect its customers' information, I wouldn't be so optimistic that the likelihood of a breach is low.
Here's how bad it's gotten
TechRepublic.com puts up an article entitled "10 ways to avoid viruses and spyware". While reading through it to see if they had anything new, innovative, or otherwise worthwhile (they didn't), I notice a sponsored link on the story's page for....
"Anti-Spyware 2009 - Free
#1 Rated Spyware Remover - 100% Guaranteed - 47 Million Downloads!"
The link? www.adware-2009.com, which, you guessed it, is scareware/malware.
The irony - huge. The laugh - loud. The shaking of head - vigorous.
Posted in Top vendors flunk Vista anti-virus tests
Where's the leader?
I'm shocked Antivirus 2009 isn't listed. Must be sitting it out like Trend Micro.
Posted in Firefox laggards offered security update
3.5 gots issues
I've tried to use v3.5, buying into the talk of the faster JavaScript performance. Indeed, it is faster than 3.0. However, both my home PC and my work PC now suffer from v3.5 grabbing around 50% of CPU after awhile and becoming unresponsive. Others are reporting this issue, too.
Time to go back to 3.0.12 until they can fix this.
Posted in US city ends FaceSpaceGooHoo log-in grab
Say what?
Since when did Bozeman decide to model itself after Myanmar? And anyone that provided these in response to the request should be sheltered from society, as they are ill-equipped to handle the rigors of daily existence.
Puzzling...
How could a company let go of an individual who was so poised and well thought out?
Posted in Big boost for Aussie firewall
And here I thought we voted stupidity out of the US government...
But instead it just moved to Australia.
What's this page exploiting?
Here's one I ran into on 3/30, while searching for more info on Nmap changes to perform conficker scans. It's an abandoned blog (last updated in 2006), that was seeded to rank high on an 'nmap' term search, among others. It also has a reference to pistachio recall news, so it's being updated very quickly. Just can't figure out what angle it's exploiting.
** CAUTION ** I can't guarantee this site isn't malicious or otherwise attempting to harm visitors:
http://www.mattjohnsen.com/cdlist.php?nmap-conficker/
PoC vid - yikes!
Watching the point of concept video made me realize how good I have it with Firefox and AdBlock in place. Those demo pages had so many ads buzzing about it was enough to send the viewer into an epileptic fit.
I like it!
Much better response than the typical US worker's (cue gun shots). Much more civilized.
Time to take botnets serious
We've been following the letter of the law right along. Has that gotten us anywhere in battling the proliferation of botnets? Absolutely not. I applaud the BBC's attempt to make this issue much more visible to the public. And I doubly applaud their attempt to alert the owner of the bot-infested PC to clean it up. It's the least that should be done in every circumstance.
Intent plays a huge role here, and BBC's intent is clearly for the common good. More in the security community should be crying out for the laws to be changed so that botnets can be tackled head on rather than sitting around in some giant hand-wringing pity party of inaction. BBC's methods might not be the best way to change the sorry state of Internet security, but at least they're doing something, which is more than can be said for many.
Cue the "Death Wish" movie poster images...
Bravo BBC
I applaud the action. Too bad others continue to cower in the corner, paralyzed by fear/indifference (take your pick).
"nonsensical messages"
Hey lemmings, keep pouring your hard-earned cash into Symantec's product line. They respect you... really.
If anyone needed proof Russia condones all the bot herding...
Here it is.
