* Posts by seatrotter

13 posts • joined 23 May 2008

Microsoft AV advice may aid attackers, researcher warns

seatrotter
FAIL

Infecting files? Who still does that?

"These files are not at risk of infection,".

Most malware in past years doesn't even infect files anymore. They drop files on the system and either directly, or via compromised program (browser, document reader, etc), inject an entry in the registry/start up to have the dropped file/malware auto-executed by Windows or another program. And guess what? The file/malware can be named anything, not just .exe or .dll.

MS' advice? Should be accompanied with a bright, blinking, in-your-face warning, doing so is like pointing a loaded gun at your foot with finger on the trigger.

Trojan plunders $480k from online bank account

seatrotter

Just wondering...

Doesn't any of those banks involved, have any options for authenticating transactions? How about those companies involved, don't they look for banks that authenticates transactions, and opt for such a service?

The simplest transaction authentication (I can think of) is, for a transaction to complete, by sending a text message (from the bank) to the account owner? Containing either an additional challenge code, or by having the recipient text/call back? Of course, this could be rendered useless if, say, changing of phone number is not properly/securely handled.

How to turn a world leader into a fourth-rate broadband economy

seatrotter

They should have...

...compared by cities between countries. This would ensure clearer comparison, with additional info, ofcourse (eg, population, land area, population density, average salary, etc).

But somehow, I'm guessing US still won't fair any better. Heck, it may even cement the fact that it has a lousy infrastructure compared to other industrialized nations.

EU court rules 11-word snippets can violate copyright

seatrotter
Thumb Down

So...

"The company would then send its clients a report containing the captured snippets and information on where they were obtained."

Only a snippet, and the source is referenced. And how exactly does this violate copyright? The snippet is there, not to stand on its own (and cut-off the source), but to give the consumer/subscriber the chance to decide whether or not the source will contain what they are interested in. And if it is what the consumer/subscriber is looking for, they go to, or obtain the source.

Basically, they just want more money. Or, like the R*AA and M*AA, they want to get paid over and over.

Rogue Aus sysadmin jailed over hacking spree

seatrotter

"Hacker"

So, the "hacker" basically used a login credential he stole from another employee to gain access to the system.

Errmm... where was the instance of "hacking" there? Doesn't "hacking" involve some more sophistication? Unless ofcourse he used "social enginnering" to trick the person he stole the credentials from.

But really, doesn't seem to take much effort to do what he did, unless it was thrown in just to add weight to his crime/punishment.

Hack-off contestant dubs Apple Safari 'easy pickins'

seatrotter

Browsers...

"One track will pit hackers against the major browsers, including Safari, Internet Explorer, and Firefox."

What? No Opera? I wish they include it.

NebuAd jettisons PR firm, employees

seatrotter

Re: walled garden or nothing......

Like I said, "Their model COULD have worked..." so it wouldn't necessarily work, though thanks for poking more holes in their sinking ship :D

Really, anyone/any business contemplating on Targeted Ad is really asking for it.

seatrotter

Shape-up or ship-out

"Sources also say the company is considering the adoption of an advertising model that does not require the tracking of web surfers from inside ISPs."

Their model could have worked and still be acceptable IF:

- Opt In, w/ separate notice just for it, in plain and simple english, and auto-expires every few months.

- Their system should be outside the ISP and only have access to packets explicitly redirected by the ISP itself based on w/c customer opted in (and the system the ISP uses that decides on packet redirection has a fail-safe that defaults to non-redirection to Phorm's system.

- Thorough and regular audit of system/records by independent and government groups/agencies (ofcourse, total cost should be carried by Phorm).

Hmmm... good luck w/ that.

Blind spot - the trouble with optical drives

seatrotter

If it's just size...

a terabyte could is possible for the optical media. Even some more resistance to scratch (at least compared to current reflective tech). The catch? It's based on the technology put out of reach of the consumer. What is it? Fluorescent Multilayer Disc.

Opera update fixes stability bugs

seatrotter

@Onionman

That's the problem w/ most "fanboys". In general, these group of people (Mac, Linux, Firefox, etc fanboys) more often than not, gets carried-away with simple statements that easily leads to misconceptions.

Take for example, the common statement: "If only he'd used [insert software here], he wouldn't be infected". Obviously, that's bull's crap. But then again, it's a lot catchier than saying: "If only he'd used [insert software here], he would've minimized the chance of being infected". If you're blindly pushing something, you'd go for the first statement.

The result? The majority of users would be too complacent on security thinking they're immune to security exploits just because he/she "is using [insert software here]".

And don't get me started on security practices. Just saying "don't go to pr0n/warez sites" is not enough (though still a good advice).

[Sigh]

Charter suspends NebuAd data-pimping experiment

seatrotter

I don't see...

...how an [internet-based] Ad company that does user-specific targetted ads is operating legally w/o explicit user consent. Could'nt enough people harass their government representatives to make it outright/obviously illegal for such practice? Or are there too much money pouring in to the government official's pockets from these companies that makes such actions futile?

Researcher: NebuAd forges Google data packets

seatrotter

Only if...

...we had laws that when a company is caught lying and actively misleading consumers, should be penalyzed to bankruptcy. Plus, penalyze also the management of such companies.

Revenue admits another IT cock-up

seatrotter
Happy

nice :)

"..., the government top provider of IT-related disasters,..."

Classic

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019