categories
Archives

‘security is terrible’

Everything Is Broken
Posted by joe.jenett on 11/03/14

‘neither safe nor secure’

ComputerCOP: The Dubious 'Internet Safety Software' That Hundreds of Police Agencies Have Distributed to Families

As official as it looks, ComputerCOP is actually just spyware, generally bought in bulk from a New York company that appears to do nothing but market this software to local government agencies.

Posted by joe.jenett on 10/04/14

‘disregard for user privacy’

Google just banned our new Android app before it even launched
Posted by joe.jenett on 09/07/14

an overview of threats

Internet predators
Posted by joe.jenett on 09/06/14

to advance ‘actionable change’

Trustworthy Internet Movement
Posted by joe.jenett on 08/31/14

‘law enforcement hacking’

You Can Get Hacked Just By Watching This Cat Video on YouTube
Posted by joe.jenett on 08/25/14

‘protecting what you love’

GPGTools (OS X)
Posted by joe.jenett on 06/26/14

‘most secure and private’

WhiteHat Aviator - The most secure browser online
Posted by joe.jenett on 06/09/14

an issue to be aware of

Phishing out iOS URL schemes
Posted by joe.jenett on 04/16/14

a ‘personal security initiative’

How to Build a Secure Online Presence
Posted by joe.jenett on 03/29/14

‘secure & private’

Syncthing

Note: This is not an endorsement.

Posted by joe.jenett on 03/26/14

convenience vs security

But where is the decryption key?
Posted by joe.jenett on 01/11/14

‘risks are not theoretical’

A basic guide to when and how to deploy HTTPS
Posted by joe.jenett on 12/26/13

‘different kind of attack’

The New Threat: Targeted Internet Traffic Misdirection

Note: Promotional vehicle.

Posted by joe.jenett on 11/24/13

‘junk-filled installer’ (again)

The Safe Mac » Boycott CNET’s Download.com

Related (from 2011):
dailywebthing linkport: ‘gauntlet of crapware’

Posted by joe.jenett on 10/31/13

identify security issues

Qualys BrowserCheck

Note: This is not an endorsement.

Posted by joe.jenett on 09/30/13

'more important than ever'

Software Transparency
Posted by joe.jenett on 09/18/13

on social engineering tactics

Staying safe from virtual robbers
Posted by joe.jenett on 09/15/13

'using Facebook to spread'

Malicious Chrome extensions: a cat and mouse game
Posted by joe.jenett on 02/02/13

looking forward to...

Predictions for 2013
Posted by joe.jenett on 01/11/13

remote, encrypted backups

Duplicati – "a free backup client that securely stores encrypted, incremental, compressed backups on cloud storage services and remote file servers..."

Note: This is not an endorsement.

Posted by joe.jenett on 09/09/12

'mobile privacy application'

Wickr - Leave No Trace!

Note: This is not an endorsement.

Posted by joe.jenett on 07/07/12

'not a guarantee'

ScanURL.net (About)

Check website or URL/link safety: reports of phishing, hosting malware and viruses, or poor reputation.

[Chainsaw on a Tire Swing]

Posted by joe.jenett on 05/16/12

standalone tool (OS X Lion)

Flashback malware removal tool

contains the same malware removal tool as Java for OS X 2012-003...

This update is recommended for all OS X Lion users without Java installed.

[Macworld (heavy advertising)]

See dwt: OS X security advisory for more background information.

Posted by joe.jenett on 04/24/12

'growing number of attacks'

10 Simple Tips for Boosting The Security Of Your Mac
Posted by joe.jenett on 04/12/12

on 'data co-ownership'

Exploiting Privacy Policy Conflicts in Online Social Networks

Online Social Networks (OSNs) offer access control mechanisms to protect users' sensitive information from undesired accesses. Yet, their information is still vulnerable to disclosure when their friends assign conflicting privacy policies: a user prohibits everyone from accessing his own content or profile but his friends allow others to see it...

Posted by joe.jenett on 03/17/12

a reminder to Firefox users

We can check your plugins and stuff


...and another reminder - watch out for checkboxes which are checked by default when updating certain plugins...;~))

Posted by joe.jenett on 02/23/12

QR code-related security risks

Hacker says 'Don't scan that QR code!'
Posted by joe.jenett on 11/14/11

Java plugin vulnerability

Attack against TLS-protected communications
(more info: Transport Layer Security)
Posted by joe.jenett on 09/28/11

the illusion of trust

Fraudulent *.google.com Certificate at Mozilla Security Blog

Mozilla was informed today about the issuance of at least one fraudulent SSL certificate for public websites belonging to Google, Inc.

Related:
Falsely issued Google SSL certificate in the wild for more than 5 weeks | Naked Security

Google Online Security Blog: An update on attempted man-in-the-middle attacks

Posted by joe.jenett on 08/30/11

How honest is your ISP?

Widespread Hijacking of Search Traffic in the United States
Posted by joe.jenett on 08/07/11

Don't do that!

Plain Text Offenders – "Did you just email me back my own password?!"
Posted by joe.jenett on 07/15/11

'easy hacking'

It's not just Big Brother watching (ads)
Posted by joe.jenett on 07/07/11

interesting concept

AES text encryptor

Note: This is not an endorsement. Use at your own risk.

Posted by joe.jenett on 06/15/11

'In the meantime...'

How to avoid or remove Mac Defender malware

Note: Though somewhat incomplete on the 'how to avoid' side, this information (provided by Apple) may be helpful in identifying and/or removing the malware from your system if you've downloaded it.

Posted by joe.jenett on 05/25/11

protect your sensitive data... (2)

How Dropbox sacrifices user privacy for cost savings
Posted by joe.jenett on 04/14/11

protect your sensitive data...

Dropbox authentication: insecure by design
Posted by joe.jenett on 04/08/11

Topical: Internet Security

The Security Skeptic – "about all matters related to Internet Security, from domain name and network security to phishing and malware"
Posted by joe.jenett on 04/05/11

49 flaws addressed!

Microsoft issues its biggest-ever security fix

Microsoft said four of the new patches – software updates that write over glitches – were of the highest priority and should be deployed immediately to protect users from potential criminal attacks on the Windows operating systems.

Posted by joe.jenett on 10/13/10

'something very odd going on'

Twitter 'onmouseover' security flaw widely exploited
Posted by joe.jenett on 09/21/10

'unsurprisingly common' vulnerability

XSS - an Underestimated Threat?
Posted by joe.jenett on 08/24/10

'sophisticated and dangerous'

New trojan virus Zeus v3 empties online bank accounts
How to protect yourself from trojans when banking online
  • Make sure your anti-virus software is up to date.
  • Keep firewalls set to the highest level.
  • Never open an e-mail attachment from someone you don't know.
  • Never double-click on an e-mail attachment that ends in .exe. It is an 'executable' file and can do what it likes in your system.
  • If you think your machine has already been infected, contact your bank immediately. If the bank thinks you are a genuine victim of fraud it will reimburse you.
Posted by joe.jenett on 08/11/10

noteworthy traveling precautions

Summer Vacation - A Privacy and Identity Theft Primer
Posted by joe.jenett on 05/24/10

important security fixes

Firefox 3.6.2 Released
Posted by joe.jenett on 03/23/10

trojan-infected add-ons found

Please read: Security Issue on AMO « Mozilla Add-ons Blog
Posted by joe.jenett on 02/05/10

Is your data safe? (2)

  • Official Google Blog: A new approach to China

    Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google.

  • Official Google Enterprise Blog: Keeping your data safe

    This attack may understandably raise some questions, so we wanted to take this opportunity to share some additional information and assure you that Google is introducing additional security measures to help ensure the safety of your data.

Posted by joe.jenett on 01/12/10

banking/e-commerce at risk

Creating a rogue CA certificate

This successful proof of concept shows that the certificate validation performed by browsers can be subverted and malicious attackers might be able to monitor or tamper with data sent to secure websites. Banking and e-commerce sites are particularly at risk because of the high value of the information secured with HTTPS on those sites. With a rogue CA certificate, attackers would be able to execute practically undetectable phishing attacks against such sites.

Posted by joe.jenett on 12/22/09

'jail-break' with care

Worm attack bites at Apple iPhone

The worm, known as ikee, only affects "jail-broken" phones, where a user has removed Apple's protection mechanisms to allow the phone to run any software.

Posted by joe.jenett on 11/09/09

Is your data safe?

Facebook and MySpace security: backdoor wide open, millions of accounts exploitable

Facebook and MySpace fixed this quickly after being notified...

Posted by joe.jenett on 11/05/09

'subtle security holes'

Secure computers aren't so secure
Posted by joe.jenett on 10/30/09

'still in the works'

Mozilla: Plugin Check
[Mozilla Security Blog]
Posted by joe.jenett on 10/14/09

(still) full of holes

Microsoft readies bumper update
Posted by joe.jenett on 10/12/09

'sophisticated ways'

Online thieves step up bank raids
Posted by joe.jenett on 09/29/09

Flash: Security and Privacy (2)

BetterPrivacy Firefox extension
Posted by joe.jenett on 08/23/09

Flash: Security and Privacy

Adobe - Flash Player : Settings Manager
Posted by joe.jenett on 08/11/09

gone phishing

URL bar spoofing vulnerability
Posted by joe.jenett on 07/29/09

'users should exercise caution'

Security Advisory for Adobe Reader, Acrobat and Flash Player
Posted by joe.jenett on 07/24/09

'surveillance solutions'

UAE Blackberry update was spyware
Posted by joe.jenett on 07/21/09

new version fixes security issue

Mozilla Firefox 3.5.1 Release Notes
(see compiler bug post)
Posted by joe.jenett on 07/17/09

'widespread computer attack'

Governments hit by cyber attack
Posted by joe.jenett on 07/08/09

'new type of fraud'

Parking ticket leads to a virus
Posted by joe.jenett on 02/06/09

'scam directed at Twitter users'

Twitter Blog: Gone Phishing
Posted by joe.jenett on 01/04/09

don't click

Facebook users hit by virus – "The virus tricks users by telling them they're in a video..."
Posted by joe.jenett on 12/09/08

a web of villians

Don't have security nightmares
Posted by joe.jenett on 11/07/08

fakes selling fakes

Clipboards hijacked in web attack
Posted by joe.jenett on 08/19/08

the scum never sleeps

Spammers announce World War III

Yet another reminder to "never follow links in unsolicited email messages." (and beware of intrusive/annoying ad tactics if you visit the news site's home page)

Posted by joe.jenett on 07/10/08

'Big Brother' indeed

Criticism for 'UK database' plan
Posted by joe.jenett on 05/21/08

from BBC's 'Click' program

Identity 'at risk' on Facebook

Related: Click's Facebook security advice

Posted by joe.jenett on 05/01/08

beware of 'fake E-shops'

Cybersquatting Security Vendors for Fraudulent Purposes

Don't be cheap, if you're to buy any kind of software, do so through the official site, and cut the fraudulent intermediaries like the ones in this case.

Posted by joe.jenett on 03/29/08

security and privacy concerns

Anger over pupils database plan
Posted by joe.jenett on 02/14/08

'digg' danger?

'digg' danger?
Posted by joe.jenett on 02/04/08

'mandatory update'

Movable Type Security Update
Posted by joe.jenett on 01/16/08

here's your proof...

Clarkson stung after bank prank

TV presenter Jeremy Clarkson has lost money after publishing his bank details in his newspaper column.

The Top Gear host revealed his account numbers after rubbishing the furore over the loss of 25 million people's personal details on two computer discs.

He wanted to prove the story was a fuss about nothing...

Posted by joe.jenett on 01/07/08

'unacceptable intrusion'

German spyware plans trigger row – "German government plans to spy on terror suspects by deploying malicious e-mails have drawn sharp criticism."
Posted by joe.jenett on 09/02/07

how secure?

Bloggers battered by viral storm
Google's Blogger site is being used by malicious hackers who are posting fake entries to some blogs.

The fake entries contain weblinks that lead to booby-trapped downloads that could infect a Windows PC.
Posted by joe.jenett on 08/30/07

illegal = immoral?

Is stealing wireless wrong?
Posted by joe.jenett on 08/23/07

company denies security breach

Monster attack steals user data
US job website Monster.com has suffered an online attack with the personal data of hundreds of thousands of users stolen...
Posted by joe.jenett on 08/21/07

cookie thieves

Warning of webmail wi-fi hijack
Posted by joe.jenett on 08/03/07

'DomainKeys Identified Mail'

Backing for tool to battle spam
Posted by joe.jenett on 05/25/07

attack of the botnets?

Estonia hit by 'Moscow cyber war'
Posted by joe.jenett on 05/17/07

'open to attack'

Users warned on Windows cursors – "Animated cursors could prove risky for Windows users, Microsoft has warned...."
Posted by joe.jenett on 03/31/07

beware of IE7 promo

Today's Other Malware Threat: IE7.0.exe
Posted by joe.jenett on 03/30/07

'highly organised'

'Surge' in hijacked PC networks
Posted by joe.jenett on 03/20/07

3 'key servers' targeted

Hackers attack heart of the net
Posted by joe.jenett on 02/07/07

good to know...

Debit card versus credit card – "Your federal debit card legal rights are weaker than your credit card rights."
Posted by joe.jenett on 01/31/07

simple advice worth repeating...

Security Response Weblog:
To protect yourself against these threats, do not trust unsolicited files or documents about 'interesting' topics. Do not open attachments unless they are expected and come from a known and trusted source.
Posted by joe.jenett on 01/26/07

'a worthwhile reminder'

Google Security Hole Allows Account Hijacking
Posted by joe.jenett on 01/13/07

caution: plugin vulnerability

When PDFs Attack!
We have received reports of a significant problem relating to Adobe Acrobat files and Cross Site Scripting (XSS). A weakness was discovered in the way that the Adobe Reader browser plugin can be made to execute JavaScript code on the client side...

You can avoid this problem by implementing a work around in your browser so that it does not use the Acrobat Reader plugin.
See article for details.

Update (1/5/07): A supposedly more secure, new version of Adobe Reader is available. Beware of optional additional software installation, which is checked by default. [BBC]
Posted by joe.jenett on 01/04/07

for Wordpress

Spam Karma
Posted by joe.jenett on 03/01/05


Validated XHTML 1.0 Validated CSS

The dailywebthing is intended
for a mature audience.

2000-2014 © Joe Jenett.
Some rights reserved.
i.webthings

daily pointers
In association with
AORTAL - the anti-portal,
here's today's daily pointers:

11/21/14
Make Mine Potato
The Street Spot
My Home Among The Hills

RSS


[daily pointers archive]


random ageless

Speak of Many Things


other projects
special thanks

Validated XHTML 1.0
Validated CSS

The dailywebthing is intended
for a mature audience.

2000-2014 © Joe Jenett.
Some rights reserved.