Last post for today
HAPPY HOLIDAYS
posted by katie kaboom at 5:00 PM
0 comments
Wednesday, December 20, 2006
Vigilante hacker
The following link is to the details of a case in which a hacker using a trojan, retrieved a lot of sensitive information on people in a newgroup but instead of abusing it, selling it or for whatever kicks they want, the hacker instead gave the information to the police, under a different name of course, he kept on feeding information to the police and eventually two kiddie abusers were sentenced with the evidence provided convicting them.
ARTICLE LINK
Because the hacker done a good deed his crime was overlooked, however this case echos the case in which the placement of encryption can work against you as evidence of guilt, now information stolen from your computer can be used as evidence against you, anything you do online or on any device even in your privacy of your home can work against you. Scarey.
Though was good to hear one for the good guys, even though the hacker was commiting a crime, the saying goes
'its not how you start something, its how you end it that counts'
and in the end the hacker done a good deed and as an FBI agent said to the hacker "...you have helped to save at least two lives in the U.S. and (you) should be proud of that fact."
ARTICLE LINK
Because the hacker done a good deed his crime was overlooked, however this case echos the case in which the placement of encryption can work against you as evidence of guilt, now information stolen from your computer can be used as evidence against you, anything you do online or on any device even in your privacy of your home can work against you. Scarey.
Though was good to hear one for the good guys, even though the hacker was commiting a crime, the saying goes
'its not how you start something, its how you end it that counts'
and in the end the hacker done a good deed and as an FBI agent said to the hacker "...you have helped to save at least two lives in the U.S. and (you) should be proud of that fact."
posted by katie kaboom at 2:23 PM
0 comments
A well known scam still
The nigerian email scam known as the 'The Nigerian Advance Fee Scheme', I joke about, and include a slightly amuzing page
http://j-walk.com/other/conf/index.htm
However if followed through its quite a dangerous scam to full victim of. As it usually requires meeting criminals in discrete locations, even in other countries with cash in hand, alot of cash. Not good. The article I've included talks about this type of scam in more indepth.
http://www.scambusters.org/NigerianFee.html
The article also states the scale of this scam. its attracts more victims than I thought. Especially as its such well known as a online scam.
http://j-walk.com/other/conf/index.htm
However if followed through its quite a dangerous scam to full victim of. As it usually requires meeting criminals in discrete locations, even in other countries with cash in hand, alot of cash. Not good. The article I've included talks about this type of scam in more indepth.
http://www.scambusters.org/NigerianFee.html
The article also states the scale of this scam. its attracts more victims than I thought. Especially as its such well known as a online scam.
posted by katie kaboom at 1:40 PM
0 comments
Ipod worms
Ipods now have every assessory going, but a worm? , well they do now, this case is a clear security flaw.
Basically the case involves worms transfered to ipods by an effected computer, which were sold to customers which later had their pcs effected as they attached their ipods to their pc. What a nice early christmas present.
ARTICLE LINK
The second link is apples stand on the case. They make a jibe at windows putting some blame on them, I quote 'As you might imagine, we are upset at Windows for not being more hardy against such viruses'.
APPLE COMMENTS LINK
What is apple jibing about, windows autorun feature maybe? I hate that feature, I find it annoying however it is bad, as it opens the door. Not good. Though I'm told it will be a feature soon just in memory as the latest windows -vista lacks this feature.
This flaw also applies to other storage devices, portable usb drives, printers now have huge storage, what next?.
Basically the case involves worms transfered to ipods by an effected computer, which were sold to customers which later had their pcs effected as they attached their ipods to their pc. What a nice early christmas present.
ARTICLE LINK
The second link is apples stand on the case. They make a jibe at windows putting some blame on them, I quote 'As you might imagine, we are upset at Windows for not being more hardy against such viruses'.
APPLE COMMENTS LINK
What is apple jibing about, windows autorun feature maybe? I hate that feature, I find it annoying however it is bad, as it opens the door. Not good. Though I'm told it will be a feature soon just in memory as the latest windows -vista lacks this feature.
This flaw also applies to other storage devices, portable usb drives, printers now have huge storage, what next?.
posted by katie kaboom at 11:38 AM
0 comments
Tuesday, December 19, 2006
Can encryption make you look guilty?
Encryption has become standard on the average computer, appart from whats included, its easy to download encryption software to protect your computer in general and specific encription applications for email and files. But can such actions undertacken by you be used as evidence of you trying to hide something?
I didnt believe so, but upon looking into encryption further I came across this article that made me rethink what I thought.
LINK
'the existence of an encryption program on his computer was at least somewhat relevant to the state's case against him," Judge R.A. Randall a comment from the article on a case in which the placement of encription on the defendents computer was used as evidence of guilt against him.
Though the defendent in this case was a kiddie fiddler in the making is irelivant to the point, once such a ruling is made to allow the placement of encription as evidence then it can be used in other cases with companys/ defendents who arent such people.
not good, as the use of encription will only increase. Besides encription is spose to be a safeguard not work as the opposite.
I didnt believe so, but upon looking into encryption further I came across this article that made me rethink what I thought.
LINK
'the existence of an encryption program on his computer was at least somewhat relevant to the state's case against him," Judge R.A. Randall a comment from the article on a case in which the placement of encription on the defendents computer was used as evidence of guilt against him.
Though the defendent in this case was a kiddie fiddler in the making is irelivant to the point, once such a ruling is made to allow the placement of encription as evidence then it can be used in other cases with companys/ defendents who arent such people.
not good, as the use of encription will only increase. Besides encription is spose to be a safeguard not work as the opposite.
posted by katie kaboom at 10:27 PM
0 comments
Web cramming
I came across the term web cramming only recently, web cramming involves a scam in which a person or small business accepts an offer for a free website or internet service only to be subsequently charged a monthly fee on their phone bill.
For example a 30 day free website trial, and upon when the customer goes to cancel after the 30 days, they made it impossible to cancel.
Not so much a financial burdon, as a stressfull inconvience to the victim, I can imagine its similar to trying to cancel membership at a gym, they don't say no but they try and charge you extra and actually make it impossible to cut any connection with them.
The first two links are cases of web cramming that went to court. The third link being a article on the US action towards web cramming and other internet scams.
LINK1
LINK2
LINK3
For example a 30 day free website trial, and upon when the customer goes to cancel after the 30 days, they made it impossible to cancel.
Not so much a financial burdon, as a stressfull inconvience to the victim, I can imagine its similar to trying to cancel membership at a gym, they don't say no but they try and charge you extra and actually make it impossible to cut any connection with them.
The first two links are cases of web cramming that went to court. The third link being a article on the US action towards web cramming and other internet scams.
LINK1
LINK2
LINK3
posted by katie kaboom at 9:28 PM
0 comments
I hate spam but it makes me laugh
Its true, I hate spam like anyone does, but sometimes it makes me smile, spammers never give up and the different tactics they try, it fasinates me to watch and yes I smile when i come across some bizarre / clever / plain dumb spam. But I hate it as much as to say its one more chore to do.
I remember saying not long ago, I dont get too many spam emails, a few to my junk email box daily, but I use outlook express, so the majority of emails are blocked before getting to outlook express inbox/junkmail box. It wasn't long after that I took it back, as I went on my internet email account and found a mass of spam emails in my junk box. I seem to always forget about this bulk of emails, I'm not one for deleting junk mail, I let it mount up then when it gets to extremes then I delete, I don't touch my online internet account much, its hassel and a chore I don't like.
Check out the number of emails in my junk email box and thats not as much as usual.
Junk emails I have recieved, are all spam, alot of possible scams if taken further, phishing, snooping, trojan, viruses etc, the threats go on and on ( well if I was foolish enough to open or respond).
Heres a few
A possible trojan, worm, virus in an email which is disquised as a security report from the elusive 'customer support service'. These make me laugh, no legit security updates are by email. Though I can understand how people fool for this type of spam, and open the file.
Congratulations youve won, 'but I dont remember entering any competition' , if you don't remember entering anything then the obviously its a scam. You dont get cash for nothing. Come on, even the legit national lottery you have to buy a ticket and a lifetimes amount of tickets/ There is no excuses to fool for this, this is like the scams sent to the elderly, but I'm guessing its not the elderly who fool for this type of email. The spelling is worse than mine, on this blog, the spelling is a major giveaway.
I love this scam email, money transferring but surprisingly not from nigeria, infact its from london or they say it is at least. Targeting those with foreign accounts, foreigners. Im no foreigner neither do I have a foreign account. This just illustates how automated spam sending is, though I wonder on what listings they got my email, it didnt work this time, I dont come close to being the right target for this scam.
Even as I write this post, watchdog is talking scams, online and off.
3 billion is conned out of UK residents a year by scams.
1 -15 people are victims of scams.
And the main age group who fool for scams are 33-45 years old- I can believe that. And thats on watchdog at 7.18 pm.
I remember saying not long ago, I dont get too many spam emails, a few to my junk email box daily, but I use outlook express, so the majority of emails are blocked before getting to outlook express inbox/junkmail box. It wasn't long after that I took it back, as I went on my internet email account and found a mass of spam emails in my junk box. I seem to always forget about this bulk of emails, I'm not one for deleting junk mail, I let it mount up then when it gets to extremes then I delete, I don't touch my online internet account much, its hassel and a chore I don't like.
Check out the number of emails in my junk email box and thats not as much as usual.Junk emails I have recieved, are all spam, alot of possible scams if taken further, phishing, snooping, trojan, viruses etc, the threats go on and on ( well if I was foolish enough to open or respond).
Heres a few
A possible trojan, worm, virus in an email which is disquised as a security report from the elusive 'customer support service'. These make me laugh, no legit security updates are by email. Though I can understand how people fool for this type of spam, and open the file.
Congratulations youve won, 'but I dont remember entering any competition' , if you don't remember entering anything then the obviously its a scam. You dont get cash for nothing. Come on, even the legit national lottery you have to buy a ticket and a lifetimes amount of tickets/ There is no excuses to fool for this, this is like the scams sent to the elderly, but I'm guessing its not the elderly who fool for this type of email. The spelling is worse than mine, on this blog, the spelling is a major giveaway.
I love this scam email, money transferring but surprisingly not from nigeria, infact its from london or they say it is at least. Targeting those with foreign accounts, foreigners. Im no foreigner neither do I have a foreign account. This just illustates how automated spam sending is, though I wonder on what listings they got my email, it didnt work this time, I dont come close to being the right target for this scam.
Even as I write this post, watchdog is talking scams, online and off.
3 billion is conned out of UK residents a year by scams.
1 -15 people are victims of scams.
And the main age group who fool for scams are 33-45 years old- I can believe that. And thats on watchdog at 7.18 pm.
posted by katie kaboom at 7:20 PM
0 comments
Ebay fool scam
I came across one of ebays latest scams, the playstation scam. Well its not really anything new actually. Similar scams that misprint items for sale have been going for a very long time, even before ebay and the internet, market traders use similar scams. This scam involved selling the idea of the latest playstation 3, but instead the buyer recieved 3 playstations, the scam was in the title ' 3 playstations' instead of 'playstation 3'.
Though I must say my first thought was 'what fool would buy this scam?' , but many do. And this is just one scam, there are various scams that use the ebay brand for example this one in the link provided.
LINK
Email scam posing as an email from ebay , sent to the loser in a ebay bid to offer a second chance and redirect them to scam their credit card details from them.
I've never been scammed and infact Ive had a good relationship with ebay, Ive never really had a problem, maybe I'm just too observant. However how on earth do people get conned into buying a box instead of a product in the box. Just to eager to purchase, caught up in the rush from bidding maybe, I don't know. What I know is ebay and bidding sites are prime targets by scammers, thousands of people already looking for a deal/ bargain/ something for nothing, they have already opened themselves up to the scams around.
Its like the fortune teller, and people who get sucked in and even go back for more. They say afterwords im not gullible, I was not very closed but she/he said all this stuff that is true. What a scam, the moment they go to a fortune teller , they become targets, they are already willing to believe, they go looking for answers why else would they go, and the scammer gives them exacally what they want to hear . People who dont believe dont go to fortune tellers. The fortune teller has a person whos open, so its easy. The perfect target for scammers.
There will always be scams, that won't change though education is needed to illustrate some of the obvious scams to users, even if they are blind to them and only see shiny things.
Though I must say my first thought was 'what fool would buy this scam?' , but many do. And this is just one scam, there are various scams that use the ebay brand for example this one in the link provided.
LINK
Email scam posing as an email from ebay , sent to the loser in a ebay bid to offer a second chance and redirect them to scam their credit card details from them.
I've never been scammed and infact Ive had a good relationship with ebay, Ive never really had a problem, maybe I'm just too observant. However how on earth do people get conned into buying a box instead of a product in the box. Just to eager to purchase, caught up in the rush from bidding maybe, I don't know. What I know is ebay and bidding sites are prime targets by scammers, thousands of people already looking for a deal/ bargain/ something for nothing, they have already opened themselves up to the scams around.
Its like the fortune teller, and people who get sucked in and even go back for more. They say afterwords im not gullible, I was not very closed but she/he said all this stuff that is true. What a scam, the moment they go to a fortune teller , they become targets, they are already willing to believe, they go looking for answers why else would they go, and the scammer gives them exacally what they want to hear . People who dont believe dont go to fortune tellers. The fortune teller has a person whos open, so its easy. The perfect target for scammers.
There will always be scams, that won't change though education is needed to illustrate some of the obvious scams to users, even if they are blind to them and only see shiny things.
posted by katie kaboom at 5:52 PM
0 comments
Monday, December 18, 2006
Is chip and pin safe?
I like cash, well everyone likes cash, but what I mean is I prefer to handle transactions in cash. Yes its not safe or reliable as such, but is using a card any safer? How about chip and pin?
One senario Ive seen time and time ago is during a store purchase a customer places their card on the till desk, while the cashier is packaging goods or still swiping them and the customer gets distracted or turns away. Not safe.
I saw this the other weekend, a busy shopping day at christmas, a couple were at the till the cashier was wrapping goods the women always destracted by shiny things walked a drift, the man had a call on his mobile, placing his card on the till desk, making a note with the cashier that its for his wife to pay, while he dashed off to answer the call, the cashier fished wrapping and asked the wife for payment, the wife going to the husband, he came back saying 'but I gave it to you?' the husband under pressure with a que building, paid by cash and they left without a second thought. Appart from the fact the cashier was a thief and noone said anything, the couple were clearly working professionals and competent, but they let it happen, they walked away.
It didn't matter that the card was chip and pin, what other risks are there with chip and pin?
They use a 4 digit number , the encryption is smaller than online shopping in which you use your full card number, the encryption is more open to attack?
The pin is a number, but many people find it difficult to remember their number, they write it down or change their card pin to birthday or lucky numbers, not safe, quite predictable?
If your card is abused, it happens, its impossible to prove it, as a digit pin has been typed in, how can you prove it wasn't you, with a signeture this was easier to prove your innocence, but with the chip and pin you are guilty untill you prove other.
Once people feel more safe by them, they will become less careful, its still often easy to see what a person types in to the keypad, especially in pushy ques.
These are the risks I can think of, however the following articles go on further:
LINK (Comments of Bruce schneiers blog).
Some really interesting responses regarding chip and pin and changable pin numbers.
LINK2(Article on chip and pin from the bbc).
The part of this article which is worth making a point of is how banks are avoiding liability for fraud by making the customer liable.
LINK3(An article on the flaw in the system that allows insiders to guess pin numbers).
Intresting, but it also the point is in regards to any bank you have dealings with not just your own bank.
LINK4(Everything on chip and pin).
A pdf document on chip and pin Advantages/ disadvantages , casestudies, a real good resource to know chip and pin from every side.
On a more positive note:
LINK5
Chip and pin has brought card fraud down stated in this article, even if its still possible, it has slowed it down. A big positive.
Chip and pin logically has brought card fraud down, its understandable even from me a critic, however, criminals always find another way and using only four numbers instead of a signature maynot be better in my opinion.
One senario Ive seen time and time ago is during a store purchase a customer places their card on the till desk, while the cashier is packaging goods or still swiping them and the customer gets distracted or turns away. Not safe.
I saw this the other weekend, a busy shopping day at christmas, a couple were at the till the cashier was wrapping goods the women always destracted by shiny things walked a drift, the man had a call on his mobile, placing his card on the till desk, making a note with the cashier that its for his wife to pay, while he dashed off to answer the call, the cashier fished wrapping and asked the wife for payment, the wife going to the husband, he came back saying 'but I gave it to you?' the husband under pressure with a que building, paid by cash and they left without a second thought. Appart from the fact the cashier was a thief and noone said anything, the couple were clearly working professionals and competent, but they let it happen, they walked away.
It didn't matter that the card was chip and pin, what other risks are there with chip and pin?
They use a 4 digit number , the encryption is smaller than online shopping in which you use your full card number, the encryption is more open to attack?
The pin is a number, but many people find it difficult to remember their number, they write it down or change their card pin to birthday or lucky numbers, not safe, quite predictable?
If your card is abused, it happens, its impossible to prove it, as a digit pin has been typed in, how can you prove it wasn't you, with a signeture this was easier to prove your innocence, but with the chip and pin you are guilty untill you prove other.
Once people feel more safe by them, they will become less careful, its still often easy to see what a person types in to the keypad, especially in pushy ques.
These are the risks I can think of, however the following articles go on further:
LINK (Comments of Bruce schneiers blog).
Some really interesting responses regarding chip and pin and changable pin numbers.
LINK2(Article on chip and pin from the bbc).
The part of this article which is worth making a point of is how banks are avoiding liability for fraud by making the customer liable.
LINK3(An article on the flaw in the system that allows insiders to guess pin numbers).
Intresting, but it also the point is in regards to any bank you have dealings with not just your own bank.
LINK4(Everything on chip and pin).
A pdf document on chip and pin Advantages/ disadvantages , casestudies, a real good resource to know chip and pin from every side.
On a more positive note:
LINK5
Chip and pin has brought card fraud down stated in this article, even if its still possible, it has slowed it down. A big positive.
Chip and pin logically has brought card fraud down, its understandable even from me a critic, however, criminals always find another way and using only four numbers instead of a signature maynot be better in my opinion.
posted by katie kaboom at 10:51 PM
0 comments
Progress
Im swamped in articles but I'm managing only a couple of posts at a time, this is not good, not nearly fast enough. I need to get a lot more posts done.
posted by katie kaboom at 7:01 PM
0 comments
epassports and encryption
e passports - a concept which has been in circles from idea to product back to idea again. The concept consists of a passport with a chip inside, a RFID (radio frequency identification chip), which will hold identifing information on a person, digital image and the usual information held on a passport and a digital signeture. Its aim is to make authorisation and security checks at borders faster and safer? and to fall in line with americas new agendas regarding the nesessery implimentation of epassports for all 27 countries who dont need visas to enter america.
Like I said at the start the concept has been in cycle for some time. The biggest hold back is ironically the unsecure nature of the epassport. Of all 27 countries, experts from all have issued warnings and concerns regarding security.
In a nutshell the problem is that scanners to read such information, can be easily replicated to read the information on the chip, so those willing to abuse such information can do so. This is ontop of the chip itself being easily replicable, and still works, though with the amount of other securitys the passport will have may mean that people won't be able to create phoney epassports. The first threat, the threat to your sensitive information is still big.
The following articles are on such concerns with the e passports. The second regarding cloning however the attitude from the homeoffice is interesting.
LINK (No Encryption for E-Passports).
LINK ( ePassports 'at risk' from cloning).
The epassports will have various security guards but no encryption. It appears that encryption is being left behind in order to get the concept through to final production. The comments A spokesman said from the Home Office: "It is hard to see why anyone would want to access the information on the chip.
"Other than the photograph, which could be obtained easily by other means, they would gain no information that they did not already have - so the whole exercise would be pointless: the only information stored on the ePassport chip is the basic information you can see on the personal details page.
Well they would have your digital photo, your name, address, phone number, contacts (their names, addresses and numbers), your digital signeture. What if finger prints are included in the design and later on other biometric identifiers. We all should know how bad it is for someone to have so much sensitive information, IDENTITY THEFT to start with.
Encrytion could be used to protect this information on the chip. However it would have to be the most secure encryption as it would be a high pofile encryption, asking to be cracked. Even with so much security within the passport to check you are who you say you are and you have the right to cross the border, but I haven't heard anymention of what protects this information.
Like I said at the start the concept has been in cycle for some time. The biggest hold back is ironically the unsecure nature of the epassport. Of all 27 countries, experts from all have issued warnings and concerns regarding security.
In a nutshell the problem is that scanners to read such information, can be easily replicated to read the information on the chip, so those willing to abuse such information can do so. This is ontop of the chip itself being easily replicable, and still works, though with the amount of other securitys the passport will have may mean that people won't be able to create phoney epassports. The first threat, the threat to your sensitive information is still big.
The following articles are on such concerns with the e passports. The second regarding cloning however the attitude from the homeoffice is interesting.
LINK (No Encryption for E-Passports).
LINK ( ePassports 'at risk' from cloning).
The epassports will have various security guards but no encryption. It appears that encryption is being left behind in order to get the concept through to final production. The comments A spokesman said from the Home Office: "It is hard to see why anyone would want to access the information on the chip.
"Other than the photograph, which could be obtained easily by other means, they would gain no information that they did not already have - so the whole exercise would be pointless: the only information stored on the ePassport chip is the basic information you can see on the personal details page.
Well they would have your digital photo, your name, address, phone number, contacts (their names, addresses and numbers), your digital signeture. What if finger prints are included in the design and later on other biometric identifiers. We all should know how bad it is for someone to have so much sensitive information, IDENTITY THEFT to start with.
Encrytion could be used to protect this information on the chip. However it would have to be the most secure encryption as it would be a high pofile encryption, asking to be cracked. Even with so much security within the passport to check you are who you say you are and you have the right to cross the border, but I haven't heard anymention of what protects this information.
posted by katie kaboom at 6:58 PM
0 comments
Piracy
Upon looking further into piracy I came across two main documents. The first is produced by The Congressional International Anti Piracy Caucus, titled '2006 Country watch List'. Basically the countrys the US has their eyes on ( and proberly lobbying for a change of law) regarding piracy effecting the US.
The two main countrys focused on within the document, are China and russia. China seems to be in the news alot recently for piracy. Although they are costing the US millions due to piracy, China seems to be feeling the effects in house. The US seem to put everything down to the governments envolved weak action towards piracy but China makes more losses due to piracy, Is it down to weak action on the governments part?, well I think I would have to do more than just skim the surface to answer. The second link is an article on the problems technology companies face in china due to piracy.
FIRST LINK (2006 Country watch list).
SECOND LINK (article on chinas piracy problems).
The 2006 country watch list is a summery of all the countrys that effect the US in regards to priracy.
The main second document is a global study report into piracy (may 2006) for BSA and IDC global software.
SECOND MAIN LINK (global study report).
Really worth a read, recommended.
The report gives a global picture of the state of piracy. With some really illustrating graphs and a mass of figures with key observations and conclusions. Really I still recommend.
After looking back into piracy, not much seems to have changed, america is still mad at everyone else and blaming it on governments lack of action and the rising piracy in developing countries is nothing new. There does seem to be quite a drop in piracy in other countries including the uk since I last looked at the subject. The second document really illustrates this.
I'm a student so for me, although piracy is a problem and costs a lot of people profit, I'm an individual and as one in my opinion if software wasn't so expensive then maybe more people will buy software from the manufacturer. Software is so expensive and quite unrealistic for the individual, hardware seems to be getting cheaper, soon we will have the 100 pound computer, a half decent one!, but for me this is no good. The individual was named as the person of the year by TIME magazine, maybe its the individuals time, though this doesnot do well for piracy, privacy, security, and industry but its good for the individual.
The two main countrys focused on within the document, are China and russia. China seems to be in the news alot recently for piracy. Although they are costing the US millions due to piracy, China seems to be feeling the effects in house. The US seem to put everything down to the governments envolved weak action towards piracy but China makes more losses due to piracy, Is it down to weak action on the governments part?, well I think I would have to do more than just skim the surface to answer. The second link is an article on the problems technology companies face in china due to piracy.
FIRST LINK (2006 Country watch list).
SECOND LINK (article on chinas piracy problems).
The 2006 country watch list is a summery of all the countrys that effect the US in regards to priracy.
The main second document is a global study report into piracy (may 2006) for BSA and IDC global software.
SECOND MAIN LINK (global study report).
Really worth a read, recommended.
The report gives a global picture of the state of piracy. With some really illustrating graphs and a mass of figures with key observations and conclusions. Really I still recommend.
After looking back into piracy, not much seems to have changed, america is still mad at everyone else and blaming it on governments lack of action and the rising piracy in developing countries is nothing new. There does seem to be quite a drop in piracy in other countries including the uk since I last looked at the subject. The second document really illustrates this.
I'm a student so for me, although piracy is a problem and costs a lot of people profit, I'm an individual and as one in my opinion if software wasn't so expensive then maybe more people will buy software from the manufacturer. Software is so expensive and quite unrealistic for the individual, hardware seems to be getting cheaper, soon we will have the 100 pound computer, a half decent one!, but for me this is no good. The individual was named as the person of the year by TIME magazine, maybe its the individuals time, though this doesnot do well for piracy, privacy, security, and industry but its good for the individual.
posted by katie kaboom at 5:05 PM
0 comments
Saturday, December 16, 2006
Splogs
Within the very long winded article 'spam + blogs = trouble'. I came across in the september 06 edition of Wired magazine. The topic of splogs is raised. Splogs = spam blogs and their tricky nature. The spammers or named sploggers who create splogs, sportals, link farms which are all mentioned are described as weeds. "The sploggers always adjust" (pg114) And are of a fast growing problem. They have become one of the features of networked communications. Commonplace!
They as in sploggers dont just create sblogs full of jumbled words, ads and sportals that are soley of one click ads and host to a mass of popular searched keywords. Sploggers also take over abandoned blogs and flood real blogs with bogus comments leading back to their sblogs (the later Ive experience just the other day).
Indeed weeds, but very fast, the splogosphere amounting to 900,000 posts a day compared to the blogsophere amounting to only a third of that figure. It was enevitable but will the internet be smoothered by splogs, I wonder. How do you get rid of a weed. There seems to be many hardwork solutions, stated within the article though many which are doomed to failure I predict.
As I don't think its possible to stop splogs, the answer maybe to aim to reduce the number and the figure of growth. Checking unused blogs and a more powerful filter for the placement of listings in search engines.
Hopefully the pages are readable, though a heavy read if they are.
They as in sploggers dont just create sblogs full of jumbled words, ads and sportals that are soley of one click ads and host to a mass of popular searched keywords. Sploggers also take over abandoned blogs and flood real blogs with bogus comments leading back to their sblogs (the later Ive experience just the other day).
Indeed weeds, but very fast, the splogosphere amounting to 900,000 posts a day compared to the blogsophere amounting to only a third of that figure. It was enevitable but will the internet be smoothered by splogs, I wonder. How do you get rid of a weed. There seems to be many hardwork solutions, stated within the article though many which are doomed to failure I predict.
As I don't think its possible to stop splogs, the answer maybe to aim to reduce the number and the figure of growth. Checking unused blogs and a more powerful filter for the placement of listings in search engines.
Hopefully the pages are readable, though a heavy read if they are.
posted by katie kaboom at 8:26 PM
0 comments
Thursday, December 14, 2006
Assignment 2 idea to date
My idea for the second assignment in brief is a report with risk assessment on my learning environment security.
For me this is in two locations, university and at home. It will not solely involve my online security, I hope to cover any risks to the hardware itself as well. An example to include is the risks using portable USB disk drives.
Asthis is new’ish to me the following might be included but will definitely be researched further upon.
My wireless network.
My email accounts.
My website account.
My external hard drive.
My uninsured notebook.
Others on my wireless network – whether wanted or not – risks they pose, disruption to internet speed.
Password security.
Windows updates – why do they always crash my notebook when I update, but my notebook runs well with out them being updated?
Risk from downloading?
Finding a balance, for example wanting some internet add ons but not all add ons, how do I get what I want?
The outline would follow, reporting on the risks, what security I have in place? Is it adequate? How can I get the cover from these risks, what do I need to put in place, the cost, alternatives?
My reason towards this report is that it would be a practical and productive report, as it will be used to allow me to make informative decisions towards my learning environment security.
As its report based I’m not sure how I would present it, as it’s a must for a ten minute presentation, I’m not sure how I can do this, I haven’t presented a report before, well not one that isn’t of poor standard.
The presentation might be more of a problem than I thought before, as I recently had a 10 minute presentation on a subject I know inside out and I because I was especially fatigued I struggled to remember the content and well its was one of the Poor ones, One possibility is to do a presentation prerecorded on video with audio commentry , though I would still attend for questions, feasible?
For me this is in two locations, university and at home. It will not solely involve my online security, I hope to cover any risks to the hardware itself as well. An example to include is the risks using portable USB disk drives.
Asthis is new’ish to me the following might be included but will definitely be researched further upon.
My wireless network.
My email accounts.
My website account.
My external hard drive.
My uninsured notebook.
Others on my wireless network – whether wanted or not – risks they pose, disruption to internet speed.
Password security.
Windows updates – why do they always crash my notebook when I update, but my notebook runs well with out them being updated?
Risk from downloading?
Finding a balance, for example wanting some internet add ons but not all add ons, how do I get what I want?
The outline would follow, reporting on the risks, what security I have in place? Is it adequate? How can I get the cover from these risks, what do I need to put in place, the cost, alternatives?
My reason towards this report is that it would be a practical and productive report, as it will be used to allow me to make informative decisions towards my learning environment security.
As its report based I’m not sure how I would present it, as it’s a must for a ten minute presentation, I’m not sure how I can do this, I haven’t presented a report before, well not one that isn’t of poor standard.
The presentation might be more of a problem than I thought before, as I recently had a 10 minute presentation on a subject I know inside out and I because I was especially fatigued I struggled to remember the content and well its was one of the Poor ones, One possibility is to do a presentation prerecorded on video with audio commentry , though I would still attend for questions, feasible?
posted by katie kaboom at 8:25 PM
0 comments
Wednesday, December 13, 2006
In response to fridays sesson
Due to this coming fridays sesson being held on biometrics, I decided to do some further reading into it, for better understanding. I think I've seen way too many movies of folk having their hands cut off and eyes sliced out for biometric locks, true, though on a more serious note, the concept just really seems foulable to me. Come on, no doubt there are in did ways to get around them and I'm not talking whats shown in the movies, mostly fiction. However I found several sources on the flaws in fingerprint biometrics recognition.
The first being from the trusty bbc website dated 2002 and talks on the findings of a report, which is my second link.
BBC ARTICLE LINK
BIOMETRICAL FINGERPRINT RECOGNITION- DONT GET YOUR FINGERS BURNT -REPORT LINK
The report is interesting it seems to cover so many variables in fingerprint biometrics, the point under the heartbeat title was that systems that are designed to recognise your heartbeat are flawed as regular sport enthusiasts have a slower heart rate that can be impossible to detect in the scan of the person finger. Though the main aspect of the report is showing ways around the system. Worth a read.
My favourite link comes from the MythBusters, I love this show, I'm always watching when I see its on, but I missed this episode, they show how to fool the biometric finger print scanner, one in which the manafacturer said has never been fooled. Its only a short clip though usally they show how they done it and the hard work gone in before hand oh and the science. And it doesn't usually has the intense voice commentating. But real good clip to watch, better to find the full episide though.
MYTHBUSTERS FINGERPRINT FOOL LINK
And to a nice definition of biometric tech at the following link which covers all biometrics not just the fingerprint.
FOR A GOOD UNDERSTANDING OF BIOMETRICS LINK
The first being from the trusty bbc website dated 2002 and talks on the findings of a report, which is my second link.
BBC ARTICLE LINK
BIOMETRICAL FINGERPRINT RECOGNITION- DONT GET YOUR FINGERS BURNT -REPORT LINK
The report is interesting it seems to cover so many variables in fingerprint biometrics, the point under the heartbeat title was that systems that are designed to recognise your heartbeat are flawed as regular sport enthusiasts have a slower heart rate that can be impossible to detect in the scan of the person finger. Though the main aspect of the report is showing ways around the system. Worth a read.
My favourite link comes from the MythBusters, I love this show, I'm always watching when I see its on, but I missed this episode, they show how to fool the biometric finger print scanner, one in which the manafacturer said has never been fooled. Its only a short clip though usally they show how they done it and the hard work gone in before hand oh and the science. And it doesn't usually has the intense voice commentating. But real good clip to watch, better to find the full episide though.
MYTHBUSTERS FINGERPRINT FOOL LINK
And to a nice definition of biometric tech at the following link which covers all biometrics not just the fingerprint.
FOR A GOOD UNDERSTANDING OF BIOMETRICS LINK
posted by katie kaboom at 5:37 PM
0 comments
Tuesday, December 12, 2006
Fools in bbc article
People will sell their soul to the devil for something shiny and new, its true when it comes to privacy too. This is a problem. Identity theft is a real risk when taking such iresponsible action.
An acticle I came across is in agreement with my opinion. The article from the bbc website is on the results of a survey in how many people gave away key identifing sensitive information for free theatre tickets. 92% in fact.
THE LINK
94% even gave over their mothers maiden name and their pet names, the second figure is shocking. A smalll trick and they gave over those details, thats just 'desturbing'- said by the head of scotland yard. I agree.
But identity theft is serious in britain 100,000 people full foul of it a year.
I will hope to mention the topic again later.
An acticle I came across is in agreement with my opinion. The article from the bbc website is on the results of a survey in how many people gave away key identifing sensitive information for free theatre tickets. 92% in fact.
THE LINK
94% even gave over their mothers maiden name and their pet names, the second figure is shocking. A smalll trick and they gave over those details, thats just 'desturbing'- said by the head of scotland yard. I agree.
But identity theft is serious in britain 100,000 people full foul of it a year.
I will hope to mention the topic again later.
posted by katie kaboom at 7:51 PM
0 comments
The larger article
Following on from my last post on a metro article I came across 'hackers target myspace users', though I searched around for the article of a leading paper it was used from. I found it at
Link to the article
DailyMail.co.uk, their article was named 'MySpace users hit by hacker virus' and dated august 2006, metros running behind. This article talks about hackers attacking myspace, with scams and specific to myspace viruses due to myspace hugh user listings, myspace has made itself a target due to its popularity. Which is understandable, I must admit I haven't heard anything major about myspace attacks, new to me.
After hearing this within the article "The site is hugely popular, especially with teenagers, and it has recorded growing numbers of users in recent months, now accounting for 4.5 per cent of all internet traffic. " (DailyMail, aug 2006)I'm glad I covered social networks for my essay it seems to be a growing nessesery topic with security and privacy.
Another link : This link is worth a look it talks about the vulnerability of myspace against worm attacks. Its located at BPM Today.com named 'Social Networking Sites: New Hacker Target' Sept 2006.
I don't think i can moan to much if I found this earlier and mentioned my essay would have been 3000 words and even I wouldnt want to read it.
Link to the article
DailyMail.co.uk, their article was named 'MySpace users hit by hacker virus' and dated august 2006, metros running behind. This article talks about hackers attacking myspace, with scams and specific to myspace viruses due to myspace hugh user listings, myspace has made itself a target due to its popularity. Which is understandable, I must admit I haven't heard anything major about myspace attacks, new to me.
After hearing this within the article "The site is hugely popular, especially with teenagers, and it has recorded growing numbers of users in recent months, now accounting for 4.5 per cent of all internet traffic. " (DailyMail, aug 2006)I'm glad I covered social networks for my essay it seems to be a growing nessesery topic with security and privacy.
Another link : This link is worth a look it talks about the vulnerability of myspace against worm attacks. Its located at BPM Today.com named 'Social Networking Sites: New Hacker Target' Sept 2006.
I don't think i can moan to much if I found this earlier and mentioned my essay would have been 3000 words and even I wouldnt want to read it.
posted by katie kaboom at 7:37 PM
0 comments
Metro article
Typical the day I hand in my essay on Privacy and social networks and on the way back from a meeting on the module, I pick up the metro and am faced by an article on hackers and myspace.
Typical, though the article itself was cut from somewhere else, I'll have a scope around the the main article. It talks short on how hackers will be collecting peoples personal information and then designing scams around the type of demographics they get. Actually was an odd point of view is wasn't reporting on a case or did it say it had been done, I thinks its best for me to search around for the larger article.
Though I'm disappointed because I didn't mention hackers on social networks, but then the incident in question hasn't happened and I haven't found any major hacking cases in social networks a few small time cases but nothing major to write about, besides I wanted to mention the preventable more.
Typical, though the article itself was cut from somewhere else, I'll have a scope around the the main article. It talks short on how hackers will be collecting peoples personal information and then designing scams around the type of demographics they get. Actually was an odd point of view is wasn't reporting on a case or did it say it had been done, I thinks its best for me to search around for the larger article.
Though I'm disappointed because I didn't mention hackers on social networks, but then the incident in question hasn't happened and I haven't found any major hacking cases in social networks a few small time cases but nothing major to write about, besides I wanted to mention the preventable more.
posted by katie kaboom at 7:13 PM
0 comments
Note
Just got back from the 5pm meeting with cooper, really just in through the door, but making a note, before I forget what was said, usually I write it down on paper, but i left my notebook on oops.
My referencing sounded accurate enough for the module, which is good, as I done two different ways, which was right thing to do, different for the artifact. I didn't look at the citing advice on the module guide I must of forgot about it, I've been on the module guide so many times, would saved me worry when doing my referencing. But I have a dodgy memory.
The blog and extra work is not due sunday, apparently its the week after, week 11?
I explained my idea for assignment two, but need to write up a document explaining my idea and its possible content. I might write it up tommorrow. Roughly my idea is a report/risk assessment on my learning environment security, my home computer/ university? About 500 words I think will do.
What else, oh even if I do something simple on encryption like righting on articles or a short essay?
I think I covered the main points though i know I left out things mentioned, maybe I should have recorded with my dictaphone, actually I remember why I don't, I hate the sound of my voice.
My referencing sounded accurate enough for the module, which is good, as I done two different ways, which was right thing to do, different for the artifact. I didn't look at the citing advice on the module guide I must of forgot about it, I've been on the module guide so many times, would saved me worry when doing my referencing. But I have a dodgy memory.
The blog and extra work is not due sunday, apparently its the week after, week 11?
I explained my idea for assignment two, but need to write up a document explaining my idea and its possible content. I might write it up tommorrow. Roughly my idea is a report/risk assessment on my learning environment security, my home computer/ university? About 500 words I think will do.
What else, oh even if I do something simple on encryption like righting on articles or a short essay?
I think I covered the main points though i know I left out things mentioned, maybe I should have recorded with my dictaphone, actually I remember why I don't, I hate the sound of my voice.
posted by katie kaboom at 6:51 PM
0 comments
Not so shocking
The article I found archived is not as shocking as the last, again from the bbc website, this article is named 'Computer: your data in whose hands?'. This applys to everyone and the concern expressed in the article is legitimate. The article is in regards to companys dumping old computers and not wiping the data off first. So there are dumped harddisks out there is sensitive information maybe even on you.
The reason why this doesn't shock me is I often recieved office supplys as a kid that were brand new but were still to be dumped, my dad a security guard at banks and was often asked on a yearly basis to dump all the office furneture computers etc, companys often writing it off as tax, Im not sure how that works, but because I recieved such things I was fully aware of the waste companys make and the fact they asked security guards to dump it means they treate it all like furneture including the computers, a very lazy postion to take. Its the companys duty to erase any information regarding there clients. Just plain lazy.
In the article out of 100 computer disk drives they checked that were dumped 50% of them had sensitive information on. A bad statistic, it should be quite worrying, add it to the list of privacy concerns that un are conrollable by the user.
http://news.bbc.co.uk/1/hi/programmes/breakfast/4271485.stm
The reason why this doesn't shock me is I often recieved office supplys as a kid that were brand new but were still to be dumped, my dad a security guard at banks and was often asked on a yearly basis to dump all the office furneture computers etc, companys often writing it off as tax, Im not sure how that works, but because I recieved such things I was fully aware of the waste companys make and the fact they asked security guards to dump it means they treate it all like furneture including the computers, a very lazy postion to take. Its the companys duty to erase any information regarding there clients. Just plain lazy.
In the article out of 100 computer disk drives they checked that were dumped 50% of them had sensitive information on. A bad statistic, it should be quite worrying, add it to the list of privacy concerns that un are conrollable by the user.
http://news.bbc.co.uk/1/hi/programmes/breakfast/4271485.stm
posted by katie kaboom at 3:03 PM
0 comments
Shocking
We are all aware of databases filled with our information all over the place, if your a student your LEA, student loans co has your information in databases, your university itself, how about your mobile phone company, these are the obvious.
When these organisations make errors we feel them hard, or have you ever tried to change your address with any of the above, its not only a hassel but sometimes a nightmare.
The truth is we are happy handing out of privacy untill we fall foul of it, maybe we just can't take responsibility for it, we want the government to do it for us or anyone to take it out of our hands.
This is why this article shocked me, its from the BBC website its named 'datebase details harm children', the title is a shock tactic but actually the article suits it.
The government hold a lot more data on children than we actually thought and they pass it around, but because they know this plays close to human rights abuse, they want to teach children how to be responsible for their privacy information. Could you image children being asked to sign forms to give their consent. Its unbelievable, I didn't have a single pleasent word in my mouth when reading this article. I'm angry, adults are not even responsible enough to look after their own privacy, but now they are expecting children to put themselves at risk. I'm glad that within the article many figures are just as shocked as I was.
The ICO assistant commissioner stated 'public trust and confidence will be lost if there is excessive unwarrented intrusion into family life'
http://news.bbc.co.uk/1/hi/uk/6171224.stm
When these organisations make errors we feel them hard, or have you ever tried to change your address with any of the above, its not only a hassel but sometimes a nightmare.
The truth is we are happy handing out of privacy untill we fall foul of it, maybe we just can't take responsibility for it, we want the government to do it for us or anyone to take it out of our hands.
This is why this article shocked me, its from the BBC website its named 'datebase details harm children', the title is a shock tactic but actually the article suits it.
The government hold a lot more data on children than we actually thought and they pass it around, but because they know this plays close to human rights abuse, they want to teach children how to be responsible for their privacy information. Could you image children being asked to sign forms to give their consent. Its unbelievable, I didn't have a single pleasent word in my mouth when reading this article. I'm angry, adults are not even responsible enough to look after their own privacy, but now they are expecting children to put themselves at risk. I'm glad that within the article many figures are just as shocked as I was.
The ICO assistant commissioner stated 'public trust and confidence will be lost if there is excessive unwarrented intrusion into family life'
http://news.bbc.co.uk/1/hi/uk/6171224.stm
posted by katie kaboom at 2:40 PM
0 comments
Done and to do
Haven't posted for quite sometime, I've been playing catch up, a struggle to read through all the research I come across, and my double project for my major is research based its alot to get through. Well Ill leave it there for the excuses, but I hope to post a mass of posts in the next couple of days, I have a backlog of resources to post about.
Ive finished my essay on privacy, hooray, though I'm not a 100% happy with it, its longer than it should be and in the end there wasn't as much room for the ideas/ theorys avaliable on the topic. Its good, worth a read Ill say, when I post it up.
The title is: In the age of Blogger, Myspace and Youtube with posting personal data online as commonplace, is privacy online still possible? and further more is it even valued?
I talk about peoples perception of privacy, the real threats to privacy in social networks, who owns your data when its placed online, what cover there is or the lack of, the education which is needed, who responsibility your privacy is up to, thats just for starters, its pretty lengthy but it spans a lot of topics.
The title/ topic of the essay is not the published one for privacy, but after reading all my resources collected (papers/ articles and such) on privacy, I had so many ideas, and everytime I went to work on the published essay It just fell flat, I didnt want an empty unpassionate essay and I didn't want to write a report on privacy either. Im glad I was allowed to write on a different area within privacy.
One other thing was the referencing, I'm not the best at getting them right. I worry because I hate to think I quoted wrongly. Actually Ill make the note to find out where I'm going wrong with my referencing.
I really need to cover encryption, I cant get my head around articles I read in regards to encryption, I really need to cover it some how, its the main let down. Maybe if I done an excercise on it or if I showed some techniques in encryption to help with privacy. Haha, though I would have to be guided through it first. I need a few posts on encryption and I dont want to put any old crap up.
I missed last weeks sesson, no notes avaliable so can't catch up as such on what I missed. I'm sure it was quite interesting, the sesson was on porn and piracy which I'm sure Im aquainted on, one of my early essays was on napster, it was crap though but I did do the research and well every students knows about piracy anyhow. And porn well I have three older brothers so I grew up knowing it was there and well I was always snooping on my brothers computer and girls know just as much about porn and downloading it as guys do. As if its a guy thing, So in essense I'm not put far behind because I missed the sesson.
What else, oh yeh my idea for the second assignment, actually I won't mention it yet, I wrote a post about it on paper, Ill have a look for it. But I do hope to make up for any low marks by working harder (over christmas) on the second assignment, a problem might be the presentation, I mentioned that I would be fine with it, but I totally forgot that A I'm crap giving presentations, no one knows me so cant chit chat B my condition comes to play and I cant remember information I want to say even when knowing it back to front, there would be information I would forget. Also If I go after someone else, Upon listening to theres my head I will forget mine. I only remembered this as I experienced it in my double project module for my minor. So a worry!
Well thats just a catch up post in my progression
Ive finished my essay on privacy, hooray, though I'm not a 100% happy with it, its longer than it should be and in the end there wasn't as much room for the ideas/ theorys avaliable on the topic. Its good, worth a read Ill say, when I post it up.
The title is: In the age of Blogger, Myspace and Youtube with posting personal data online as commonplace, is privacy online still possible? and further more is it even valued?
I talk about peoples perception of privacy, the real threats to privacy in social networks, who owns your data when its placed online, what cover there is or the lack of, the education which is needed, who responsibility your privacy is up to, thats just for starters, its pretty lengthy but it spans a lot of topics.
The title/ topic of the essay is not the published one for privacy, but after reading all my resources collected (papers/ articles and such) on privacy, I had so many ideas, and everytime I went to work on the published essay It just fell flat, I didnt want an empty unpassionate essay and I didn't want to write a report on privacy either. Im glad I was allowed to write on a different area within privacy.
One other thing was the referencing, I'm not the best at getting them right. I worry because I hate to think I quoted wrongly. Actually Ill make the note to find out where I'm going wrong with my referencing.
I really need to cover encryption, I cant get my head around articles I read in regards to encryption, I really need to cover it some how, its the main let down. Maybe if I done an excercise on it or if I showed some techniques in encryption to help with privacy. Haha, though I would have to be guided through it first. I need a few posts on encryption and I dont want to put any old crap up.
I missed last weeks sesson, no notes avaliable so can't catch up as such on what I missed. I'm sure it was quite interesting, the sesson was on porn and piracy which I'm sure Im aquainted on, one of my early essays was on napster, it was crap though but I did do the research and well every students knows about piracy anyhow. And porn well I have three older brothers so I grew up knowing it was there and well I was always snooping on my brothers computer and girls know just as much about porn and downloading it as guys do. As if its a guy thing, So in essense I'm not put far behind because I missed the sesson.
What else, oh yeh my idea for the second assignment, actually I won't mention it yet, I wrote a post about it on paper, Ill have a look for it. But I do hope to make up for any low marks by working harder (over christmas) on the second assignment, a problem might be the presentation, I mentioned that I would be fine with it, but I totally forgot that A I'm crap giving presentations, no one knows me so cant chit chat B my condition comes to play and I cant remember information I want to say even when knowing it back to front, there would be information I would forget. Also If I go after someone else, Upon listening to theres my head I will forget mine. I only remembered this as I experienced it in my double project module for my minor. So a worry!
Well thats just a catch up post in my progression
posted by katie kaboom at 12:44 PM
0 comments
