This has to be rather embarrasing:
http://annysoft.wordpress.com/2008/02/06/antivirus-company-website-is-infected/
Also covered at The Register:
http://www.theregister.co.uk/2008/02/08/indian_av_site_compromise/
Another case of the evil iFrame striking, but this time from a "security" company...
Thursday, 14 February 2008
Should UK parents get compensation from HMRC?
Alternative Dispute Resolution Services is a Newcastle-based legal firm which is offering a £5.99 pack to help pursue a claim against the government for breach of the Data Protection Act. They claim that 14,000 people have registered with them so far.
The pack is available at:
http://www.compensationpack.com/
News coverage is here:
http://www.thisismoney.co.uk/disc-claim
Don't get too excited: the estimated payout is likely to be between £50-£300, which is way below any losses that may be suffered if the data is in the wrong hands. The interesting question though is whether or not the government actually breached the DPA.
The pack is available at:
http://www.compensationpack.com/
News coverage is here:
http://www.thisismoney.co.uk/disc-claim
Don't get too excited: the estimated payout is likely to be between £50-£300, which is way below any losses that may be suffered if the data is in the wrong hands. The interesting question though is whether or not the government actually breached the DPA.
Sophos statistics on spam relaying by countries
The USofA are at the top of the list, followed by Russia:
http://www.sophos.com/pressoffice/news/articles/2008/02/dirtydozfeb08.html
http://www.sophos.com/pressoffice/news/articles/2008/02/dirtydozfeb08.html
Happy Valentine and watch that electronic evidence, just in case...
Electronic evidence is increasingly being used in divorce cases:
http://www.gpsdaily.com/reports/Nation_Top_Divorce_Lawyers_Note_Dramatic_Rise_In_Electronic_Evidence_999.html
Wether it is electronic or not, it is just "evidence" after all. It is interesting to note the use of GPS data: yes we can prove you were there...
http://www.gpsdaily.com/reports/Nation_Top_Divorce_Lawyers_Note_Dramatic_Rise_In_Electronic_Evidence_999.html
Wether it is electronic or not, it is just "evidence" after all. It is interesting to note the use of GPS data: yes we can prove you were there...
Monday, 11 February 2008
God Bless America and their border cops!
I hope that I never get stopped with my phone, laptop, cd bag, notebook, flash drives as 20hours of questioning will seem like a holiday! Just one more reason not to go to the leading light of the free world!
I know something you don't know
It seems the vulnerability disclosure is taking on a new slant. All the previous reports I've seen on this subject have largely been about those researchers who disclose vulns get hammered by law enforcement agencies or big companies. However, this one takes on a new twist. RealPlayer11 has a bug and Evgeny Legerov has found it. However, it appears this guy has a group of "customers" who he sells bugs to but won't disclose to the original developer. In the daniweb blog the author discribes this as blackmail. I'm certain it's not blackmail, but ethically it's difficult. But why should I be ethically bound to notify people of their screw ups? Maybe the fact that big companies carry on producing chronic code is because people find their cock ups and tell them about it. Perhaps this new type of militant action by security researchers will start to force a shift in software development as companise will no longer be able to rely on independants working it out for them.
Firefoxed
Firefox 2.0.0.12 is vulnerable out of the box using a directory traversal! Good lord what is happening here!?
http://www.0x000000.com/index.php?i=515
According to the site listin the vulnerability this will allow you to potentially view every file in the Mozilla directory. Solution a) use another browser b)install a plug in!
Most vulnerabilities are delivered by third party plugins on fixed by them!
http://www.0x000000.com/index.php?i=515
According to the site listin the vulnerability this will allow you to potentially view every file in the Mozilla directory. Solution a) use another browser b)install a plug in!
Most vulnerabilities are delivered by third party plugins on fixed by them!
Subscribe to:
Posts (Atom)