Category: Security


…after you’ve been hit with a survey scam.

I’m blogging this because I’m seeing a few more Facebook friends than usual getting hit with these kind of scams.

Actually, I’m just posting these so that I can find them in the future.  These are some of those topics that just come up every so often that leaves me looking for where I found them in the first place.

“Cain And Abel routing”: How to use Cain & Abel for DNS poisoning and hacking

“SQL Injection – Walking through walls.”: Techniques for doing SQL injection

Secunia Personal Software Inspector (PSI) is one of my favorite freebies. It scans your computer for installed programs and notifies you when they are out of date. This makes keeping your computer FULLY patched much easier and greatly reduces the opportunity for malware to take over your computer.

Well, a new version just came out on Monday (12/20/2010) with a nice new look and the ability for Secunia PSI to automatically update that out-of-date software…you don’t even have to update the software yourself. Previously, this was pretty much a manual process, albeit the fact that it at least TOLD you that you were running out-of-date software was a fantastic leap forward.

Free to use, easy to use, and something I highly recommend running on your computer.

Finally found a nice Q and A from Bruce Schneier, security guru, about the TSA security procedures. As I’ve said elsewhere, it’s security theater and absolutely worthless. The new full-body scanners provide no more security than what previous screening scanners (metal detectors) and techniques provided. In fact, they make the situation worse because they give the impression that people are more secure…and that actually DECREASES security.

Check out Bruce’s Q&A on Popular Mechanics’ article here.

Baaaaah-ha-ha-ha!

I love new toys and Firesheep is a good one.  It trivializes “sidejacking” and let’s the attacker get into someone else’s internet sites without having to log in as the victim (you). If you’re on the same wireless network as someone else and they’re running Firesheep, they can access the internet sites you’re logged into…particularly social networking sites such as Facebook, Twitter, and WordPress…and do, well, anything they want to.

Here’s the article about Firesheep…

…here’s the Firesheep site…

…and here how to protect against it…

Good luck protecting yourself against it, you scurvy dogs.  <Evil sheep laugh> Baaaaah-ha-ha-ha!

(Disclaimer: The ability to do something does not make use of that ability morally, ethically, or legally right.)

UPDATE: A counter-measure against Firesheep has been released. It’s called BlackSheep.

Wow…this article and associated survey might actually mean something…

…except that the survey was done by Unisys.  Unisys would directly benefit from the government having an internet “kill switch”.  I wonder if that conflict of interest had any impact on how the survey was conducted and what the results were?

The Magic 8-Ball says, “Signs point to yes.”

This is a great example of why you need to question everything.