Diomidis Spinellis in The Risks Digest: Bank fishes phishing -
“After they verified my credentials the customer representative asked me: Did you respond to that email we sent you asking for your username and password?”
DarkReading: University Databases In the Bull's Eye -
“While the database breaches hitting higher education institutions this summer are a fresh reminder of why data security is so important, the fact is these latest incidents are just a few isolated beads in a string of incidents that date back far beyond this year. According to Rich Mogull, analyst with Securosis, these types of breaches have been going on so long he’d hardly class them as news anymore.”
RevK's rants: What a moron... -
“We have set up some numbers to go to a honey pot to trap junk callers, and only when we don’t get a calling number. In 8 hours on Friday we recorded 66 calls to our offices. Thursday, before the honey pot was set up, in 8 hours we had 331 call attempts from withheld or unavailable to unused office numbers. It shows how much of a problem these junk calls are.”
SFGate: FTC's role as watchdog expanding -
“If you think you get too much spam, try visiting the second floor of the Federal Trade Commission building in Washington.
That’s where a computer server holds the world’s largest collection of spam e-mail - 314 million messages, with 200,000 more arriving every day. The machine sits in the agency’s Internet lab, a bunker crammed with electronic devices that help investigators hunt down spammers, spyware makers and identity thieves.”
BBC News: Google Street View accused of Congress 'snooping' -
“…Congresswoman Jane Harman, who heads the intelligence sub committee for the House’s Homeland Security Committee, has an open home network that could have leaked out vital information that could have been picked up by Street View vehicles.”
Huh? It’s not Google’s fault that members of Congress have not been adequately advised on computer security. -BoM
“I’m tired of having companies guess at what my context is. I know what my contexts are. I know how they change. I want my own ways of changing contexts, and of informing services of what those contexts are. In some cases I don’t mind their guessing. In a few I even appreciate it. But in too many cases their guesses only get in the way.”
Computerworld: Cisco database hacked; warns Live! visitors (and Cpt. Dave)
The Consumerist: No, The Right To Call And Sell You Stuff Is Not Transferable -
‘…if a company cold-calls you to sell you things when you’re part of the federal Do Not Call registry, and insists that the call is totally legal because they’ve “partnered with” a company that you do business with, does that make it okay? No. No, it does not.’
Peter Blair: DKIM Verification step through -
“Learning to use DKIM usually involves a lot of trust in a process that may not be fully understood by the operators. I hope to lift the veil by implementing a step by step application to demonstrate what is being done and why.”
Enterprise Digital Rights Management: Is It Good To Be Paranoid About Information Security? -
“Not being paranoid about information security can be a downward spiral for your business, as customers may begin to suspect that you are selling their data to other organisations, especially when they get calls from competing businesses with data that has only divulged to your business. Apart from this other employees will begin to get into the habit of helping themselves to corporate data if they realize that little or no action has been taken against previous data theft. Your Internet security may also be weak, and may be leaking data through malware or spyware.”
John Graham-Cumming: What's wrong with Flash Cookies? -
“Unlike ordinary cookies, Flash Cookies are largely unknown to the surfing public and very hard to control. Here’s a list of bad things about Flash Cookies.”
CarnalNation: TLD Carpetbaggers Give New Meaning to "Drop and Snatch" -
‘What do you get when you combine a former real estate developer, an ex-employee from a scandal-ridden domain bidding business, and an ex-fax machine salesman? Your first answer probably isn’t “internet pornography and child safety consultants.” But that’s exactly who’s behind creating and curating an adults-only gated trailer park on the Internet: three unlikely startup jocks plan to make a .xxx suffix for pornographic websites, despite the fact that no one on any side of the debate wants one.’
A very thorough (and amusing) article about the history and latest incarnation of the .XXX TLD proposal, without requiring that the reader understand how ICANN works.
Schneier on Security: The Threat of Cyberwar Has Been Grossly Exaggerated -
‘We surely need to improve our cybersecurity. But words have meaning, and metaphors matter. There’s a power struggle going on for control of our nation’s cybersecurity strategy, and the NSA and DoD are winning. If we frame the debate in terms of war, if we accept the military’s expansive cyberspace definition of “war,” we feed our fears.
We reinforce the notion that we’re helpless — what person or organization can defend itself in a war? — and others need to protect us. We invite the military to take over security, and to ignore the limits on power that often get jettisoned during wartime.’
The Star: Start enforcing telemarketing rules, Senator says -
“Figures released by the [Canadian] government suggest it is failing to enforce the national do-not-call list, despite the fact more than 300,000 complaints have been filed against unwanted telemarketers.”
The Day Before Zero: It’s Safer to Write Your Password Down -
“Common wisdom over the last couple of decades has been to never write down the passwords you use for accessing networked services. But is now the time to begin writing them down? Threats are constantly evolving and perhaps it’s time to revisit one of the longest standing idioms of security….”