Bastard Sheep

I started my morning by screaming at my computer.  Not because someone was wrong on the internets, this time it was in outrage (yet again) at the hopelessness of the news media.

It was only a week ago I was ranting and raving on Twitter about how differently the same story was being reported by varying news outlets, some (ABC) making the science based medicine stories very negative while others (SMH, Telegraph, Reuters, AFP etc) giving a more realistic and positive story.  Today though it wasn’t so much the reporter’s incompetence or bias, but rather it was the sheer idiocy of the editor.

“Hotmail: now Gmail and Yahoo! hacked“

No, they weren’t hacked.  They weren’t cracked either.  Hacking and cracking both require a compromise of the business’ systems.  That in no way shape or form took place.  What happened is that the users were phished. Read more…

I was reading an article at PC World about google’s new product “SideWiki“.  It’s basically a program which is an extension to google’s browser toolbar which allows you to put comments in to sidewiki but not in to the article’s comments feature.  This may come in handy for pages that don’t allow comments, but it’s not very good for those that do.  It also has its own intelligent ranking system which I guess we’ll have to see in action first.

The article was talking about the ranking system when up came this line:

It will be interesting to see how Sidewiki functions on controversial pages, such as those where a very vocal minority disagrees with the conventional view. Imagine the comments on pages saying that vaccinations don’t cause autism or that Barack Obama was born in Hawaii.

Excuse me?  Did I just read what I think I just read?  Did he just say almost every qualified and credited doctor and scientist, as well as the actual facts and figures, reality, is the vocal minority? Read more…

Another week another data leak.  It’s becoming a scarily all too common occurrence, yet this one just had to make me rant.

According to PCPro, an ISP in Britain while sending an email to its customers with instructions for a new billing system, inadvertently attached a spreadsheet containing records on 3,600 of its customers.  The details contained in this spreadsheet were the customers full name, email, address, telephone, business name, and two rows without headers remarkably similar to … usernames and passwords.

Wait, passwords?  No, seriously, are you kidding me?  PASSWORDS??? Read more…

The piddler is continuing on his campaign of misinformation and blatant lies about the filter. Anybody else would have gotten sick of being caught out so many times, but fortunately for Conroy, the media for the most part don’t really care so it’s only those of us who are informed about the Rabbit-Proof Firewall who seem to notice how pathetic and incompetent he is at anything other than backstabbing and weaseling. Read more…

I’m regularly being surprised by the number of people who are letting their anger at the Australian Rabbit-Proof Firewall cloud their judgement and ability to analyze things clearly. I too am completely opposed to the Rabbit-Proof Firewall in its current form, but lets take some realistic looks at what can be seen on the list.

One thing that majority of people seem to be forgetting, Michael Meloni and Mark Newton included, is that it’s not just about the content hosted on the site. It is also about the delivery methods. I know people hate comparing new media to old media, but it’s the clearest way I can think of to give an example of what I am talking about. Read more…

In relation to this post below, it seems that although the amount of spam getting past the filters in my inbox has gone up, the overall spam volume has gone down by a massive 50%. That number is almost impossible to believe, but that’s what they’re reporting over at Security Fix as well as numerous other non-affiliated IT news websites.

Good news? This is friggin brilliant news. I wonder which bastards are next.

Source: Security Fix.

Normally I’m against America’s over litigatious ways, but this is one case where I can’t help but feel glad it is happening. A class action suit has been filed against the company and numerous US ISP’s in regards to trials of their new products at said ISP’s.

In a nutshell, NebuAd are ex-Claria (who used to be known as Gator) staff, a company infamous for silently installed adware and spyware which was notoriously buggy and difficult to remove. At NebuAd these staff are using similar lack of scruples and working in secret with ISP’s to spy on customers without any notification what so ever in order to sell this data to advertising companies for split profit.

They were found out though, and it was only after numerous people spoke up and the media latched on to any of this that anything was made public. Understandably people are upset and hopefully this will be one more nail in the coffin of these people and their ways. I somehow doubt it, though.

Source: Arse Technica.

I saw this on /., and got very excited. I quickly opened up the site, then it hit me just how sad it was. However, I don’t care. This site goes off like a sog in a frock. I can’t think of a decent way to describe it, so I’ll just quote some text from the site itself.

“These are some typical sounds we hear in our data recovery lab.
To listen to the sound simply click on the play button. Click on the drive manufacturer next to the sound button to learn more about common problems these drives experience.”

Source: Hard Drive Sounds.
Via: /..

Most people dislike security because it adds complexity. One could almost say “with greater security comes greater complexity”, but it is in no way true that “with greater complexity comes greater security”. And in this lies the problem, many a time companies add to the complexity in the name of security, but they don’t actually add any security at all.

Credit card companies are brilliant at this. That 3 digit number thing (CCV – remember this term) on the back of your card for example, if someone is skimming visually then when you turn the card over that is read too. Microchips, no more secure than the magnetic strip just read in a different way. It’s like writing a sentence in English twice, but the second time using crayons rather than felt tip pen. It’s still in English, it’s still the same information. RFID? That’s LESS secure as it can be skimmed simply be being in the vicinity of the card. It really does make me angry and glad my current card only has the magnetic strip. I hate the idea of any cards I carry around with having RFID to be honest.

The credit card companies or to be more accurate, Visa, has now actually done something intelligent that DOES add to security. Looky at the picture above. The basic idea is that you enter your PIN on to your own card (so the PIN cannot be skimmed except for visually), then then generates a one-time code to use in place of the CCV. This means the theif needs to visually note your PIN then actually steal your card (at which point you’ll know to cancel it immediately), they can’t just copy it with a skimmer.

THAT IS FUCKING BRILLIANT!

If these come out in Australia and only on Visa, I’ll definitely be switching (I have a MC at the moment). It’s the first change CC companies have made in 5-10 years which hasn’t angered me. My hat goes off to you, Visa.

Source: DarkReading.

My home email is weird. It seems every time there’s a success against spammers or other malware pundits, the amount of email getting through my filters actually increases. This morning for example I had 3 times as much through the filters (which I only tightened two weeks ago), and now I read this.

It appears Brian Krebbs from Security Fix has, on the back of his assistance in the take down of EstDomains, struck a blow at another large hoster of malware and malicious websites. This is one I haven’t actually heard of before, McColo Corp. After gathering data on this company over the last 4 months, just the other day they contacted a few ISP hosts to see if they would assist in doing something about it. Although only one of them has so far, it has resulted in the homepage for the company as well as other sites of theirs vanishing in to thin air. Unfortunately some of their clients are still online, so we are waiting for the other ISP’s to react and to see what their reaction is.

Source: Security Fix.

In other related news (so part of this post rather than as its own separate post), it seems SPAM isn’t quite as affective as researches used to think. Every mailing results in a significantly smaller return than previously thought. For example, one mailing of 350 million addresses resulted in only 24% making it to a mailbox. Of that 82 million, only 10,500 resulted in clicks, and only 28 resulted in a purchase. You can read more below.

Source: DarkReading.