Tag: Security
UK government considering monitoring social networks
You know those horribly intrusive laws invading people’s online privacy in the name of a greater security for all? The ones that insist that every ISP must hold user communication data for 12 months? Well, the Home Office security minister Vernon Coaker reckons those laws don’t go far enough, because they don’t cover social networking and instant messaging websites.
Spotify gets hacked
Revolutionary digital music streaming service Spotify has revealed a serious security breach that affected its servers before December 19th last year. The company thought that it had managed to fix it before any damage was done, but last week Spotify found out that “a group” of some sort had managed to gain access to information necessary to guess passwords.
Although security breaches are par for the course at most internet startups, so far Spotify had managed to avoid them. It’s almost a rite of passage for new companies. The company is recommending that anyone who hasn’t changed their password since December 19th to change it immediately, and is emailing all its users to that effect.
Official Spotify Blog
Facebook changes terms of service, outcry ensues
A couple of weeks ago, Facebook changed its terms of service so that users won’t be able to delete their data if they leave the site. The blogosphere immediately erupted with criticism and it prompted a blog post from Mark Zuckerberg himself on who owns the data.
Facebook had been criticized for allowing a situation where someone could take a photo of you, upload it to the site, and then neither of you would be able to stop Facebook from using it for whatever purposes they like. You essentially waive all rights to the data.
Zuckerberg’s response to concerns is basically ‘chill out – we’re not going to take the piss here’. He doesn’t apologize, or even offer to soften the language – just asks users to trust the company. But how can users trust a company slowly eroding their rights?
Sure, odds are that Facebook isn’t going to suddenly abuse millions of people’s personal info, but if that’s the case, then why not retain the original language? Facebook has a history of communicating changes badly, and this is just another in a long line of screwups that include the profile redesign and the “Beacon” fiasco.
Friendly hackers break into Kaspersky's US web site
Unfortunately it’s a fairly common occurrence for web sites to be hacked into these days, but there’s an additional sense of embarrassment when that web site belongs to a security software vendor.
Kaspersky, makers of anti-virus software, has had its US web site compromised by a group of “friendly” hackers. Friendly in the sense that they found the vulnerability that allowed them to gain access to a large amount of personal customer data, but then told the company about it instead of using it their ill-gotten gains…
Computer virus leaves France DEFENCELESS from the air
Now let this be a lesson to you in what happens if you forget to keep your McAfee subscription updated. France’s Air Force has been grounded due to the ‘Conficker’ computer virus.
Despite forewarning from Microsoft themselves, the Air Force failed to prevent the spread of the virus, and now several Dassault Rafale fighters are out of commission. I just hope that the British Navy is better at keeping things up to date. Oh, wait.
(via Silicon Valley Insider)
More virus antics: Virus infects Royal Navy computers; sailors lose vital access to Facebook | Introducing the virus that farts at you, fool
The UK's identity card scheme has one fatal flaw – no one's bought any card READERS yet
EDITOR’S NOTE: Please read this update while playing the theme tune from Benny Hill in the background.
The UK government may well be pushing ahead with its scheme to start rolling out ID cards to airport staff and other key workers in the security sector, but there’s one rather sizeable problem – the card readers. There aren’t any.
The government apparently failed to budget for the thousands upon thousands of card readers that…
$250 kit lets you clone passport RFID chips just by driving past
Chris Paget isn’t a hacker, but he’s got the means to clone the RFID chip in your passport. Think of it as him doing you a favour. Using $250 of off-the-shelf components, Chris built a machine to sniff and clone RFID tags. During a 20-minute drive in downtown San Francisco, he managed to copy two passports completely unbeknownst to their owners.
Paget claims he only built it to show that it’s possible:
“It’s one thing to say that something can be done, it’s another thing completely to actually do it. It’s mainly to defeat the argument that you can’t do it in the real world, that there’s no real-world attack here, that it’s all theoretical.”
For a video of the device in action, click over the jump.
VIDEO: Tmsuk T-34 security robot hits the net
Yet more proof that the Japanese rule the world when it comes to hilarious and slightly sweet robots. The latest purports to be a security robot, but I suspect that you’re more likely to be incapacitated with laughter at this dinky machine than genuinely caught.
It travels at 10kph, has microphones and body heat sensors, and it’s controlled by an external operator. It’ll catch your thief, but you’ll need a real person on the scene before the person can make it out of the net. It’ll be available in a couple of years, and will cost ¥800,000 (£6,700 or so). For a video of it in action, click over the jump.
Knockoff of iWork '09 contains Mac-unfriendly Trojan Horse
There’s a new Trojan Horse for Mac in town and it’s riding around in pirate copies of iWork ’09.
OSX.Trojan.iServices.A secretes itself in otherwise fully-functioning copies of Apple’s latest office software. It installs itself in a startup directory and gives itself full root privileges (in other words, it’s God to your Mac).
Security firm Intego is warning anyone who has downloaded installer software from filesharing/Torrent sites that they could now be infected. Intego’s latest updates for VirusBarrier X4 and X5 will now protect against and disinfect the virus…
Hackers planned massive bank swindle using keyloggers
Let me tell you a story. In 2004, in the dark of night, a gang of hackers broke into Sumitomo Mitsui Banking Corporation in the City of London. With the help of a security guard who was their ‘inside man’, they crept through the dark aisles of cubicles, installing keyloggers on the PCs to record employee’s login details.
