Tuesday, September 30, 2008

“We have met the enemy and he is us.” (In other words, protest loudly to convince the citizenry that you aren't the ones doing it.)

http://www.pogowasright.org/article.php?story=2008093007223439

Hu: ‘Octopus-like shadow secret service’ does Fidesz’ bidding: minister

Tuesday, September 30 2008 @ 07:22 AM EDT Contributed by: PrivacyNews

The latest scandal in Hungary, whose background reads like the plot of a John Grisham novel, threatens to shake up the foundations of the country’s still young democracy and political power relations.

The National Security Office (NBH) informed the public that it had uncovered an “octopus-like shadow secret service” that had not only infiltrated companies and state authorities, but also hacked into their computer systems and databases and gained access to private, business and state secrets. Secret Services minister György Szilvásy, who is in charge of the NBH, referred to emails, bank secrets, telephone lists and strictly confidential information held by tax authority APEH, the Customs and Finance Guard, the police apparatus and the NBH itself.

Source - The Budapest Times



Oh drat! I wasn't ready to use it yet. Now I have to fall back to plan B.

http://it.slashdot.org/article.pl?sid=08/09/30/0136219&from=rss

CSRF Flaws Found On Major Websites, Including a Bank

Posted by kdawson on Monday September 29, @09:58PM from the wherever-you-look dept.

An anonymous reader sends a link to DarkReading on the recent announcement by Princeton researchers of four major Web sites on which they found exploitable cross-site request forgery vulnerabilities. The sites are the NYTimes, YouTube, Metafilter, and INGDirect. All but the NYTimes site have patched the hole.

"... four major Websites susceptible to the silent-but-deadly cross-site request forgery attack — including one on INGDirect.com's site that would let an attacker transfer money out of a victim's bank account ... Bill Zeller, a PhD candidate at Princeton, says the CSRF bug that he and fellow researcher Edward Felton found on INGDirect.com represents ... 'the first example of a CSRF attack that allows money to be transferred out of a bank account that [we're] aware of.' ... CSRF is little understood in the Web development community, and it is therefore a very common vulnerability on Websites. 'It's basically wherever you look,' says [a security researcher]."

Here are Zeller's Freedom to Tinker post and the research paper (PDF).



Good for Admins, bad for everyone else? Something for the amateur surveillance crowd too.

http://www.killerstartups.com/Web-App-Tools/yoics-com-manage-your-computer-from-anywhere

Yoics.com - Manage Your Computer From Anywhere

http://www.yoics.com

Yoics is a California-based company that stands as a purveyor of networking solutions. Its objective is to transform network configuration and management, and as such it has developed a solution that allows devices to be accessed and managed from any Internet connected browser. This is achieved through the Yoics Now! proxy, a feature of the available Yoics desktop. This proxy turns any networked computer into a device which can be remotely accessed, all the while dispensing with complicated router configurations.

The different categories that make up the site are grouped together on the right-hand side of the main page for browsing convenience. By way of example, these include sections that deal with the aforementioned Yoics Proxy and remote desktop, along with self-explanatory categories like “Tutorials” and “Downloads”. The latter includes software applications both for Windows and Mac setups. Another section that merits mentioning is the one entitled “Yoics Now! Configuration” as it provides comprehensive guidance on the different products and applications that can be integrated with the existing solution such as Yawcam and TVersity.

[This is interesting: http://www.yoics.com/?p=43 Surveillance webcam for iPhone.



Wouldn't this decrease the probability that anyone would actually look at the signs? Hasn't anyone patented advertising on government “publications?” (H & R Block ads on the 1040?)

http://blogs.laweekly.com/ladaily/politics/state-considering-advertising/

State Considers Advertising on Amber Alerts

by Christine Pelisek September 24, 2008 12:37 PM

The Schwarzenegger administration is considering advertisements on freeway signs used for Amber Alerts and other emergencies.

The advertisements would be posted on 674 electronic roadside message boards according to the LA Times. The funds raised – estimated at millions - would go towards the financially strapped highway fund.



A no lose case for Microsoft? If they win, they can show how they go after evil doers. If they lose, they can use the same type of ads for their products. (These ads work best on porn sites and other “high risk” websites.)

http://news.cnet.com/8301-1009_3-10053565-83.html?part=rss&subj=news&tag=2547-1_3-0-20

Microsoft, Washington state sue over 'scareware' pop-up ads

Posted by Elinor Mills September 29, 2008 11:01 AM PDT

... The lawsuit filed by the Attorney General's office alleges a Texas firm sent incessant pop-up ads that falsely claimed the computer had critical errors in its registry and directed people to a Web site where they could download free scanning software to find the problems.

The software then reports 43 critical problems and offers to sell a fix for $39.95. However, the software, dubbed "Registry Cleaner XP," does nothing but lull the consumer into a false sense of security, officials said.



For my College Algebra students. Muahahahah

http://science.slashdot.org/article.pl?sid=08/09/30/0241243&from=rss

The 23 Toughest Math Questions

Posted by kdawson on Tuesday September 30, @08:08AM from the innumerate-need-not-apply dept.

Math Technology coondoggie sends in a Network World post that begins

"It sounds like a math phobic's worst nightmare or perhaps Good Will Hunting for the ages. Those wacky folks at the Defense Advanced Research Projects Agency have put out a research request it calls Mathematical Challenges, that has the mighty goal of 'dramatically revolutionizing mathematics and thereby strengthening DoD's scientific and technological capabilities.' The challenges are in fact 23 questions that, if answered, would offer a high potential for major mathematical breakthroughs, DARPA said."

Some of the questions overlap with the Millennium Prize Problems of the Clay Mathematics Institute, which each carry a $1M prize.

No comments: