[SecurityRatty] tag: plug-in

Browse a Censored Web Through the China Channel FireFox Plug

Tue, 28 Oct 2008 04:20:01 +0000

It's no secret that the Chinese government censors web content, but what's it like to actually be a citizen trapped inside the Great Firewall of China? A new FireFox plugin called China Channel can show you

Browse a Censored Web Through the China Channel FireFox Plug

Tue, 28 Oct 2008 04:20:01 +0000

Plug Pulled on Hamas' YouTube Ripoff

Wed, 15 Oct 2008 16:44:00 +0000

A few weeks ago, Western intelligence officials discovered that the Palestinian militant group Hamas had set up a video-sharing propaganda site. Now, that radical Islamic answer to YouTube is offline. Jihadists are blaming the FBI for the takedown.

Firefox add-on blocks 'clickjacking' attacks

Thu, 09 Oct 2008 00:00:00 +0000

The latest version of NoScript, a popular Firefox add-on designed to block scripts and plug-ins, has been updated to stymie the new "clickjacking" class of attacks, according to its developer.

A suit of armor is needed now to protect you online

Wed, 17 Sep 2008 19:41:44 +0000

How many of you are fully patched? 100%?
Raise your hands.

clipped from www.sci-tech-today.com

Searching for Brad Pitt Can Lure Surfers To Malware

Malware with criminal intent tends to last for a short time, according to Green, only five to seven hours. And most of it is static and obfuscated or intentionally made difficult to read, he said.

Criminals are now shifting from SMTP to HTTP as a way to steal information from Internet users, according to F-Secure, and unless you have a fully patched browser, plug-ins and operating system, you are vulnerable.

Feds encrypt 800,000 laptops; 1.2 million to go

Wed, 21 May 2008 20:00:00 +0000

U.S. government agencies are scrambling to plug up one of their biggest security holes: sensitive information such as names, addresses and Social Security numbers stored on laptops, handhelds and thumb drives.

Finding Promiscuous Sniffers and ARP Poisoners on your Network with Ettercap

Mon, 19 May 2008 20:36:05 +0000

Most of you are familiar with using Ettercap for attacking systems, but what about using it to find attackers? This tutorial will cover using Ettercap to find people sniffing on your network. The plug-ins we will be using are search_promisc, arp_cop and scan_poisoner.

Pennsylvania pulls plug on voter site after data leak

Wed, 19 Mar 2008 09:27:41 +0000

A voter-registration site run by the state of Pennsylvania has been found to leak sensitive personal data about voters, necessitating its shutdown with just a month to go before that state's critical primary.

IPs Now Private Info?

Tue, 22 Jan 2008 10:49:00 +0000

Thru ha.ckers.org we learn (original here) about something that might have pretty dramatic implication to logging and log management: "IP addresses, string of numbers that identify computers on the Internet, should generally be regarded as personal information, the head of the European Union's group of data privacy regulators said Monday." (the quote is related to EU fight with Google, also described there)

Wow! If accepted, this will quite some implication to logging (ha.ckers.org outline a few fun implications as well), since it will dramatically increase the sensitivity of logs and will turn all logging projects, no matter how small and tactical, into "PII collection efforts" with heavy privacy price to pay.

Now I have to share the dirty, evil thought that crossed my mind when read it: at one point, Google and other companies should just boycott those "'dumb privacy' freaks" and conduct a wonderful experiment: how long those Europeans will survive without search engine "service?" But wait a few years, Google, before pulling a plug: it will make sure that Internet becomes truly indispensable ...

Also, what do I mean by "dumb privacy"? Am I anti-privacy? No (not anymore), this is where I explain it. I did experience my eureka moment during a webcast on privacy when I realized the existence of a "privacy chasm" (see more here)

CIA says hackers pulled plug on power grid

Fri, 18 Jan 2008 21:00:00 +0000

Criminals have been able to hack into computer systems via the Internet and cut power to several cities, a U.S. Central Intelligence Agency analyst said this week.