TechBlog

How not to manage your passwords… John, and his unique approach to security is part of an F-Secure Internet Security 2011 campaign. You can find more at besmarterthanjohn.com.

A federal judge in New Jersey has cleared the way for a landmark criminal case targeting CAPTCHA circumvention to proceed to trial. The case targets a ring of defendants who used various means to bypass CAPTCHA — the squiggly letters and numbers websites display to prove a visitor is human — in order to automatically purchase thousands of tickets from online vendors and resell them to premium customers. The defendants have been charged with wire fraud and with violating the anti-hacking Computer Fraud and Abuse Act, in an elaborate scheme that allegedly used a network of bots and other deceptive means to bypass CAPTCHA and grab more than 1 million tickets for concerts and sporting events. They made more than $25 million in profits from the resale of the tickets between 2002 and 2009. ...

This isn’t good: Intelligent Integration Systems (IISi), a small Boston-based software development firm, alleges that their Geospatial Toolkit and Extended SQL Toolkit were pirated by Massachusetts-based Netezza for use by a government client. Subsequent evidence and court proceedings revealed that the “government client” seeking assistance with Predator drones was none other than the Central Intelligence Agency. IISi is seeking an injunction that would halt the use of their two toolkits by Netezza for three years. Most importantly, IISi alleges in court papers that Netezza used a “hack” version of their software with incomplete targeting functionality in response to rushed CIA deadlines. As a result, Predator drones could be missing their targets by as much as 40 feet. ...

This is a pretty neat attack from the malware pushes leveraging on the ignorance of the average user – which in all honestly is a safe bet most of the time! You could consider it a Social Engineering attack as it’s taking something that’s familiar and changing it to deliver malware. I’m sure all the Firefox users reading have at some point or another been faced with the warning screen that tells you a site is not safe to visit, the red page which states in big white letters “Reported Attack Page!”. ...

Opera today released the first alpha of Opera 11, the next version of the company’s award-winning desktop web browser. Opera 11 is the first Opera browser to include extensions, browser add-ons made using Opera application programming interfaces (APIs) and web standards like HTML5 and JavaScript. Opera was already the most powerful browser out-of-the-box; now, it adds a new level of customization. Opera 11 alpha is available from http://www.opera.com/browser/next/. Extensions allow users to make their web browser their own by adding features and functionality directly into the browser itself, rather than as standalone Opera Widgets or Opera Unite applications. Developers can build extensions with the same web standards they already use to build websites and web applications. Better yet, with only a few tweaks to their code, developers who have already authored a similar extension for other browsers will be able to share their creation with more than 50 million Opera desktop users. ...

Firefox 3.6.11 and Firefox 3.5.14 are now available as free downloads for Windows, Mac, and Linux from http://firefox.com. As always, we recommend that users keep up to date with the latest stability and support versions of Firefox, and encourage all our users to upgrade to the very latest version, Firefox 3.6.11. The update fixes 40 security and stability bugs, including 5 critical security vulnerabilities. Firefox 3.6.11: http://firefox.com Firefox 3.5.14: http://www.mozilla.com/firefox/all-older.html We strongly recommend that all Firefox users upgrade to these latest releases. If you already have Firefox, you will receive an automated update notification within 24 to 48 hours. This updates can also be applied manually by selecting “Check for Updates…” from the Help menu. ...

A quick and powerful upgrade for your Firefox shortcut mastery: Move Tabs. It’s a simple and useful Firefox extension developed by Jêrome Reybert that allows you to move the current tab to the left, right, the beginnign or the end of the tab bar by simply pressing Ctrl + Shift + PageUp, PageDown,Home and End respectively. Really simple. Get Move Tabs at Mozilla Add-ons. Credit to ‘Mozilla Links’

Apple is cashing in on the popularity of its iPhone and iPad to boost demand for its oldest product, the Macintosh. The company launched a revamped MacBook Air at an event dubbed “Back to the Mac” at its Cupertino headquarters. The computer is seen as a marriage of what Apple has learned from desktop computing and mobile devices. Like the iPad, the Air will have no hard drive and rely on flash memory. ...

Researcher sees ‘unprecedented wave of Java exploitation’ Oracle’s Java framework has surpassed Adobe applications as the most attacked software package, according to a Microsoft researcher who warned she was seeing “an unprecedented wave of Java exploitation.” The spike began in the third-quarter of last year and has climbed steadily since, according to data reported on Monday by Holly Stewart, a member of the Microsoft Malware Protection Center. By the beginning of this year, the number of Java exploits “had well surpassed the total number of Adobe-related exploits we monitored,” she said. ...

Google has no plans to resume using its Street View cars to collect information about the location of Wi-Fi networks, a practice that led to a flurry of privacy probes after the company said it unintentionally captured fragments of unencrypted data. The disclosure appeared in a report on Street View released today by Canadian privacy commissioner Jennifer Stoddart, who said that “collection is discontinued and Google has no plans to resume it.” Assembling an extensive list of the location of Wi-Fi access points can aid in geolocation, especially in areas where connections to cell towers are unreliable. ...