foobar on computers, software and the rest of the world


Skype surveillance: You can't trust closed-source software

, posted: 3-Oct-2008 06:50

It has been widely reported now that apparently Skype is helping Chinese authorities monitor the Internet. Specifically, Tom-Skype - a joint-venture between eBay and a Chinese provider - is searching IM messages for 'suspicious' words and then sends copies of those messages to some server bank located in China, presumably for further analysis. The New York Times writes:
The encrypted list of words inside the Tom-Skype software blocks the transmission of those words and a copy of the message (read the entire post)...



Fake popup study: Users are idiots? I don't think so...

, posted: 25-Sep-2008 06:26

The Psychology Department of North Carolina State University has conducted a study, in which they tested how likely it was that users clicked on fake pop-ups. Those fake pop-ups are often associated with exploits and the installation of malware on your computer. Their test system created a number of different pop-ups, all with different types of hints that something was not right. The very unsurprising result of their study:
[ the researchers] found that the students are so anxious to get t (read the entire post)...



Google anonymises IP addresses in their logs? Not really...

, posted: 12-Sep-2008 13:51

A few days ago it was reported that Google is finally going to anonymise IP addresses in their logfiles. This should ensure some privacy for us all, right? But apparently, the anonymisation Google will perform is not all it's made out to be. All it will do is erase the last 8 bits of the address. And what's worse, the cookie information will be left largely untouched, allowing continued tracking of browsing sessions.

I said some while ago that Google is getting too big and that we sho (read the entire post)...



A very well-made malware installation site

, posted: 4-Sep-2008 11:28

I can really understand why there are more infections with malware on computers running Windows than those that run other OSs. Firstly, there are of course less people using those other OSs, thus the distributors of malware naturally focus on the biggest pie first. But secondly, some of those malware installation scams are actually very well done. Consider what I came across when I was researching digital cameras. Take a look at the top search result I got back from Yahoo for (read the entire post)...



Hold on to your personal data - you never know where it will end up

, posted: 6-Aug-2008 11:09

As if we needed another reminder of why it is a good idea not to hand over personal data when it can be avoided: Apparently, a laptop containing unencrypted and highly sensitive data about 33,000 travelers was stolen. Governments like to make us believe that gathering more data about us helps security, companies tell us that by handing over some personal information they can improve service and user experience.

Everything from biometric data about the person to network connection info (read the entire post)...



Backdoor in Skype? We need an open-source replacement

, posted: 25-Jul-2008 08:40

A backdoor in Skype?

It has long been speculated that there might be a backdoor built into Skype, something that would allow Skype (the company) or the police to easily monitor Skype conversations. Skype is closed software and can therefore not be examined on the source level. In fact, the Skype executable code has been deliberately obfuscated to resist any attempt of analysis.

Skype claims that it uses strong encryption and that therefore your conversations are secure. But (read the entire post)...



The 'reverse security' of banks

, posted: 13-Jun-2008 06:15

Today I saw this here, which brought back to mind something that happened to myself here in New Zealand some time ago. An example of how the expectation of security and authentication is geared only towards consumers having to identify themselves, while large organisations, such as banks, benefit from an implicit trust. This, of course, is a very dangerous mindset to have.

This is what happened: My phone rings, I pick up and the following exchange develops (it's been a while, but I tr (read the entire post)...



Disk encryption easily cracked? Nonsense!

, posted: 23-Feb-2008 10:15

Lots of coverage today about a new piece of research, which shows how keys for disk encryption tools can be recovered, supposedly meaning that "Disk encryption is easily cracked." Sigh! It's headlines like this that really annoy me.

As a summary, this is how the attack works: DRAM chips tend to hold their information for a couple of seconds, even after power is lost. So, in theory the keys for disk encryption tools are still in memory for a while, even if you quickly pull the plug sho (read the entire post)...



People, don't be stupid: Secure your WiFi!

, posted: 16-Jan-2008 14:55

On a recent trip through the New Zealand country side we stayed in a youth hostel somewhere. Sitting there, I switched on my laptop and scanned for available networks. Sure enough, there were a few of them. One of them was the access controlled and overpriced WiFi of the hostel itself. But there was also a network with the rather ominously named ESSID 'linksys'. Uh, oh! That's usually not a good sign. Someone left their router at the default settings. Tsk, Tsk.

Of course, no encrypti (read the entire post)...



foobar's profile

 
New Zealand


  • Who I am: Software developer and consultant.
  • What I do: System level programming, Linux/Unix. C, C++, Java, Python, and a long time ago even Assembler.
  • What I like: I'm a big fan of free and open source software. I'm Windows-free, running Ubuntu on my laptop. To a somewhat lesser degree, I also follow the SaaS industry.
  • Where I have been: Here and there, all over the place.




Google Search


Recent posts

Attack on net neutrality right...
Munich already saved millions ...
Iceland's public administratio...
More Apple madness (follow up)...
Apple demonstrates: With great...
Smooth sailing with the Karmic...
Censorship in New Zealand: Wid...
Image roll-over effects withou...
How about: Three strikes and Y...
UK government supports open so...


Top 10

How to write a Linux virus in ...
(11-Feb-2009 06:33, 465837 views)
Follow up: How to write a Linu...
(12-Feb-2009 08:10, 65477 views)
A truly light-weight OS: Writt...
(3-Feb-2009 10:39, 46908 views)
The 'Verified by Visa' fiasco ...
(20-Jun-2008 09:59, 32981 views)
EEE PC with XP is cheaper than...
(9-May-2008 06:50, 20474 views)
11 reasons to switch to Linux...
(4-Feb-2009 09:24, 20361 views)
Would you use Google App Engin...
(8-Apr-2008 20:02, 19808 views)
Censorship in New Zealand: Wid...
(16-Jul-2009 12:11, 19329 views)
Django Plugables: Tons of plug...
(11-Apr-2008 03:24, 17000 views)
Clippy for VI: What we all hav...
(22-Aug-2008 08:52, 16169 views)