Wastholm.com

Every PC in China could be at risk of being taken over by malicious hackers because of flaws in compulsory government software.

Terms-Of-Service and other website policies form the foundation of your relationship with social networking sites, online businesses, and other Internet communities. But most people become aware of these terms only when there's a problem. TOSBack was created to help you monitor the policies for the websites you use everyday, and show how they change over time.

The Current State of Web Privacy, Data Collection, and Information Sharing

I'm here to report a small side effect from installing this service pack that I was not aware of until just a few days ago: Apparently, the .NET update automatically installs its own Firefox add-on that is difficult -- if not dangerous -- to remove, once installed. [...] Microsoft has disabled the "uninstall" button on the extension. What's more, Microsoft tells us that the only way to get rid of this thing is to modify the Windows registry, an exercise that -- if done imprecisely -- can cause Windows systems to fail to boot up.

Computer users often dismiss Internet security best practices because they find them inconvenient, or because they think the rules don't apply to them. Many cling to the misguided belief that because they don't bank or shop online, that bad guys won't target them. The next time you hear this claim, please refer the misguided person to this blog post, which attempts to examine some of the more common -- yet often overlooked -- ways that cyber crooks can put your PC to criminal use.

Their system, dubbed retransmission steganography (RSTEG), relies on sender and receiver using software that deliberately asks for retransmission even when email data packets are received successfully. "The receiver intentionally signals that a loss has occurred. The sender then retransmits the packet but with some secret data inserted in it," he says in a preliminary research paper (www.arxiv.org/abs/0905.0363). So the message is hidden among the teeming network traffic.

DPI technology raises privacy concerns because it can involve the inspection of information sent from one end user to another.

Can you believe that in nearly four years of Paranoid Penguin columns, I've never talked about how to configure FTP services? This month I fix that, using my new favorite FTP server, Chris Evans' excellent vsftpd (Very Secure FTP Dæmon). Because my space here is limited and the best use of FTP is anonymous FTP, we focus on anonymous FTP. The FTP protocol's use of clear-text authentication makes it a terrible choice for anything but anonymous file transfer. But anonymous FTP is still plenty useful.

And that's how to detect the attack. If EA is infected with the robust form of the attack, then X and Y will be functionally different. And if X and Y are functionally different, then V and W will be bitwise different. So all you have to do is to run a binary compare between V and W; if they're different, then EA is infected.

|< First   < Previous   171–180 (222)   Next >   Last >|