Apple iOS 4.3.3 update
Apple’s embarrassment and potential legal problems over the hidden location data base in each iPhone and iPad came to an end overnight with the 4.3.3 update to the mobile operating system.
It was revealed only 15 days ago on April 20th, 2011 that every iPhone and iPad was not only tracking your physical location but storing the data for retrieval. Continue reading
iLok dongle
Companies live in fear spending their time looking for pirates. Write good software, price it reasonably and you will sell enough to make a profit.
The last niche of the software market that hasn’t grown up is the music business. The business practices are twenty years old.
Many companies in audio and recording require a dongle to use their software. Dongles disappeared from the face of the earth in the rest of the computer business around 1990. Continue reading
AT&T allowed hacking email addresses
By Mike Masnick, TechDirt – Apparently, a security vulnerability in the way AT&T set up its network allowed hackers to capture the email addresses of 114,000 iPad owners.
The breach was pretty basic stuff: if you fed an iPad ID number to a script that was publicly available on AT&T’s website, it returned to you the email address associated with that ID. The hackers quickly set to testing out tons of likely IDs, and got back all those email addresses, including those of top execs at a bunch of big media companies, such as the CEO of the NY Times, CEO of Time, Inc., the President of News Corp, the CEO of Dow Jones and New York City mayor Bloomberg.
Oh yeah, also a bunch of government emails: “Rahm Emanuel and staffers in the Senate, House of Representatives, Department of Justice, NASA, Department of Homeland Security, FAA, FCC, and National Institute of Health, among others.” AT&T issued the expected “oops” statement soon after this was exposed.
iPad web surfing is addictive photo: Gizmo Watch
When I started the iPad review, which is now 3 articles long, I had no idea how the thing would be useful. It was purchased on a whim with the idea it could be returned within 14 days.
The two weeks are almost up an I can’t see it going back to Future Shop. Everyone in the house grabs it when they get home and again in the morning.
My idea was to set up a scorecard on the iPad against Apple’s claims of its value, do something objective not just “golly this is neat.”
Checking out YouTube was a disappointment. Then watching purchased videos was more fun. But who does that all day long? Only a small value for dollar there.
Continue reading
Phishing illustrations PC1 News
If you’re like me you have several tabs open in your browser at once. A Mozilla (Firefox) employee has identified a new phishing threat that can create a copy of another tab that is open. Then it fools you into logging in again. Presto ipso facto the thieves have your login and password.
This is not an imaginary threat. In October 2009 while investigating a story about a fake Chinese Adobe site, the malware crossed from one tab to the other and I gave them my website password. For almost a month, the trojan infected NJN Network with a re-direct to their site. Google alerted me to high traffic and we fixed it in November. However, back then no one could explain how the Chinese site got my password. Now we know.
The ComputerWorld article explains the technique. People from Safari, Chrome and IE deny that the exploit is in play. They are lying through their teeth. The Chinese are using this regularly to get identities.
Google, Big Brother is watching
Google admitted on Friday that it has been acting like Big Brother by collecting personal information about people since 2006. When German officials audited Street View they discovered Google was sniffing wi-fi networks for information.
Google posted and explanation and apology on their blog. All we can say is creepy and another good reason not to leave your wi-fi unlocked.
“Nine days ago the data protection authority (DPA) in Hamburg, Germany asked to audit the WiFi data that our Street View cars collect for use in location-based products like Google Maps for mobile, which enables people to find local restaurants or get directions. His request prompted us to re-examine everything we have been collecting, and during our review we discovered that a statement made in a blog post on April 27 was incorrect.
Multi-core illustration by Ars Technica
A new virus threat has been discovered by Massoutec.com that can expose multi-core computers running Windows XP and Vista 32-bit. According to the research, most of the standard anti-virus programs cannot detect the KHOBE malware.
Essentially what the virus does is present a clean file for the anti-virus program to check. Once passed, it swaps into another cpu core the malware program with the same name. Very tricky and so far no virus program, according to the researchers, has detected the infection.
Having personally just come from a Apache Linux infection on a major web hosting company, read about Google’s attack by the Chinese, it’s no time to relax. Continue reading
All week long, Network Solutions has been deluging me with social media. Cheap hosting fees are offered. Network Solutions is on Facebook with Smallvolution. They are on Tritter with almost hourly updates that seem to say “all is well with the world.”
Back in the world of hosting, their clients are slowly going insane. Another round of attacks last weekend had sites down for the 4th and 5th time. (Full disclosure: we are no longer hosting on Network Solutions)
Continue reading
smallvolution - a place to hang and vent?
Unlike McAfee who recovered from their bug last week in a few days, Network Solutions (NetSol) hosting service mis-handled its customer service for weeks with the “grep” iFrame redirect virus.
McAfee fixed the problem quickly and offered to compensate clients for their out-of-pocket costs. McAfee’s shares took a dive from $40 to $34.75 on news the bug will depress earnings a few cents. Analysts said McAfee was being punished for not meeting their numbers over several quarters.
Network Solutions has gone through stages of denial, admitting their helplessness and then public relations happy talk. Customer confidence has been shaken to the core. The response from Network Solutions appears to be management of social media. Website and social media chat sites are no substitute for excellent customer service.
We asked if Network Solutions intends to compensate their customers losses. They were non-committal. Continue reading
"Grep" virus hacked inside Network Solutions servers
Network Solutions hosting service mis-handled its customer service for weeks with the “grep” iFrame redirect virus. The same virus was also reported to be attacking GoDaddy hosted websites. Due to the lack of security at Network Solutions, we did the prudent thing and moved NJN Network to a more secure site.
The attacks started three weeks ago with more than 5% of Network Solutions’ customers infected with the Trojan. While site owners are responsible for their own security, Network Solutions did not provide reasonable care in protecting their customers. We asked them months ago if the site was protected by a virus checker. Yes they said. We subscribed to their nsProtect Safe service which was a useless piece of junk.
The virus created an iFrame re-direct. When someone visited an infected site, they were redirected to a site that said their browser or operating system needed to update.
As reported in Hackers access Network Solutions mail accounts, the mail server at Network Solutions is set up to allow re-directs. Some hacker has figured that out. They are relaying emails using made up account names.
Faced with a customer request, most companies try to find a way to make it happen. At Network Solutions they want more forms filled out.
Network Solutions’ response to this obvious “security alert – high risk” is to ask me to fill out forms. I don’t mind doing that except that’s how I reported the hack in the first place.
Being a ‘boy-scout’, I ventured back into their labyrinth system only to find their instructions impossible to execute.