Secunia.com has identified a security problem with the latest release of MSIE 7 which "can be exploited by malicious people to disclose potentially sensitive information." See details and sample test at http://secunia.com/advisories/22477.
Best to use the better browsers like Firefox and Opera.
Thursday, October 19, 2006
Monday, October 09, 2006
BBC HoneyPot
The recent BBC article by Mark Ward describing an unprotected computer/honeypot set-up is nothing but a piece produced to create F.U.D. He describes how an unprotected XP computer is attacked repeatedly when connected to the internet. Of course, as with most tech articles produced by the BBC, the only operating system that seems to exist is Microsoft Windows.
The weaknesses in his article are explored on slashdot.org, so I won't rehearse them here.
Perhaps more interesting is the BBC/Microsoft memorandum of understanding "that aims to identify 'common interests' between the BBC and Microsoft. Areas for collaboration include search and navigation, distribution, and content enablement."
To purely speculate the relationship between BBC tech articles and the MS/BBC agreement:
Microsoft is going to have a hard time selling its upcoming release of the Vistas system, specifically, getting users of XP to upgrade, and to return ex-Microsoft users to the fold (for example all the college kids that bought new Apple laptops this year). MS will probably market the new system's "security" features as a main selling point.
Articles like the one produced by the BBC, that begin to explore the all too well known security problems in current Microsoft software, help prepare the marketplace for a new "secure" system, and condition consumers to see security as a need. The new Vistas OS will then present itself as the only viable solution to the problem.
Again, pure speculation. Nevertheless, when visiting the Vistas site on microsoft.com, there rarely is a page that does not mention security in some context. BBC articles on computer technology focus very heavily on the MS OS, almost to the exclusion of others.
The weaknesses in his article are explored on slashdot.org, so I won't rehearse them here.
Perhaps more interesting is the BBC/Microsoft memorandum of understanding "that aims to identify 'common interests' between the BBC and Microsoft. Areas for collaboration include search and navigation, distribution, and content enablement."
To purely speculate the relationship between BBC tech articles and the MS/BBC agreement:
Microsoft is going to have a hard time selling its upcoming release of the Vistas system, specifically, getting users of XP to upgrade, and to return ex-Microsoft users to the fold (for example all the college kids that bought new Apple laptops this year). MS will probably market the new system's "security" features as a main selling point.
Articles like the one produced by the BBC, that begin to explore the all too well known security problems in current Microsoft software, help prepare the marketplace for a new "secure" system, and condition consumers to see security as a need. The new Vistas OS will then present itself as the only viable solution to the problem.
Again, pure speculation. Nevertheless, when visiting the Vistas site on microsoft.com, there rarely is a page that does not mention security in some context. BBC articles on computer technology focus very heavily on the MS OS, almost to the exclusion of others.
Saturday, October 07, 2006
PSI/Cogent yet again
Host: 38.100.41.107
Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows XP)
Its getting tempting to just block everything in the range from
38.0.0.0 to 38.255.255.255, because the only visitors I've ever seen from this range are scum spam bots. Typical user-agents include Snapbot, voyager, cfetch, Java, as well as MSIE poser bots. They always run into a trap though, as the one listed here, and that keeps it fun.
Whois:
OrgName: Performance Systems International Inc.
OrgID: PSI
Address: 1015 31st St NW
City: Washington
StateProv: DC
PostalCode: 20007
Country: US
Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows XP)
Its getting tempting to just block everything in the range from
38.0.0.0 to 38.255.255.255, because the only visitors I've ever seen from this range are scum spam bots. Typical user-agents include Snapbot, voyager, cfetch, Java, as well as MSIE poser bots. They always run into a trap though, as the one listed here, and that keeps it fun.
Whois:
OrgName: Performance Systems International Inc.
OrgID: PSI
Address: 1015 31st St NW
City: Washington
StateProv: DC
PostalCode: 20007
Country: US
The New iPOD WOW!! (or not)
Red Hot Chilli Peppers, U2, and now . . . wait for it . . .
Tetris!!
Sorry Steve, iPod has officially lost its cool.
Perhaps the movie business will save ya.
Tetris!!
Sorry Steve, iPod has officially lost its cool.
Perhaps the movie business will save ya.
Tuesday, October 03, 2006
Nusearch Spider
Agent: Nusearch Spider (www.nusearch.com)
Host: 84.9.136.223
The Nusearch Spider dropped by for a visit. It only followed the first ten top-level html links. It was not interested in going to other directories, and even tried to load directory-names as files by dropping the trailing "/" then ignoring the resulting redirect.
The Spider obeyed some of the directives in the robots.txt, but not all. My guess its a configuration issue with the bot at this time. We will be watching them to see what's up.
I dropped by their site, nusearch.com and its yet another search engine promising to be better than the other guys. Ya whatever, but they need to get their bot under better control, and clean up it's blacklist status if they want us to allow them to crawl our sites.
Host: 84.9.136.223
The Nusearch Spider dropped by for a visit. It only followed the first ten top-level html links. It was not interested in going to other directories, and even tried to load directory-names as files by dropping the trailing "/" then ignoring the resulting redirect.
The Spider obeyed some of the directives in the robots.txt, but not all. My guess its a configuration issue with the bot at this time. We will be watching them to see what's up.
I dropped by their site, nusearch.com and its yet another search engine promising to be better than the other guys. Ya whatever, but they need to get their bot under better control, and clean up it's blacklist status if they want us to allow them to crawl our sites.
Subscribe to:
Posts (Atom)