Security and the Net

News and opinions about security, the internet and more

.SE domains offline

Due to a bug in new software, all .se domain names have been unreachable last last night, and can in some cases continue to be unreachable. The problem started when the .SE registry published an updated list of nameservers. It’s an error DNS administrators around the world make on a daily basis, but it’s been a long time since this happened to an entire top-level domain such as .se.

Swedish flag
[Read the rest of this entry...]

Is mobile advertising working for Google?

A little over a year ago, Google’s CEO Eric Schmidt said that the mobile Internet was “the next major growth wave for Google”. His prediction at the time was that mobile advertising revenue would surpass the revenue seen from “traditional” ads. Several months after Schmidt made these predictions, I first installed the incredible WPtouch theme for this blog, bringing a far better user experience for mobile users (in fact, the site looks better on my iPhone than in a normal browser, working on that…). At that time, I agreed with Schmidt that the mobile web was the future; so surely advertising revenues would follow. [Read the rest of this entry...]

Printing handcuff keys

At this year’s Hacking At Random event/conference (HAR2009), a member of SSDeV (the “Sportenthusiasts of Lockpicking”) managed to pull off a very cool stunt: he copied a key for police handcuffs without owning the original key itself. [Read the rest of this entry...]

Extensions coming to Chrome browser

Last week, the Chromium development team announced that the extension system has finally been released to the dev-channel. This is an important step, since it means users of the most bleeding edge version will now have the extensions system on by default, without requiring them to boot Chromium with the –enable-plugins flag.   [Read the rest of this entry...]

Dutch Ministry accidentally publishes credit card info

While the list of credit card numbers isn’t that large, this might just be one of the biggest blunders I’ve seen this month. The Dutch Ministry of Internal Affairs managed to publish the credit card numbers and expiration dates for both the Minister of Health and the Minister of Justice. [Read the rest of this entry...]

Tele2 Netherlands giving the same password to all users

The Dutch branch of ISP Tele2, an European ISP that is active in 11 countries, has just admitted that they use the same password for all new subscribers. Their procedure goes like this: [Read the rest of this entry...]

Palm defends tracking Pre user locations

Would you like it if you knew the manufacturer of your phone was tracking your location every day to give you a “great user experience”? I personally wouldn’t buy a phone that does this, but this is exactly what Palm’s Pre is designed to do. Faced with complaints about this feature, the best explanation Palm has been able to offer so far is that this “feature” is built into the phone by design: [Read the rest of this entry...]

How not to respond to security issues

Wat is the worst response you can give when someone alerts you about a security issue in your software? I can almost hear you thinking: “waiting two years to fix it“, but there is an even worse response. Some companies just simple don’t respond at all. Simply amazing…

After verifying the issue we contacted the company in several ways, emailing several addresses, but failed to “reach” anyone. We received several automated responses, and even our inquiry to their sales emails, returned nothing, are we missing something?

So, if anyone from Invision Power is reading this: you might want to contact noamr[at]beyondsecurity.com.

Squirrelmail plugins altered by hackers

squirrelmailLast month, the webserver hosting the popular open source webmail suite SquirrelMail was compromised. At that time, the maintainers thought no source code had been altered:

At approximately 1700 GMT, on June 16, it was discovered that the SquirrelMail webserver had been compromised. The project administrators took immediate action to mitigate any futher compromises, locking all accounts out, and resetting critical passwords.

At this time, the SquirrelMail project administrators have shut down access to the original server, and put a temporary hold on access to the plugins. It is believed that none of the plugins have been compromised, but further investigations are still being executed.

Last week, word got out that a number of plugins were modified during the hack. This suggests that the hackers intentionally targeted the SquirrelMail server, instead of just looking for a random machine. According the the SquirrelMail team, the following plugins were altered:

  • sasql-3.2.0
  • multilogin-2.4-1.2.9
  • change_pass-3.0-1.4.0

If you happen to use any of these plugins, now would be a good time to update! It would be nice if SquirrelMail would add some option to verify the integrity of the plugins as well; simple MD5 or SHA signatures for the plugins would have enabled everyone to detect changes.

Dutch court rules that The Pirate Bay should be blocked

A Dutch court has just ruled that access to The Pirate Bay should be blocked for all visitors coming from the Netherlands. The block should be in place within 10 days. [Read the rest of this entry...]