Security and the Net

News and opinions about security, the internet and more

Entries for May, 2009

Can you use photos posted on Flickr in a news article?

Of course you can; a more important question would be whether or not it’s legal. This is a question that will be decided in Dutch courts soon; Adam Curry has filed a lawsuit against a tabloid that used a picture of him flying a small airplane while smoking what might be a joint. In the [...]

Leave a Comment

FBI exploring Second Life

Just when I thought the hype surrounding Second Life was over, the FBI has apparently started exploring virtual worlds. So far, their efforts have been rather modest (a couple of virtual billboards with the Most Wanted list and other information), but if this “pilot test” is successful is might be expanded:

Leave a Comment

Are adult sites safe? How misquoting can change a story

This week, I saw reports on a couple of fairly large news sites and blogs about a study that supposedly shows porn sites contain far less malware than “normal” websites. While this makes for nice headlines, I was interested in this study and spent some time looking for the actual data used to reach this [...]

Leave a Comment

Some suggestions for newspapers

Just about every newspaper is currently looking for a new revenue model to make money online. Most suggestions are pretty black-and-white; either work with a subscription model or make the content available for free and make money by advertising. Unfortunately, the issue is not that simple: Users are not accustomed to paying for subscriptions for [...]

Leave a Comment

XSS against Google services: scary, but fixed fast

Let’s start with the bad news: a researcher known only by his nickname “Inferno” just announced he has found a cross-site scripting vulnerability on many Google services. While XSS attacks are, unfortunately, a common thing this one is far scarier than most. Since almost all Google services use a single cookie on the google.com domain [...]

Comments (1)

The downside of automatic updates

Just days after a report co-authored by Google claimed that the automatic update feature of the Chrome browser help improve security by silently installing patches without asking for approval from the user, the managed to demonstrate the downside of this approach.

Leave a Comment

Silent updates: improving security?

A paper comparing the update mechanisms for several different webbrowsers was published by Google and ETH Zurich yesterday. The full text can be found here, with a blog post accompanying it. As expected, Firefox and Chrome are updated fastest; Firefox because of the in-your-face warnings when a new version is available, and Chrome because updates [...]

Comments (1)

Borders in Cyberspace

In a recent column at SecurityFocus, cyber intelligence expert Jeffrey Carr discusses the diffuculties that researchers face when trying to determine the origin of attacks conducted over the internet. The problem is simple: there are lots of reports claiming attacks on important infrastructure that are “supposedly” coming from Chinese or Russian hackers. But because they [...]

Comments (1)