Security news you can use – The updates keep rolling!
December 30, 2009 by admin

Keeping your system secure is a never ending battle. The evil-doers on the net are getting ever more sophisticated, and coming up with new ways to fool, cajole, trick or force you into downloading, running or loading software on your system that will compromise your system – at best, rendering it unusable, or at worst, invading your privacy, or even draining your bank account. It’s a Wild West frontier out there in the interwebs!

With that, let’s take a look at some of the recent updates and developments ion security news:

(more…)

read comments (0)
The Pulse of Security – Are you up to date?
September 9, 2009 by admin

As you’re reading this, another “Windows Patch Tuesday” has come and gone (Microsoft normally sends their updates on the second Tuesday of the month), and, as is often the case lately, there are some critical security flaws being remedied in this latest round of patches. Do you sometimes feel that this is a never ending battle? Well, in many ways, it is.

Complexity is the enemy of security, and today’s operating systems and the software we employ within them are incredibly complex… breeding grounds for programming errors, which can lead to security flaws.

What’s a poor person to do? How do you keep track of all this churn?

Keep your software up to date automatically, where possible, and check back here on Wednesdays where I’ll be keeping a pulse on the world of software security, and letting you know the straight scoop.

On today’s agenda – Windows monthly update, Snow Leopard introduction, and a summary of browser updates. Let’s start with Microsoft:

(more…)

read comments (0)
The Cookie is Dead, Long Live the Cookie!
September 2, 2009 by admin

Overview

A recent study at UC Berkeley, a government inquiry, and several recent news articles have combined to highlight a new privacy concern, as well as some underhanded tricks that web tracking companies are using to monitor internet user activity. Using Adobe’s Flash Player, web sites now have the ability to track users using a concept similar to browser cookies – and up to now, this has been done silently, without notification, and in some cases even after individual users have “opted out” of cookie tracking.

In fact, the study showed that more than 50% of the top 100 internet sites used Flash data to “re-spawn” cookies that had been intentionally cleared, deleted, or blocked by users.

Here’s an experiment you can try. Take a look at the following folder in your system, to see what sites are using Flash data to maintain tracking information on your system:

In Windows XP:

C:\Documents and Settings\{yourname}\Application Data\Macromedia\Flash Player\#SharedObjects

In Windows Vista:

C:\Users\{yourname}\AppData\Roaming\Macromedia\Flash Player\#SharedObjects

In Mac OS/X:

~/Library/Preferences/Macromedia/Flash Player/#SharedObjects/

In either case, look in the subfolder with a random name, and you’ll be amazed at what you find.

The idea of using Flash Player to store tracking information isn’t new, but it has spawned a hidden system for tracking user activity in a way that is neither self-evident, nor easily managed. Read on for some background and suggestions in how to deal with this situation.

If you want to skip the gory details and just know how to prevent this, skip to the section near the end, titled “Adobe’s Flash Player Settings Application.”

Read on…

(more…)

read comments (1)