WinAmp bug opens door to MP3 viruses
WinAmp bug opens door to MP3 viruses. Interactive Week Apr 30 2002 9:22AM ET [Moreover – Tech latest]
Archive for April 2002
Fun With Your Zip Program
NY Times: Fun With Your Zip Program. “Using little more than the zipping programs found on most personal computers, [Italian scientists] can easily distinguish between texts written in 10 different languages and almost unfailingly tell which of a large group of texts were written by the same author.” …
“The scientists performed a further test of their technique by analyzing a single text that has been translated into many different languages — in this case the Universal Declaration of Human Rights. The researchers used their method to measure the linguistic “distance” between more than 50 translations of this document. From these distances, they constructed a family tree of languages that is virtually identical to the one constructed by linguists. “
[Scripting News]
China Incapable of Hacking US Files
AP via NY Times (April 25, 2002):
China Incapable of Hacking US Files
The Chinese military is seeking to develop the ability to disrupt Taiwanese and U.S. computer systems, but doesn’t have the sophistication to cause widespread problems, U.S. officials said Thursday.
…
“These are … not people from the government,” the official said. “For the most part, it’s students who are doing this during school breaks.”
Can you really click ‘No’?
Mr. Fine contacted Symantec and was told that as of Nov. 1, 2001, Symantec had changed its policies and that his users could no longer use NAV updates on their home systems. (Because Symantec’s licenses are perpetual, in theory the home users could keep the original software on their systems, but without new virus definitions the software would soon be of little use.) “I was pretty disgusted,” says Mr. Fine. “Since we were on maintenance at the time of this change in policy, the right thing for them to do would have been to notify customers at that point. To ‘notify’ me by allowing me to renew, so I can read it in the fine print, is not the best way to find out that a feature that was a big plus for us in choosing NAV is now gone.”
CIA Warns of Chinese Plans for Cyber-Attacks on U.S.
LA Times:
CIA Warns of Chinese Plans for Cyber-Attacks on U.S.
Moreover, U.S. authorities are bracing for a possible wave of hacking attacks by Chinese students against the United States in coming weeks, according to the analysis. The confidential alert, which was reviewed by The Times, was sent to intelligence officials a week ago.
No kidding. We’ve had the interest of a Chinese hacker trying to disrupt our operations for at least a couple of months.
Hackers turn tables on file-swapping firms
Hackers turn tables on file-swapping firms. ZDNet Apr 25 2002 6:07AM ET
For the past several weeks, the pseudonymous programmer, a college student who declines to give his real name, has been releasing versions of popular file-swapping programs online with the advertising and user-tracking features stripped out.
[Moreover – Computer security news]
IE-6 privacy solution backfires
IE-6 privacy solution backfires. “The privacy features added in IE6 to help protect a user’s privacy by giving them direct control over cookie management allows any site to read any other site’s cookies, in effect removing all privacy. Further, this hole extends to other protocols, allowing you to execute arbitrary commands on the user’s machine as well as take over MSN Messenger,” Larholm told us. [The Register]
See also
SQL Security
SQL Security:
the web site,
and
the slide show.
Loose Coupling in Web Services
Adam Bosworth (BEA): “Loose coupling is central to the nature of Web services-based application integration. That’s why it seems to me that the right model for XML in Web services is a message-oriented, document-based one rather than one based on remote procedure calls.” [Scripting News]
Security Review of 802.11b
Security Review of 802.11b: an excellent rundown by the author of a recent O’Reilly & Associates book on 802.11b.
