Join 3,439 readers in helping fund MetaFilter (Hide)

11 posts tagged with Web and security. (View popular tags)
Displaying 1 through 11 of 11. Subscribe:

Security Sunday

Ars Technica reports on malicious extensions on the Chrome web browser, which install advertising-based malware that hijack links and inject ad content. Further speech recognition exploits (source) leave open the opportunity for malicious sites to record sound captured by the user's web browser without permission.
posted by Blazecock Pileon on Jan 26, 2014 - 30 comments

Privacy is not an end in itself

"In 1967, The Public Interest, then a leading venue for highbrow policy debate, published a provocative essay by Paul Baran, one of the fathers of the data transmission method known as packet switching [and agent of RAND]. Titled “The Future Computer Utility," the essay speculated that someday a few big, centralized computers would provide 'information processing … the same way one now buys electricity. Highly sensitive personal and important business information will be stored in many of the contemplated systems … At present, nothing more than trust—or, at best, a lack of technical sophistication—stands in the way of a would-be eavesdropper.' To read Baran’s essay (just one of the many on utility computing published at the time) is to realize that our contemporary privacy problem is not contemporary. It’s not just a consequence of Mark Zuckerberg’s selling his soul and our profiles to the NSA. The problem was recognized early on, and little was done about it... It’s not enough for a website to prompt us to decide who should see our data. Instead it should reawaken our own imaginations. Designed right, sites would not nudge citizens to either guard or share their private information but would reveal the hidden political dimensions to various acts of information sharing." -- MIT Technology Review on The Real Privacy Problem
posted by Potomac Avenue on Nov 12, 2013 - 17 comments

DigiNotar SSL certificate compromise

Two days ago a user asked Google about a strange warning he was getting when trying to access Gmail from Iran. Turns out he was getting a fraudulent SSL certificate that was issued incorrectly for *.google.com by DigiNotar, a Dutch certificate authority. It seems likely this was a deliberate man-in-the-middle attack to snoop email in Iran. This attack is the second SSL certificate compromise in a year (previously), pointing to a fundamental design flaw in Internet security. [more inside]
posted by Nelson on Aug 30, 2011 - 45 comments

Firesheep demonstrates how ineffective Web security is

“When it comes to user privacy, SSL is the elephant in the room.” Meet Firesheep: a Firefox plugin that sniffs out unencrypted HTTP sessions on your network segment and lets you impersonate any of the users found. Eric Butler unveiled it today at Toorcon 12, a San Diego conference on computing security, and it demonstrates what amounts to a gaping hole in the Web security model.
posted by spitefulcrow on Oct 24, 2010 - 67 comments

"Be afraid. Be very afraid."

Starting today, Starbucks is offering free wifi in all of their US and Canadian stores. This has computer security folks a little edgy, since it could allow hackers and computer miscreants new opportunities to steal the data of unsuspecting computer users, and prompted Steve Gibson, computer security guru, to advise people to "just be afraid. Be very afraid." This applies to people who use laptops, wifi enabled cellphones and pdas. But there are ways to protect yourself. [more inside]
posted by crunchland on Jul 1, 2010 - 93 comments

Algorithms for dumb security questions

Algorithms for dumb security questions
posted by nthdegx on Nov 18, 2007 - 19 comments

What is InternetSeer?

Someone is watching what you post. Today I received a note from a site called InternetSeer that told me some of my posts on The {Fray} were temporarily unavailable. Too bad I never asked them to keep an eye on things for me. Who are these people are what are they doing?
posted by tommasz on Nov 21, 2003 - 29 comments

Looks like Verisign

Looks like Verisign forgot to renew their UK domain name.
posted by timeistight on Sep 28, 2002 - 15 comments

Internet II

Internet II a series of articles from Forbes ASAP on such things as the coming broadband revolution through private/public consortiums, security and reliability improvements, Washington sclerosis and various other interesting miscellania. (and an update on Michael Milken!) Reminds me of the heyday of Wired :)
posted by kliuless on Oct 13, 2001 - 0 comments

Gartner Group

Gartner Group recommends that IIS users look elsewhere for a better web server.
posted by vowe on Sep 21, 2001 - 8 comments

Any server can read all your IE cookies.

Any server can read all your IE cookies. From any domain. Anyone. I was just explaing to my folks that the reason cookies are (generally) safe is that this was NOT possible. Well, it's possible now.
posted by ericost on May 11, 2000 - 32 comments

Page: 1