40226097
submission
AngryDad writes:
Today I received a baffling email from my hosting provider that said "We have a company-wide patching freeze and we will not be releasing patches to our customers who utilize the patching portal for the months of November and December". This means that myself and all other customers of theirs who run Windows servers will have to live with several critical holes for at least two months. Is this common practice with mid-tier hosting providers? If so, may I ask Eastern-EU folks to please refrain from hacking my servers during the holiday season?
602782
submission
AngryDad writes:
Starting from the model year 2008, all vehicles sold in the US are required to have Tire Pressure Monitoring System (TPMS) installed. The article from HexView enumerates privacy issues introduced by TPMS, and some of them look pretty scary. Did you know that traffic sensors on highways can be adopted to read TPMS data and track individual vehicles? How about an explosive device that sets itself off when the right vehicle passes nearby? TPMS has been discussed in the past, but was never looked at seriously. The article provides great overview of TPMS history, technology, and ways to resolve problems.
79368
submission
AngryDad writes:
HexView has proposed a method to deal with spam without scanning of message bodies. Instead, the method is based solely on traffic analysis. They call it STP (source trust prediction). An RBL-like server collects SMTP session source and destination addresses from participating MTAs and applies statistics to identify spamlike traffic patterns. A credibility score is returned to the MTA, so it can throttle down or drop possibly unwanted traffic. While I find it questionable, the method might be useful when combined with traditional keyword analysis.
