BlaenkDenum - Slashdot User

Comment Re:So, explain ... (Score 1) 106

by BlaenkDenum on Thursday April 10, 2008 @05:57PM (#23030158) Attached to: Google Shares Its Security Secrets

"Preventing this is virtually impossible."

reCAPTCHA has a key system. It makes the user have private and public keys so that no one can simply take your CAPTCHA and use it on their site for others to solve for them. From the API Documentation:

"In order to use reCAPTCHA, you need a public/private API key pair. This key pair helps to prevent an attack where somebody hosts a reCAPTCHA on their website, collects answers from their visitors and submits the answers to your site."

Unless I understood you wrong, if so, sorry.

Top Botnets Control Some 1 Million Hijacked Computers 250

Posted by Zonk on Thursday April 10, 2008 @04:00PM from the not-many-linux dept.

Puskas writes "Joe Stewart is the director of malware research at SecureWorks, and presented a dire view of the current botnet landscape at the RSA conference this week. He conducted a survey of the top spamming 'nets, extrapolating their size from the volume of emails that flow across the internet. By his calculations, the top 11 networks control just over a million machines, hitting inboxes with some 100 billion messages a day. 'The botnet at the top of the chart is Srizbi. According to Stewart, this botnet — which also goes by the names "Cbeplay" and "Exchanger" — has an estimated 315,000 bots and can blast out 60 billion messages a day. While it may not have gotten the publicity that Storm has during the last year, it's built around a much more substantial collection of hijacked computers, said Stewart. In comparison, Storm's botnet counts just 85,000 machines, only 35,000 of which are set up to send spam. Storm, in fact, is No. 5 on Stewart's list.'"

Google Shares Its Security Secrets 106

Posted by kdawson on Thursday April 10, 2008 @12:35PM from the cultural-values dept.

Stony Stevenson writes "Google presents a big fat target for would-be hackers and attackers. At the RSA conference Google offered security professionals a look at its internal security systems. Scott Petry, director of Google's Enterprise and founder of security firm Postini, explained how the company handles constant pressure and scrutiny from attackers. In order to keep its products safe, Google has adopted a philosophy of 'security as a cultural value.' The program includes mandatory security training for developers, a set of in-house security libraries, and code reviews by both Google developers and outside security researchers."

Experts Hack Power Grid in Less Than a Day 302

Posted by samzenpus on Thursday April 10, 2008 @01:12AM from the quick-everyone-panic dept.

bednarz writes "Cracking a power company network and gaining access that could shut down the grid is simple, a security expert told an RSA audience, and he has done so in less than a day. Ira Winkler, a penetration-testing consultant, says he and a team of other experts took a day to set up attack tools they needed then launched their attack, which paired social engineering with corrupting browsers on a power company's desktops. By the end of a full day of the attack, they had taken over several machines at the unnamed power company, giving the team the ability to hack into the control network overseeing power production and distribution."

Slashdot Top Deals