Opera Software today introduced real-time Fraud Protection in its award-winning Web browser. Fraud Protection includes technology from GeoTrust, the leading digital certificate provider, and PhishTank, a collaborative clearing house for data and information about phishing on the Internet. Fraud Protection is available in Opera 9.1, the newest version of Opera's Web browser.
"I've (Kevin Poulsen) been invited here to witness the end-game of a police investigation that grew from 1,000 lines of computer code I wrote and executed some five months earlier. The automated script searched MySpace's 1 million-plus profiles for registered sex offenders — and soon found one that was back on the prowl for seriously underage boys."
An interesting note from the article is that
"[t]he code swept in a vast number of false or unverifiable matches. Working part time for several months, I sifted the data and manually compared photographs, ages and other data, until enhanced privacy features MySpace launched in June began frustrating the analysis."
This raises a question: if such sweeps take place for (child) sex offenders are turning up false positives with hits, does that mean that Joe Blow's information is stored somewhere along with the data for sex offenders? If this data got out, how would that look to have yourself associated with sexual offenders?"
Daemonstar writes: "Listening to customer feedback, Oracle is going to change its policy on vulnerability rating and start publishing ratings in its products according to the Common Vulnerability Scoring System (CVSS) starting October 17. Oracle has been criticized in the past for taking too long to patch certain vulnerabilities. Hopefully this improvement in communication will lead to faster risk assessment and corrective action. "This is great news for Oracle customers and will hopefully enable more people to decide what is critical and also what needs to be patched," says Oracle watcher Peter Finnigan. The Security Focus brief can be found here."