apatrick - Slashdot User

Comment Use Limited Accounts (Score 1) 932

by apatrick on Thursday November 12, 2009 @02:43PM (#30076546) Attached to: Easing the Job of Family Tech Support?

At the risk of promoting my own work... I recently started http://netsafetyguide.com/ to address these kinds of situations. The goal of the site is to offer down-to-earth, practical news and tips about Internet safety and security. One of the tips that you will find there is to use limited (non-administrator) accounts for the untrained/uninterested users. Moving my teenagers to these accounts greatly reduced my frequency of reformats.

Submission + - SSL Certificate For PayPal Leaked

Submitted by Anonymous Coward on Monday October 05, 2009 @08:52PM

An anonymous reader writes: After nine weeks, null-prefix certificates that exploit the SSL certificate vulnerability Moxie Marlinspike presented at Defcon 17 are beginning to appear. Today, someone posted a null-prefix certificate for www.paypal.com on the full-disclosure mailing list. In conjunction with sslsniff, this certificate can be used to intercept communication to PayPal from all clients using the Windows Crypto API, for which a patch is still not available. This includes IE, Chrome, and Safari on Windows. What's worse, because of the OCSP attack that Moxie also presented at Defcon, this certificate can not be revoked.

Submission + - Canadian Minister Lies On Net Surveillance Claims

Submitted by Anonymous Coward on Friday October 02, 2009 @07:07PM

An anonymous reader writes: The Canadian government has introduced Internet surveillance legislation that requires ISPs to disclose customer information without a warrant. Peter Van Loan, the Minister in charge, claims that a Vancouver kidnapping earlier this year shows the need for these powers. I did some digging and shows this to be a lie — the Vancouver police acknowledge that the case did not involve an ISP request and the suspect is now in custody.

Submission + - SPAM: 2009 Ig Nobels awarded: Gasmask bras and more

Submitted by alphadogg on Friday October 02, 2009 @08:47AM

alphadogg writes: Improbably Research handed out its sort of tongue-in-cheek awards for wacky research last night at Harvard. Winners included teams who invented a bra that doubles as a gas mask, one that figured out that cows with names are more productive than those without names and another that determined why pregnant women don't tip over. (Bonus: Comparison of past Nobel and Ig Nobel winners [spam URL stripped])
Link to Original Source

Submission + - Identity theft is usually an unsophisticated crime (andrewpatrick.ca)

Submitted by apatrick on Friday October 02, 2009 @12:35AM

apatrick writes: A recent research report by Heith Copes (U Alabama at Birmingham) and Lynne Vieraitis (U Texas at Austin) has examined identity thieves and their methods. Copes and Vieraitis searched federal court records in the US for people convicted of identity theft and then tried to find out where they were serving their sentences. They were able to find 297 inmates, from which they sampled 59 inmates in 14 prisons across the country. The convicts agreed to do detailed interviews, in private, to talk about themselves and their crimes, and the results are reported in a recent issue of Criminal Justice Review, and summarized here.

According to Copes and Vieraitis, "it is best categorized as an economic crime committed by a wide range of people from diverse backgrounds through a variety of legitimate (e.g., mortgage broker) and illegitimate (e.g., burglar) occupations."

As to the issue of whether these are white-collar criminals, the authors say: "Despite public perceptions of identity theft being a high-tech, computer driven crime, it is rather mundane and requires few technical skills. Identity thieves do not need to know how to hack into large, secure databases. They can simply dig through garbage or pay insiders for information. No particular group has a monopoly on the skills needed to be a capable identity thief."

Slashdot Top Deals