modus_operandi writes: (via FARK.com): Clever malware authors have come up with a way to disguise malicious executable files as innocuous data types by writing the file name backwards. On May 11, analysts at Norman ASA (anti-virus software vendor based in Sweden) published details of the exploit in "The RTLO unicode hole — sequence manipulation as an attack vector". The trick is accomplished by using Unicode control characters such as 0x202E (right-to-left override) and 0x202B (right-to-left embedding). Although the payload is likely to be targeted at users of Microsoft Windows operating systems (which rely on filename extensions to determine whether a binary is executable) the exploit also works on any operating system which handles Unicode correctly. That means Linux and UNIX-based operating systems, including Mac OS X, will also be fooled into displaying a deceptive filename. Luckily, it is not possible to set chmod +x as a default in your umask! Could this technique be used in other, heretofore unsuspected, social engineering attacks?
webalert writes: With the holiday gift giving season behind us and the annual consumer electronics show a few days away, the thoughts of gadget lovers everywhere are turning to ways to make room for the latest and greatest.
stiller writes: In order to make up for the loss of income on its mobile network due to services such as whatsapp and skype, KPN — the largest fixed-line and mobile operator in the Netherlands — has taken severe measures: deep packet inspection of all mobile traffic in order to bill various services at different rates.
dkd903 writes: Earlier, during the Natty development cycle we reported that LightDM is being considered as a replacement for GDM. That did not happen for Ubuntu 11.04, but today it has been confirmed at the Ubuntu Developer Summit at Budapest that LightDM is finally replacing GDM in Ubuntu 11.10 Oneiric.
CWmike writes: "Scammers are distributing fake security software aimed at the Mac by taking advantage of the news that al-Qaeda leader Osama Bin Laden has been killed by U.S. forces, a security researcher said on Monday. A security firm that specializes in Mac software called the move 'a very big step forward' for malware makers targeting Apple's users. This is the first time scammers have targeted the Mac with a sophisticated, professional-looking 'rogueware' security application, said Peter James, a spokesman for Intego. On Monday, Intego published a detailed advisory about MAC Defender, noting that that it was 'very well designed, and looks professional.'"
i4u writes: If you're a regular reader of Russia Today or a big fan of that white-haired rogue Julian Assange, you may want to watch this interview. In it, the Wikileaks founder calls Facebook the "most appalling spy machine that has ever been invented". He goes on to explain that the social network is accessible to US Intelligence, which means none of your data is ever really "private".