Security

Internet Protocol addresses (IP) are used to identify computers and the actions they take on the Internet. IPs are routinely stored by search companies and other online businesses to help improve search results and provide advertisers with complete ... billing data. While this practice has been questioned before, with Google's pending bid to purchase advertiser DoubleClick, European leaders are taking a hard look at these business practices. Peter Scharr, Germany's data-protection commissioner, believes that IPs are not just a tool for companies to use, but a form of personal identification that ... (view more)

The Internet's most popular social networking sites might also turn out to be the most dangerous. Lack of age verification and deliberate or inadvertent bugs on these sites have been used to harvest private information, implant spyware, or enable ... child predators. It would seem that the old "danger: stranger" warning to young children is still appropriate to users of social networking sites. MySpace.com, with over 100 million active users worldwide, is a case in point. Two weeks ago, district attorneys in Queens announced that two underage girls using MySpace were enticed into the home of a ... (view more)

Microsoft has warned that several older versions of Excel contain a bug that could be exploited by hackers. It affects both Windows and Macintosh users. The bug could make it possible to execute code remotely. That means a hacker would be able to ... gain some degree of access to a user's computer, with the potential to steal personal information. The problem affects versions of Excel (including the stand-alone viewer) dated up to and including 2004. However, if the user has downloaded Office Service Pack 3, the bug will have been removed. Those versions dated 2007 or 2008 do not have the bug. To ... (view more)

Yahoo has signed a deal to add all existing Yahoo usernames and passwords to the OpenID database. When a Yahoo user visits one of the 10,000 sites in the scheme, they will be able to simply type 'yahoo.com' in the registration box and will then be ... taken to the Yahoo site to confirm their details before being returned to their chosen website, automatically logged in. (Source: pcworld.com ) People with a Yahoo account could find online life a bit simpler now that the firm has joined the OpenID scheme. However, critics question whether the scheme serves any real purpose. The idea lets Internet ... (view more)

On Tuesday, January 8 Adam Dabrowski, 14, managed to turn the tram system in the town of Lodz, Poland into his own plaything. Dabrowski was able to rig a TV remote control to change track points causing trams to veer in unintended directions. The ... problems became apparent when one of the operators tried steering his train to the right only to find it veering out of control in the opposite direction, jumping the track and crashing into an oncoming tram. Four vehicles were derailed during Dabrowski's stint at the helm, with twelve people injured. (Source: metro.co.uk ) It didn't take police long ... (view more)

If you visited Sears.com or Kmart.com and agreed to join their "online community," you may have installed spyware without your knowledge. Late last year, Sears.com and Kmart.com reportedly began asking users if they wanted to participate in a ... "community" online -- presumably a community made up of Sears and Kmart partners. In late December, security researcher Benjamin Googins of Computer Associates noticed that the "community" actually installed software from comScore, a market research firm, in order to track the web activities of the site's visitors. Googins noted on his company' ... (view more)

Think CNN and the major network news agencies are the only ones quick to jump on breaking international events? Think again. Only hours after the tragic announcement of the assassination of former Pakistani Prime Minister Benazir Bhutto, malware ... creators had already crafted an exploit to take advantage of curious web users. A number of security companies are reporting the widespread exploit, including McAfee, Symantec, and WebSense. According to this group, at least ten sites on Blogger.com (Google's primary blog service) were, as of the day of Bhutto's assassination, spreading a fake video ... (view more)

Has the Storm Worm passed? According to reports over the last few months, the danger has been minimized. And yet, some hackers still believe they can have a real impact with what was arguably the most popular bug of 2007. A recent Christmas-inspired ... version has been released and is reportedly bringing Storm back to its original potency. Since its debut almost a year ago, the Storm Worm -- which initially created headaches for IT employees, Internet providers, web site owners, and the average surfer alike -- appears to have been downgraded significantly. Like a hurricane passing over land, the ... (view more)

Hundreds of thousands of users on Google's social networking site have had their computers infected by a 'worm' virus. One source reports 400,000 computers fell victim, while another puts the figure at over 700,000. The attack took place in the ... Portuguese language, likely because the Orkut site is particularly popular in Brazil. The virus took advantage of a loophole in the site's scrapbook feature to post a JavaScript code on users' personal pages. JavaScript is a type of computer code commonly used to make websites interactive. The code then sent copies of itself to a user and his or her ... (view more)

A cryptographically flawed pseudo random number generator is reportedly being added to the upcoming Windows Vista Service Pack 1, raising concerns about a new random-number standard that includes a slow, badly designed algorithm containing a ... backdoor for the National Security Agency (NSA). Cryptographers Dan Shumow and Niels Ferguson wrote a yp.to (PDF) that revealed flaws in Dual_EC_DRBG standard at the Crypto 2007 conference this past August. Dual_EC_DRBG is one of four approved random number generators that's three times slower than the others. The design is based on the mathematics of ... (view more)