June 2005

It seems I'm not the only one concerned about the implications of integrating RSS into every application via the OS. Check the earlier post here: Longhorn RSS Support

This is indeed good news. The original version of this application was due to die on June 31, 2005. This newest version will live until Dec 30, 2005. It is, of course, new and improved with Vitamin B, B12 and Riboflavin. Yes, we know Windows is a security nightmare but this application is a further step in the right direction for Microsoft.Get it. Use it.

While browsing the web, users will be able to easily discover RSS feeds through an illuminated icon, as well as read the feed while still in the web browser. Additionally, users will be able to subscribe to an RSS feed as easily as adding a web page as a favorite. Once a user chooses to subscribe to a feed, the fact that the user has subscribed is available to any interested application.

Uh-huh. How long will it take until some nasty script automatically and in the background subscribes me to ad-driven crap that proceedes to infiltrate to my other interested applications?

Unless the security of Internet Explorer + Longhorn is substantially improved there is no way in hell I'm letting this loose on my system.

These phishing attacks could be successfully carried out on the following browsers:

1) Firefox 1.0.4
2) Internet Explorewr 6.0

But NOT on these browsers:

1) K-Meleon 0.9
2) Opera 8.1

The trick here is never key information into a browser window if you can't easily identify the source of the window.

A security breach affecting some 40 million credit cards was announced today.
It appears that little personal information was accessed indicating future identity theft is unlikely, merely a little disappearing cash. Whoa, dodged a bullet there.

Better Safe Than Sorry, eh?

Hackers have accessed some 600 credit records located in a British Columbia credit bureau. The affected people are mostly located in BC as well. The Globe and Mail reports Equifax and the R.C.M.P are conducting an investigation and Equifax has contacted the affected consumers.

The report goes on to say that affected customers will be given a year's subscription to a service that monitors credit activity and warns customers of possible irregularities possibly leading to identity theft.

A flaw in Opera 8.0 has been discovered. The easiest solution is to upgrade to Opera 8.01. DO IT NOW.

Don't be fooled by this email message. The linked site will attempt to download a trojan to your PC. If you use an unpatched version of Internet Exploder you may then be unwittingly enlisted into a bot network - oooh, scary.

So, don't clck on links in email from people you don't know, don't use Internet Exploder or if you must make sure you have the latest security hotfixes applied and always have a recently updated Anti-virus application running in case you manage to infect yourself.

This exploit is very old (1998) so why it has reappeared should be interesting! This vulnerability allows web sites to project their content into a frame hosted my another site. Very nasty. Even using SpoofStick (you are using SpoofStick, right?) won't help protect you here.

The work around here is to always visit your banking or other sensitive sites using ONE BROWSER WINDOW ONLY. Close all other Browser Windows and when you are finished close your Browser completely.

Or do not open new windows at all - use tabs only as this exploit does not work from tab to tab only from window to window.

Uh-oh. Bluetooth appears to be the WIN95 of wireless communication - a giant open security hole. Two chaps have found that virtually any Bluetooth device can be cracked in as little as a few seconds. Best to turn off Bluetooth for now me thinks!