user

Fri
27
May
Dennis Faas's picture

Session Hijacking

In computer science, session hijacking is the exploitation of a valid computer session (commonly known as a "session key") used to gain unauthorized access to information or services in a computer system. For example, when a user logs in to a web ... site, the user's PC is tagged with a session key using a browser cookie (a cookie is a small file stored on the users PC that the browser reads). Any time the user requires access to a restricted area of a website (usually requiring login), the session key is extracted from the users' PC and compared to the key stored on the web server. If valid, the ... (view more)

Fri
27
May
Dennis Faas's picture

New 'Cookiejacking' Threat Hits Internet Explorer

An Italian security researcher has found a new security flaw in Microsoft's Internet Explorer web browser that could allow hackers to steal login information and passwords. The threat comes in the form of a 'cookiejacking' scheme (related to session ... hijacking ), which allows hackers to review website history and then use that to enter protected domains. Rosario Valotta recently demonstrated his cookingjacking findings at security conferences in Switzerland and Amsterdam. He acknowledged that exploiting the flaw isn't particularly easy, requiring a hacker to convince an online user to drag and ... (view more)

Tue
24
May
Dennis Faas's picture

Bill Demands New Privacy Laws for Social Networks

A proposed new law under debate in the California senate would make drastic changes to the way social networks handle user privacy. It would mean sites like Facebook would have to maximize their privacy settings as a default. Under the proposals, ... social networking sites would have to allow users to set privacy levels at the time of registration, explaining the various options "in plain language." This would have to include a clear explanation of exactly which categories of people and businesses would be able to see information. (Source: ca.gov ) Full Control Over Information By default, a new ... (view more)

Thu
28
Apr
Dennis Faas's picture

Politicians Demand Answers On Smartphone Tracking

Both Republican and Democratic politicians are questioning major tech companies about location data tracking features on mobile devices, such as cell phones. Five Republican congressmen who hold key positions on the House of Representatives Energy ... and Commerce committee have recently written joint letters to six companies: Apple, Google, Hewlett-Packard (HP), Microsoft, Nokia and Research in Motion (RIM). User Awareness Comes Into Question The letters demand information about the location data tracking features on the devices that the companies either manufacture or supply with an operating ... (view more)

Tue
12
Apr
Dennis Faas's picture

Study Uses MS Kinect as Virtual Sight for the Blind

A pair of Masters students at the University of Konstanz in Germany have undertaken a study that uses Microsoft Kinect to give virtual sight to the blind. The study involves a number of strategically-placed tech devices in a given location, with ... Kinect overseeing every movement. Navigation for the Visually Impaired Originally designed for the Xbox 360 as a way for hands-free gaming, the Microsoft Kinect system has taken on new meaning -- now providing what could be virtual sight to the blind. Dubbed NAVI (Navigational Aids for the Visually Impaired), the system works by connecting Kinect to a ... (view more)

Mon
04
Apr
Dennis Faas's picture

Record-Breaking Web Hijack Compromises 4M Pages

In taking advantage of a security loophole, hackers have hijacked as many as four million website pages over the past week. It's thought to be the biggest attack of its type, ever. The attacks have been dubbed LizaMoon, named after the first ... destination to which visitors of hijacked sites were redirected. The hijack campaign has proven to be incredibly successful: on the first day, security firm Websense estimated 28,000 web sites were affected, but within three days that figure had risen to 500,000. Two days later and the number of affected pages were estimated to be as high as three or four ... (view more)

Mon
21
Mar
Dennis Faas's picture

Internet Explorer 9 Doubles Web Privacy Control

Microsoft has announced that Internet Explorer 9 (IE9) supports two separate technologies for restricting access to information related to a user's online activity. One of the privacy features was recently prompted by the Federal Trade Commission ... (FTC). Both technologies involve the way websites share data with third-parties. The most prominent example is with advertisements that appear on a page; for example, rather than simply linking ads to the page content (such as a newspaper site running golf equipment ads alongside a golf match report), a site might pass on details of all the pages a ... (view more)

Fri
31
Dec
Dennis Faas's picture

MS Outlook, Word Users: Get A Patch Or Get A Virus

Microsoft has revealed that hackers have attempted to exploit a bug in Microsoft Word. The bug was fixed in a security update last month, but the company is also concerned that some users may not have installed the update. The bug involves the way ... MS Word handles rich text format (.RTF) files. This is a format used for text documents that have a very limited degree of formatting information compared to full-blown MS Word documents. The format is most commonly used as a way of moving documents from one word processor to another without altering the text's formatting. RTF Flaw Causes Memory ... (view more)

Wed
15
Dec
Dennis Faas's picture

Internet Explorer to include Do Not Track Feature

The next edition of Internet Explorer is said to include a new tool for users to restrict how their information is shared with websites. But it will likely mean that some web features and content will be unavailable to users if the special privacy ... feature is enabled. FTC Calls for "Do Not Track" Feature in Web Browsers Recently, the Federal Trade Commission (FTC) called on web browser producers and website owners to make it easier for users to avoid having their online activity shared with other web sites. For example, a site might share what a user reads with an advertising agency ... (view more)

Thu
09
Dec
Dennis Faas's picture

FTC Proposes 'Do Not Track' Idea for Web Browsing

The Federal Trade Commission (FTC) is promoting a new campaign that would enable users to stop advertisers from tracking their online behavior. Similar to having your telephone number appear on the "Do Not Call" registry, the FTC believes that ... having your web browser set to "Do Not Track" (DNT) would make for a safer online environment. In activating the Do Not Track feature, your web browser sends out a virtual message to the website, asking the advertiser(s) not to track you. The message is repeated on every website you visit. Activation Control at the Discretion of the User Do Not Track ... (view more)

Pages

Subscribe to RSS - user