Using a number of sneaky attacks, it is possible for phishers and other Web-based bad guys to figure out which Web sites you regularly visit. While the fact that you frequently visit ESPN may not be a problem, such attack techniques can tell the phisher exactly which online bank you use, allowing her to tailor deception-based phishing emails so that they’re far more likely to dupe you. Below is a great white paper describing this attack from Sid Stamm and Markus Jakobsson. A live interactive demo of their attack can be seen by visiting their Browser Recon page, which will tell you exactly which online banks you’ve logged into in the past. Scary stuff.
“I’ve been participating in a charade for nearly eleven years, now. You have all been a part of a sick joke that I began considering shortly after first getting on the air.”
at the Carnegie Science Center
I suggest that you set this script up and run it at the beginning of the month for the first time, and then run it for a month before making major changes. In the example below I do the backup to a directory on the local server BACKUPDIR, but you could modify this script to do it to a tape on the local server or via an NFS mounted file system.
summer is just about over. *sigh* couple of videos and photos after the jump.
Photo courtesy of JennThomas.com
This quite possibly the best xkcd comics I’ve ever read. I’ve always wanted to name a kid with a MySQL code injection attack, or “+++ATH” or “^d^d^c^c^g^g^g^g”. Anything to mess with database nation.