Never trust that a link in an email is going where it says it is. Never.
That was what made me think #4 was a phish.
My thoughts on the list: #1: sounds reasonable, so I guessed it wasn't a phish, though I still wouldn't follow that link if I wanted 'Extra Storage' -- log into the hotmail website and find the link there. #2: Wants me to 'update my information', and supplies URL to follow to do it? That's a phish. #3: Looks pretty convincing, but the threat to suspend my account if I don't do it makes it sound like a phish. It might cause me to log into my account and look for a 'verify now' link -- if it was major enought to send to all users, it's on the website. #4: See above: link in email to 'verify information' -- yeah right. #5: The steps they give to update my information involve going directly to the paypal website -- looks legit. Definately worth logging into paypal and checking. #6: Earthlink won't contact you exclusively via email to tell you there's a problem with billing -- they'd call. #7: Yet another 'verify your information' with a link in the email -- phish. #8: a pretty badly worded fraud -- eBay would write their email in better English. That and the link in the email.... #9: This looks pretty legit, though warning bells would go off if the USPS link requested my PayPal info. I wouldn't follow the lower link though -- log into Paypal and view the transaction history if you really want to see it. #10: Looks pretty slick, but again, it's your standard 'I'm Visa, follow me' trick.
Remember: Never assume a link goes where it says it goes. If it's something you value, navigate there yourself.
-quote-
Chairman McCain agreed to hold a hearing on this and other important digital rights management issues next month, and Sen. Brownback withdrew this amendment.
-quote-
The 'paper' and 'code' links in the parent post are not to a paper and code that exploit this, they are to the tools they used to write the exploit.
Re:Do younger minds absorb quicker?
on
Ageism in IT?
·
· Score: 2, Interesting
aparently, it's something about if you need your object to behave differently depending on the kind of data stored inside it, you should create a new class for each behaviour and have them all extend a class that provides for the other common behavior. Decent idea in theory, but can be quite a pain to put into practice sometimes...
They want to create a certification comparable to the MSCE? Gee... then we'll have have all these people with just a RHCT or RCHE admining linux boxes, and we'll have as many problems (DDOS zombies, etc.) as with the MCSEs admining windows boxes.
Certifications will help, but then people will think that that certification is _all_ that is needed to admin a linux box.
Slashdot Mirror
The basic rule I follow is:
Never trust that a link in an email is going where it says it is. Never.
That was what made me think #4 was a phish.
My thoughts on the list:
#1: sounds reasonable, so I guessed it wasn't a phish, though I still wouldn't follow that link if I wanted 'Extra Storage' -- log into the hotmail website and find the link there.
#2: Wants me to 'update my information', and supplies URL to follow to do it? That's a phish.
#3: Looks pretty convincing, but the threat to suspend my account if I don't do it makes it sound like a phish. It might cause me to log into my account and look for a 'verify now' link -- if it was major enought to send to all users, it's on the website.
#4: See above: link in email to 'verify information' -- yeah right.
#5: The steps they give to update my information involve going directly to the paypal website -- looks legit. Definately worth logging into paypal and checking.
#6: Earthlink won't contact you exclusively via email to tell you there's a problem with billing -- they'd call.
#7: Yet another 'verify your information' with a link in the email -- phish.
#8: a pretty badly worded fraud -- eBay would write their email in better English. That and the link in the email....
#9: This looks pretty legit, though warning bells would go off if the USPS link requested my PayPal info. I wouldn't follow the lower link though -- log into Paypal and view the transaction history if you really want to see it.
#10: Looks pretty slick, but again, it's your standard 'I'm Visa, follow me' trick.
Remember: Never assume a link goes where it says it goes. If it's something you value, navigate there yourself.
The engine that runs Tribes is called Torque
actually, if all bugs are fixed (by your definition), b2=0, not b2=b1.
Did you read the press release from his website?
-quote-Chairman McCain agreed to hold a hearing on this and other important digital rights management issues next month, and Sen. Brownback withdrew this amendment.
-quote-
Draw your own conclusion.....
The 'paper' and 'code' links in the parent post are not to a paper and code that exploit this, they are to the tools they used to write the exploit.
aparently, it's something about if you need your object to behave differently depending on the kind of data stored inside it, you should create a new class for each behaviour and have them all extend a class that provides for the other common behavior. Decent idea in theory, but can be quite a pain to put into practice sometimes...
They want to create a certification comparable to the MSCE? Gee... then we'll have have all these people with just a RHCT or RCHE admining linux boxes, and we'll have as many problems (DDOS zombies, etc.) as with the MCSEs admining windows boxes.
Certifications will help, but then people will think that that certification is _all_ that is needed to admin a linux box.
However, it _does_ set a legal precendent (in the court in which it was tried and all courts below it), I believe (though IANAL).
So it's a crime to run an insecure network? What about an insecure computer that can be cracked and used to launch an attack, is that a crime too?
Hmm... wonder if that means running a non-up-to-the-latest-patch OS or application is a crime?