The articles headline is "'Pen' Testing in the Palm of Your Hand". Wikipedia describes pen testing as "a method of evaluating the security of a computer system or network by simulating an attack by a malicious cracker. The process involves an active analysis of the system for any weaknesses, technical flaws or vulnerabilities. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security vulnerabilities."
For real 'pen testing', stick with what all the hackers already know. Worry about a handy tool to do it with, after you've dealt with tried and tested measures.
I work in finance, and on occasion I have to manually type out invoices. It is important to maintain consistancy, so all the invoices are typed in block caps. If I didn't have caps lock, that particular task would be so frustrating...
Although I agree caps lock should be banned for anyone under 18, they seem to love it - and ALL CAPS DOES GET ANNOYING TO READ.
I once had a job where I had to sort through stacks of computers. Overall the stacks were pretty useless, a bunch of burnt out 286s. Even if you put all your redundant computing power into a stack doesn't neccesarily make it better!
I've been getting these for a while now. I was bewildered at first, but GMail has learned to dump this kind of thing straight in the spam box. They're just emails with attached images and a blurb of text. One I got today was:
Then the violence of agitated water ceased; the low trample ofhoofs ceased. This Texas prairie covered avast space, and in it she was lost. It seemedincredible that she would dare to drive across the prairie. The other white horse plunged on, dragging his mate tohis feet and into the race again. Among the articles of food were a loaf of bread and a bag ofbiscuits. As they vanished in the obscurity of dust so alsodid they fade from Millys mind! Behind, the huge, lowered, shaggy heads almost bobbed against thewagon. She felt in her coat for the littlederringer. Sleek gray deer weregrazing with them, as tame as cattle. Next morning Milly was up early, and on the way before sunrise. The horses took their bits between their teeth and ran headlong. The trampling roar of hoofs was deafening, but it was not now likethunder. Suddenly she thought of Tom Doan, and life, courage,hope surged with the magic of love. Between the road and thecottonwoods camps sent up their curling columns of blue smoke. Andthe hour came when the buffalo lumbered to a walk. Milly staggered up to leanagainst the seat and peer ahead. A heavy strain on the reins threatened to tear her arms from theirsockets. Then she climbed into the wagon,and without removing even her boots she crawled into the blankets. They were glad to beunder guidance again. Thought of meetingwith buffalo-hunters persistently flaunted hopes. Theyhad come to edge of slope on river brake.
The.gif that was attached was called 'conartist.gif', which is some text about equities.
Like I say, it confused me for all of a few seconds then I moved on with my life. I'd be interested to know how many people put up money for products / services they were spammed with.
There's a piece of software available from http://www.adlogger.org/ that tracks all the clicks to ads, as well as page impressions, IP addresses. It's fairly comprehensive.
So, someone admitted that there is a vunerability in Vista. Among all the folk invited to 'test' Vistas security, someone had to come up with something. Even if they had to be administrator to do it.
It's the ones the black hats are keeping under their caps, or hats, that is going to be issue. But they can't all be trusted to tell. Not if they've found an especially 'useful' hole anyway.
The BBC have been running Celebdaq for years now. They used to have a weekly show for it on BBC3. That is based on media coverage over the past week though.
I find these games entertaining on some small level. I've played Tradeover a little bit while I'm at work, that's a more realistic stock game. It would be stupid though to base the actual markets on the game, it's meant to work the other way around.
Big money moves the markets. Wherever the big money goes at the point of sale is what matters most.
It is possible to filter out these sites with a little more work. For example, my company blocks any url that contains 'proxy'. It also filters most proxy sites that you can find on Google.
I got around it by installing my own copy of phpproxy on my server and use it infrequently for certain sites. There's a lot of traffic to my domain anyway because I run an application my department uses on there, so it's fairly safe for me.
Why on Earth is this needed? I'm all for equal opportunities and everything, but does further segregation of the sexes help any cause?
Some things are always going to be *generally* one sex or the other. For example, men like mechanics and sports. Women like ponies and getting their nails done. Obviously not hard and fast examples.
Men like to be nerds, women like to be in the real world more.
In that case... Who runs an exe they receive in an email? Unless I'm expecting it, and know the sender, I certainly won't.
Education must be the answer then. I learned not to open random executables from unknown sources many years ago. People apparently click them though. Teach a man to use the internet, and he'll be safe for a day. Teach a man to know the internet and he'll be safe for a lifetime.
It's so much easier for the banker to 'accidentally' press the wrong key, than to stuff bright pink notes under something. And I'd be so pissed if the battery died halfway through the game.
Five years ago, I was working for an insurance company. One of my more boring jobs was entering registration plates / number plates as they're called here, into a massive database that was to be shared among all the insurance companies, the police, and the government agencies. It contained the VIN (Vehicle Identity Number - engraved on the chassis and engine I believe), the number plate, make, model and colour.
Not quite public information, but I remember doing a few searches on friends and relatives cars. And there's a lot of people working for insurance companies with access to that information.
I looked it up on the net, and out what it was. Can't remember off the top of my head though. It's purpose was to spread itself to other Nokia bluetooth enabled devices, and apparently in the early hours of the morning it would call premium rate numbers.
Trouble was, it hammered the battery with its constant bluetooth searching that it would only last a few hours before dying. Plus the constant "bluetooth busy" symbol on the phone was a dead giveaway.
Funilly enough, it was F-Secure that I used to get rid of it.
Slashdot Mirror
The articles headline is "'Pen' Testing in the Palm of Your Hand". Wikipedia describes pen testing as "a method of evaluating the security of a computer system or network by simulating an attack by a malicious cracker. The process involves an active analysis of the system for any weaknesses, technical flaws or vulnerabilities. This analysis is carried out from the position of a potential attacker, and can involve active exploitation of security vulnerabilities."
For real 'pen testing', stick with what all the hackers already know. Worry about a handy tool to do it with, after you've dealt with tried and tested measures.
No I meant manually into an archaic system. Should have made that clearer.
I wonder if the browser will pass the Acid Test....
I work in finance, and on occasion I have to manually type out invoices. It is important to maintain consistancy, so all the invoices are typed in block caps. If I didn't have caps lock, that particular task would be so frustrating...
Although I agree caps lock should be banned for anyone under 18, they seem to love it - and ALL CAPS DOES GET ANNOYING TO READ.
What the hell does 5.5m users per month mean? AFAIK the user IDs aren't even at 1m yet.
As a bit of a Star Trek fan myself, I have to say... It's trekker not trekie!
I once had a job where I had to sort through stacks of computers. Overall the stacks were pretty useless, a bunch of burnt out 286s. Even if you put all your redundant computing power into a stack doesn't neccesarily make it better!
Ars Technica reviews the Robosapien V2 [CC], a two foot tall robot that can lie down, stand up, laugh, taunt, and bowl.
Meh... Why not just have a baby? Oh wait, gotta get laid for that to happen. There could be a market for this!
The
Like I say, it confused me for all of a few seconds then I moved on with my life. I'd be interested to know how many people put up money for products / services they were spammed with.
There's a piece of software available from http://www.adlogger.org/ that tracks all the clicks to ads, as well as page impressions, IP addresses. It's fairly comprehensive.
So, someone admitted that there is a vunerability in Vista. Among all the folk invited to 'test' Vistas security, someone had to come up with something. Even if they had to be administrator to do it.
It's the ones the black hats are keeping under their caps, or hats, that is going to be issue. But they can't all be trusted to tell. Not if they've found an especially 'useful' hole anyway.
The BBC have been running Celebdaq for years now. They used to have a weekly show for it on BBC3. That is based on media coverage over the past week though.
I find these games entertaining on some small level. I've played Tradeover a little bit while I'm at work, that's a more realistic stock game. It would be stupid though to base the actual markets on the game, it's meant to work the other way around.
Big money moves the markets. Wherever the big money goes at the point of sale is what matters most.
If you were searching for "Pandoras Box" you probably were getting porn....
It is possible to filter out these sites with a little more work. For example, my company blocks any url that contains 'proxy'. It also filters most proxy sites that you can find on Google.
2 UuY29t&hl=1111101001 then they could just visit that link, see what it was and block away.
Also, if an admin notices they're getting a load of traffic to say http://surfinsecret.com/index.php?q=d3d3Lm15c3BhY
I got around it by installing my own copy of phpproxy on my server and use it infrequently for certain sites. There's a lot of traffic to my domain anyway because I run an application my department uses on there, so it's fairly safe for me.
In Soviet Star Trek, Enterprise drives you!
One of my friends rammed a bus once. It got in his way apparently, but he still got fined.
Why on Earth is this needed? I'm all for equal opportunities and everything, but does further segregation of the sexes help any cause?
Some things are always going to be *generally* one sex or the other. For example, men like mechanics and sports. Women like ponies and getting their nails done. Obviously not hard and fast examples.
Men like to be nerds, women like to be in the real world more.
In that case... Who runs an exe they receive in an email? Unless I'm expecting it, and know the sender, I certainly won't.
Education must be the answer then. I learned not to open random executables from unknown sources many years ago. People apparently click them though. Teach a man to use the internet, and he'll be safe for a day. Teach a man to know the internet and he'll be safe for a lifetime.
Personally I only download FF extensions from the official site.e fox
https://addons.mozilla.org/extensions.php?app=fir
I use WEP, but this certainly looks a laugh. Might turn that off, and see if I can have some fun!
That's why they're using a debit card.
It's so much easier for the banker to 'accidentally' press the wrong key, than to stuff bright pink notes under something. And I'd be so pissed if the battery died halfway through the game.
Five years ago, I was working for an insurance company. One of my more boring jobs was entering registration plates / number plates as they're called here, into a massive database that was to be shared among all the insurance companies, the police, and the government agencies. It contained the VIN (Vehicle Identity Number - engraved on the chassis and engine I believe), the number plate, make, model and colour.
Not quite public information, but I remember doing a few searches on friends and relatives cars. And there's a lot of people working for insurance companies with access to that information.
I looked it up on the net, and out what it was. Can't remember off the top of my head though. It's purpose was to spread itself to other Nokia bluetooth enabled devices, and apparently in the early hours of the morning it would call premium rate numbers.
Trouble was, it hammered the battery with its constant bluetooth searching that it would only last a few hours before dying. Plus the constant "bluetooth busy" symbol on the phone was a dead giveaway.
Funilly enough, it was F-Secure that I used to get rid of it.