Michael Gracie

I was at a party one night, and the subject of Skype came up. Some of the guests started cringing at all the free communication talk - they worked at a telco, of course. Then one proceeded to ask me “if I was some kind of hacker.” The person had absolutely no idea what they were asking, and I could only chuckle to myself. I couldn’t hack my way out of a wet paper bag.

Nonetheless, for everyone who doesn’t understand the term “hacker,” which is generally used in the mainstream to represent someone who breaks into computers, here are some definitions, in terms even my dog could understand.
Read more »

Two new spam/phishing related laws are about to take effect next week in California.

The first makes phishing a crime. Yea yea, your thinking the same thing I was. Was stealing bank account, credit card and other information from people legal before SB355? The second makes spamming under California law a misdemeanor, with penalties up to $1,000 and 6 months in the county jail. Hardly a deterent if you ask me. What was the punishment before this..you have to go to bed without dinner?

State Senator Kevin Murray (D-LA) is about to get a pat on the back, but nothing is going to change.
Read more »

Citizens in Florida should watch the latest insurers’ rate requests closely, as it is going to affect everyone. At least one large insurer (Allstate Floridian) has already been denied a rate increase - more denials are going to force carriers out the door, reduce competition, and result in higher rates anyway.

Allstate highlights the issue in the fine print:

It’s important to note that Allstate Floridian Insurance Company and Allstate Floridian Indemnity Company are separate and distinct companies from each other and from all other companies in the Allstate group.

Why? Because it gives them protection in case of more catastrophic losses - the option of walking out of the market is better than bankrupting the rest of the company.
Read more »

Telcos are using incentives as flat out bribes, offering free iPods to people who complain about their cable company on public forums.

They can’t compete, so they combine. They can’t partner, so they pillage. They’re running out of steam, so they resort to outright deception.

Sounds like the telecom industry is turning into a training ground for wanna-be politicians.

There have been (at least) a few folks out there that have pinged this site and received a throttling (literally). The problem has been fixed - please accept my apologies. If you are one of those people (meaning the legitimate ones), feel free to re-ping. I’ll approve the trackbacks ASAP.

Thanks.

A guy in Indiana had his bank account emptied by someone in Russia. Not much news there - just thought I’d be silly (with the play on words in the title). Closer to home than a story about a bank getting hacked by someone in China I guess.

A web programmer is claiming he found a trojan that reformats Google referral buttons into text ads, the purpose of getting someone to click through to an alternative site.

Manipulating JavaScript at the browser isn’t too difficult, which is why most browsers give you the option of turning JavaScript off altogether. A pre-infected machine, like one running some adware laden browser toolbar, would make the process even easier. But I have to wonder about the example.

Shown is a rectangular text ad, but Google doesn’t offer such sizes for its referral buttons. The biggest Google referral block offered is 468 X 60, for a banner, and 120 X 60 for a block. The glaring example shown is a 336 X 280 text ad. So either the web page developer left a lot of whitespace (or in this case, bluespace), or we are not getting the full story here.

The BBC notes that virus writers layed off the whole “build a virus to destroy the world” bit this year, and instead produced targeted “product” that would make them some money.

I believe we are looking at market forces on the move. First, malicious code writers [cheaply] test widely distributed vulnerabilities, and take notes while everyone scrambles to fix the problem. They go back to the drawing board while spammers and phishers (usually less technologically adept than a hardcore virus writer) pick up the slack. Next they do small tests of vulnerabilities, to see if they can make some dough from it. They take notes while people scramble to fix more obscure issues.

Their New Year’s resolution? Create widely distributed, money making opportunities based on all those notes.

This isn’t a new idea: ban infected computers from the net. Some Australian ISPs have already done this with zombied computers, and the FTC has pushed for the same.

It is not a bad idea. In fact, I think it is a damn good one, no matter what Microsoft says. Put the responsibility for safe computing in the hands of the user, much like the responsibility one has when behind the wheel. If you are somehow infected through carelessness (or flat out ineptitude), you can continue your work, just within the confines of your Linksys router instead of my hard drive.

To Richmond news agencies: If you are going to warn your “masses” about an impending security issue, try doing it more than a week before the drop dead date. If the problem was discovered weeks ago, that might be a clue that you need new information resources..hint hint :-).

Example: if you find a threat to a fully patched Windows PC spread the word right away.