Blog.Ivacy.com

“The Storm worm, which some say is the world’s biggest botnet despite waning in recent months, is now fighting back against security researchers that seek to destroy it and has them running scared, conference attendees in NYC heard this week. The worm can figure out which users are trying to probe its command-and-control servers, and it retaliates by launching DDoS attacks against them, shutting down their Internet access for days, says an IBM architect.”

Urban Camouflage. Unfortunally, it doesn`t work in the Web: if you pretend to be a server or a router, you get more attaks.

Bruce Schneier wrote:

Clever technique to put a checksum into the bill total when you add a tip at a restaurant.

I don’t know how common tip fraud is. This thread implies that it’s pretty common, but I use my credit card in restaurants all the time all over the world and I’ve never been the victim of this sort of fraud. On the other hand, I’m not a lousy tipper. And maybe I don’t frequent the right sort of restaurants.

Security expert Bruce Schneier told:

There is a gap between the reality of security and the emotional feel of security due to the way our brains have evolved. This leads to people making bad choices.

Everybody uses Wi-Fi, nobody cares security, right?

Very interesting material about the attacks against the Wi-Fi networks (including “man in the middle” and attacks against some specific Wi-Fi vulnerabilities)

Some people at Carnegie Mellon University are researching online privacy policies, and have a clever little survey for you. If you make it all the way through, you have a shot to win $250 in amazon.com credit.

The purpose of this study is to collect data that will improve on-line privacy polices. This research is part of a Carnegie Mellon study and is overseen by Professor Cranor.

 If you’re interested all you have to do is head here and survey away.

amigoro writes to let us know about an appeals court ruling that holds that federal agents can snoop on an individual’s web surfing, email and all other forms of Internet communication habits without a warrant. The court found recording this kind of information to be analogous to the use of a pen register. In 1979 the Supreme Court ruled that this technique did not constitute a search for Fourth Amendment purposes.