intodimensions.com

We were gone to Oman over the weekend and when we checked our site when we had just came back, the home page said it had been “hacked”.

We’re now upgraded to the latest WordPress but some things from the old site doesn’t work yet so it’ll be a while before it’s all back. The content is all here though.

EFF:

Google today announced a new “feature” of its Google Desktop software that greatly increases the risk to consumer privacy. If a consumer chooses to use it, the new “Search Across Computers” feature will store copies of the user’s Word documents, PDFs, spreadsheets and other text-based documents on Google’s own servers, to enable searching from any one of the user’s computers. EFF urges consumers not to use this feature, because it will make their personal data more vulnerable to subpoenas from the government and possibly private litigants, while providing a convenient one-stop-shop for hackers who’ve obtained a user’s Google password.

If that’s what they’re really doing, I don’t like it at all.

Hamachi looks like a really exciting and promising technology to keep your computers secure while connected to networks like the internet. Go to their site and try it, it’s free. There is a Mac command line client and a GUI version is coming. I’ve got it running on my Mac and it works fine.

[posted with ecto]

Is this over confidence or just a typo? You decide!

Perhaps the most unique feature of MontessoriTrac is that it is web-based. Teachers, administrators, and parents can access their records via the web. Our system is secure, so unauthorized access is not even a possibility. This gives every one using the system the ability to get reports, manage school resource materials and get information at their own convenience. Users cannot access the features without passwords, so usage reports remain accurate.

In my mind, anyone who claims that “unauthorized access is not even a possibility” either A) knows something about computer security that the rest of the world doesn’t, B) knows too little about computer security, C) made a typo, or D) ?.

A clue as to which the correct answer is can be found on another page:

Memory Requirements
128 MB RAM is necessary for minimum performance. We recommend 256 MB or more for optimal performance.

Hmm… “256Mb for optimal performance” - what current OS runs at “optimal performance” with 256Mb? Windows XP runs with 256Mb but certainly not at “optimal performance”.

We’re used to having antivirus software on our computers but now it seems we have to get used to it on our mobile phones as well. The BBC carries an article on securiy form F-Secure’s recent launch of an antivirus package for smartphones. It’s F-Secure’s Mobile Antivirus which for about $30 per year will protect your Symbian smartphone. Says F-Secure, it “provides fully automatic protection for mobile devices against viruses and harmful content in all file types”. I’m not sure this is necessary or not, but I suspect it’s getting increasingly important since mobile phones are more like regular computers today and they are connected to anything and everything.

When we moved to the UAE we brought with us our Sony Ericsson T637 phones from the US. We had them unlocked before moving and they did work over here but the reception was horrible. In many places where others got good connections with (mostly) Nokia phones, we got no connection at all. So we decided to get new phones and since everyone else (almost) is using Nokia… “when in Rome”. My pick was a 9300 Communicator. It’s a bit larger than other phones but it gives me the ability to ditch my PDA (which Crystal felt was really a waste since we had just invested in iPaqs) and carry only one device instead of two. So far I’m really happy with the 9300. It’s small enough to take anywhere comfortably, it syncs with Outlook, and you can transfer files back and forth with a PC. It can play MP3s and Real video which I haven’t tried yet, and it can get on the internet through the mobile phone connection. For a while I considered the 9500 but it’s considerably larger and heavier and you only get wifi and a camera compared to the 9300. Wifi would be nice but not necessary and a camera I can do without.

I recently read an article on Smallbusinesscomputing.com about the services offered by Anonymizer. The article has the title “Remain anonymous” and I expected something about in general how a business user can stay anonymous online but to my surprise I found that it was nothing more than a glorified sales-pitch for Anonymizer’s products, disguised as an “editorial.” Puzzled as I was I sent the writer of the article an email:

“Perhaps I read the article wrong, but the impression I get is this is nothing but a nice ad for Anonymizer products. Where’s the critical view on what their products do and what they can be used for? How protected is a user really? Any empirical tests that can tell me if I am really anonymous or not? Where’s the look at alternative products/services? Why are there no alternative views to Cotrell presented? I would certainly expect more from a “managing editor.”

//Magnus”

And the reply was:

Hi Magnus,

The story was a news announcement and an overview of what the company offers. The critical view comes when we review products. You’ll note that we do not endorse the company’s claims — we’re simply reporting them.

Thanks for your comments,

Lauren

Lauren Simonds
Managing Editor
SmallBusinessComputing.com

Ms. Simonds should get credit for replying to me, not everyone would have. But her reasoning seems a bit strange to me. It was a “news announcement” and “an overview” of what Anonymizer offers. To me the article doesn’t come across as a “news announcement.” Perhaps I’m being misled by the title but I would expect some critical thought and analysis about the products and probably also something about other, competing products. Other publications seem to do a better job of distinguishing between what is just presenting something that has not been reviewed and checked and what has. What makes it worse in this case, I think, is that it’s signed by the “managing editor” of the publication. That certainly indicates that it’s either his/her editorial, which means it’s totally their personal opinion and in which cased it might be okay with this article, or that it’s somhow sanctioned and approved by the editor, in which case it’s not okay. Perhaps I’m reading too much into this, but it certainly seemed a bit “fishy” to me. Anyway, Anonymizer should be happy. They got free and uncriticial publicity.

NewScientist.com:

Cryptographers have discovered a way to hack Bluetooth-enabled devices even when security features are switched on. The discovery may make it even easier for hackers to eavesdrop on conversations and charge their own calls to someone else’s cellphone.

Now that’s even more incentive to keep Bluetooth turned off on my cellphone and iPaq.

Vowe.net:

Last Friday an official report was released by the Pentagon and the American authorities claiming basically that the murder of the Italian secret agent Calipari in Bagdad was a consequence not of the American soldiers mishandling of the situation but due to the wrong behaviour of the Italians and the car carrying the agent and the hostage on the way to the airport.

The document was produced in Acrobat PDF format and most of important information was hidden as confidential. The Italian government (the minister of foreign affairs) made a lot of noise as they disagreed with the conclusions and refused to sign the document. No names were released from the Americans and many important details wiped out from above document.

This morning Gianluca Neri, an Italian blogger from Milano, had a look at the document which was published on the net and ridiculized the whole American secret services. With a simple cut and paste from the Acrobat document into a word processor, he was able to disclose all details to the public: names, places, the name of the soldier who fired, everything…

It is actually pretty simple to recover that information. Open this PDF, select all text, copy to clipboard and paste into a regular text editor. if your version of Arcobot does not let you select the text, find the Microsoft Word document here.

I feel much safer now knowing that our security is handled by experts.

I guess I should scramble to check all the PDFs I have published on this site but I don’t think there’s any confidential/classified information in them (I hope)…

The Inquierer:

FRENCH LEGISLATORS ruled that anti-copying digital rights management software on DVDs should be banned because it prevents a user making copies for private use.

A Parisian court of appeal on Friday threw out a complaint from Films Alain Sarde and Studio Canal and sided with consumer’s body, the Union Fédérale des Consommateurs (UFC).

The case revolved around a bloke who wanted to watch the film Mulholland Drive round his mum’s house. Our hero had the film on DVD but his dear old mum had stuck with the video recorder. The court decided the man was within his rights to expect to be able to copy the film from his DVD and stick on a video cassette so that he could watch it.

Vive la France! Liberte - Egalite - Fraternite - Free to copy DVDs! Seems like French courts have common sense, something lacking in the US legal system sometimes.

Desktopos.com:

With spyware, worms, and viruses continuing to grow in number, questions have arisen whether Microsoft has been doing enough to protect their users from these threats. Whenever a security flaw is discovered or a new virus has been release into the “wild,” some discussions on computer news forums and websites are usually geared toward blaming Microsoft for providing an insecure operating system. Windows XP users have the right to complain about the security issues that surround Windows XP, however it is not like Microsoft is not trying to improve the security situation in Windows XP. With the release of service pack 2, which has be viewed as a major improvement to Windows XP security, has almost fallen on deaf ears, in some circles, because of the animosity held by some users toward Microsoft for various reason. Does Microsoft really deserve all the blame for the security issues in Windows XP? As the maker of Windows XP, Microsoft has the responsibility to supply its costumers with a quality and secure product, at least in the minds of Windows XP users. In reality Microsoft is not legally require to make a secure product, but attempts to provide one because the purpose of Microsoft is to be a money making entity and Microsoft can not make money if their product is not somewhat secure. The thing about computer security is that many people are forgetting that nothing can be a 100 percent secure. Not even the Linux Kernel, which is know for its security and has been incorporated with other open sources components to form hundreds of Linux distributions, is not 100 percent secure. So, why does it seems that there are less people complaining about Linux distributions security issues than compared to Windows XP. Some of it is because some people refuse to see flaws in something they support, some people say Microsoft is guilty of that. Others people are looking for a scapegoat that they can vilify for the security issues in XP, namely Microsoft since they are the markers of Windows XP. However, it seems that computer users are leaving out other parties that are responsible for the securities issues in Windows XP, namely themselves and the people who create viruses, worms, and spyware. Microsoft, computer users, and malicious hackers all share in the responsibility, in some way or another, for the security issues that surround Windows XP and previous Windows operating systems.