- Email: [email protected]
Slack space
space
Slack Mr Bean for EU president
Seasoned comedy veteran Rowan Atkinson – who created the brilliantly funny Mr Bean character – will no doubt be amused to learn that his character’s image was deftly subbed by an unknown hacker for the Spanish EU President on his website recently. Visitors to the site were briefly greeted with an image of a ‘bumbling comedy buffoon’ in place of Prime Minister José Luis Rodriguez Zapatero. In Spain, it seems, the ‘separated at birth’ similarity between the two actors – sorry, professionals – is noted with much merriment in bars across the land. Zapatero’s office issued a statement saying that the site attack “exploited a vulnerability called cross-site scripting”. For site visitors, this translated into a smiling Mr Bean replacing Zapatero, complete with a benign smile and the words: “Hi there”. With unemployment hitting 20% in Spain, however, some people may no longer be smiling about the similarities... http://bit.ly/8tzsIB
An Eagle education My thanks to Check Point’s Nick Lowe for mirroring his musician namesake by claiming that songs can teach us about IT security. No, really – Nick says that Hotel California isn’t just a best-selling single by the Eagles. “In recent months, it’s also become an IT industry metaphor illustrating a key concern over the use of cloud applications. As the song puts it: You can check out any time you like, but you can never leave.”
40
JANUARY/FEBRUARY 2010
“In other words”, says Lowe, “how do you know what happens to your business data once it’s uploaded into the cloud? Can you retrieve it safely, ensure your data isn’t copied, or stop unknown third parties [from] accessing it without authorisation?” Nick also says that IT users should “Take It Easy”, once security is there, but users should avoid lightening up, as they may get “Desperado”. Another popular concept that’s worth examining, says Nick, is that of disgruntled employees who can’t hide “Your Lyin’ Eyes”. Of course, he says, these people do exist, and they can be a security risk. No, we’re not making this up – check out the rest of Nick’s news item in the Financial Times, where you’ll find his take on “Life in the Fast Lane”, “The Last Resort” and “The Long Run” from a security perspective. Now I’m off to download the Eagles Greatest Hits from iTunes... http://bit.ly/4yLe98
Bruce Almighty We all have superman/supergirl dreams, so it’s nice to know that security guru Bruce Schneier now has an officially endorsed Bruce Schneier action figure. This is not a joke. You can buy the ‘Cryptoman’ figure online, and it comes with a range of outfits: ‘casual Bruce’, ‘smart Bruce’ and ‘head only’. There are also scalp options: ‘bald’, ‘ponytail’ or ‘cyborg’. According to El Reg, which broke the story, the figure will set you back $89 (£55), although the ‘cyborg’ option adds to the price. You can, of course, just get the head for a lesser sum. And you thought that facility was only available with cryogenics. Find Bruce in all good online stores (and bargain bins)?! http://bit.ly/6Btzrk
Bruce Al’Pricey
Playing an online gamer Our thanks to Zoe Markham at Sophos for reporting on Troj/Lneage-A, a trojan that distracts PC gamers – whilst nicking their gaming IDs, passwords and other credentials – with a slideshow of topless elves. “Given that the vast majority of gamers are male – and bless them they’re often a little bit lonely – dazzling them with a variety of images of well-endowed halfnaked elves should be enough to keep them entertained while the malware authors do whatever they fancy in the background”, says Zoe. “Now in fairness there are quite a few female gamers out there too, but as yet I’ve not seen any decent equivalents for distracting us”, she said. “Maybe a few well-endowed male World of Warcraft orcs would open up a whole new world of possibilities for malware authors. There’s a market niche there they’re leaving unexplored”, she added. http://bit.ly/6vGLRR
Never too sick to have a birthday party Analysts and vendors are always telling us that social networking sites are potential security risks, but a 29-year-old Canadian lady made this discovery the hard way after her insurance company reportedly zapped her sickness insurance benefits after she posted pix from her birthday celebrations on Facebook. The lady concerned was on 18-month sick leave due to depression and was claiming benefits from her insurance company. It seems that her insurers concluded that she was “available to work” based on her Facebook postings, which were – you will be intrigued to hear – locked down and private to her Facebook friends. The case is both amusing and worrying on several levels, not least how her insurer managed to access said lady’s pix. It also confirms that insurers are right up there alongside estate agents and lawyers in terms of most-loved professions... http://tinyurl.com/yaft6lq
Slack Mr Bean for EU president
Seasoned comedy veteran Rowan Atkinson – who created the brilliantly funny Mr Bean character – will no doubt be amused to learn that his character’s image was deftly subbed by an unknown hacker for the Spanish EU President on his website recently. Visitors to the site were briefly greeted with an image of a ‘bumbling comedy buffoon’ in place of Prime Minister José Luis Rodriguez Zapatero. In Spain, it seems, the ‘separated at birth’ similarity between the two actors – sorry, professionals – is noted with much merriment in bars across the land. Zapatero’s office issued a statement saying that the site attack “exploited a vulnerability called cross-site scripting”. For site visitors, this translated into a smiling Mr Bean replacing Zapatero, complete with a benign smile and the words: “Hi there”. With unemployment hitting 20% in Spain, however, some people may no longer be smiling about the similarities... http://bit.ly/8tzsIB
An Eagle education My thanks to Check Point’s Nick Lowe for mirroring his musician namesake by claiming that songs can teach us about IT security. No, really – Nick says that Hotel California isn’t just a best-selling single by the Eagles. “In recent months, it’s also become an IT industry metaphor illustrating a key concern over the use of cloud applications. As the song puts it: You can check out any time you like, but you can never leave.”
40
JANUARY/FEBRUARY 2010
“In other words”, says Lowe, “how do you know what happens to your business data once it’s uploaded into the cloud? Can you retrieve it safely, ensure your data isn’t copied, or stop unknown third parties [from] accessing it without authorisation?” Nick also says that IT users should “Take It Easy”, once security is there, but users should avoid lightening up, as they may get “Desperado”. Another popular concept that’s worth examining, says Nick, is that of disgruntled employees who can’t hide “Your Lyin’ Eyes”. Of course, he says, these people do exist, and they can be a security risk. No, we’re not making this up – check out the rest of Nick’s news item in the Financial Times, where you’ll find his take on “Life in the Fast Lane”, “The Last Resort” and “The Long Run” from a security perspective. Now I’m off to download the Eagles Greatest Hits from iTunes... http://bit.ly/4yLe98
Bruce Almighty We all have superman/supergirl dreams, so it’s nice to know that security guru Bruce Schneier now has an officially endorsed Bruce Schneier action figure. This is not a joke. You can buy the ‘Cryptoman’ figure online, and it comes with a range of outfits: ‘casual Bruce’, ‘smart Bruce’ and ‘head only’. There are also scalp options: ‘bald’, ‘ponytail’ or ‘cyborg’. According to El Reg, which broke the story, the figure will set you back $89 (£55), although the ‘cyborg’ option adds to the price. You can, of course, just get the head for a lesser sum. And you thought that facility was only available with cryogenics. Find Bruce in all good online stores (and bargain bins)?! http://bit.ly/6Btzrk
Bruce Al’Pricey
Playing an online gamer Our thanks to Zoe Markham at Sophos for reporting on Troj/Lneage-A, a trojan that distracts PC gamers – whilst nicking their gaming IDs, passwords and other credentials – with a slideshow of topless elves. “Given that the vast majority of gamers are male – and bless them they’re often a little bit lonely – dazzling them with a variety of images of well-endowed halfnaked elves should be enough to keep them entertained while the malware authors do whatever they fancy in the background”, says Zoe. “Now in fairness there are quite a few female gamers out there too, but as yet I’ve not seen any decent equivalents for distracting us”, she said. “Maybe a few well-endowed male World of Warcraft orcs would open up a whole new world of possibilities for malware authors. There’s a market niche there they’re leaving unexplored”, she added. http://bit.ly/6vGLRR
Never too sick to have a birthday party Analysts and vendors are always telling us that social networking sites are potential security risks, but a 29-year-old Canadian lady made this discovery the hard way after her insurance company reportedly zapped her sickness insurance benefits after she posted pix from her birthday celebrations on Facebook. The lady concerned was on 18-month sick leave due to depression and was claiming benefits from her insurance company. It seems that her insurers concluded that she was “available to work” based on her Facebook postings, which were – you will be intrigued to hear – locked down and private to her Facebook friends. The case is both amusing and worrying on several levels, not least how her insurer managed to access said lady’s pix. It also confirms that insurers are right up there alongside estate agents and lawyers in terms of most-loved professions... http://tinyurl.com/yaft6lq