SmartBox blog: Geek Speak For The Illiterate.
Microsoft Says, Don't Press the F1 Key In XPMicrosoft has issued a security advisory warning users not to press the F1 key in Windows XP, owing to an unpatched bug in VBScript discovered by Polish researcher Maurycy Prodeus. The security advisory says that the vulnerability relates to the way VBScript interacts with Windows Help files when using Internet Explorer, and could be triggered by a user pressing the F1 key after visiting a malicious Web site using a specially crafted dialog box. HoneyGrid Reveals 95% of User Generated Content is Spam or MaliciousWebsense Security Labs has published its bi-annual State of Internet Security report and, as usual, it makes for pretty interesting if somewhat scary reading.
Covering the last six months of 2009, the report is based upon the findings of the ThreatSeeker Network which is used to discover, classify and monitor global Internet threats and trends courtesy of something called the Internet HoneyGrid.
Makes you wonder if someone searching for you actually finds you, or just the 'noise.'
So what did the HoneyGrid have to report about the Internet security threatscape for Q3/Q4 2009?
Here are the key findings:
- 13.7% of searches for trending news/buzz words (as defined by Yahoo Buzz & Google Trends) led to malware.
- The second half of 2009 revealed a 3.3% decline in the growth of malicious Web sites compared to the first half of the year. Websense Security Labs believes this is due to the increased focus on Web 2.0 properties with higher traffic and multiple pages.
- However, comparing the second half of 2009 with the same period in 2008, Websense Security labs saw an average of 225% growth in malicious Web sites.
- 71% of Web sites with malicious code are legitimate sites that have been compromised.
- 95% of user-generated posts on Web sites are spam or malicious.
- Consistent with previous years, 51% of malware still connects to host Web sites registered in the United States.
- China remains second most popular malware hosting country with 17%, but during the last six months Spain jumped into the third place with 15.7% despite never having been in the top 5 countries before.
- 81% of emails during the second half of the year contained a malicious link.
- Websense Security Labs identified that 85.8% of all emails were spam.
- Statistics for the second half of 2009 show spam emails broke down as 72% (HTML), 11.2% (image), 14.4% (plain text with URL) and 2.4% (plain text with no URL).
- 35% of malicious Web-based attacks included data-stealing code.
- 58% of all data-stealing attacks are conducted over the Web.
This comprises of honeyclients and honeypots, reputation systems and advanced grid computing systems, all of which combine to parse through one billion pieces of content every day while searching for security threats. Every single hour the Internet HoneyGrid scans some 40 million websites for malicious code as well as 10 million emails for unwanted content and malicious code. De-Anonymizing Social Network UsersThe H has an article about some researchers who found a new way to de-anonymize people. Compared to the EFF's Panopticlick, the goal of this experiment is not to identify a user's browser uniquely, but to identify individual users.
The test essentially exploits the fact that many social network users are identifiable by their membership of various groups. According to the researchers, it's very unlikelly that two people on any social network will belong to exactly the same groups. A 'group fingerprint' can thus allow websites to identify previously anonymous visitors. They describe the setup and all details and the results look very interesting.
They also have a live demo for the social network Xing that was able to de-anonymize me. Twitter Intros Local TrendsSick of all this Apple Tablet talk? Why not switch your Twitter Trending Topics to something more localized? Actually, the new feature is still confined to major cities, so odds seem pretty good that, no matter where you go, most people will be breathlessly tweeting about Steve Jobs and company.
The new feature, rolled out last night, lets users "localize" their top trends, by country or by city. The spot reserved for Trending Topics on the right hand column of the site now reads Trending: Worldwide. Users can change locations with a pull down menu.
Countries include Brazil, Canada, Ireland, Mexico, the UK, and the US. On the city side, the service is largely confined to the US, including Atlanta, Baltimore, Boston, Chicago, Dallas-Ft. Worth, Houston, Los Angeles, New York, Philadelphia, San Antonion, San Francisco, Seattle, and Washington D.C. London and Sao Paulo are also on the list.
Twitter is currently working on adding more cities. The Children of Cyberspace: Old Fogies by Their 20sThe NY Times has an interesting report on the iGeneration, born in the '90s and this decade, comparing them to the Net Generation, born in the 1980s. The Net Generation spend two hours a day talking on the phone and still use e-mail frequently while the iGeneration ? conceivably their younger siblings ? spends considerably more time texting than talking on the phone, pays less attention to television than the older group, and tends to communicate more over instant-messenger networks.
'People two, three or four years apart are having completely different experiences with technology,' says Lee Rainie, director of the Pew Research Center's Internet and American Life Project. 'College students scratch their heads at what their high school siblings are doing, and they scratch their heads at their younger siblings. It has sped up generational differences.' Dr. Larry Rosen, a professor of psychology at California State University, says that the iGeneration, unlike their older peers, expect an instant response from everyone they communicate with, and don't have the patience for anything less.
'They'll want their teachers and professors to respond to them immediately, and they will expect instantaneous access to everyone, because after all, that is the experience they have growing up,' says Rosen.
|
|
|
|
