LinkedIn recently launched Intro, an iOS app that integrates LinkedIn’s profiles with the iOS mail app, where all incoming emails will display the senders’ LinkedIn profile.
Sounds very useful, especially if you’re looking to grow your network of professional connections. What’s causing a bit of a stir is how it’s implemented and the potential for security holes.
Google’s Safe Browsing System determines php.net is malicious
Google’s Safe Browsing system deemed the official PHP website, PHP.net, malicious last week. Though, the initial reaction from PHP creator Rasmus Lerdorf was a false positive from Google; this was not the case.
Bitcoin, the famous digital currency which has sparked much controversy over the years, is now heading to an ATM near you. The world’s first Bitcoin ATM operated by Nevada-based Robocoin and Canadian Bitcoiniacs is set to open today in Vancouver, BC.
To comply with Canadian law, anyone wanting to use the ATM will have to verify their identity by allowing palm-print and photographic scans.
The ATM will trade Canadian dollars in exchange for Bitcoins for a maximum of $3,000 per day.
Screenshots courtesy of https://robocoinkiosk.com/
Don’t get me wrong, I love Chrome, I think it’s a fantastic browser and has a great track record of protecting users from exploits and malicious sites. However, their attempts at making it “easier” for users to find where they want to go, makes me think that their security purview isn’t focused enough on the internal threats.
So, if you use Chrome, you might have noticed that anytime you open up a window or a new tab, you get something like this:
A nice search bar, which I have no problem with, and then a listing of your most visited sites. Now, to the casual observer I am sure there is nothing wrong here. Users visit certain sites more frequently and therefore it should be easy for them to get there quickly, Chrome makes this possible.
Consider, if you will, someone who you don’t know, getting on your system or even looking over your shoulder. Maybe, they cracked your systems login password or you maybe you didn’t have one at all. Once they open the browser, they are instantly given access to not only your personal surfing habits, but also how you interact with social media, email and where you bank.
A lot of programs we install on our computer are automatically run when Windows starts and loads.
While this is not always necessary, there usually is not much harm in this.
But this behavior is also copied by malware writers to pass security checks. Their malicious program try to mimic legitimate programs that you might expect in your Windows startup programs.
Why hide when you can pretend to be something useful?
Copying the art of camouflage from the animal world, malware writers have been trying several methods over the years to hide their registry entries in the open. Sometimes by using (pseudo-)random names and sometimes by using locations that are relatively unknown to the general public. But also by pretending to be, or belong to, legitimate programs.