What do you think, should I do it?

I get a fair bit of blog spam – comments advertising everything from sexual enhancers to fake anti-malware. This one just came in this morning: Sweet! I can turn off all the blog spam just by e-mailing the criminals? Or, could it possibly be that this is a clever ruse find out what my e-mail address is so they can send their junk there too? Hmm. I think I'll just forward this to abuse@gmail.com.

Fun Experiences at Airport Security

For a while I've been thinking about writing something about interesting times I've had at various airport security checkpoints; security theater, as they have come to be known. There is the obvious shoe removal arguments and the ill-defined rules on electronics (my camera is larger and has more electronics than most laptops, but that can stay in the bag, laptops can't), but there have been more interesting stories. Got any of your own? Share them! Around November 2001 a colleague of mine and I flew to New York on business. On the way back we went through Kennedy airport. I … Continue reading Fun Experiences at Airport Security

XP Antivirus in the News

Several helpful people just pointed me to some articles on XP Antivirus and its various variants. In case you do not remember, XP Antivirus was the subject of an article I wrote for The Register a few months back. It turns out that the scammers got hacked, and the hacker posted some internal accounting details on the web. As suspected, this is a sophisticated business making millions of dollars. It even appears to have an affiliate program. In case you have not seen the articles yet, here are a few: http://www.iht.com/articles/2008/10/30/technology/virus.phphttp://www.smh.com.au/news/technology/security/russian-scammers-cash-in-on-popup-menace/2008/11/04/1225560814202.htmlhttp://www.scmagazineuk.com/Hacker-reveals-Russian-software-company-behind-anti-virus-scam/article/120152/ Thanks to Marc Michault, Phillippe Jan, and Jason Grubè … Continue reading XP Antivirus in the News

Is MS08-067 Wormable?

A couple of weeks ago Microsoft released an out-of-band security update in bulletin MS08-067. Looking at the type of vulnerability and the fact that the issue was already being exploited in the wild at the time, this was a good decision. If you have not already installed this security update, you should stop reading this right now and return after you have installed the update. The problem fixed in MS08-067 is eerily reminiscent of the vulnerabilities that resulted in the Blaster and Sasser worms. Therefore, for obvious reasons, the question arises whether MS08-067 is wormable or not. Microsoft claimed in various … Continue reading Is MS08-067 Wormable?