I can't believe that came from your mouth!
Archive for December, 2006
MySpace Worm Infects 1 in 3 Users
Dec 4th
Weaknesses in both Myspace.com’s html coding and Apple’s Quicktime for Windows has produced a malicious worm that may have infected as many as 1/3rd active profiles on MySpace.com according to some security experts. So if you use Myspace and have at least two friends other than Tom, chances are one of you have this worm.
The worm uses a cross site scripting attack along with a weakness in Quicktime to install a fake menu bar across the top of the user’s Myspace profile. If someone clicks the menu expecting to read the user’s blog or see some photos, they are instead redirected to a fake MySpace login screen. If the myspace user types in his username and password to myspace, his own profile is then hijacked and the worm is installed on his own page, causing friends visiting his site to also become infected. In addition, the login page takes the user to a porn site where he is infected with Zango spyware. For the grand finale of the worm, all of the contacts from the infected myspace page will begin to receive spam.
From Macworld here:
The social networking site MySpace.com is under what one computer security analyst calls an amazingly virulent attack caused by a worm that steals log-in credentials and spreads spam that promotes adware sites.
The worm is infecting MySpace profiles with such efficiency that an informal scan of 150 found that close to a third were infected, said Christopher Boyd, security research manager at FaceTime Communications.
The worm works by using a cross-scripting weakness found around two weeks ago in MySpace and a feature within Apple’s QuickTime multimedia player.
The exploit starts with a user who visits a MySpace profile infected with an embedded QuickTime movie. The movie loads JavaScript code that overlays a row of menu options on a MySpace profile with a bogus menu.
If an option in the bogus menu is clicked, the user is directed to a fake log-in page hosted on another server where the person s log-in details are captured.
Additionally, the worm places an embedded QuickTime movie on the user’s profile, which will then repeat the infection process for anyone who visits the profile.
The worm has another malicious function. Once a profile is infected, the worm sends spam to other people in the user’s contact list.
Those spam messages contain a file that appears to be a movie but instead is a link to a pornographic site that also hosts adware from Zango, Boyd said. Zango, formerly 180 Solutions, settled last month with the U.S. Federal Trade Commission for $3 million over complaints it didn’t properly ask the consent of users before its adware was installed.
So our friend Zango is back. For more goodness on these badguys of Spyware, click here.
Note that worms such as this rarely stay the same before another malicious hacker modifies the worm. Next up will likely be a version that will install botnet software.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!)
Loading ...Boy Jumps into Occoquan River, Dies
Dec 4th
A local kid and illegal immigrant, was out joyriding, drunk, without a license. When he was arrested by the cops, the State Trooper put the boy, Rodger Rodriguez, into the front seat with his hands cuffed behind his back. The boy managed to get the door open and he dove over a barrier on Interstate 95. 60 feet below was the frigid Occoquan river.
Now his parents are upset, and the way this story is worded, it is implied that the mother thinks the cops may have thrown the boy into the river and murdered him out of racist hate. The real question should be why Mrs. Rodriguez, who is in this country illegally, is such a clueless parent that she let her boy go out drinking and driving without a license after 3 in the morning?
From NBC4:
Authorities said a Woodbridge boy has drowned after escaping from a police cruiser parked on a bridge. Police said the boy leaped over a concrete barrier and into the Occoquan River early Saturday morning.
Rodriguez was pulled over about 3:20 a.m. for speeding and was arrested for drunken driving and driving without a license.
Virginia State Police Sergeant Terry Licklider said it’s unclear why 16-year-old Rodger Rodriguez jumped off Interstate 95 and into the river about 60 feet below.
At the time he escaped, Rodriguez was sitting in the front passenger seat of the cruiser with his hands handcuffed behind his back
The boy’s mother, Gloria Elena Rodriguez, told The Washington Post her son was familiar with the area along the highway. Gloria Rodriguez said her son would never have intentially jumped into the water. She said she doesn’t know what she will do now without her only son. The teenager’s mother and stepfather are asking authorities to investigate exactly what happened.
The loss is truly tragic for the surviving family members. But it is wrong to imply that the police had intentionally hurt this boy. Those troopers probably prevented this inexperienced drunk driver from hurting or killing other people that night.
There is a longer writeup at WaPo here. After such a long streak of bad luck, next up should be deportation.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...Finnish Prime Minister Dumps GF by TXT
Dec 4th
The Prime Minister of Finland, who is supposedly the sexiest man in Finland, dumped a chick by text message on her cell phone. It seems fitting I guess since he picked her up on the Internet. I guess when the leaders of the free world make it okay to ditch chicks by txt messages, then it is okay for the rest of us.
What’s next? Selling all of her crap she left at your apartment on Ebay? Tell her that she is welcome to bid on her own stuff.
From Reuters here:
Prime Minister Matti Vanhanen, dubbed Finland’s sexiest man, broke up by text message with the girlfriend he had met on the Internet, she said in a magazine interview.
“Matti dumped me in a text message, where he said ‘that’s it’,” Susan Kuronen told the magazine Me Naiset (Us Women) in an interview published on Friday.
Her relationship with Vanhanen, a divorced 51-year-old father of two, ended a few weeks ago, but continues to make headlines as Susan, 36, pours her heart out in local media.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...Laugh of the Day: Gwyneth Thinks YOU are Stupid
Dec 4th
The idiot American Airhead Actress Gwyneth Paltrow thinks that Americans are less intelligent- based on dinner conversations, apparently. Oh, and Madonna gives the best advice ever. I wonder if Madonna told Gwyneth to engage in cupping? Or was that Gwyneth’s brilliant brainchild?
From AFP here:
Oscar-winning US actress Gwyneth Paltrow feels dinner talk is far more interesting in her adopted homeland Britain than back in her native country.
“I love the English lifestyle, it’s not as capitalistic as America. People don’t talk about work and money, they talk about interesting things at dinner.”
“The British are much more intelligent and civilized than the Americans,” the 34-year-old added.
She said having US pop star Madonna, 48, who married British film director Guy Ritchie six years ago, nearby was another advantage to living in London.
“She’s like an older sister. Everything I have gone through, she went through ten times worse and ten times longer. She gives me good advice about how to say no and take care of myself,” said Paltrow.
I have nothing against the Brits. And yes, having English Tea is quite an amazing difference in cultures between here and there. But that doesn’t make Americans “less intelligent.”
In fact, if you want to rate intelligence, I would put anyone who engages in phony new age medical barbarities such as “cupping” just above the naked mole rat on the intelligence scale. But if you also name your daughter after the first thing you spot in the room after you squeeze the kid out- such as an apple in a fruit basket- well, then the naked mole rat moves up one notch on that scale. Gwynny, STFU.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...Christmas Postage Stamps
Dec 3rd
We are getting ready to send out Christmas cards and wanted to buy some nice Holiday themed stamps from the US Post Office. They have one for Muslims. They have a cute dradle for Hanukkah. But they have lame snowflakes for Christmas. So I decided to make my own stamps for Christmas cards this year. You can do that at stamps.com. The image on mine will be the picture below.
Rogue the Christmas kitten. I was shocked that she let us put that teddy bear sweater on her.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...World AIDS Day
Dec 1st
President Bush has done more to stamp out AIDS than any other leader in any other country in the world EVER. In some parts of Africa the HIV/AIDS infection rate is topping 89 percent. And AIDS activists still try to give GWB a hard time because he has made abstinence part of his fight against AIDS.
From the AFP here:
US President George W. Bush joined other leaders around the world in renewing a vow to combat a disease that has claimed more than 25 million lives in 25 years and for which a cure and vaccine remain dismayingly elusive.
“The pandemic of HIV/AIDS can be defeated, and the United States is willing to take the lead in that fight,” he said.
Bush spelled out Washington’s leading role as a funder for access to AIDS drugs in poor countries, but he also put a big emphasis on promoting abstinence.
That tactic is derided by many AIDS activists as moralizing and unworkable, even potentially dangerous, for young people at the dawn of their sexual lives. These campaigners plead instead for sex education and access to condoms.
Fighting AIDS “includes the ABC approach, encouraging abstinence, being faithful, and using condoms, with abstinence as the only sure way to avoid the sexual transmission of HIV/AIDS,” said Bush.
Africa is full of superstitious people, some of which believe that if they have sex with a virgin, the AIDS virus will disappear. You wanna talk about dangerous ideas? How about children as young as 6 months being raped for a false belief that it will cure AIDS?
The only sure way to avoid sexual transmission of HIV is abstinence. As long as President Bush keeps writing bigger checks to fight AIDS than anyone else in the world, AIDS activists should shut the hell up.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...Romanian Hacker Indicted for Hacking DOE
Dec 1st
An idiot hacker breached the swiss-cheese like security of Sandia National Labs and NASA computers to install IRC bots on the hosts. He supposedly did it to prove that he could hack into the “securest” computers. Well, he picked some networks with rather poor security and he got busted. It may take two years to extradite him to the United States, but we will wait. He faces over 50 years of jail time.
From Pravda here:
A Romanian man has been indicted on charges of hacking into more than 150 U.S. government computers, causing disruptions that cost NASA, the Energy Department and the Navy nearly $1.5 million.
The federal indictment charged Victor Faur, 26, of Arad, Romania with nine counts of computer intrusion and one count of conspiracy. He faces up to 54 years in prison if convicted of all counts.
The U.S. government alleged Faur was the leader of a hacking group called “WhiteHat Team,” whose main goal was to break into U.S. government computers because they are some of the securest machines in the world.
After hacking into and taking control of the computers, Faur programmed the machines to operate as chat rooms so he could communicate with other WhiteHat members. And Faur searched for passwords that WhiteHat members could use to gain unauthorized access to other computers.
The compromised computers were used to collect, store and analyze scientific data including data from spacecraft in orbit and deep space and to evaluate new technologies. The machines were located at the Jet Propulsion Laboratory in Pasadena, California; Goddard Space Flight Center in Greenbelt, Maryland; Sandia National Laboratory in Albuquerque, New Mexico; and the U.S. Naval Observatory in Washington D.C, reports AP.
After the hacking, scientists and engineers had to manually communicate with spacecraft and the computer systems had to be rebuilt.
First, its totally cool that Pravda, the old Soviet news system has more accurate information on this incident than CNET. CNET says here that the extradition can take over two years, and also adds that the idiot hacker was busted because he was flashing bragging messages on the compromised systems saying that he had L337 skillz and stuff.
And this is yet another story of the horrible cyber security for our national nuclear laboratories.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...Payday Loans Shops Blight Hampton Roads
Dec 1st
My hometown in Hampton Roads has changed quite a bit since I moved to Northern Virginia. Where there used to be shops and boutiques and restaurants are now Payday Loan Sharking businesses and second hand thrift stores. And its ugly. Here is a map of just some of the Payday Loan shops. And Thrift Shops.
There is a national movement by civil rights groups and Congress to place caps on Payday Loan businesses or to ban them altogether. Many states already ban the predatory practices of Payday Loaning. Virginia should be next.
From CNSnews here:
Payday loans allow individuals to stay financially afloat between paychecks. They are short-term cash loans in which the borrower often hands over electronic access of their bank account to the lender so the lender can then gain access to the borrower’s deposited paycheck to get repaid.
Huge finance charges can accumulate from payday loans since the borrower has the option of renewing or “flipping” the loan in exchange for another fee. Critics of the industry also say millions of people take out multiple loans, paying one loan with the proceeds of another and end up getting caught in a financial trap.
In September, Congress passed an amendment to the Defense Department Authorization bill, creating a 36 percent cap on interest rates that members of the military can be charged on loans. A Virginia state legislative committee next week is also expected to take up legislation that would produce more restrictions on the industry.
But 39 states still allow payday lending in some fashion, prompting liberal consumer and civil rights groups Thursday to urge a national crackdown on the practice.
Citing data from state regulators the average payday customer borrows $325, but ends up paying back almost $800. This “predatory payday lending,” he said, costs borrowers who take out five or more loans per year $4.2 billion per year.
For short term two-week loans, borrowers have to pay back 15 to 30 bucks for each 100 dollars they borrow. Had this been a credit card, the APR they are paying is 390 to 780% APR!
It is bad enough to work crappy jobs for low wages. Its worse when a business exploits you to take that much money from your already meager wages. This is just a legalized form of loan sharking, except, rather than breaking your legs, the Payday Loan businesses wreck your credit ratings. And this goes for those rent to own furniture businesses too, which charge upwards of 40% on their “financing.”
You know, Congress overhauled the bankruptcy laws last year. It is very difficult to run out on your financial obligations. Now that large companies are better protected from rampant bankruptcy, isn’t it time to lower interest rates? And shouldn’t it be against the law to ever charge more than 25% interest on anything?
Virginia, don’t just “cap” Payday Loan businesses. Get rid of them.
Like This Post? Rate it and tell your friends! Click the Share button below.
(No Ratings Yet. Rate It!) Loading ...
