A lot of web sites these days use “turin tests” to keep from having automated bots sign up for mail or other services. (Or post entries to a forum or something.) For those that don’t know, a turin test is a test designed to filter machines from people. I doubt I’m the only one that has occasionaly found one of those squiggly letter/number images to be so distorted that I’ve failed the test… Anyway, it seems that there is a new trend in phishing/spamming emails. From incidents.org they’re seeing some mass mailing attempts that seem to be aimed at getting people to identify “Captcha” graphics for them. (A captcha is basically the random number image used in many online turin tests.)
Category: Computers
-
Beware web links from untrusted sources
There are flaws in Opera and Internet Explorer which could allow URL’s in the address bar to be obfuscated. One of the safest approaches is to be wary of web links from unknown or untrusted sources. To quote….
Claudio “Sverx” has discovered a weakness in Opera and Internet Explorer, which can be exploited by malicious people to trick users into visiting a malicious website by obfuscating URLs displayed in the status bar. The problem is that the browser fails to show the correct URL in the status bar if an image control with a “title” attribute has been enclosed in a hyperlink and uses a form to specify the destination URL. This may cause a user to follow a link to a seemingly trusted website when in fact the browser opens a malicious website.
-
Google Analytics under the microscope
I’ve spent some time this evening looking at Google Analytics. (Now the data is being collected.) And I’ve got to say I’m impressed with the scope of what I’m seeing. First, since last night, more stats have been collected, there seem to be some missing from today yet (maybe ~12 hours behind at the moment). When I signed up, I went ahead and created profiles for 4 websites that I run to have some different things to look at. I’ve spent about 30-45 minutes looking through the stats for just one of those.
-
Google Analytics stats start to trickle in
I’ve just logged back in at 1:11 AM EST, 11/16/05 and am seeing the stats from the 14th come in, some from the 15th. It looks like Google Analytics is starting to catch up. I suspect they’ve been working overtime to try and beef up the server resources dedicated to this project, hopefully things will continue to improve. I hope the former paying customers are going to get good treatment here….
-
Google Analytics update
Well, I mentioned the release of Google Analytics yesterday which really looks promising. At this hour I can still say it looks promising. I had a funny thought after trying several times yesterday to get set up… it was a “good going, you just broke google” kind of thought. It was pretty clear that demand was VERY high for the service (what they’ll be providing for free used to be a fee service.) But it looks like Google has been really caught off-guard by the demand. As I don’t have any data yet, and it appears I’m not the only one.
-
tightVNC Windows 1.2.9 installer
Temporary Quick download link for tightvnc-1.2.9 installer for windows. Use the first link to download the copy I’ve mirrored for the moment, or try downloading from www.tightvnc.com if there are any troubles with this.
-
Sony DRM Rootkit — it’s worse
I did this as updates to an earlier post, but it probably deserves it’s own post now. The morning brought us the news of SERIOUS flaws in the Uninstaller ActiveX control for Sony’s DRM, then came news of ANOTHER flaw, this one a privilige escalation “attacker can take control of PC” vulnerability in the DRM rootkit (XCP) itself. The other bit of news to come has been the extent of the install base of XCP.
-
Text adventure Games still around
You are in a small hallway, there are doors to the North and West….
The Wall Street Journal Online has an article about the continued existence of the text adventure games. You know the genre, before the advent of 3d graphics, role playing games were basically interactive novels of a sort. Read, then type “look north” or something, “open door” “go north”, etc… and be presented with more text.
-
Lynx web browser vulnerability
Incidents.org is reporting on an advisory for users of lynx. For those of you that don’t know lynx, it is a text based web browser used in text only terminal environments. I’ve used lynx from time to time to see what websites look like to a text only reader to help design towards better accessibility. Anyway, the three of you using it to browse the web with need to upgrade… (please, it’s a joke…)
The vulnerability is described at idefense.com. It appears that a new development version of lynx has been released which fixes the problem. (Development version 2.8.6dev.15)
-
Nokia 770 Internet Tablet (Linux based)
The Nokia 770 linux based Internet Tablet will have it’s US debut on November 17th. The details on hardware specs on the device are available at linuxdevices.com, and there’s a news forum available at internettablettalk. I highlighted the tablet a few weeks back, but there was no specific date for U.S. release. The device will use a debian based Linux distro called Maemo and will sport around 3 hours battery life with continuous wi-fi usage. The price is ~$359.