 |
Friday, September 13, 2002 |
A security flaw in Microsoft's flagship word processing software could allow a document to hijack files from any Windows PC on which it's opened, the software giant said Thursday. A would-be thief would have to take extraordinary care in setting up the scenario, however, including knowing the exact location and name of the desired file as well as persuading the victim to open, modify, save and then return the Word document to the sender. The scheme works best under Word 97, but Word 2000 and 2002 could also be conscripted into service if the attacker can persuade a victim to print the document first, a Microsoft spokesperson said. [Privacy Digest]
22:39
#
G!
| |
Shane Anderson, the "list dad" of the Mac Evangelist, has been released from jail after striking a plea bargain on charges that he cracked into a business associate's computer.
Anderson, 28, was being held at the Black Hawk County jail in Waterloo, Iowa, on charges of remotely breaking into a computer belonging to Carl Blake, owner of Macaquarium, and tampering with it.[Wired News]
22:38
#
G!
| |
QSC, one of the biggest residential DSL Providers in germany is faking DNS entries for http://stormfront.org http://www.nazi-lauck-nsdapao.com as requested by the district government of D[florin]sseldorf redirecting surfers to the Website of the district government. But they are not only do this for surfers in NRW, the German state where the D[florin]ssldorf district government is in charge, but for whole germany. Remember the times when compuserve blocked newsgroups worldwide because some court in Bavaria decided they have to block them in Germany?
There is an other problem. Since Surfers are redirected to the page of the district government, they can monitor who tries to access the "blocked" sites and where they came from. Interesting privay implications.
[see heise]
22:18
#
G!
Translate
| |
TAIPEI (Reuters) - Taiwan President Chen Shui-bian accused China on Sunday of intimidating the island with "terrorist" tactics in comments likely to fuel Beijing's fury.
"Communist China has accelerated development of 'unrestricted warfare' similar to terrorist methods," Chen said, apparently referring to the book "Unrestricted Warfare" by two Chinese colonels who advocate resorting to computer viruses and other types of "dirty war" to bring the enemy to heel.
"It has seriously threatened our national security and the welfare of the people of Taiwan. We sternly condemn this and urge our countrymen to heighten vigilance," Chen said in a videotaped speech during a top security meeting about anti-terrorism. He did not elaborate. ["ISN"]
20:26
#
G!
| |
Rebecca Mercuri offers interesting comments on this week's Florida election fiasco. [Freedom To Tinker]
20:23
#
G!
| |
Hackers find state government Web sites an irresistible target. Hack attacks shut down the Texas Lottery Commission's site, at www.txlottery.org, twice during the past two years. [Government Computer News - State & Local]
20:22
#
G!
| |
Outlook can fragment MIME messages into several mails and meilfilters can't handle that. Nifty. [NETSYS.COM]
9:22
#
G!
| |
Soon you could be using your phone to share musicü games and images with almost anyoneü just like you used to do with Napster over the net. [BBC News | TECHNOLOGY]
9:10
#
G!
| |
A US Senate Judiciary Committee has accused the Justice Department of
attempting to use secret FISA surveillance courts to
cover up mistakes and bypass wiretapping restrictions in criminal
investigations. The FISA Review Court met last week for the first time in
history, to consider a DoJ request to allow FISA warrants to cover
criminal matters under some circumstances.
A bipartisan group of lawmakers on the Senate Judiciary Committee
focused its criticism on the... [zem]
9:07
#
G!
| |
Some e-mail list owners are claiming that pornography spammers have gained access to their files in what could be the biggest theft of e-mail lists ever.
At least three and possibly as many as 21 publishers whose files are hosted by SparkLIST Corp. think that their subscribers have begun to receive spam that can be explained only one way: Their lists were somehow hijacked.
Anne Holland, publisher of MarketingSherpa.com, became aware of the possible theft of her e-mail files in August when she received an e-mail from a subscriber to one of the organization's eight newsletters who claimed to have been spammed by MarketingSherpa. [Moreover - moreover...]
9:06
#
G!
| |
While the Chilling Effects of a German state trying to block some US websites
would justify a long
discussion on itself, the letters of the district government's blocking order
strike me as another
Example of the
problems the legal community has at talking
about technical circumstances.
While I have a dim feeling what the district government wants to
get blocked, I can't find it in
their words. They talk about the internet pages
http://www.stormfront.org and http://www.nazi-lauck-nsdapao.com
But it seems they don't mean this pages but the whole sites since
they don't use the pages referenced by the URLs above as reasoning for the order but
several other pages accessible on the servers via the same domain
name (FQDN). They also use pages on another domainname for
reasoning, e.g. http://stormfront.org/german/zonen.htm - this URL
results in no page at all built-in a HTTP-Redirect to
http://www.stormfront.org/german/zonen.htm which is again on the
same domain name like the two ordered to be blocked. They also
mention "all offerings of
nazi-lauck-nsdapao.com". http://nazi-lauck-nsdapao.com seems to
present the same content as
http:/www.nazi-lauck-nsdapao.com. Later they speak of "the service
providers stormfront.org and
nazi-lauck-nsdapao.com" They ask for blocking of the offerings above.
So what could that mean? They speak about the ISPs stormfront.org
and nazi-lauck-nsdapao.com. So they might mean blocking all offerings of this
ISPs. This wold mean blackholing their (IP) netblocks at router level. But since the district government also agrees that it is OK to do blocking by DNS forgery
which can't be used for blackholing netblocks they must mean something else than blackholing netblocks.
What they might want is that certain names are not reachable. www.stormfront.org and www.nazi-lauck-nsdapao.com seem to be the names they mean. But wait, at http://nazi-lauck-nsdapao.com there is the same content as at http://nazi-lauck-nsdapao.com, so this should be blocked, too.
Perhaps they mean *stormfront.org and *nazi-lauck-nsdapao.com should be blocked. But then there is no reasoning in their order why stuff like http://kkk.stormfront.org or http://whemporium.stormfront.org/ is illegal and should be blocked, too. So that can't be what they mean. I'm confused.
Let's try again: They want "pages" to be blocked. They write of HTTP-URLs. This makes you think that they want Web-Pages to be blocked. This means port 80 and maybe port 443 of the IP addresses used by www.stormfront.org and www.nazi-lauck-nsdapao.com have to be blackholed at router level. But wait! We don't know anything about the webservers hosting the webpages for this domainnames. Maybe we hit thousands of other, non-illegal sites, when these Servers employ virtual hosting. This would be very unreasonable, they can't mean that.
Back to forging DNS. But wait again! Forging DNS does not only block web pages but all traffic to the hosts referenced by the blocked names. But there seems to be no proof that the usage of IRC, ftp and mail at this hosts is illegal. So this interpretation of the order seems unreasonable again.
I'm still confused. I'm unable to interpret the blocking order in a logical consistent manner. Maybe it's me. Maybe it's the wording of the order.
1:09
#
G!
| |
Maximillian Dornseif, 2002.
|
|
|