Articles Tagged with “Security”
27/01/2008: Social Spam
I’ve recently started receiving the occasional piece of junk mail from friends and colleages who have e-mail accounts at some of the larger webmail services (Hotmail, GMail, etc). The messages genuinely seem to come from their accounts, with proper message headers indicating that they were really sent via the webmail service, and sent to everyone in their address books.
This has been noted before and is apparently becoming more common:
- taint.org: Spambots stealing GMail and Hotmail passwords?
- Tiffehr: Gmail account hacked, apologies to all
- SVU’s blog: Google, WTF?
- Google Groups: GMail ABCs: Spam Email sent from my gmail, to my contact list
How does this happen? Best guess on what I’ve read so far seems to be that people have “voluntarily given away their account login…
15/01/2008: Privacy
Els despairs about some high-profile privacy and data protection gaffs in 2007 and asks can we still get some privacy in 2008?. Her use of the word “get” rather than “retain” is very telling — it’s not just a matter of retaining our current level of privacy, but of trying to claw back what we’ve already lost.
And it seems that privacy is one of those assets which is even harder to win back than it is to keep hold of in the first place. It’s pretty easy to, say, end up on some spam mailing list, but just you try getting your e-mail address off. Off all of them. Because once that information’s out there, it’s out there for good. Information wants to be free. But it works both ways you know.
21/11/2007: It’ll be in the Last Place You Look
Oops! The HMG (trading as Her Majesty’s Revenue & Customs) has misplaced the personal data of about 40% of the UK’s population, including 15 million children. There is “no evidence that it has fallen into the wrong hands”, but there is no evidence that it has not.
This is the same government that plans for us to entrust them with fifty different pieces of personal data as part of their flawed National ID Card scheme.
This is one of many reasons why I support NO2ID.
Links:
08/04/2007: How PHP programmers get things wrong
Firstly, three disclaimers: PHP is a great programming language, one of my favourites — this website is written in PHP; there are many great PHP programmers out there, some of whom probably never get things wrong; I probably get things wrong a lot of the time.
The majority of the database-backed Open Source PHP projects that I’ve used/examined make the same flaw again and again…
27/02/2007: Re: is PHP less secure than Perl, Python, or Ruby?
PHP is not inherently insecure, but because it’s very easy to write PHP, it has become rather a popular language amongst people with little, if any, formal training on how to program. Because of this, there are an awful lot of badly written PHP scripts out there; installing them may well open up your server to abuse….