omglog

How to validate a credit card number (click for full pic)

[via:Viralliset Linkit]

Google has enabled SSL-support for web search. Not a day too soon.

This may cost them some CPU time, but they’ll keep their user data more private. As in, third parties won’t be able to sniff and track Google traffic on their networks if this becomes the default at some point. This is very good for the consumer, but arguably even more interesting for Google, since it makes data mining more difficult for potential competitors.

[via:Ethan Marcotte]

Google ditches Windows on security concerns

[via:Brad Feld/RT]

Check your privacy settings on Facebook – new features allow further sharing of your data

[via:Gina Trapani]

Nearly every digital copier stores an image of all processed documents

Copiers have been equipped with hard drives for the last decade, but nobody’s paying any attention to the security implications.

[via:Waino]

Qubes: a Xen/Linux based, open source local virtual machine based desktop OS

Read the introduction post on Rutkowska’s blog (which you might have stumbled over before if you remember Blue Pill).

The project sounds tremendously interesting as it might end up giving anyone access to strong desktop security/sandboxing of a type already available in an “enterpricey” form in products like Citrix XenDesktop.

[via:Mikko Hypponen]

Ask rooted – a computer security Q&A site based on the Stack Overflow platform.

[via:Mikko Hyppönen]

“Payment ensuring system” remote exploit set off car horns in Texas

What’s amazing is that the car dealership bugged their customers cars to begin with.

[via:Thomas Nyman]

Windows exploit takes advantage of kernel space font rendering

Yeah, the kernel handles EOT.

I knew the Windows kernel does a lot of GUI stuff. Still, this drive-by web site exploit is such a bizarre, yet obvious consequence it had to be bookmarked.

[via:Security Now]

Mafia Wars CEO Brags About Scamming Users From Day One

[via:Slashdot]

Firefox users: check for vulnerable plugins (Flash etc)

Flash is highly exploitable and used everywhere, but most users don’t patch their plugin at all due to Adobe’s shitty update system.

[via:Security Now]

Windows users: switch to Microsoft’s new free Anti-Virus

Anti-malware companies must be panicking. Microsoft’s competition might finally force them to make their software usable. Microsoft Security Essentials is available for free for users of “Genuine” validated Windows copies.

[via:Slashdot]

Security vulnerability found in coffee machine

“The Jura Internet Connection Kit for the Jura Impressa F90 coffee maker does not properly restrict access to privileged functions, which allows remote attackers to cause a denial of service (physical damage), modify coffee settings, and possibly execute code via a crafted request.”

[via:Viritys]

What The Internet Knows About You: CSS hack reveals how to report partial browser history to web servers

This method involves creating lots of links to well visited web sites and asking the browser for links marked as visited (no Javascript or cookies required). Ossi M explains this in Finnish, Boing Boing has a summary in English.

[via:BobaMa]

Interview with Blue Pill creator: Security Threats 3 Levels Beyond Kernel Rootkits

Rutkowska is known for writing Blue Pill to demonstrate how…

“…hardware virtualization technology can be abused by malware to create a stealthy hypervisor and move, on the fly, the running OS into a virtual machine, controlled by this stealthy hypervisor.”

[via:Slashdot]