Rants, Raves, and Rhetoric v4

Tag: security

  • Email Changes

    Ran across a site where if one changes the email address associated with the account, it sends the confirmation email to the new address. Say, I am a Blackhat and used a phishing attack to get the password for the account. Having legitimately logged in, I then change the email address associated with it from victim@outlook.com…

  • Just Get Rid of Java

    Apparently there are security flaws in the current version of Java allowing the installation of malicious software through web browsers unknown to the user. The known attacks using this flaw work on Windows, OSX, and Linux. According to Reuters: Java was responsible for 50 percent of all cyber attacks last year in which hackers broke…

  • Trayvon

    At around 16-17 years old I did not have a car. So I rode my bike or walked anywhere I wanted to go. Store managers sometimes searched my backpack or my person only to find I had not in fact shoplifted anything. Loss control or security guards would follow me around the store. Neighborhood watch…

  • DDoS of Social Media

    Twitter, Facebook, LiveJournal and other sites all admitted to suffering from a DDoS attack. It seem to me the purpose of a Denial-of-Service attack (DoS) against a web site is to flood it with so much traffic the site becomes unusable. The DDoS is where multiple other computers are coordinated into launching the attack. All…

  • Comment Spam Resumes

    Have spammers figured out how to pick reCAPTCHA‘s lock? All of a sudden I am getting hundreds of comment spam blocked by Akismet. When I added reCAPTCHA, it dropped to a few a month. Now 409 in a week. Guess this is why layers of security are good. UPDATE: Scanned through for false positives. The…

  • LMS Security

    This morning there was a flurry of effort to locate an article called “Hacking WebCT.” My coworker was able to locate it. We were disappointed.  The main points of the article were: Lazy administrators make compromising user accounts easy. Lazy instructors make getting questions for assessments easy. These apply to any LMS. So, here is some…

  • Recovering Pictures

    William borrowed my camera to go on his honeymoon. He also lost the photos with a poorly timed crash & drive reformat. So he wants to borrow the card and recover the data. Thankfully I have not used the camera since he returned it despite thinking I should. Luckily I ran across A Computer Repair…

  • Blackboard Learn Password Changes

    Normally when presenting the opportunity to change a password, a user is required to provide the current password in addition to the new. It ensures the one changing the password already knows the password.  According to Olaf Ritman, Blackboard Academic Suite 6, 7, 8 and Learn 9 ignore asking for the current password. Can anyone with…

  • Recap of Vista Stuff

    It has been a hectic week. A recap… Java certificate fix – Yesterday, August 23rd, the certificate distributed in various Java applets expired. The community discovered the issue and informed Blackboard who put out a fix for the more current products on August 15th. Many customers are leery of having such little lead time to…