gdp's Comments

Naked Security : Man who tricked women into taking hacked webcams into shower is jailed

Wed, 25 Jul 2012 15:11:07 +0000

Thanks Graham. That's right, I'm pretty sure I remember reading that the webcam cannot be activated without the green light turning on as it is designed to do so in hardware, not software. Don't quote me on that though.

Naked Security : Windows malware found in iOS App Store. Say what?!

Wed, 25 Jul 2012 15:05:29 +0000

How could this have happened on accident? Is it possible the malware on the developer's computer was targeted at App Creation programs? Or was it just by chance that these files attached to whatever files related to the app coding process?

Naked Security : Man who tricked women into taking hacked webcams into shower is jailed

Wed, 25 Jul 2012 15:01:32 +0000

How did they end up catching this guy?

Naked Security : Fraudsters spam out scams via SMS text messages

Tue, 8 May 2012 15:09:21 +0000

ah the classic .com subdomain

Naked Security : VMware confirms hackers stole source code

Thu, 26 Apr 2012 07:05:38 +0000

What kind of file is this? Do we know?

Naked Security : The LulzSec boat sails away. Was it worth the ride? Should you care?

Tue, 28 Jun 2011 20:58:09 +0000

All that is gone is the constant updating on the LulzSec twitter account. There are still other "international" LulzSec groups DDoSing and trying to deface sites / steal information (e.g. LulzSecITALITY). Those working with the old LulzSec account on twitter are now helping Anonymous (e.g. AnonymousIRC feed on twitter). Nothing has changed.

Naked Security : LulzSec hacks Arizona police over immigration issues

Fri, 24 Jun 2011 15:06:41 +0000

No doubt it's gone from lulz to terrorism here. Can anyone answer my question here: why is there Twitter still up? It is a huge distribution and gathering tool for them making them all more powerful. Perhaps Twitter is working with law enforcement to take them down? Or are they just stupid?

Naked Security : Ryan Cleary charged with LulzSec DDoS attack on SOCA and other websites

Thu, 23 Jun 2011 19:03:04 +0000

Nice catch. How'd they do it? I'd like to know if he really is affiliated with LulzSec.

Naked Security : LulzSec? Hackers? Here's a real challenge...

Thu, 16 Jun 2011 15:18:26 +0000

True about their revelations about poorly constructed databases and server-side code, but you can't say the same about their DDoSing. Nobody likes DDoS, it is almost always at first unpreventable. Given the number of active zombies in a botnet, any website can go down.

Naked Security : World Cup DDoS blackmailer sentenced to jail

Thu, 16 Jun 2011 15:13:47 +0000

Let this be a lesson to you LulzSec

Naked Security : CIA website brought down by DDoS attack, LulzSec hackers claim responsibility

Thu, 16 Jun 2011 02:31:21 +0000

Very true. That being said, CIA site is back up. DDoS's also can't go on forever.

Naked Security : CIA website brought down by DDoS attack, LulzSec hackers claim responsibility

Thu, 16 Jun 2011 00:43:33 +0000

They're hiding behind zombie computers in their botnet. So how do they determine who is controlling them? I wouldn't be surprised if they are using a zombie to control another zombie. No doubt all their actions are being made like this (even Twitter updates).

Naked Security : CIA website brought down by DDoS attack, LulzSec hackers claim responsibility

Thu, 16 Jun 2011 00:40:13 +0000

DDoS sucks. It's way too easy to achieve.

Naked Security : Poll: Do you find LulzSec's activities amusing?

Wed, 15 Jun 2011 21:54:50 +0000

Okay so they caused cia.gov to be hung up.. just how much DDoS to a web server until the CIA / FBI gets pissed off and does something about it? This stuff happens every day but "Lulzsec" appears to be the only group that boasts about it like morons. 5-20 years jail time worth it?

Naked Security : Poll: Do you find LulzSec's activities amusing?

Wed, 15 Jun 2011 19:03:30 +0000

I'm not sure I understand. How has nothing happened to them yet?

Naked Security : Firefox 4.0 is launched

Thu, 24 Mar 2011 17:50:45 +0000

I think that leads us all to question your choice in websites. Of course FF4 can't detect all sites with malware on them. That's not possible. And your AV was disabled? Lol. It definitely does show improved speed though, you're right about that.

Naked Security : Firefox 4.0 is launched

Thu, 24 Mar 2011 04:04:59 +0000

Thanks for the update. Just updated to FF4. I like it. :)

Naked Security : What's in a domain name?

Sun, 20 Mar 2011 19:56:46 +0000

True, but you can't say 100% of users would use the same method to update stuff. Being a security advocate, you must get used to thinking as a general user (maybe they'll use the automatic updater, maybe they'll try to look for the update online, etc.).

Naked Security : Security firm RSA warns that its servers have been hacked

Sun, 20 Mar 2011 02:15:00 +0000

Nah. The system isn't run by RSA. The authentication method is actually quite common. It's called a security token: http://en.wikipedia.org/wiki/Security_token

Naked Security : Security firm RSA warns that its servers have been hacked

Sat, 19 Mar 2011 05:36:39 +0000

And that's not even taking into consideration the dangers of theft of biometric authentication (cutting off hands, ripping out eyeballs - yes this HAS happened).