news – Page 6

Opera 8’s Solution To IDN Exploit

I’m sure you’ve all seen the recent Internationalized Domain Name exploit, which affects most web browsers (except for Internet Explorer – shocker! – because it doesn’t yet have the power to support internationalized domain names): if you haven’t, why not visit paypal.com – looks just like the real thing; doesn’t it: the browser bar says you’re at PayPal’s real site, but you’re not. That first ‘a’ in the name is an international character (actually the letter ‘a’ from the Cyrillic character set, which is just slightly different from a Western ‘a’, if you look closely. Of course, this leads to potentially thousands of dangerous phishing exploits, tricking users into exposing their bank account details to random Nigerians.

Opera, makers of a stunning web browser that I’m not quite sure I should be abandoning yet, have announced their solution to this problem (which isn’t actually a web browser problem at all, but a specification problem): IDN domain names from outside of places which are expected to need then (e.g. dot-jp, etc.) will be displayed longhand, and secure sites (https) will display their certificate holder’s name – longhand – alongside the domain name in the address bar.

Of course, unless you’re using Opera 8 beta, the only way to be sure you’re safe from this exploit is to manually type in every link you follow.

Rugby Fan Celebrates By Removing Balls

A Welsh rugby fan cut off his own testicles to celebrate Wales beating England at rugby, the Daily Mirror has reported.

Sell Your Body Or We’ll Cut Your Benefits

I’m not going to say anything: I’ll leave that to the people who comment here…

…but here’s a news story from The Telegraph: ‘If you don’t take a job as a prostitute, we can stop your benefits’.

Free Gift For First Hundred Customers

I’m sure that by now you’ll all be aware of the upcoming opening of Nice ‘n’ Naughty, the latest in a chain of sex shops (the latest of which was opened in Bangor, of all places), in Aberystwyth. It’ll be opening on Pier Street, on the site of the old Little Amsterdam (who’s web site still states that they have a shop here in Aber, despite the fact that it closed down some months ago) shop (which I reported on when it opened).

In any case, Nice ‘n’ Naughty is promising a free gift to each of the first 100 Aberystwyth customers, which is kind-of cool, as well as trying to put forward a ‘cleaner’ image than the infamous Little Amsterdam it replaces (so; no drugs, for example, and probably less effort made to piss of their neighbouring shops). If only they have the common sense to employ students (and therefore don’t suffer from the self-inflicted staffing problems Little Amsterdam had) they could be okay.

So: who’s up for a trip to Nice ‘n’ Naughty when they open, next Monday? I’ll try to get their opening hours so we can have a horde of us pounce them when the doors open… and give them a proper Aberystwyth welcome.

Three More “Extremely Critical” Internet Explorer 6 Vulnerabilities

Three more “extremely critical” Internet Explorer vulnerabilities are being reported today. Secunia‘s advice – Use another product.

LiveJournal Sells

Following up yesterday’s rumours, it can now be seen that, officially, LiveJournal has been sold to SixApart. The details look pretty good – the service will remain much as-it-is, nobody will be ‘migrated’ to TypePad or MoveableType, and – better yet – LiveJournal might actually (finally) get some much-needed new features, such as trackback (which can be seen in effect right here, on my post yesterday – this post will be linked as a ‘trackback’ comment, because this post follows it up – with trackback, this kind of thing can be posted cross-journal, too).

LiveJournal May Be Sold

I hear that LiveJournal – one of the world’s biggest blogging communities (and home to most of the blogs syndicated by Abnib) – is to be sold to SixApart, a TypePad/MoveableType-based blog-host.

What effect this will have on holders of existing LiveJournal accounts – particularly paid accounts – is as yet unknown. Nonetheless, I think this could be a very interesting year for LJ bloggers.

Internet Explorer Exploit Of The Day

There’s yet another killer Internet Explorer bug out there, which is manifesting itself in the form of a new trojan, Phel.A. This one only affects Windows PCs updated with SP2 (the supposedly ‘safe’ people) and works by confusing the ‘trusted’ and ‘untrusted’ zones.

I always find reports like this interesting, so I’ve written an exploit of my own. If you’re still using Microsoft Internet Explorer, and you’d like to see why you shouldn’t be:

Click here to look at a web page I’ve set up [update: link long-dead]. It looks kinda boring, I know, but – if you’re using Internet Explorer, it will slyly put a tiny application in your Startup group.
Next time you log into Windows, the tiny application will download and install a bigger application.
Next time after this that you log into Windows, the bigger application will run, and tell you why you shouldn’t be using Internet Explorer.

The information on how to use this exploit is easily available on the web. Before long, we’ll be seeing another wave of web sites that can install software on ant Internet Explorer users’ computer.

If you’re still using Internet Explorer, take a look at BrowseHappy.

Impact – Certain!

I take it you’ve all heard about asteroid 2004-MN4, which NASA have been having a field day over, because recent estimates have said that it’s chance of impact with the earth (on Friday 13th April 2029) could be as high as 1-in-37 (2.7%)… well; I’ve just found a well-hidden page on NASA‘s Near Earth Object Program that makes an impact estimate that’s terrifyingly higher… see a scary estimate (the server’s a little unreliable, you may need to try to connect a few times)…

Also, why not play with Arizona State University‘s Impact Effects Calculator, which estimates the damage that would be done by an asteroid impact with the parameters you provide.

That was funny. Made you look, didn’t I?

Board Games Making A Comeback This Christmas

Board games are making a comeback this Christmas, reports the BBC. That’s interesting news. So go “Have Your Say” already, and tell them what your favourite Geek Night board game is!

SmartData On BBC News Online

From an article on the BBC:

SmartData UK aims to create software and database solutions.

Company spokesman Gareth Hopkins said: “The move to Technium Aberystwyth has facilitated an expansion of the company and we believe this opportunity will open up a whole range of possibilities.

“The package offered by the Technium will assist us in creating more jobs and expanding into the international market place.”

Rat Brain Flies Jet

Here’s a scary little news story: Rat Brain Flies Jet, from The Register.

Windows XP SP1 Honeypot Breached In 200 Seconds

The internet is becoming a scarier and scarier place.

In a recent “honeypot” study, a Windows XP computer with Service Pack 1 was infiltrated in just 200 seconds, without even opening a web browser.

For the less techie-minded, a “honeypot” study involves setting up a new PC with a new operating system (in this case, a Windows XP SP1 machine) and connecting it directly to the internet to see how it is attacked and to what end. In this case, all they did was connect said computer to the internet… and less than four minutes later, it had been compromised by an attacker. Within half an hour, it was receiving instructions to act as a bridge to attack other computers.

Four minutes isn’t long enough to download and install ZoneAlarm. It certainly isn’t long enough to install Service Pack 2. And all across the globe, newbie PC users are buying off-the-shelf computers with no firewall, taking them home, and connecting them to the internet, basically ‘volunteering’ their computers and their bandwidth to be zombies and attack others around the world, relay spam, or share their files with anybody, anywhere.

If anybody needs help securing their system, just give me a shout.

More Letters After My Name

News of the day: (here I go, flooding you all with lots of small posts), I’m now Daniel Huntley BEng(Hons) MBCS, ‘cos I’m now a member of the British Computer Society. Not quite sure whether or not this is a good thing, yet, but hey.

Hmm… they’ll be sending me my membership card seperately from my information pack for “security reasons”? WTF?

Oh, and in other news, BBC News is reporting that Internet Explorer’s usage dropped for the first time to less than 90% in recent polls, with Firefox taking up most of the ‘switchers’. This is good news, indeed (as anybody who’s looked at Abnib in (a) Internet Explorer and (b) Any Standards-Compliant Browser will understand).

Smash My Phone

For $12.99, you can have a model smash your phone and publish the video to the internet for you to enjoy again and again. Fucking weird.