Sunday, February 27, 2011
Facebook (on IE in Windows) suddenly (at least apparently) redirects to "Social Rewards Survey" and gets caught in loop; the "misstyped domain name problem"?
One grim, if remote, possibility is that this could have something to do with the 2008 threat to the domain name system, as reported in my "ID Theft" blog in August 2008; that had led to emergency international security meetings at Microsoft in July 2008. (Brian Krebs had a typical story about this problem at The Washington Post in August 2008 here.)
Update: Now it is looking like it might have been the result of a misspelled domain name "faceook.com" taking one to a survey site. In any case, it's working OK in Internet Explorer today.
Update: March 2: I got another text from "guessology" at 7:30 AM EST this morning. I hope this isn't the start of something. No, I don't need more ring tones.
Thursday, February 24, 2011
McAfee Site Advisor rating smaller individually-owned sites as gray (untested) suddenly, after being green for years
Internet Explorer, Mozilla and Chrome all can show Site Advisor ratings.
I can think of a good reason for "amateur" sites to go gray (or go "bald"); they tend to add lots of links without checking the links, and site advisory services consider the quality of secondary links offered. McAfee may believe it cannot keep up with or vouch for secondarily linked sites, but it could add another color code saying (like blue or turquoise) meaning just that. Corporate and government agency sites tend to do much less secondary linking and contain legal disclaimers for them.
Update: March 1
Even Google's own corporate blog turned up as "gray" on McAfee Site Advisor this morning!
Wednesday, February 23, 2011
Okay, I changed my security settings on my own Facebook account today to make all use of the site https. Really, the main place it matters is public places. Facebook’s own blog entry, as of Jan. 26, is (website url) here and a typical commentary is here with a CNET video.
Tuesday, February 22, 2011
It took the victim about ten days to get the money restored to her account.
No link or video is available yet.
But here’s a youtube video from “Boing Boing TV” in San Diego that shows that RFID-enabled cards (radio frequency enabled) actually decrease security, as someone shows how these cards can be read just by proximity, even when the victim is not processing a transaction. The only protection is a steel wallet. The video maintains that banks need to take more responsibility for centralized decryption of these devices. This would be particularly dangerous with debit cards.
But the main advice is still: don’t do business at sites without https.