Archive | June 2012

No More Flash Player for Android?

The end for support for Adobe Flash Player for Android Systems is coming very soon! See below:

Devices that don’t have the Flash Player provided by the manufacturer typically are uncertified, meaning the manufacturer has not completed the certification testing requirements. In many cases users of uncertified devices have been able to download the Flash Player from the Google Play Store, and in most cases it worked. However, with Android 4.1 this is no longer going to be the case, as we have not continued developing and testing Flash Player for this new version of Android and its available browser options.  There will be no certified implementations of Flash Player for Android 4.1.

Beginning August 15th we will use the configuration settings in the Google Play Store to limit continued access to Flash Player updates to only those devices that have Flash Player already installed. Devices that do not have Flash Player already installed are increasingly likely to be incompatible with Flash Player and will no longer be able to install it from the Google Play Store after August 15th.

See the full story on the Adobe Blog

Celebrity Nude Photos Trouble Rising Up

There are continuing stories repeatedly of nude photos being stolen from celebrities through hacks and other leaks across the internet. What the problem is, it reveals immorality maybe, but also violates the privacy of the celebrity.

It’s none of anyone’s business but the celebrity itself, on why they decided to post nude photos on the insecure internet. Whether you believe it or not, celebrities reveal way too much personal data too, except in different ways.

Of course, you’ll rarely get to access a celebrity’s Facebook account, or friend them. Now, seeing a Twitter account of a celebrity is probably more likely, but it’s probably not a personal account.

Personal social networking accounts for celebrities are unlikely to be public, and unlikely to be noticed, also! So, at least they know how to handle themselves in social networking. After all, it could cost them their job, for involvement in social networking.

Back on topic…Let’s example Scarlett Johansson’s situation, where Christopher Chaney was held guilty for hacking/leaking the nude photos of this celebrity. Even the same hacker got Mila Kunis’s photos as well.

Now, according to media reports, prosecutors have filed documents at the US District Court in California, calling for 35-year-old Chaney to spend 71 months in prison, and pay over $150,000 in restitution.

To avoid this situation, celebrities listen up: secure your email account with a better password!! End-of-story.



Security Experts Worried About Google Now

Google Now is another one of those applications that worry security experts, like the recent Facebook issue for mobile tracking. Google Now is the latest upgrade in the new release of the Android Operating System. What’s worrisome is that its searching techniques put businesses at risk.

As a competitor for Apple Siri (voice-based service anyway), Google Now uses searching history, calendar, Google Maps usage, and location to deliver useful information to you ahead of time. Privacy ouchie! But anyway, maybe you want to know when and where the next bus will stop, or when a storm will hit…Google Now has all the information you need without your asking!

Now, this is not enabled by default, you have to opt-in. What it lacks is a management platform, for companies to be able to manage it and keep their employees on task/schedule. What would be best is for secure browsers to be deployed on these mobile platforms, which can enable the ability to disable such apps, particularly distracting ones.

Many companies rely on the privacy of all of their company’s data, and cannot have Google services indexing sensitive data to deliver crazy results in Google Now. Even more so, companies are worried for their employees’ personal data being at risk, as well!

Google will have to make a way for better management techniques before the use of this app gets out of hand (and it can do so very fast).



AD: Centrally manage your backups with NovaStor Central Management Console for 5 users.

Secunia Personal Software Inspector Updates – V. 3

Searching to simplify the process of vulnerability management for your Windows PC? Get Secunia PSI!

Secunia has released an upgrade to Personal Software Inspector (PSI). PSI is an automatic patch management system that keeps plugins, programs, and other components up-to-date for you!

The more configurable interface, automatic patching is enabled by default of course, it makes the software more comfortable to use. Some have complained that it gets stuck on scanning for updates, but I’m sure this will be fixed soon!

Feel free to learn more about Secunia PSI:

See a video about PSI:



Manage vulnerabilities with Secunia PSI, and manage the performance of your PC with TuneUp!

With TuneUp Utilities 2012 improved performance, less energy consumption, a more streamlined Windows setup and PC in top shape – Try now for free!

Latest Hacks on AT&T and Comcast

"WikiBoatWednesday" is the latest battle cry from hackers who are targeting corporations and government sites to show for whistleblower site WikiLeaks and to promote other causes.

“WikiBoatWednesday” is the latest battle cry from hackers who are targeting corporations and government sites to show support for whistleblower site WikiLeaks and promote other causes or concerns.

A group of hackers has posted to the Web today data that appears to include Comcast employee names, ages and salaries, as well as e-mails and passwords associated with AT&T VoIP service accounts.

Proclaiming the kickoff of “#WikiBoatWednesday…when all the members from @TheWikiBoat fight corruption, leak data, and bring down websites,” the hackers released the data in two different posts to the Pastebin Web site. Several of the Twitter handles used by the group, including @AnonymousWiki, referenced the Anonymous online activist group, but the connection to the larger, decentralized collective is unclear.

Full Story: at CNET

Republican Senators Revise Cybersecurity Bill

Government Security

The cybersecurity bill discussed in congress earlier this Spring is now revised with newer details. The revision to the originally democratic bill is more based on disallowing the government to absolutely standardize new cybersecurity bills. The idea is for those with critical infrastructured networks get fully secure (as required). The new SECURE IT bill restricts the government from retaining and using information about cyberthreats.

According to Computer World: SECURE IT, backed by Sens. John McCain (R-Ariz.), Kay Bailey Hutchison (R-Texas), Chuck Grassley (R-Iowa), Saxby Chambliss (R-Ga.), Lisa Murkowski (R-Alaska), Dan Coats (R-Ind.), Ron Johnson (R-Wis.), and Richard Burr (R-N.C.), will allow companies to legally share real-time cyberthreat information from their networks with other industry stakeholders, law enforcement agents and government officials.

The restriction of the use of such information about cyberthreats is to help combat the ability of hackers from discovering the information and getting quicker revision time for their threats.

The mere investment in to tools to combat cybersecurity threats is crucial to American infrastructure, and infrastructure all around the world even!

The biggest deal is watching how cyberthreat information is shared. Programs like CISPA are not going to function very well. Which means cyberthreat information should be held between private parties for a temporary time, and once a mitigation is made, destroy the data.

Corporate and government systems are not immune to cyberattacks by hackers.


Mobile Location Tracking Featured Removed from Facebook

Facebook launched a new feature this past Sunday, which was a location tracking feature that allowed users to see which of their friends were nearby. This feature has been quickly removed, after quick evaluation. The executive team at Facebook seems to not have their head on straight, or maybe the risk platform is too high right now, but it’s time to get the act together in thinking about the security and privacy of every human user of Facebook.

The feature, like all other strange features, turned itself on by default. Which means anyone and everyone would be vulnerable. This type of feature can easily broaden the range of stalkers and make it easier for people to track your location.

As if FourSquare or Facebook Places wasn’t bad enough, this feature grinds many gears in the security world. Why release privacy-violating features, when you know it’s possible they will be removed.

Or let’s see it in Facebook’s eyes: “We’re always testing new features”. IS THAT THE KEY TO YOUR BUSINESS PLAN? For what it’s worth, Facebook, there are a lot better ways to stretch your business without hurting the privacy of others. WHY does every new feature have to do with privacy? Hello! The target of social networking is to bring people closer mentally/emotionally (already connected public friends), but not physically closer.

It’s time to think, Facebook! This may seem like a good idea for some, but for security researchers and others: pure privacy torture!

How Valuable Are CAPTCHAs in Today’s Security World

CAPTCHAs are not invulnerable

For quite a long time, it’s been studied that CAPTCHAs, a website security method in short: tell computers and humans apart, are the  best way to avoid bot transmissions. But in some cases, CAPTCHAs have proven not so invulnerable.

What’s more interesting is that CAPTCHAs were originally created to prevent bots from illegitimately accessing websites. CAPTCHAs assume, by their own nature, that every visitor is a computer – therefore, everyone should take the test. There are only a few ways that CAPTCHAs are successfully bypassed to infiltrate a website:

  • Exploit of bugs in the implementation.
  • Increased ability to create character recognition software products.
  • Allowing hired humans to do the puzzles for some extra cash (cheap labor).
  • Audio CAPTCHAs are vulnerable to voice recognition programs that are targeted at CAPTCHA cracks.

Apple’s Mountain Lion OS Automatically Checks for Security Updates Daily

In the interest of fairness, Apple has deployed a newer security updating system in their next version of Mac OS X (dubbed Mountain Lion / v10.8). Its release in July will be just in time to save a lot of hassle dealing with security updating.

However, please note this new technology will not help with zero-day bugs. Sometimes, if a zero-day bug gets spread, the updating cannot be so quickly adapted.

Anyway, the Mountain Lion Security Update System is designed to assist users in getting the latest security updates for their system every day!

With Gatekeeper, the new anti-malware feature that checks application downloads for evidence of fraudulent/trojan activities, all of these new security features will help protect identities. It also proves something valuable: Mac OS is not invulnerable to malware.

If it was designed by hand, it can be cracked by hand! That’s the best security philosophy to have!!

This update is just planted from the aftermath of the Flashback Trojan/Botnet that affected up to or over 600,000 Macs. Apple is realizing their operating systems are no more secure than a Windows PC. Watch Microsoft and learn, friends! They’ve had the security patching mechanisms for over ten years…Apple has yet to release any.


%d bloggers like this: