The attacks on Swiss financial institutes with the aim of unjustified enrichment and the threat of the targeted industrial espionage via the internet are the main topics of the fifth semi-annual report of the Reporting and Analysis Centre for Information Assurance.

The report assesses the situation of the first half of the year 2007 in Switzerland and is now available online and clearly shows that the human factor remains the weakest point of ICT security.

Focus areas of issue 2007/I

• Attacks on Swiss financial services
  "Classic" phishing attacks by e-mail with password requests have decreased substantially in Switzerland. Moreover, all such attacks have been unsuccessful. On the other hand, successful attacks with malware have increased. Two-factor authentication systems (e.g. transaction authentication numbers, SecurID, etc.) do not afford protection against such attacks and must be viewed as insecure once the computer of the customer has been infected with malware.

• Industrial espionage and data theft
  The threat posed by targeted state or private industrial espionage continues. Not only the operators of critical infrastructures, the armament industry, or public authorities are threatened. Medium-sized industrial companies as well as manufacturers of luxury articles and fashion are also being targeted. The attacks are carried out by sending targeted e-mails to individual employees which contain malware in their attachments or links to bogus websites.
• Attacks on web servers:
  malware distribution, phishing, data theft Compromising of web servers has increased. The purpose is to use web servers to distribute malware, such as by drive-by infection, to steal data (especially on commercially used servers), to carry out (interim) storage of data (e.g. in connection with phishing), or to distribute messages that are generally political in nature.
• Malware / attack vectors
  Malware is still usually distributed through e-mail attachments or e-mails with links to bogus websites. Using clever social engineering techniques, the victim is deceived into opening the attachment or clicking on the link. Websites installing malware on the computer without any action by the user (drive-by infections) have heavily increased as an infection vector. Vulnerabilities in the operating system, the browser, or other applications are exploited. For a long time now, this no longer only happens on dubious sites, but also on (compromised) serious and well-known sites. Rates of recognition of malware by anti-virus software remain low.

The complete report is available on Melani website in italian, german, french and english.

A complete and useful list of all Internet risks and related protection measures is also available.

Tags: 2007, 24, aim, analysis, Annual, art, ATT, attack, blog, ces, computer, connection, CTU, customer, engine, espionage, human, ia, ict, ICT Security, im, industry, install, internet, IT World, ITU, King, lan, list, malware, melani, nomadcom.net, online, password, phishing, public, risk, security, services, social, storage, swiss, switzerland, theme, threat, user, web, web server, website, wp, www, XP

I will start to compile some informations about tools that make Flickr even better. This first post is about scripts that add useful tools and improve rendering of Flickr pages.

Next posts related to Flickr will be about photo online editors, Flickr 3rd party applications, etc.. Greasemonkey is a Firefox add-on (works also on Flock) which allows you to customize the way a webpage displays using small bits of JavaScript.

Hundreds of scripts, for a wide variety of popular sites, are already available at Userscripts.org.

Martin Gommel's listed the 10 most useful scripts for Flickr and published it on the Digital Photography School blog.

1. Flickr Auto Page This is definitely one of the most useful scripts for Flickr. It allows you to scroll though a stream without clicking the “next page” - button. Older images are loaded automatically.
2. Flickr New Contact More Links This script displays more useful information in you Flickr-inbox about the user when they add you as a new contact.
3. Flickr Multi Group Sender This one gives you the ability to post an image to multiple Flickr groups at the one time. Warning : If an image is posted in too many groups you reduce the probability of your image being explored ! I recommend adding images to a maximum of 5 groups.
4. Flickr Move Comment Form Up This makes commenting on images a lot easier. This script always displays the comment box underneath you selected image - regardless of how many other comments have already been written.
5. Flickr Photo Rank Photo Rank will show you a photo’s rank if it is in the top 1000 most interesting images of the day. After installation you can find it under “Additional Information” on the photo’s page.
6. FlickrPM FlickrPM allows you to get important information about another user in a short amount of time by blending in different buttons next to the username on their stream (like icons for mail, profile, favorites, Scout and interestingness). Useful: With FlickrPM you can send the user a Flickrmail without leaving the selected page.
7. Buddy Icon Reply This is another time saver scripts for Flickr. With it you will never have to copy&paste user names you want to reply to on your or other images. With one click you will get a little icon of the user you want to answer in your comment box. Nice !
8. Flickr Background Color This script is all about aesthetics and is an easy to use tool that changes the background color on a photo page. It displays several shades of gray through to black. So if an image has a “dark feeling” the white standard Flickr background won’t disturb it.
9. Flickr Follow Comments This useful script helps you to view images that you have commented on - but only those that interest you. If you are writing lots of comments every day you know how hard it is not to get distracted by the overload of images when you click “Comments You’ve made”. With this userscript you have 4 different options to see only certain types of comments.
10. FlickrMailManager This MailManager is the one of those scripts I will always value, because it makes handling your flickr-inbox much easier. For instance you can “mark all as read”, “delete group invites” and “nuke mailbox”. The processing time depends on the size of your inbox - so I use it very often

What are your preferred GM scripts ?

Source: Digital Photography School

Blogged with Flock

Tags: flickr, tools, script, greasemonkey, photo, sharing,

Tags: 2007, art, blog, ces, digital, editor, find, Flickr, fon, im, install, King, list, online, online editor, photo, photo online editor, Photography, post, processing, sco, sharing, top 10, uk, user, web, wp, www, XP

Cory Doctorow wrote this Creative Commons-licensed fiction story for Radar Online magazine.

  Une version française est disponible ici

“Give me six lines written by the most honorable of men, and I will find an excuse in them to hang him.” –Cardinal Richelieu

“We don’t know enough about you.” –Google CEO Eric Schmidt

Greg landed at San Francisco International Airport at 8 p.m., but by the time he’d made it to the front of the customs line, it was after midnight. He’d emerged from first class, brown as a nut, unshaven, and loose-limbed after a month on the beach in Cabo (scuba diving three days a week, seducing French college girls the rest of the time). When he’d left the city a month before, he’d been a stoop-shouldered, potbellied wreck. Now he was a bronze god, drawing admiring glances from the stews at the front of the cabin.

Four hours later in the customs line, he’d slid from god back to man. His slight buzz had worn off, sweat ran down the crack of his ass, and his shoulders and neck were so tense his upper back felt like a tennis racket. The batteries on his iPod had long since died, leaving him with nothing to do except eavesdrop on the middle-age couple ahead of him.

“The marvels of modern technology,” said the woman, shrugging at a nearby sign: Immigration–Powered by Google.

“I thought that didn’t start until next month?” The man was alternately wearing and holding a large sombrero.

Googling at the border. Christ. Greg had vested out of Google six months before, cashing in his options and “taking some me time"–which turned out to be less rewarding than he’d expected. What he mostly did over the five months that followed was fix his friends’ PCs, watch daytime TV, and gain 10 pounds, which he blamed on being at home instead of in the Googleplex, with its well-appointed 24-hour gym.

He should have seen it coming, of course. The U.S. government had lavished $15 billion on a program to fingerprint and photograph visitors at the border, and hadn’t caught a single terrorist. Clearly, the public sector was not equipped to Do Search Right.

The DHS officer had bags under his eyes and squinted at his screen, prodding at his keyboard with sausage fingers. No wonder it was taking four hours to get out of the god damned airport.

Read the rest of this entry »

Tags: 2007, 24, access, account, air, airport, analysis, arc, arms, art, ATT, batteries, blog, book, brown, bt, camera, card, cars, ces, columbia, communication, computer, CTU, design, digital, dress, engine, explain, Festival, fiction, find, flash, free, Fun, google, google maps, History, HP, ia, ict, identify, im, International, internet, ipod, ITU, keyboard, King, lan, laptop, launch, law, LED, LG, light, live, map, MIT, money, network, nomadcom.net, nyt, officer, online, organize, pair, personal data, pet, photo, picture, police, politics, post, power, press, privacy, project, public, raw, release, science, sco, screen, scroogled, search, security, simple, social, soviet, storm, story, suspect, technology, term, terror, theme, touch, upgrade, USA, usage, user, violation, web, webcam, wifi, wonders, world, wp, www, XP, yahoo