The Register published the result of a survey, among office worker in London, which reveals that women are 4 (four) times more likely than men to give out "passwords" in exchange for chocolate bars.

The survey by of 576 office workers in London found that women are by far more likely to give  their computer login credentials to total strangers than their male colleagues in a ratio above 4/1 (45% vs. 10%).

The bogus researchers also asked for workers' names and telephone numbers, ostensibly so they could be entered into a draw to go to Paris.

The complete article is on Register website 

Tags: access, chocolat, credential, ict, ICT Security, password, risk, security, survey

InfoWorld published the 10 most common security land mines that experts say you need to avoid.

Many companies spend a small fortune and deploy a small army to secure themselves from the many security threats lurking these days. But all those efforts can come to naught when making any of these common mistakes. The results can range from embarrassing to devastating, but security experts say that all are easily avoidable.

And almost all can be done without spending one more dime.

1. A slip of the finger reveals the company secret

2. People give away passwords and other secrets without thinking

3. A trusted partner ends up not being so trustworthy with your data

4. Web-based apps can be portals to leaks and thieves

5. Hoping the worse doesn’t happen only makes it worse

6. Avoiding or diluting response leadership makes breaches worse

7. Handling breach details sloppily tips off the perp

8. Trusting "silver bullet" technology hides real threats

9. Spending unthinkingly wastes resources you might need for important threats

10. Don't save the wrong data

In short, weakest point in ICT technologies is always the same one… guess who ?

The full article is available here on InfoWorld

Tags: 2008, art, blog, ces, ict, ICT Security, im, King, lan, leadership, nomadcom.net, password, risk, security, technology, thieves, threat, tips, top 10, weakness, web, world, wp, www, XP

The attacks on Swiss financial institutes with the aim of unjustified enrichment and the threat of the targeted industrial espionage via the internet are the main topics of the fifth semi-annual report of the Reporting and Analysis Centre for Information Assurance.

The report assesses the situation of the first half of the year 2007 in Switzerland and is now available online and clearly shows that the human factor remains the weakest point of ICT security.

Focus areas of issue 2007/I

• Attacks on Swiss financial services
  "Classic" phishing attacks by e-mail with password requests have decreased substantially in Switzerland. Moreover, all such attacks have been unsuccessful. On the other hand, successful attacks with malware have increased. Two-factor authentication systems (e.g. transaction authentication numbers, SecurID, etc.) do not afford protection against such attacks and must be viewed as insecure once the computer of the customer has been infected with malware.

• Industrial espionage and data theft
  The threat posed by targeted state or private industrial espionage continues. Not only the operators of critical infrastructures, the armament industry, or public authorities are threatened. Medium-sized industrial companies as well as manufacturers of luxury articles and fashion are also being targeted. The attacks are carried out by sending targeted e-mails to individual employees which contain malware in their attachments or links to bogus websites.
• Attacks on web servers:
  malware distribution, phishing, data theft Compromising of web servers has increased. The purpose is to use web servers to distribute malware, such as by drive-by infection, to steal data (especially on commercially used servers), to carry out (interim) storage of data (e.g. in connection with phishing), or to distribute messages that are generally political in nature.
• Malware / attack vectors
  Malware is still usually distributed through e-mail attachments or e-mails with links to bogus websites. Using clever social engineering techniques, the victim is deceived into opening the attachment or clicking on the link. Websites installing malware on the computer without any action by the user (drive-by infections) have heavily increased as an infection vector. Vulnerabilities in the operating system, the browser, or other applications are exploited. For a long time now, this no longer only happens on dubious sites, but also on (compromised) serious and well-known sites. Rates of recognition of malware by anti-virus software remain low.

The complete report is available on Melani website in italian, german, french and english.

A complete and useful list of all Internet risks and related protection measures is also available.

Tags: 2007, 24, aim, analysis, Annual, art, ATT, attack, blog, ces, computer, connection, CTU, customer, engine, espionage, human, ia, ict, ICT Security, im, industry, install, internet, IT World, ITU, King, lan, list, malware, melani, nomadcom.net, online, password, phishing, public, risk, security, services, social, storage, swiss, switzerland, theme, threat, user, web, web server, website, wp, www, XP

Whisher, a Spanish start-up, backed by Switzerland’s leading phone company, Swisscom, and the venture firm Benchmark Capital Europe is apparently very active for few month now. The principle of Whisher is that Wireless Access to the Internet should be free and accessible from everywhere which is basically the same concept than FON Movimiento, except that you don't need to purchase any specific hardware.

Whisher' users are requested to download an application through which they can share their wireless access (works also with WEP or WPA connections) with other Whisher members 

The newly released version 2.0 beta of the software offers more than just storing and encrypting connections' passwords such:

• Wireless connection manager
• WiFi sharing
• Chat with other users connected on the same wireless access point.
• Multi Instant Messenger support (Yahoo, MSN, AIM, ICQ, GoogleTalk, Twitter, Jabber)
• File Transfer (with users sharing the same wireless AP)
• LAN Support
• GeoLocation
• Other Networks connections (access via commercial access; hotspot, etc..). FON is supported too.
• Around You. Gives you informations about coming events, restaurants around the wireless connection you are currently using.

New services that should be available soon :

• Voice Support
• Global File Sharing 

Plateform supported : Windows XP, Linux, Mac O/S. Vista not available yet.

The software is still beta and some stability and registation problems have been reported. More information on their Blog

Tags: 2007, access, aim, api, art, blog, capital, ces, connection, connections, europe, event, fon, fon movimiento, free, global, google, HP, ia, icq, im, instant messenger, internet, lan, location, messenger, Mobile Communications, msn, network, nomadcom.net, password, phone, problems, release, sco, services, share, sharing, swiss, swisscom, switzerland, Telecommunications, twit, Twitter, user, vista, whisher, wifi, windows, wireless, wp, www, XP, yahoo

I found a funny nice software to help you to login into your computer without have to remember your password. What you need… BananaScreen software (2.3MB for XP only) and a Webcam.

Once installed, teach the software to recognize your face and enter your password. That's it !  

The software is still a beta and some "security issues" such, login using a photo or even a manga type drawing, anyway there are plenty other way to bypass Windows Login system, but at least this one is fun. 

Banana's engineers are still working on the recognition system and hopefully the version 1.0 of the software will only recognize the authorized user.  

Tags: 2007, banana, banana security, biometry, blog, computer, engine, face recognition, Fun, HP, im, install, King, lan, LED, login, logon, nomadcom.net, password, photo, raw, screen, security, space, user, web, webcam, windows, wp, www, XP

The British Department of Trade and Industry has made £4m available for four research projects aimed at reducing the IT risk created by human error.

The program, which is part of its Network Security Innovation Platform, reflects the fact that human error is by far the biggest risk to network security.

It cited the results of a survey it conducted, involving over 1,800 people, on the use of passwords. It found that:

• Just over 30% of users recorded their password or security information by either writing it down or storing it somewhere on their computer.
• About 65% never changed their password
• 20% of people used the same password for non-banking websites as well as their online bank

The projects will use behavioural science in a bid to tackle the human risk element in network security.

Four projects will receive funding under the programme.

• The first is about developing a risk assessment package focused on organisational and human factors.

• The second, named Trust Economics, is aimed at developing a predictive modelling framework that assesses security policies that regulate the interaction between humans and information systems.
• The third is aimed at developing a solution for the analysis of digital communications to identify threats introduced by humans.
• The fourth named CatalysIS, is a tool to improve risk culture and identify human vulnerabilities in network security.

Minister for science and innovation Malcolm Wicks said: "Unfortunately, the weakest link in network security is not usually with the technology, but with the staff and system users. A DTI survey found that a shocking number of people were careless with passwords, unwittingly exposing themselves and their company to fraud and theft.

"Network security is also a major growth area where the UK has a good opportunity to become a global leader if we develop new technology to give us a competitive edge."

This article was originally published at Kablenet 

Source: The Register 

 

Tags: 2007, aim, analysis, arc, art, blog, communication, computer, digital, Fun, global, human, ict, ICT Security, identify, im, industry, interaction, internet, Internet News, Internet World, IT risk, King, lan, network, nomadcom.net, online, password, pet, privacy, project, risk, science, search, security, space, study, survey, technology, the register, threat, uk, user, web, website, wp, www, XP

One of my first question was about how to send Twitter updates using Skype instead of anything else as I did not want to install an additional application with a single dedicated purpose.

Apparently I'm not alone in that situation and I found today a "how to" to post updates on Twitter using Skype chat tool

Quote

Here’s a little secret which no one seems to know about. There is a Skype robot which will post to your Twitter account.

1. Add twitter4skype as a contact.
2. Type the following as a chat message (be sure to do a FULL return for each line):
   /account
   yourtwitteraccountname
   yourtwitteraccountpassword
3. The system should return: twitter4skype Registration complete!
4. The next time you write a chat message to twitter4skype, the entry will appear as a Tweet on your account.

Give it a try and let me know how it works out.

Update: Some have reported they have not been successful on their first try to make this work. The issue usually is identified with the returns. On a Mac, make sure you press alt + return after each line. Also make sure there is a return after the last line. Once this is fixed, everything seems to “automagically” work.

Unquote

Source: PacificIT  

Tags: 2007, account, art, blog, ces, Gadgets, how to, im, install, Internet World, ITU, lan, mobile, Mobile Communications, nomadcom.net, nyt, password, pda, post, press, skype, skype4twitter, space, tweet, twit, Twitter, twittering, update, wp, www

As advertising on Fon web pages says it :

• At home you're a "Wi-Fi King"
• Away you become a "Wi-Fi beggar" 
  (or sometime even a Wi-Fi thief)

  so, why not to

• Share some Wi-Fi at home
• and get free WiFi access wherever you find a FON Wi-Fi access point (+360'000 members worldwide)

 

 That's the concept of Fon Movimiento but you can find more details on Fon pages or Wikipedia.

Hardware requirement :  

Benefits :

• Cheap wireless AP (with an "easy to get" voucher or invitation) : 20€ with shipping included.
• You're a Linus and get free access to others FON Wi-Fi access points
• You're a Bill and get 50% of the fees, currently $3.00, charged to Aliens (non FON members) for a day pass to connect through their route.

Risks :

• Your ISP may not like it, even if on their side they sell unsecured access point. So, it's up to you.. ask your ISP if you can share your connection.. or don't !   

Installation :

• Sign On Fon.com and order your Fonera
• Once you have it, connect it to your Internet router
• From your computer connect to the open FON_AP wireless network
• Launch your browser, you're automatically transfered to fon.com pages.
• Log On, change settings of your Fonera (password, SSID, WPA Key, etc..)
• Restart the Fonera or wait 24 hours
• Connect to your newly created wireless private network (by default named "my place").
• That's it… the whole process took about 10 minutes. 

Tags: 2007, 24, 802.11, access, advertising, art, blog, ces, community, computer, connection, find, fon, fon movimiento, fonera, fonero, free, Great Ideas, ia, im, install, internet, Internet World, King, lan, launch, map, minutes, mobile, Mobile Communications, network, Nomad Tools, nomadcom.net, On The Road, Our World, password, risk, safe, share, shared, space, telecom, Telecommunications, thief, Travel, web, website, wi fi, wifi, wireless, wordwide, world, worldwide, wp, www