Netscape.com hacked

(via F-Secure security blog)

I used to keep track of hacked web sites every day. It was a fun hobby until there were so many hacked sites every day I couldn’t keep up any more. That was over 4 years ago. Still, every once in a while, a major site gets hacked and makes the news. When it happens, I hate being so late finding out about it. Now that I have a site, though, I can at least post about it. That said, check it out:

netscape-hacked2.JPG

Netscape.com has been hacked via a persistent Cross Site Scripting (XSS) vulnerability in their newly launched Digg-like news service. Attackers (who are obviously fans of Digg) have used the XSS vulnerability to inject their own javascript code snippets into pages on the website, including the homepage. As of now, it has only been used to display javascript alerts with “comical” messages and to redirect visitors to Digg.com!

Check out additional screenshots here and here.

Fortunately no one has tried to inject malcious code… yet.

We’ll finish our draft with more on the potential dangers of XSS for you soon.

[tags]Hacking, Hacked website, Netscape hacked, Netscape, F-Secure[/tags]

Today in history – FBI founded

Man, I almost totally missed this. Here we are near the end of the day, and I’m just catching up on all my news. And given my interest in security, politics, and what the government is doing, I find this interesting. Today in history, 98 years ago, the Federal Bureau of Investigation (FBI) was founded.

On July 26, 1908, the Federal Bureau of Investigation (FBI) is born when U.S. Attorney General Charles Bonaparte orders a group of newly hired federal investigators to report to Chief Examiner Stanley W. Finch of the Department of Justice. One year later, the Office of the Chief Examiner was renamed the Bureau of Investigation, and in 1935 it became the Federal Bureau of Investigation.

When the Department of Justice was created in 1870 to enforce federal law and coordinate judicial policy, it had no permanent investigators on its staff. At first, it hired private detectives when it needed federal crimes investigated and later rented out investigators from other federal agencies, such as the Secret Service, which was created by the Department of the Treasury in 1865 to investigate counterfeiting. In the early part of the 20th century, the attorney general was authorized to hire a few permanent investigators, and the Office of the Chief Examiner, which consisted mostly of accountants, was created to review financial transactions of the federal courts.

Continue reading Today in history – FBI founded

Question for my visitors – Do you want to be sent away?

Main question below in bolded paragraph. Thoughts/why post and ask lead up to that:

In all my recent surfing, I’ve been checking in on what others say about running a blog. I’m far from being happy with what I do on this site, as there is more I want to post, more original content I want to produce, and more features I’d like to get working. As my spare time allows, I do these things. But when I have limited time, I just work on keeping interesting (to me) things going out on the site every day (although I know I fail that often).

So in my reading about being a better blogger, I find this article (quoted in large part below) in which the author says links from a site should remain in their own window/tab, and most certainly not open a new window or tab. When I surf, I much prefer staying on a page and having extra links open in a new window or tab, so that is how I’ve set up my site. Apparently, that is considered bad form.

This brings me to my question then – when I link to other sites in my posts, should I make the links open new browser windows and tabs (as happens now), or should I leave them in the same window and make visitors open up in new windows/tabs any links they want to see without leaving my site?

Please take the time to make a brief comment on this post and say which you prefer. I’m already considering changing to no-new windows posting, but I’m not yet decided.

Want to tick people off? Have your links open new windows. Have users click to a number of links on your blog so they now have 8 or 9 windows open. Make it difficult to browse because the back button can’t be used to browse because every link is a new window. You’ll have people unsubscribing from your blog in a New York minute.

Your blog is not going to become all things to all people on a niche topic. If that’s your goal, you’re setting yourself up for failure.

Be a success by sending your audience to what’s of value to them. That’ll guaranty they’ll keep coming back to you for more.

[tags]Send visitors away, Blog link practices[/tags]

PVRs good for networks

(via PVR Wire)
Some foolish CBS researcher went and did the unthinkable – he looked into the claim that PVRs (Personal Video Recorders – think Tivo and ReplayTV) are bad for the networks.  Upon conducting this study, he found out that PVRs are good for the networks.  Of course, much like the reality that downloaders are the biggest purchasers of music, this fact won’t sway the fear-mongers who are trying to prevent good technology from making the lives of consumers better.

It seems like the most obvious thing in the world that digital video recorders are bad news for TV networks. DVRs make it easier for viewers to record a show tonight and watch it four days down the road — or to capture it tonight after it ran four days ago. Some of them even enable viewers to save an entire season of a series to the DVR’s hard drive with one click of a button.

By further distorting the TV schedule, these VCRs in overdrive would appear to diminish the value of the advertising on which television networks rely. After all, many ads are time-sensitive. What’s the point of touting tomorrow’s release of a Hollywood blockbuster if people won’t see the tout until after the all-important first weekend?

And so, during a recent lunch hour, in a meeting room in Pasadena, the chief research officer of CBS presented TV critics with the other side of the story. And according to David Poltrack’s statistics, DVRs are just dandy for big networks like his.

Why?  Well, let’s look at some of the realities he found:

  • DVR penetration in the United States is at 12% to 15% of households, versus 8% last year
  • the public is adopting DVRs at a slower rate than some observers predicted, and the idea that a DVR revolution would sweep away the networks’ scheduling power has “been thoroughly discredited.”
  • DVR-equipped viewers of the big four U.S. networks still watch 90% of their shows live, although this figure drops to 82% for prime time
  • Sixty-six per cent of viewers who have recorded a show on DVR watch it by 6 a.m. the next morning, Mr. Poltrack said, and 80% watch within two days
  • DVRs will increase the total audience. Case in point: On U.S. television this autumn, two very popular shows, Grey’s Anatomy on ABC and CSI: Crime Scene Investigation on CBS, are going toe-to-toe at 9 p.m. on Tuesdays (this scheduling conflict does not occur in Canada)

Less PVRs (I call them PVRs, he says DVRs) than expected, slower growth, high same day/next-day viewing, extremely high live-TV viewership?  All kinds of crazy stuff.  The end result is for the vast majority of PVR owners, the devices have changed very little in peoples’ actual viewing habits.   Mr. Poltrak (the CBS researcher) also notes that people already skip commercials on VCRs, so PVRs won’t change that.  Plus, people “get” the ads, even at high speed or with only limited exposure.

His argument is that people get the point of ads even at a higher rate of speed (indeed, that kind of absorption of information is the underpinning of the roadside billboard industry). Mr. Poltrack observed that many commercials are now designed to remain comprehensible in fast-forward.

The end of the world does not appear to be imminent for the networks now.  But I’m sure someone will come along, brush the facts under a rug, and work on getting our wonderful congress to pass laws restricting the grand timesaving devices we call PVRs.

[tags]PVRs, network television, PVRs good for networks[/tags]

Prepare to meet your next President

I’m not sure what to say about this. I think this guy would get my vote. He may be a bit unorthodox, but he does have a way of getting things done. From his campaign site:

zodportrait.jpgWhen I first came to your planet and demanded your homes, property and very lives, I didn’t know you were already doing so, willingly, with your own government. I can win no tribute from a bankrupted nation populated by feeble flag-waving plebians. In 2008 I shall restore your dignity and make you servants worthy of my rule. This new government shall become a tool of my oppression. Instead of hidden agendas and waffling policies, I offer you direct candor and brutal certainty. I only ask for your tribute, your lives, and your vote.

Thanks to an online gaming friend for pointing out this site to me. I doubt I ever would have stumbled on this on my own.

[tags]Zod for president, 2008 elections, Kneel before me[/tags]

Sky marshals name innocents to meet quota?

(via Schneier’s Security Blog)
This is a story so absurd it’s hard to believe. On the other hand, this is a government organization we’re talking about, so who knows?

You could be on a secret government database or watch list for simply taking a picture on an airplane. Some federal air marshals say they’re reporting your actions to meet a quota, even though some top officials deny it.

The air marshals, whose identities are being concealed, told 7NEWS that they’re required to submit at least one report a month. If they don’t, there’s no raise, no bonus, no awards and no special assignments.

“Innocent passengers are being entered into an international intelligence database as suspicious persons, acting in a suspicious manner on an aircraft … and they did nothing wrong,” said one federal air marshal.

These unknowing passengers who are doing nothing wrong are landing in a secret government document called a Surveillance Detection Report, or SDR. Air marshals told 7NEWS that managers in Las Vegas created and continue to maintain this potentially dangerous quota system. “Do these reports have real life impacts on the people who are identified as potential terrorists?” 7NEWS Investigator Tony Kovaleski asked.

“Absolutely,” a federal air marshal replied.

. . .

Another federal air marshal said that not only is there a quota in Las Vegas for SDRs, but that “it directly reflects on (their) performance evaluations” and on how much money they make.

The director of the Air Marshal Service, Dana Brown, declined 7NEWS’ request for an interview on the quota system. But the agency points to a memo from August 2004 that said there is not a quota for submitting SDRs and which goes on to say, “I do not expect reports that are inaccurate or frivolous.” But, Las Vegas-based air marshals say the quota system remains in force, now more than two years after managers sent the original memos, and that it’s a mandate from management that impacts annual raises, bonuses, awards and special assignments.

. . .

One example, according to air marshals, occurred on one flight leaving Las Vegas, when an unknowing passenger, most likely a tourist, was identified in an SDR for doing nothing more than taking a photo of the Las Vegas skyline as his plane rolled down the runway.

. . .

Strange and other air marshals said the quota allows the government to fill a database with bad information.

A Las Vegas air marshal said he didn’t write an SDR every month for exactly that reason.

“Well, it’s intelligence information, and like any system, if you put garbage in, you get garbage out,” the air marshal said.

“I would like to see an investigation — a real investigation conducted into the ways things are done here,” the air marshal in Las Vegas said.

Although the agency strongly denies any presence of a quota system, Las Vegas-based air marshals have produced documents that show their performance review is directly linked to producing SDRs.

I have to agree with Schneier here, really, though.  This seems too insane to be real.  But with the Department of Homeland Security, stupidity seems to know no bounds.  I hope it’s not real.  I think it’s not real.  But I just can’t be certain.
[tags]Sky marshals, Department of Homeland Security, Government stupidity[/tags]

More happy birthday wishes

Yes, we’ve already covered Sandra Bullock. But there are a number of other notables celebrating birthdays today. Enough that I wanted to point some of them out.

Of course, I highlight Shaw since I’ve recently returned from a trip to Ireland. The whole reason I went looking at other birthdays for today was because I heard recently that today is Huxley’s birthday. And the others I point out just because I figure plenty of folks will know who they are.

[tags]Happy Birthday, Kate Beckinsale, Brave New World[/tags]

Happy Birthday, Speed lady

Just because I know my oldest brother has a thing for her, I’m posting a reminder to everyone that today is Ms. Sandra Bullock’s 42nd birthday. Although she has done tons of movie work, she is probably best known for her role as Annie Porter in Speed (and again in the less successful Speed 2). Personally, I think Demolition Man and Ms. Congeniality are better movies for her.

First, let’s take a look via way-back technology at a much younger Ms. Bullock. And all you creepy people stop thinking those dirty thoughts over this picture.

sandra-young.jpg

Now, with that out of the way, let’s look at something more recent. Here’s a Eye Candy style picture from one of her magazine photo shoots some time back. My brother has a framed copy of this picture. I wish I could have found a clearer copy of it. And by the way, this is one of my favorite pictures of her.

sandra-in-plaid.jpg

So Happy Birthday to Ms. Sandra Bullock.

[tags]Happy Birthday, Eye Candy, Sandra Bullock[/tags]

Word of the day

This comes from nowhere in particular except the dark recesses of my mind.  Way back in my college days, my super-awesome friend Kara had a homemade sign in her dorm room that said:

Defenestration – the act by which the defenstrator defenstrates the defenstratee

which, of course, told you nothing about what the word means.  But I was always taken with the sign, especially after looking up defenestration and finding out what it actually means.

Now go out and put your new word to use (but not necessarily commit defenestration).

[tags]Defenestration, Windows, Word of the day[/tags]