Some folk have asked me for more details about the DigiNotar breach after my brief appearance on Al Jazeera this morning. So here are the notes I prepared for the segment. Links at the bottom. Background web security certificates are digital IDs issued by companies entrusted with making sure they are given to the right company or organisation. It allows a user to set up a secure connection between their computer and the organisation’s website. Browsers will show a little lock or some other icon to signify the certificate has been found and is trusted. Hackers broke into a Dutch company called DigiNotar, itself owned
By Jeremy Wagstaff (This is a copy of my weekly syndicated column) You really don’t need to thank me, but I think you should know that for the past 10 years I’ve been fighting a lonely battle on your behalf. I’ve been taking on mighty corporations to rid the world of spam. Not the spam you’re familiar with. Email spam is still around, it’s just not in your inbox, for the most part. Filters do a great job of keeping it out. I’m talking about more serious things, like eye spam, cabin spam, hand spam, counter spam and now, my most recent campaign, ATM spam.
This podcast is from my weekly slot on Radio Australia Today with Phil Kafcaloudes and Adelaine Ng, wherein we discuss HP buying Palm, students going cold turkey on social media, and China no longer being the spam capital of the world? To listen to the podcast, click on the button below. To subscribe, click here. Loose Wireless 100430 I appear on Radio Australia Today every Friday at about 9.15 am Singapore time (that’s 0.15 GMT/UTC.) There’s a live stream of the broadcast here, or find out your local frequencies here.
An Indian phone company is warning users against a variation on the premium rate phone scam, whereby users are contacted by email or mail and asked to call a number to confirm winning a prize. The number is a premium number—either local or international—and the user has to sit through several expensive minutes of canned music before finding they haven’t won anything. The Indian variation is that victims are sent an SMS containing the phone number they should call. They’re then charged Rs500 ($10) a minute as they navigate their way through an automated phone tree. Control Enter » Blog Archive » Beware of false
(Update: corrected a few things. You can’t see the person’s bank account number. But you can see anyone’s phone bill, whether or not they’re a customer of that bank.) — Here’s a hole in Internet banking that allows anyone with an account at a bank to look up other customers’ people’s bills–tax, water bill, Internet bill, landline, cellphone—so long as they have that person’s account or phone number. This means, for example, I can enter a telephone number and—so long as that person pays their phone has an unpaid bill at that bank—I can find out their name. Think of it as a reverse phone
I remember an instructive conversation with a guy who developed services for the mobile phone. I was suggesting some fancy service or other that involved a small app sitting on the phone. He said it wouldn’t fly with users. “No downloads, no registration, keep it simple,” he said. “Or it won’t stick.” Maybe that’s why SMS is so powerful and why, still, it’s the method of choice for services on the cellphone. Emily over at textually.org has found some more, illustrating how SMS is not just about simplicity, but flexibility. A device that allows you to start your car engine by SMS. The Webasto Thermo
Phone spam feels like it’s getting worse. I and my wife have been receiving numerous calls from the local arm of ANZ Bank — a bank I am happy to identify by name because I’ve sought comment from them without reply for nearly a week now. Our mobile phone numbers were probably sold by another bank or possibly by the cellphone company. Nokia researcher Jan Chipchase starts picking up SMS and phone spam on Hutch in India within a day of activating his SIM card, and finds that the company is three times as slow at removing his number from their spam lists: Locals in
I really hate being asked for lots of private details just to download a product. In short: People shouldn’t have to register to try something out. An email address, yes, if absolutely necessary. But better not: just let the person decide whether they like it. It’s the online equivalent of a salesperson shadowing you around the shop so closely that if you stop or turn around quickly they bump into you. (One assistant in Marks & Spencer the other day tailed me so closely I could smell his breath, which wasn’t pleasant, and then had the gall to signal to the cashier it was his commission when
Are companies like eBay knowingly peddling stolen goods? Surely not, but I wonder about their advertising strategy. I get confused about how sponsored results work. You know, those textual ads that appear alongside search results or on a webpage. I mean, I thought I knew how they worked: someone buys a word and when that word appears they get their ad next to it. But when I look for “laptop stolen” on Yahoo! Answers, I get this: So what keyword are eBay, DealTime and Shopping.com sponsoring here? Or do they really have good stolen laptops for sale? And if so, wasn’t I told? Or these
(A podcast of this can be downloaded here.) The walls of elite reviewers come tumbling down, and it’s not pretty. But is it what we want? I belatedly stumbled upon this piece in The Observer by Rachel Cooke on a new spat between editors, reviewers and blogger reviewers, and not much of it is new. There’s the usual stuff about how bloggers are anonymous (or at least pseudonymous) and the usual tale of how one writer got her spouse to write an anonymous positive review on Amazon (why hasn’t mine done one yet!) to balance against all the negative stuff. As Tony Hung points out,