Apple has released the newest version of its OS X operating system, dubbed Lion, and it includes a batch of new security protections that bring it up to the level of Windows and Internet Explorer. The most significant additions, experts say, is the full implementation of ASLR and a sandbox that make it much more difficult for attackers to exploit browser bugs via a drive-by download to install malware on a victim’s machine.
Browsing Tag: Privacy
Google’s new social network is growing fast, with more than 10 million users in its first week of operation. That’s not too bad for an invite-only Closed Beta release! The new social network is also a hit with users, unlike previous efforts like Orkut and Buzz.
[img_assist|nid=9667|title=J. Alex Halderman|desc=|link=none|align=right|width=100|height=100]A group of researchers from the University of Michigan and the University of Waterloo have developed a proxy system called Telex that provides a method for users to circumvent state-level censorship of the Web. It uses an architecture that includes a proxy at the ISP level and uses connections to benign sites to disguise traffic going to censored sites. Threatpost editor Dennis Fisher spoke with J. Alex Halderman, one of the creators of the system, about its potential, its limits and what remains to be done before it can be deployed broadly.
As state-level censorship continues to grow in various countries around the globe in response to political dissent and social change, researchers have begun looking for news ways to help Web users get around these restrictions. Now, a group of university researchers has developed an experimental system called Telex that replaces the typical proxy architecture with a scheme that hides the fact that the users is even trying to communicate at all.
UPDATE: A study by Stanford University Law School’s Center for Internet and Society has found that many online advertising networks are not adhering to their own privacy policies and continue to rely on and push out Web tracking cookies even after users have indicated that they do not wish to be tracked.
Mark Twain, Joseph Conrad and Stan Lee need not apply to Google’s hot new social network, Google+. The Web search giant, it seems, isn’t interested in pseudonyms or other phony identities. Its IRL (in real life) all the time – and that’s a problem, according to a spate of news articles this week. But don’t believe them.
Digital civil liberties organization, the Electric Frontier Foundation (EFF), appealed to the U.S. District Court of Colorado arguing that encrypted personal data is covered by the Fifth Amendment’s protection against self incrimination.
Most Internet users at this point understand that Web sites routinely and extensively track the behavior and movements of their visitors. It’s an unsettling reality. But few people have a handle on just how widespread and pervasive the practice is. Now, a developer has released an add-on for Firefox called Collusion that enables users to see exactly which sites and third parties are tracking them, in real time.
[img_assist|nid=9566|title=Sam Weber, NSF|desc=|link=popup|align=right|width=98|height=90]The following is an exclusive Threatpost interview with Samuel Weber, Program Director for the National Science Foundation’s Trustworthy Computing Program. The interview took place on Monday, June 27, 2011 at the RFIDSec 11 Conference on the campus of the University of Massachusetts, Amherst.
There is an ongoing phishing attack playing out right now on the Tumblr network and it already has succeeded in stealing the login credentials of several thousand users, according to researchers who have been following the activity. The attack relies on a fake login page and some promises of free adult content, which have proven to be more than enough incentive for thousands of victims to give up their usernames and passwords.