For all the hype and declarations of world-changingness that have been made about mobile technology, social networks, the new hype sounds a lot like the old hype. Only the drastic […]
As border enforcement as using increasingly invasive tactics, a traveler that has any privacy concerns for the data that they are carrying (especially if visiting the United States) will very […]
I have a new pgp key. Feel free to sign it at your pgp.net keyserver of choice. $ gpg –fingerprint FE264BAA pub 16384R/FE264BAA 2008-01-17 Key fingerprint = 9A05 99DB 838D […]
I’ve decided that I, as a relatively new resident of Washington State, will start filing formal complaints with the state Attorney General’s office (using this form here) for those companies […]
It is a new Web 2.0 economy! All the rules have changed! Yeah. Sure they have. Right. It’s the same shell game of no revenue that everyone has played before. […]
Jeremy Schoemaker asked me to write up a little something regarding the recent string of SEO web defacements for a non-technical audience which he posted in his blog.The SEO industry is very focused on being SEOs.Like many professionals, many attempt to avoid time consuming activities that are not core to their business…. This is a perennial theme of information security writings and I myself have touched on itWeb defacements are nothing new, but the media attention to SEO superstars is notable and makes their online presence an attractive high-value target. The recent mass defacement of SEO wordpress blogs that was launched from a technical adversary using tor is an example of what has become a not uncommon occurrence.What can SEOs, and bloggers in general, do to lessen the risk of public embarrassment from defacements, hacktivism, and information leakage?… (For example, the bugfix for Wordpress v2.0.6 addressed a correction for those webservers that had left register_globals set to “on.” Not recommended in the first place.)Hardening the web services themselves with security modules.Use of a NIDS or HIDS that will actively block or alert upon detection of questionable behaviors.All of these methods involves time and resources that could best be applied to doing what they do best, in this case, being a SEO.