Posts tagged: RISKS

Several weeks ago I ranted about eBay’s problems with phishing and some things I am surprised they aren’t doing in response. I’m afraid I’ve got a similar complaint today.

I’ve been searching for a present for someone (I can’t be more specific for risk of ruining the surprise!) and noticed that many of the matching items that were coming up in my searches were being offered by sellers in the UK. At least that’s what I assumed, because the prices were in Pounds sterling.

This evening I was pointed to a blog posting from yesterday about Sony’s foray into malware distribution. The author gives a heavily technical blow-by-blow account of uncovering sleazy copy-protection software that has come along with his latest purchase from the Sony BMG record label:

…At that point I knew conclusively that the rootkit and its associated files were related to the First 4 Internet DRM software Sony ships on its CDs. Not happy having underhanded and sloppily written software on my system I looked for a way to uninstall it. However, I didnt find any reference to it in the Control Panels Add or Remove Programs list, nor did I find any uninstall utility or directions on the CD or on First 4 Internets site. I checked the EULA and saw no mention of the fact that I was agreeing to have software put on my system that I couldn’t uninstall. Now I was mad.

Via Rafe I learned of an astounding Javascript hack done by a MySpace user. Excerpts from the summary, allegedly written by the creator:

…anyone who viewed my profile who wasn’t already on my friends list would inadvertently add me as a friend. Without their permission.

8:35 am: You have 74 friends and 221 friend requests. Woah. I did not expect this much. I’m surprised it even worked. 200 people have been infected in 8 hours. That means I’ll have 600 new friends added every day. Woah.

Some recent news is giving me flashbacks to 1995, when Unisys sprung their GIF patent surprise on the young World Wide Web. We got quite angry and some enterprising people even built a replacement for the beloved GIF.

Are we going there again? Forgent, a Texas company that “develops and licenses intellectual property and makes scheduling software” (it makes me feel dirty just to type that) is suing 40 companies, including Microsoft, Apple, and Yahoo, for infringing on JPEG-related patent No. 4,698,672.

A lot of eBay phishing scams take you to websites that not only mimic the look of the site they’re impersonating, but actually contain live links to that site and even use images hosted there.

I just got one today: an email with the ironic subject line of “eBay Fraud Mediation Request.” I always take a look at these to see if the scammers have any new tricks. I even click on the links (being a Mac user emboldens me there). This one took me to a site called www.signin-e-bay.com (I’m omitting the full link that takes you to the scam pages). The page was full of links to real eBay pages and used images hosted on eBay servers.

Via Bruce Schneier: In Cambridge, England, police are reporting multiple thefts where laptops stored in car trunks (er, “boots”) have been located by thieves using Bluetooth-capable cellphones. What were those people thinking? Don’t they care about battery life?

The RISKS Digest from May 2005 also has a posting about the same thing happening at Disney World.