Archive for the Category » 安全 «

星期一, 10月29日, 2012 | 笔者:

似乎, 在无限的智慧, 谷歌 有一个安全功能,可以阻止应用程序访问或使用您的谷歌帐户. 我可以看看谷歌的用户,这可能是一个问题, 尤其是他们的 GTalk的Gmail的 用户. 在我的情况下,它是 洋泾浜 有一个问题, 叽里咕噜 服务 (这是技术上的一部分,GTalk的). 后一点,我找到了解决办法 . 我很惊讶于怎么老问题是,这个功能已经存在多久!

要解除锁定的帐户,并在网上得到您的应用程序, 使用Google的验证码图片页面 这里.

分享
星期五, August 21st, 2009 | 笔者:

Have we here a Facebook Stalker?!

Of great consideration to online privacy are facebook stalkers. If a stalker randomly manages to add a few of your friends and you have your Profile Privacy Settings allowingFriends of Friendsto see everything then your stalker effectively has access to your profile even without having added you.

I’ve now adjusted my privacy settings more strictly and I’ve used theSee how a friend sees your profile:” tool to get an idea of how it changes things.

我的 “BasicInformation I had available toFriends of Friends”. This includesGender, Birthday, Hometown, Political and Religious Views and Relationship Statusaccording to Facebook’s description. You might think it fair that friends of your friends have an idea of how you roll.

But can you trust 所有 your friends anti-stalker spidey-senses?

I think NOT.

I previously had it that friends of friends can see my photos and videos but not much else. I’m thinking of changing that now too.

But wait, there’s More!

Further to this, we should be vigilant offakeFacebook profiles. Stalkers are usually apt enough to create more than one account with fake names. If you block one they create another and attempt to get a glance at your profile once more. I’ve created a friend group calledPrivacy Pls”. This group is limited from being able to see anything other than a very basic page. 这个 “basicview is akin to when you first started using Facebook and didn’t know you could add lots of stuff in there (stuff you later realised you didn’t want anyway).

If someone adds me and I’m not absolutely sure who it is, I add them to myPrivacy Plsgroup. Also if someone adds me and I don’t want to offend them by ignoring their invite I’ll rather add them to this group. Perhaps you feel you have a pervy boss for example.

But Wait! There’s Moreand this time you can do it TOO!

To do this for yourself, go to your Friends page, 点击 “Create New List”, and name it something appropriate – “Privacy Plsin my case. Add the appropriate friends to this list now or add any futuresuspectfriends to the group.

下一个, go to the Profile Privacy Settings page. Underneath each section you will find aEdit Custom Settings” 钮. Click the first one and, at the bottom of the dialog that pops up, you will findExcept these people”. Add yourPrivacy Plsgroup here. Do the same for all the sections you don’t want them to see. 当完成, use thefriend’s viewtool to confirm what is made available to persons on that list.

And the Friend-of-Friend Stalker?

To prevent yourFriend-of-FriendStalker from being able to see your profile, do yourself a favour and think very critically about what you want potential stalkers to be able to see. Now go change those Privacy Settings toOnly Friends”.

For the Photo Crazy

Check up on your Photo Album Privacy 设置. This is set up much the same as your profile settings. Consider carefully who you want to be able to see which photo albums and adjust the permissions appropriately!

Your Personal Contact Information

最后, check up on your Contact Information: 点击 “Profilebutton towards the top left of the Facebook page to get to your profile. Then click on theInfotab within your profile. When you mouseover the Contact Information section you will see anEditlink pop up on the right. Click this button to start editing your details.

Next to each item you will find alockicon. Click this lock to define further permissions for which friends are able to see the items. You’ve never give your address and phone details to a dodgy stranger you meet on the street. Why do we then go and give it away to everyone on the Internet. I recommend the following:

  • AllowNo one” 上:
    • email address
  • AllowOnly Friends” 上:
    • IM Screen Names
  • Remove completely or allowNo one” 上:
    • mobile phone number
    • landline number
  • Limit the following:
    • address detailsgive your area or suburbbut NOT your full address

Hopefully we don’t all have to learn our lessons the hard way.

P.S. (especially to the guys and gals who have asked) I’ve been extremely busy these last couple of weeks. I have a lot of unedited content I’m hoping to make publishable very soon!

分享
类别: 隐私, 安全  | 标签: , , ,  | 一个评论
星期天, 4月19日, 2009 | 笔者:

我觉得 互联网 是一个可怕的地方. 是, 我. 有几天我发现自己发现要偷走我们生计的最低等犯罪混蛋感到恐惧.

是, 人, 那里有罪犯,他们想要你的钱,或者想要利用你来赚钱. 更可怕的是他们愿意付出的努力, 甚至冒着你的风险. 不要通过围棋. 不收集 $200.

我收到一封电子邮件,说我被提供了一份工作 “区域助理” 和, 虽然没有提供细节, 电子邮件表明这是一个合法的机会. 我回答询问他们在哪里收到我的详细信息,以及他们对我的要求.

我是怀疑论者, 我以为我可以发现一英里外的骗子. 我还幸运的是 嘲笑这个主意.

几个小时之后, 他们回答说,我很快就会收到进一步的指示. 他们会 “大概” 被一个朋友推荐给我,他们进行了很多推荐,因此无法指定哪个朋友推荐了我. 我耐心地等待着,让它浮现在脑海. “他们可能已经找到了一个不错的候选人,但我输了”, 我想. “朋友可以推荐我多好. 显然我很棒。” (和愚蠢 :-/)

所以以后, 我收到我的电子邮件 “进一步的说明”. 在这里,我终于意识到自己正在与骗子打交道:

你好. 我们想开始试用任务. 我们的客户本周将向您转帐. 请到我们的网站 <网站省略> 提交转帐到的银行详细信息. 建立良好的交易记录后, 您会收到 2-3 每周转移 (约R10的数量 000 除第一次试用转移外).
请确认您可以开始. 在收到您的确认之前,我们不会向您的帐户发送任何转帐.
周一您将收到通知, 有关转账的详细信息和说明. 谢谢,度过了一个愉快的周末.

说什么??? 我检查了有问题的网站,, 毫无疑问, 这是由专业人员完成的洗钱计划. 他们知道自己在做什么,并且每月可能洗钱数百万. 更重要的是, 不可避免地, 他们会把你搞砸,并让警察逮捕你. These criminals can leave evidence behind implicating you even if all you’ve done is diligently moved money from one place to anotherand kept a small percentage for yourself. 😛

Money laundering is where illegitimate money (stolen, 大概) is transferred via third parties to appear more legitimate. You’re an accessory to the crime and, even worse, you’re even likely to be the victim of it. Recognise when an opportunity is too good to be true. I was fooled for a short while. Next up, given that a victim might give out a lot of personal details, the scammers might steal your identity and start to implicate you in fraudulent activities without you ever having done a thing.

If you happen to have already given any details such as the above where they wanted my banking details, contact your bank and inform them of the situation. They will give you the best possible advice on what to do next. If you’ve already responded to the mail but haven’t yet already given them the information they want, don’t reply any further. I’d also suggest calling your local police for further advice.

分享
星期三, 3月18日, 2009 | 笔者:

[编辑] 这么多的. 事实证明, openssl的 能够确定该密钥和证书已经是在一个单独的文件. 因此, 无 csplit可需要婷 (良好, 我希望有人读这至少学会了如何很好csplit可为). 其实, 整个脚本很可能会成为过时… blaargh. 好, 至少它提供了关于不给空口令一个很好的警示. 😀

这里是新版本:

pem2pfx – 转换包含一个私钥和签名证书到Windows兼容。pfx证书文件。PEM格式的文​​件.

#!/bin/bash
#pem2pfx
#V0.2
#狡猾 - brendan@swiftspiri吨.co.za
# 一,PEM证书文件转换为。pfx格式
# $1 是源文件
 -和
 
如果 [ $# = 1 ]; 然后
  OUTPUTFILE=`回声 $1 |  的/ .pem $ /。PFX /'`
 
  回声 “请在下面指定的密码. 窗户拒绝使用空白密码导入。pfx证书。"
  openssl的PKCS12 -出口 -出 $OUTPUTFILE -在 $1
 
 其他
  回声 “pem2pfx - 转换一个。PEM格式的私钥和证书文件到IIS兼容。pfx文件。"
  回声 “用法: pem2pfx inputfile.pem"

更多…

分享
星期四, March 05th, 2009 | 笔者:

Why is it that we’re so gullible?

I even considered for a whole second that my colleague had cross-checked the following SPAM before posting it on our IRL noticeboard. Please note that the following text originally had really bad-for-your-eyes fonts and colours. 😉

Urgent Warning from
Cell C, Vodacom公司 & MTN!

[business card of aLegal Representativeof the Special Investigating Unit]

亲爱的大家,
如果您在手机上收到任何人打来的电话, 说, 他或她是
公司工程师, 或说他们正在检查您的移动电话, 你有
去按 # 90 或 #09 或其他任何数字.
立即结束此通话,无需按任何数字.
有一家欺诈公司正在使用一种设备,一旦您按 #90 或 #09 他们能
访问您的“SIM卡’ 卡并拨打电话公司的费用.
这个消息转发给尽可能多的朋友,你可以, 停止它.
所有移动用户的注意,如果你接到一个电话和手机
显示器 (XALAN) 在屏幕上不接听电话, 结束通话立即,
如果接听电话, 你的手机会被病毒感染。.
该病毒会从手机中删除,你的SIM卡都全部IMEI和IMSI信息
卡, 这将让你的手机无法与电话网络连接. 您
将要新买的手机. 该信息已被证实双方摩托罗拉
和诺基亚.
请转发信息这一块
你所有的朋友具有移动.

这让我想到的第一件事情是在页面的顶部表示权威文本. 现在, 请记住,这是在布告栏上 – 而不是我的收件箱中反垃圾邮件的意识达到顶峰.

谁可能有权说他们代表南非的三寡头中的每个寡头发出通知 GSM 提供者? 好, 所以它一些 “特别” 听起来像政府的法律团队. 他们是合法的 – 它 转弯 出 – 但他们可能没有足够的时间来接我的电话,询问是否全部正确. Absolutely everything on the Internet must be true, especially anything I say. 😛

So anyway, now that we’re over the silliness, let’s break this hoax down:

Official Documentation

Bar a business card, which is hardly standard in any industry, there is no official contact information. I’d expect at least a letterhead or a misguided trailing disclaimer.

演讲和语言

实际上有 2 这里通知关于单独的威胁,但它是不是很明显没有充分阅读文本. 这是因为分段的能力和语法都很差. 政府机构通常不发出不良的措辞或paragraphed文档. 还, 为什么不单独发布关于各种威胁的单独通知?

酸橙 绿色??? 的Bleh

有没有链接到更多资源

这种类型的任何警告无疑将提供进一步的信息或宣传的网上存在 机构. 还, 也许他们会喜欢你给有关情况反馈或者他们希望我们进一步报告可疑活动. 但不是. 无. 只是具体代表的名片. 如果这个家伙死, 找到一个更好的工作, 或 树叶 国内?

“有一个诈骗公司 … “

这意味着,他们没有任何线索是谁. 这是一个广泛的和被动的声明. 问每当有人说 “他们” 或 “人谁”. 这是谁 “诈骗公司”? 哪里 “那里”? 为什么没有这条裂缝政府法律团队 (谁有权使用锁子甲传播警告) 让我们知道通过其超级强大的连锁网络邮件?

“这个消息转发给尽可能多的朋友,你可以”

我的, 天啊. 这条线可能已在每一个连锁信 / 社会工程病毒 (我特别的定义) 由于切片面包.

“该信息已经被摩托罗拉和诺基亚证实。”

他们试图阻止你想为自己和尝试独立核实他们的要求. 他们说 “你是愚蠢的检查. 我们已经检查了你. :-ð”. 当然, 事实上, 他们只是想利用我们轻信自然的优势.

“#90 or #09” 和 “XALAN”

There isn’t any way for you to verify this. 再次, question everything. Google’s first page of results is riddled with the wordsCell phone warning hoax”. duh.

If you get a message like the above from your friends, reply and tell them to stop sending spamand maybe give them a link to this page so they know why. 🙂

分享