Lost+Found: Revealing tweets, a phrack eBook and self-blockades

Too short for news, too good to lose; Lost+Found is a round up of useful security news. Today: Revealing tweets, tornado sirens, a phrack eBook and self-blockades.

• Under the Twitter account @NeedADebitCard , the tweets from users who have recklessly taken photos of their debit or credit cards and posted them online are collected. The users have often forgotten to make the card number, expiration date and owner unreadable.

• Comodo's OCSP servers at ocsp.comodoca.com and ocsp.usertrust.com, used to check whether an SSL certificate has been revoked, were labelled as suspicious a week ago and appearing on various blacklists . McAfee's TrustedSource service and even Comodo's own site inspector accused the site of spreading malware. Those who were using software that evaluates the certificates of a site with a Comodo certificate would have found themselves unable get an encrypted connection. Since then, though, the problem has been fixed but why a company would apparently blacklist itself is unclear.

• Seven tornado sirens alarmed the approximately 16,000 citizens of Lemont, Illinois last Saturday at 19:30 local time, but it appears no one in authority set them off. The police had activated them the previous Sunday and it is believed that that signal was recorded and reused to create the evenings disturbance. Nearby Evanston's sirens also apparently sounded without activation.

• A blogger by the name of albino has collected and converted all 25 years of Phrack magazine into formats readable on ebook readers and kindles.

• Another forum, another 400,000 password hashes. The stockpile of SHA256 hashes surfaced on a forum with no indication of where they originate. Approximately one third of them have already been cracked.

(djwm)