Lost+Found: VIPs, bot test, Chuck Norris, data leaks, scary URLs, URL filters
Too small for news, too good to lose: In this edition, Mark Shuttleworth on Full Disclosure, a Waledac online test, an old bot with a new name, a data leak study, an alternative to shortening URLs and failing URL filters.
- It doesn't happen every day: Mark Shuttleworth personally replied on the Full Disclosure mailing list to the complaints about the desktop of the forthcoming Ubuntu version, Lucid Lynx, containing too many links to popular social networks.
- Has your computer been infected by the Waledac bot? An online test created at Mannheim University could show whether the relevant IP address has been registered in connection with the bot. However, the test is not 100 per cent reliable.
- It appears that choosing the name "Psybot" for a router bot discovered a year ago was not spectacular enough to achieve wide-spread media coverage. A year on, Czech specialists have rediscovered the bot and are now calling it "Chuck Norris " – which has caused quite a stir.
- According to a report by security firm 7 Safe, SQL-injection vulnerabilities are responsible for many data leaks.
- In addition to URL shorteners, there is now a ShadyURL service which converts a harmless URL into a scary and suspicious-looking one. Just where is http://5z8.info/enriched-uranium-supply_x5x3o_killallimmigrants actually going to lead?
- Tests by vendor M86 reveal that URL filters and anti-virus programs fail to detect or block malicious URLs in eight out of ten cases. The test involved more than 30,000 URLs.
(djwm)