Posts

Showing posts from March, 2008

Xbox Live Security Q&A

Image
Online gaming is booming at the moment, and judging by the types and number of security related questions I am asked by online gamers, I think there may well be some issues to be raised and addressed. On the face of it, gamers’ accounts hold personal information, and often their payment details, such as bank or credit card details. And then there’s the odd mythical online object, which actually can have a real value in the real world, so the stakes are high enough for concern. In this post I’ll focus on Microsoft’s Xbox Live service, I’ll deal with World of Warcraft security issues another time, believe me that could be an even longer post than this one. So I am often asked about the security of the Xbox 360 console and the Xbox Live (XBL) service. Typically whether XBL accounts and Gamertags can be hacked, what the privacy issues are, and one of the most common concerns involves the management of payment card details, especially when it comes to users trying to remove their payment ...

It’s just bad, Phorm

Internet privacy controversy in the air at the moment, as adverting company Phorm are engaged on a PR campaign to gain acceptance of their new method of Internet advising, which they plan to roll out at the ISP level with BT, Virgin Media and TalkTalk. In fact today I will be speaking on BBC Radio Coventry and Warwickshire about this very subject. Who are Phorm? Well they are an “adware” company formally know as 121Media. They were responsible for the “PeopleOnPage” desktop adware application, which gathered information about the host PC and recorded which web sites were visited by the user, before passing this information on to a third party server, in order to direct specific pop-up advertisements. In fact security company F-Secure regarded their app as Spyware, whether it is labeled officially as Adware or Spyware does really matter to me, as I believe such software is an unnecessary nuisance and any company behind duping users into installing it on their PCs should be viewed with...

A Hard Disk Shredding Story

Image
These days most people think nothing of donating their old unwanted PCs to noble and worthy causes such as their local School, charities, or they do the “green thing” by sending their PCs to be recycled at their local rubbish tip or at the supermarket. This is all great and dandy, however I find more often than not personal data security is completely overlooked. So I’m going to explain these pitfalls in the form of a story… Once upon a time there were three blokes, John, Colin and James who won a regional pub quiz championship sponsored by a major computer manufacturer, each of them won a powerful super quick Windows Vista PCs. The next day all three transferred their personal data from their old dilapidated PCs to their spanking new computers and then decided to do the “green thing” and drop off their old PCs at the local supermarket for recycling or charity donation if suitable. John went through his old PC and very carefully deleted all his personal data files, and Email accoun...

The Cyber Warfare Risk to Business

Businesses are relying on the Internet more than ever, whether it’s sales through an e-Commerce website, or low cost “site to site” communications by way of Internet VPNs, Email communications or general web information gathering/distribution, there are many businesses which just can’t “do” without the Internet for a sustained period of time. In my view businesses are very complacent with their reliance on the Internet, and don't have plan B, should worst happen. Sure the Internet was originally developed to withstand a World War III nuclear attack, but businesses which heavily rely on the Internet to conduct business, should be wary of a new wave of Cyber Warfare threats as we progress into the 21st Century. The fact is there are individuals, criminal gangs and even governments and terrorist organisations which have the ability to take down websites, and effect geographic parts of the Internet, even a slow down of Internet traffic in a specific region can have a financial impact...