Thursday, March 22, 2007

Microsoft Xbox Phone Staffers Giving Away Private Information

Lisa Vaas writes on eWeek:

Hijackers are getting access to Xbox Live gaming accounts, credit cards and PayPal accounts with repeated calls to support staff, who are easy prey for social engineering stunts.

Going against Microsoft's own privacy policy, Xbox Live telephone support personnel are giving away gamer tags based on made-up information. One gamer who requested anonymity shared with eWEEK a taped telephone conversation in which he called the Xbox Live phone support number on March 21 and wound up getting a valid gamer tag based on simply making up a name and the state in which he supposedly lives.

More here.

Judge Throws Out Internet Blocking Law

An AP newswire article by Maryclaire Dale, via MSNBC, reports that:

A federal judge on Thursday threw out a 1998 law that makes it a crime for commercial Web site operators to let children access "harmful" material.

In the ruling, the judge said parents can protect their children through software filters and other less restrictive means that do not limit the rights of adults to free speech.

"Perhaps we do the minors of this country harm if First Amendment protections, which they will with age inherit fully, are chipped away in the name of their protection," wrote Senior U.S. District Judge Lowell Reed Jr., who presided over a four-week trial last fall.

More here.

Australian Hijacks 90 eBay Accounts

Dan Goodin writes on The Register:

An Australian man pleaded guilty to breaking into eBay and a local bank to steal AU$42,000 (about $34,000), in a case that demonstrates the problem of account takeovers on the auction site.

Dov Tenenboim, 21, of the Sydney suburb of North Bondi, stood accused of breaking into at least 90 different eBay seller accounts last year, mostly by guessing passwords. Tenenboim frequently figured out the credentials by matching usernames to passwords, prosecutors said. Other times he hacked into email accounts.

More here.

ICANN Speaks Out for Registrar Reform

Burke Hansen writes on The Register:

As Registerfly fades into oblivion, ICANN has at last taken it upon itself to address many of the questions raised by the company's precipitous collapse.

ICANN issued a statement on its website today detailing a variety of issues to be addressed at the upcoming ICANN conference in Lisbon.

President and CEO of ICANN, Dr Paul Twomey, left no doubt as to the depth of the problems brought to light by the Registerfly fiasco, and to the amount of work to be done to ensure that it does not happen again.

More here.

Monday, March 19, 2007

'Surge' in Hijacked PC Networks

Via The BBC.

The number of computers hijacked by malicious hackers to send out spam and viruses has grown almost 30% in the last year, according to a survey.

More than six million computers world wide are now part of a "bot network", reported security firm Symantec.

Computer users typically do not know that their PC has been hijacked.

More than a third of all computer attacks in the second half of 2006 originated from PCs in the United States, the threat report said.

While the total number of bot-net PCs rose, the number of servers controlling them dropped by about 25% to 4,700, the twice-yearly report said.

More here.

Sunday, March 18, 2007

Programming Note

As you may have already noticed, blogging has been light for the past couple of days. That's because I was in transit to Prague for IETF 68, which is where I am now -- and just got reconnected to the Internet, so to speak.

So, blogging will most likely be relatively light through next week -- I'll be busy and doing a bit of touring in the side.

Cheers from Prague!

- ferg