might be of interest security stuff as usual

[somanyholes]

i must update my java, i must update my java

Both educational, so hopefully these are of use. Comments are worth reading as ever...

A Peek Inside the 'Eleonore' Browser Exploit Kit
http://www.krebsonsecurity.com/2010/01/a-peek-inside-the-eleonore-browser-exploit-kit/

Cyber Crooks Cooked the Books at Fla. Library
http://www.krebsonsecurity.com/2010/01/cyber-crooks-cooked-the-books-at-fla-library/

[Rik]

Thanks, So. It's getting worse by the day it seems.

[somanyholes]

They do really have a point in the comments about these western union style transfer's. Something will have to change, at some point,  i presume that the banks haven't hit the, it's costing us to much money threshhold yet.

[Rik]

You're as cynicalrealistic as me, So.

[somanyholes]

might as well bolt this on here.

Researchers criticise 3D Secure credit card authentication
http://www.h-online.com/security/news/item/Researchers-criticise-3D-Secure-credit-card-authentication-914144.html

They also note that the process of entering the new password also signs the user up to new terms and conditions which shift liability onto the customer despite the bank having made "many poor security choices"

[Steve]

I've always thought it was an unnecessary step that added little in the way of security.

[somanyholes]

the attitude does seem to be, throw everything at the wall and see what sticks. I think the concept is pretty good, and it must have brought down card not present fraud, i think by how much is the question really.

[somanyholes]

and more

http://www.rsa.com/blog/blog_entry.aspx?id=1580

[Rik]

I think I'm going to buy an island and live on it, So. 

[somanyholes]

a boat would do

[Rik]

You weren't thinking of a prison ship were you?

[somanyholes]

You weren't thinking of a prison ship were you?

Did cross my mind 

[Technical Ben]

Is this a bad time to mention I decided to teach myself Java recently? 

[Rik]

Probably...