Pages

Sunday, May 30, 2010

Warm and Fuzzy

It's nice to hear about some new online scam or phishing method, worry slightly because it's really clever, but then realize that I'm actually not exposed to it. Well, not as exposed as I could be.

Here's an explanation of a new type of phishing attack. Basically a tabbed malicious page can tell when it's not in focus, and when you're not looking it will change itself to look like a familiar login screen, Gmail for example.

Distracted users click over to that tab, assume they left Gmail open and enter their credentials without thinking about it.

So why am I not exposed? Or as exposed? 2 reasons:

1) I use No Script, the Javascript and Flash blocker for Firefox. You can block or unblock sites. I have Google unblocked, so if I got a notification that Java or Flash were being blocked that would be a helpful yet easily missed clue that I'm not on the site I think I am.

2) I use an in-browser password management plugin. If my user name and password aren't already entered in the form (and it wouldn't be because the domain has to be right for them to enter information), I'll know something's up.

Three password management plugins I have used (and like):

Xmarks - it's decent, I currently use it for bookmark syncing but not password, though I have used it for pasword syncing with no trouble. Xmarks also allows you to view open tabs on other computers a la Weave.

Mozilla Weave - for Firefox only, it syncs passwords, bookmarks, open tabs and history. I stopped using it as it would regularly lock up my netbook during it's scans/syncs.

LastPass - A fairly secure (I hope) password safe that works with most major browsers, and there's a bookmarklet to use in browsers that don't support it.

Saturday, May 29, 2010

A nice pick-me-up.

No updates for a while, huh? Nearly two months by my count.

The sad thing is, I've written a lot of posts for this site, they've all just been scrapped or left unfinished.

You'd think my traffic stats would be dwindling after this long a period without updating, but not so. They've dwindled slightly, but not significantly. Kind of dissolves any motivation to update for the sake of updating.

I've stalled out a bit due to a project I'm working on, which itself has stalled out due to being away from home for a few weeks.

Case in point, finally got down for the day, was hoping to get some work done, and just got called away to do something else.

More posts hopefully coming soon,

David