Will we ever use GPS to find our way?

May 27th, 2009

GPS.jpg

Frankly, how many of us actually use personal navigation devices (PNDs) to find our way around? Perhaps, a handful of technology-crazy users and yet companies continue to put their faith (and money!) on global positioning systems (GPS), maps and services around GPS. The numbers tell a positive story. We are soon going to be a 400 million strong mobile phone market, of which smartphones (with GPS features) would be roughly 15-20 per cent. We have over 1.8-2 million still/digital cameras. IDC numbers tell us that the total installed base of PCs in India has surged past the 36 million units mark, and now India has one personal computer for every 30 people. Read the rest of this entry »

del.icio.us:Will we ever use GPS to find our way?  digg:Will we ever use GPS to find our way?  newsvine:Will we ever use GPS to find our way?  reddit:Will we ever use GPS to find our way?  Y!:Will we ever use GPS to find our way?

They know what you did online

May 6th, 2009

Twidontclick.jpgtter (a popular microblogging site) has been trying to fend it off, after it went under attack twice. Clickjacking is the latest hazard doing round on the web.

Twitter users first noticed the clickjacking prank in February and soon Twitter had shut it down. The site had tweets that carried a tag ‘Don’t Click’ followed by a link. Clicking the link took the user to a page that included a button that said ‘Don’t Click.’ Clicking the button automatically distributed the identical tweet. As imagined, this did spread pretty quickly.

Simply put clickjacking is an attack where some bad guy slips a malicious link invisibly onto a webpage or under a commonly used button on a website. When the user clicks on the link or rolls his mouse over the link, he becomes infected, explained security experts.

Although Twitter’s original fix wiped a page clean if it detected a malicious frame on its pages, but then hackers circumvented that and Twitter was forced to come up with another fix.

It is concealed spying, say security experts. “Web pages know what web sites you’ve been to …, where you’re logged in, what you watch on YouTube, and now they can literally ’see’ and ‘hear’ you,” wrote Jeremiah Grossman, founder and CTO of WhiteHat Security, in his blog post.

The threat has only grown with every passing day. Now, every big company that values its brand name is working to fend off clickjacking attacks. For instance, Microsoft has included a new clickjacking protection feature in Internet Explorer 8 that lets websites safeguard their sites and visitors without browser add-ons.  Adobe Systems too updated its popular Flash Player to fix vulnerabilities over clickjacking. Clickjacking is both a web and a browser problem, but the fixes are likely to come from the browser vendors.

To make matters worse, using JavaScript, an attacker could make the invisible target constantly follow the user’s mouse pointer, thereby intercepting his first click no matter where it happens on the current page. The latest version of NoScript, a Firefox browser plugin that blocks Flash, Java, and JavaScript, includes a new anti-clickjacking feature called ClearClick. It reveals transparent or concealed windows so the user can see attempts to co-opt clicks for malicious purposes.

Quite clearly clickjacking can turn into the worst sort of security risk. Why? Because it is transparent to the unwitting user, simple to implement and difficult to stop.

del.icio.us:They know what you did online digg:They know what you did online newsvine:They know what you did online reddit:They know what you did online Y!:They know what you did online