What Petraeus and Broadwell could have used instead of Gmail. If there's a lesson for cheating spouses to be learned from the Broadwell-Petraeus-Allen-Kelley scandal, it's to think twice before you press "send. " The affair between former CIA director David H. Petraeus and his biographer, Paula Broadwell, was uncovered when Petraeus's friend Jill Kelley complained to the FBI that she was receiving harassing e-mails. During the investigation, the FBI began digging through Broadwell's e-mails. General David Petraeus shakes hands with Paula Broadwell. (ISAF via Reuters) Now, the FBI has uncovered between 20,000 and 30,000 pages of documents — most of them e-mails — that contain “potentially inappropriate” communication between Gen.
John R. Petraeus and Broadwell were apparently communicating by composing messages and then leaving them in a draft folder for the other to find, making the e-mails harder to trace. The FBI was able to track down Broadwell through the couple's anonymous Gmail accounts, despite the draft-saving technique the two used. CV Dazzle: Camouflage From Computer Vision by Adam Harvey. Web-based DNS Randomness Test | DNS-OARC.
US-CERT's Vulnerability Note VU#800113 describes deficiencies in the DNS protocol and implementations that can facilitate cache poisoning attacks. The answers from a poisoned nameserver cannot be trusted. You may be redirected to malicious web sites that will try to steal your identity or infect your computers with malware. Working exploits for this issue are already widely circulated!
Upgrade your nameservers ASAP if you haven't done so already! On August 7, 2008, Dan Kaminsky will release additional details about these poisoning attacks. The essence of the problem is that DNS resolvers don't always use enough randomness in their transaction IDs and query source ports. This page exists to help you learn if your ISP's nameservers are vulnerable to this type of attack.
The test takes a few seconds to complete. See porttest for another way to check your resolver from a Unix commandline. The first truly honest privacy policy. The FTC has called for a Do Not Track list and simplified Web privacy policies. How about an honest privacy policy instead? Teaser: It’s been a hell of a year for consumer privacy, or the lack thereof. It’s been a hell of a year for consumer privacy, or the lack thereof. From Facebook leaking personally identifiable information to advertisers, to data brokers harvesting reams of user information on social nets, to Google’s Wi-Fi slurping, 2010 may be remembered as the year the privacy chickens came home to roost -- and quickly got roasted.
Now Congress is debating new privacy laws and the FTC has weighed in with proposals for a No Tracking List to thwart nosy Web advertisers. The agency has also called for sites to create privacy policies a wee bit shorter and more accessible than, say, Facebook’s 5,830-word privacy opus. Technology | Campaigners warn of user data creep. Internet service providers (ISPs) are required to store details of user e-mails and net phone calls from Monday as a European Union directive comes into force. Governments say it will protect citizens but civil liberty campaigners are not so sure.
To whom did you send your first e-mail today? I ask, because from today ISPs inside the EU are legally required to store details of that e-mail for up to a year. And the same goes for any internet phone call you make. This so-called communications data is now being held on the ISPs' servers just in case the authorities want to come and look at it. Many ISPs have actually been holding on to this kind of data as a matter of course - to help defeat spam, to monitor and manage their own networks and because governments have asked them to do so voluntarily.
The difference now is that it is a legal requirement. Not logged To be clear, the contents of the e-mails are not logged, nor are the contents of any net phone calls. Link suspects 'More conscious' Facebook fait machine arri. Panopticlick.