Internet Explorer IE 6 Security Privacy Flaw

For privacy and security Internet Explorer (IE) wouldn’t be my recommended browser ever – but today I had to test a website connection which I was having trouble with through my tunneled Firefox.

To do this I had a look at this site and some of their tools: CentralOps.net

I found using the Domain Dossier with service scan and trace route clicked helped me no end.

While I was there, and using IE6, I had a quick look at their Browser Mirror, and noticed this under clipboard

As can be easily seen, I had the words “Browser Mirror” in my clipboard and this script could read it – not so secure.

To fix this I change the security preferences from “default level” to Custom Level and disabled all automatic scripting functions, like so:

From (insecure):

To (more? secure):

For security and privacy reasons it is best simply not to use this junk – use Firefox (I tested Firefox and nothing was taken from my clipboard).

How to “socksify” a mac

Recently I have needed to socksify a mac.

Socksifying means that applications (like email pop3 / smtp programs) that normally do not use proxies or socks can tunnel their connections through the socks proxy. Socksifying connections is used mostly when using SSH secure tunneling for privacy and anonymous reasons (fully encrypted and secure all your internet / network connections including; web surfing, pop3 / smtp email, chat, etc use). The SSH tunnel service provider must be running socks4 or socks5 proxy software.

Now with a windows PC this is fairly straight forward (I thought) as there is free software available (called SocksCap). To socksify a PC connection means a simple download, install and configuration of the free software.

Being a ex-PC user (aren’t we all!) I thought the same would be required for my mac, how was I wrong, I wasted days downloading and installing many useless programs like fink, socat and what they required, Xcode (a 600 + mb download!).

After 2 days of total frustration I simply configured my network and browser proxy settings to the “socks” proxy only (left everything else blank) – and guess what it worked like a charm. No software to install, no configuration at all – macs are so easy sometimes the ease is simply overlooked.

To socksify your mac simply leave all other proxy settings empty and only fill in the socks proxy boxes.

In details it means;

1. Open up your system preferences, choose network, choose the live connection (most likely already selected), click configure, click proxy settings, and in the two socks boxes put in the socks server you are using and port. Click apply and you are finished.

A mac must be the easiest machine to sockify!

Why would anyone want to do this? Well … for privacy and anonymity on the internet of course …

Running IE on Debian and Ubuntu Linux

Need Internet Explorer (IE) for testing websites or just to work with some websites (surely no one would actually want to use it) AND are running Debian or Ubuntu? Then this maybe for you, no visualization software to install, installation is not complicated at all!

Running Internet Explorer in Debian and ubuntu Linux

Is there anything Linux can not do? Of course at the moment there is but there is always a workaround – worse case is running a windows dual boot system or running windows actually on your Linux operating system (more about that later).

Mac Trojans, Mac Viruses, Mac Keyloggers & Mac Spyware!

And MAC users thought they where safe!

Check out this list of active keyloggers, viruses, trojans, spyware, remote access baddies;

Trojan: ttyltty, TakeDown Suite, UnderHand Server, UnderHand Trojan Server, UnderHand, Termite X, Termite ServerEdit, Termite, Xover Server, Xover Client, HellRaiser Client 3.0 and HellRaiser Server 3.0

Keylogger: Monitorer, CarbonKeys Client 1.2, CarbonKeys Client 1.3, CarbonKeys Server 1.2, CarbonKeys Server 1.3, Monitorer Manager, Monitorer Pro Manager, OSXvnc, CarbonKeys, TextTrap, SuperSave, Peeping Tom, Mac Life Insurance, Invisible Oasis, Last Resort, KeyStroke, Keystroke Recorder, TypeSaver , TypeRecorder, Monitorer X, Keyboard Spy, Keyboard and Mouse Recorder, Keystroke Recorder X and Monitorer X Pro

Remote Administration: TypeRecorder X, WDTech RAE

Instant Access Dialer: PPP Dialer

Login Bypasser: BypassIt

Remote Access Trojan: Xover

A list of trojans, etc can be found here: http://macscan.securemac.com/list.php

I tried out MacScan and found nothing on my Mac (excellent to see of course) but that does make me wonder – since I have never used this type of scanner before *ever* just how many of these bad guys are actually running around and active (outside the real narsty side of the web of course).

Check out MacScan for yourself, free download and shareware for around a month and US$ 30 to buy.

100% Unauthorized from behind the news!

Using the 1992 presidential election as his springboard, documentary filmmaker Brian Springer captures the behind-the-scenes maneuverings of politicians and newscasters in the early 1990s. Pat Robertson banters about “homos,” Al Gore learns how to avoid abortion questions, George Bush talks to Larry King about halcyon — all presuming they’re off camera. Composed of 100% unauthorized satellite footage, Spin is a surreal expose of media-constructed reality.

Spin by Brian Springer

Free SSL Website Certificates from CACert

Free and open source SSL secure certificates for your websites are available now from CACert.

Now, website owners can save hundreds (if not thousands) when securing their websites.

Sadly, CACert is having trouble getting their root certificate preinstalled in most common browsers – this system of course protects the established expensive providers only – not the end user (us).

CACert’s root certificate is very easy to install – one click install here (this page gives you the install option).

Main website: http://www.cacert.org/

Are we all terrorists now?

How to spot a terrorist, taken from the Pennsylvania Commission on Crime Terrorism Awareness and Prevention site. This list basically covers most anyone who does anything – or believes anything – AT ALL!

Any involvement or belief from say organic vegetables to being a American Indian can lead you to be tagged a terrorist.

… the extreme fringe believes that the U.S. government is either the enemy or has been subverted by the enemy and must be actively defended against …

Keep reading →

Protect your email address from spammers

Protecting your main email address is becoming more and more important.

Phishing attacks (where a scammer send you a email which *looks like* it is from your bank or other trusted source) are dangerous, one slip up and you may find yourself in big trouble.

Other *lose email* practices simply result in your inbox just being filled with garbage – spam, spam and more spam! Use the internet long enough and you will start to receive hundreds of spam emails everyday.

There are a few options available to the average person to tackle spam and it’s dangers:

Keep reading →

E-gold Criminal Case Unsealed. USA Moves To Seize Gold

Latest document from the court case against e-gold by the USA government. Noted points are baseless claims, forced seizure of gold and no right of reply (of the victims who have had their e-gold accounts frozen).

Charges include; Conspiracy to Launder Monetary Instruments and operating a Unlicensed Money Transmitting Business.

Click the link below to read the details.

Keep reading →

Hate-America is a baseless mania?

Posted today on a email list, it was a reply to a sarcastic comment made (first few lines below) from another poster – a good reply:

Raven, remember the US is less bad its not like they torture, start preemptive wars, or seize private property without due process.
Hate-America is a baseless mania. No?

Where do you get your information?

Haven’t you heard of legalized torture? It was passed within the last year in the US, in response to accusations against the US military. See http://www.google.com/search?q=legalized+torture

You’ve never heard of the US starting preemptive wars? The Bush Doctrine specifically calls for preemptive military force, and the US has used preemptive force at least as far back as the 1820’s under John Quincy Adams. They regularly stick their noses into situations that don’t involve defense of the US.

There are numerous cases of private property being seized and handed over to other private parties. For example, http://www.npr.org/templates/story/story.php?storyId=4715674. I’d say this almost by definition is without due process.

There are numerous other examples. The IRS can seize your assets without even a hearing. The state of Virginia can create a tax judgment against you AS THOUGH there had been a court case, even when there wasn’t.

“Hate-America” might be a mania, but it is certainly not baseless.