The Social Programmer
Latest Comments
Reply | Original | Permalink | Share | TweetI’ve seen an informal charity benefit along those lines here in Scotts Valley. The Safeway supermarket chain offers “frequent shopper” cards which you scan on each trip to the register. You automatically get whatever advertised discounts or store coupons are in effect for your purchases (in lieu of paper coupons). The store of course gets to track your spending habits and send targeted junk mail to your home address. As you rack up more purchase points, you qualify for further discounts on future purchases.
Some folks opt out of the whole spending habits tracking thing. What I found interesting was when a clerk asked for the shopper’s Safeway card and the shopper declined, the clerk scanned a Safeway card tied to the register. The shopper got the item discounts on their purchases, but the purchase points were credited to a local charity. The charity could use those points to get reduced prices on their future purchases.
Nifty idea, simple to implement. Naturally, it got shut down after several months. Clerks are no longer allowed to scan alternate cards to benefit third parties on behalf of a shopper.
Reply | Original | Permalink | Share | TweetIt’ll come eventually because I’ve already seen it in action in North America. Especially during the holidays. Can’t remember which stores but some popular chains like Gap or Barnes & Noble ask you at the end if you’d like to add on whatever amount to your bill to give to charity.
Reply | Original | Permalink | Share | TweetCraig Murphy Auto and repair botch jobs, for Manufacturers inferior parts
Reply | Original | Permalink | Share | TweetYou’re right that they screwed up banking regulation, but so far Ofcom, Ofwat and all the other Of’s haven’t apparently messed up *that* badly. Of course it’s possible that their screwups just haven’t matured yet, but I think the jury’s out on this one.
Reply | Original | Permalink | Share | TweetThis is brilliant! Love it.
Reply | Original | Permalink | Share | TweetVery Good!
Reply | Original | Permalink | Share | TweetReminds me of this:
http://www.plagiarismtoday.com/2005/12/05/synonymized-plagiarism-a-new-threat/
Reply | Original | Permalink | Share | Tweet@Sara - thanks for the correction, now fixed in the text!
Reply | Original | Permalink | Share | TweetGreat job! I’m an organizer for the GGD in Milan, please note that the GGD are called GIRL Geek Dinners, not Girly.
Reply | Original | Permalink | Share | TweetHello, I am responding to the Website needed, we can definitely assist you, please contact us at 602-404-4444 or visit us online at http://www.directconnectcommunications.com
Reply | Original | Permalink | Share | TweetFull description of Antivirus 2009, and removal steps
http://www.f-secure.com/sw-desc/rogue_w32_xpantivirus.shtml
Reply | Original | Permalink | Share | TweetWith Cybercrime such an extensive part of the criminal under world activity I’m still amazed at how little effort is put into security the entry points to information such as password. One time password authentication solutions are in abundance but outside of the corporate environment hardly used.
As you point out password crackers can determine most passwords in minutes give the simplicity of most users’ passwords. Bruce Schneier is right to suggest implementing more secure passwords through the use of an obfuscated sentence, something at Pinoptic we have been suggesting for a number of years.
The problem however is most users do not remember complex passwords, or resort to writing them down sometime in clear view of others. In the end there is a general lack of awareness of the importance of protecting your data whatever site you submit personal details onto including social sites such as Twitters. The criminal world will seek to gather information about you through the extensive data mining capabilities in their arsenal to gain access to your information.
We need to stop trying to make it so easy for them.
Reply | Original | Permalink | Share | TweetVery good article Craig.
I maintain my view that most modern security flaws are as much the failure of the user as they are the failure of the service/company. As you have pointed out with the Twitterank incident not only do web applications need more than just basic password authentication, they also need people to be more aware that a password alone, especially one they use for everything including online banking, is not a 100% security guarantee.
It is good to see more sites using OpenID and I especially like the idea of merging Information Cards with the service (https://www.signon.com/). I feel a little safer when using these systems but even then you still have to be vigilant.
I wonder how many people use browser plug-ins that require account user names and passwords (TwitterFox, or GMailNotifier for example) think about what their details could be used for or how secure those plug-ins are. Are they secretly storing the passwords of thousands of users? The same theory applies, just because it is in your browser does not mean it is any more secure.
Just my two cents for you there
Reply | Original | Permalink | Share | Tweet@kovshenin - that is the irony of gathering passwords in this fashion - it *is* “kiddish”, however such an act would cause the most confusion and humour for the harvesting party. You are correct, it makes no sense, but such an act could easily have happened with Twitterank. In such situations, the harvesting party either makes obvious use of their information or subtle use - random tweets from random victims would be considered subtle use.
Reply | Original | Permalink | Share | TweetSure, we always have to be careful, just a lil’ bit paranoïds
Reply | Original | Permalink | Share | TweetWhy would they want to post “random tweets from random victims”? I mean what’s the point? That’s as kiddish as taking over an IRC channel and kicking everybody out :\ it makes no sense
Reply | Original | Permalink | Share | TweetI am not too concerned about passing along my credentials to Twitterank. Many 3rd party sites ask for Twitter User ID and password, and that’s due to Twitter not using OAuth yet. Twitter Karma and others do the same thing.
More here:
http://www.louisgray.com/live/2008/11/twitterank-can-have-my-password-no.html
Reply | Original | Permalink | Share | TweetHey Craig,
The guy who created TwitterRank is just another Valley engineer, and the ZDNet blog post is totally baseless.
If you’re curious you can talk to the guy yourself: ryo@iloha.net or http://twitter.com/ryochiji
AFAIK, TwitterRank needs you credentials because it uses who you’ve replied to and who is replying to you to calculate the rank. twitter.grader.com is cute, but TwitterRank uses Real Math(tm) a la Google’s PageRank.
Reply | Original | Permalink | Share | TweetColour of her eyes? What on earth makes women think we’re looking at their faces? *hide*
Reply | Original | Permalink | Share | Tweet^^RE: As he already told in the beginning of the article, for SMTP adresses, the SenderEmailAddress property holds the e-mail address in the format name@domain.com.
You can use it directly.
Reply | Original | Permalink | Share | Tweetit’s obviously the (supposed) anonymity of being online - I’ve had many experiences like that, without any encouragement on my part - trust me, I know enough weirdos as it is LOL, I don’t need to add any more!
I’ve heard more than a few people say, if you’re talking to people online for any reason, you’re obviously wanting to be anonymous and therefore wanting to take part in the same behaviour. Not in the least bit true, and I’m thankful to say that 95% of people I talk to or engage with online are completely normal, and the others - well I’ve got a good enough sense of humour to see them as a bit of a joke. Although there is a distinct difference between some cheeky/flirty banter that is occasionally fun, and the couple of oddballs who cross the line, and way too soon too!
Still I’d always stress being careful about details - don’t disclose your location, work address or number to anyone potentially ‘unhinged’. I’ve known a couple of very odd guys turn a bit nasty when I didn’t return their conversation…so keep your distance, just in case
I keep a general rule that I don’t say/tell anything to anyone online, professionally speaking or not, that I wouldn’t be happy telling them in ‘real life’. Good rule
Reply | Original | Permalink | Share | TweetThanks for warning and detailed notes. Users must be warned about this malicious code site. That is offline now though.
Reply | Original | Permalink | Share | TweetUnbelievable But why IE?
Reply | Original | Permalink | Share | Tweet@tom - I agree with your findings - like you, I was “aware” of issues from the time I found the account on the Thursday before the confession, hence the screenshots that I had been grabbing on the way. The habits of one person or two people over IM using “(:” was something I noticed, but didn’t write about as I’d spotted similar habits. Good post though - we still don’t really know whether @imKM was the other Sarah for sure though, there’s a small chance he wasn’t. Thanks for the follow on Twitter.
Reply | Original | Permalink | Share | TweetGood powerpoint. Open XML is something I will have to look into more.
