Dropbox Will Hand Over Your Files to the Feds If Asked

Popular cloud-storage service Dropbox has updated its terms of service to include a clause that states it will turn your files over to the government–if the government asks, of course.

This is nothing groundbreaking, Business Insider points out –it’s a fairly common clause that appears in other cloud services’ TOS, including Gmail, Hotmail, and Amazon cloud.

Dropbox is one of the leading cloud-storage services, and it works by installing a special “cloud” folder to your computer’s hard disk. Any files you place in this special folder are then synced with your Dropboxes around the world (you can install Dropbox on any number of computers, phones, and tablets), and can be accessed from any Dropbox-enabled device.

Source:
http://www.pcworld.com/article/225549/Dropbox_Government_Files_Turn_Over.html#tk.rss_news

Posted in Internet, Privacy | No Comments

Password Strength Meter

People wonder if their password is a good password. I often come across two distinct groups of people. The first would fall into a “just use any word” category, which is a very bad practice for picking passwords. The second group will mix in a few numbers in order to make the password a lot harder to guess. But, how do you know if you have a secure passphrase?

Source:
http://rumkin.com/tools/password/passchk.php 

Posted in Internet, Security | 1 Comment

RawCap sniffer for Windows released

We are today proude to announce the release of RawCap, which is a free raw sockets sniffer for Windows.

Here are some highlights of why RawCap is a great tool to have in your toolset:

• Can sniff any interface that has got an IP address, including 127.0.0.1 (localhost/loopback)
• RawCap.exe is just 17 kB
• No external libraries or DLL’s needed
• No installation required, just download RawCap.exe and sniff
• Can sniff most interface types, including WiFi and PPP interfaces
• Minimal memory and CPU load
• Reliable and simple to use

Source:
http://www.netresec.com/?page=Blog&month=2011-04&post=RawCap-sniffer-for-Windows-released

Posted in Internet, Networking, Privacy, Security, Software, Windows | No Comments

Major Dropbox security flaw discovered

Dropbox is a popular tool used to sync files between multiple computers and devices that a user owns. A user installs the software, designates a folder to keep syncronized, and is able to access those files among other machines that they own. The tool was even picked as one of the top ten tools that every PC should have installed.

Unfortunately, it appears that the tool has a major security flaw in it that could expose your files to everyone on the Internet. According to security specialist Derek Newton, the issue stems from the fact that the tool uses a simple configuration file to link all of the Dropbox machines together. The file, config.db, is a small table that contains only three fields: email, dropbox_path, and host_id. Since the host_id is not actually tied to a specific host and does not appear to change over time, an attacker could create a piece of malware that silently locates and sends back the config.dh file. The attacker would then be able to start up a copy of Dropbox with the stolen config file in place and instantly be part of the victim’s mesh of computers. The tool does not notify the user of how many machines are connected, so the victim would have no way to know that their files were being stolen.

Source:
http://www.neowin.net/news/major-dropbox-security-flaw-discovered

Posted in Internet, Privacy, Security | No Comments

Ransomware squeezes users with bogus Windows activation demand

A new Trojan tries to extort money from users by convincing them to dial international telephone numbers to reactive Windows, a security researcher said today.

Once on a PC, the malware displays a message claiming that Windows is “locked” and must be reactivated, said Mikko Hypponen, the chief research officer of Helsinki-based F-Secure. Users seeing the message cannot boot Windows in either normal or Safe mode, Hypponen said.

“This copy of Windows is locked. You may be a victim of fraud or there may be an internal error,” the message states.

Source:
http://www.computerworld.com/s/article/9215711/Ransomware_squeezes_users_with_bogus_Windows_activation_demand?taxonomyId=17

Posted in Internet, Security, Windows | No Comments