RDKsoftware and web development

The idea is simple, if a site senses that you are using a targeted site like Chase.com then it secretly switches that tab to a fake login page. You think you are logging into a site that you already assure yourself is legit but you are actually giving your credentials away to criminals.

This scheme was unveiled by Aza Raskin at Mozilla. He is the creative leader of Firefox. Since this is only a Proof-Of-Concept as of this writing (May 2010), we surfers have a chance to change our ways before it becomes popular in the criminal world.

The Sans diary is a great place to get a feel for what is out there. Some of the latest entries gave me an idea of some techniques used by cyber-fraudsters:

Well, word just in that Energizer Bunny is a threat to a PC's health and security. This points-out a couple of issues users need to address.

ITworld just had a good article about less-than-obvious theats which included some advice for a small wireless network that fits in your home or small office.

How many times have you seen a link at a blog or web-site that refers to something along the lines of "read me" or "document here"? What about http:tinyurl.com/abc. None of these options are safe and require some special attention.

In January there was a big attack against Google that apparently used a flaw in Internet Explorer which got the name "aurora".

Probably the two most common questions I get about Anti-Virus software is "which one is best", and "are free AVs any good". Now "AV comparatives" has done a test to see which AV not only detects but removes and cleans-up after malware well. I see a few problems:

UAC (user access control) on Vista has been the target of bad press and it has been dissed by many. But is it that bad? Should you turn it off like many are suggesting? The answer is a resounding "no" and here is why.

Even though passwords are very 2005ish and not considered the main defense line as they once were, they still are usefull and using them well should still be known. I have over 200 passwords which could be a nightmare to maintain but I have tamed them to the point where I am able to keep them secure and easy to use.

Everybody has a different way of doing this. Here is mine.

There are basically two kinds of communication on the web portion of the Internet: encrypted (scrambled) and not. When You need to be sure that you are not giving away sensitive information like your credit card number, the encrypted scheme is used. But how do you know when it is safe?