Since I encountered some problems with flash on certain websites, I decided to check if my Flash player has been updated since 1972. Normally you can check the Flash settings (incl auto-update functions) through a page on the Adobe/Macromedia website. Which is weird, since you would think that this is a local setting (incl. privacy settings and audio functionalities).... But no. Macromedia/Adobe decided that you have to do that through their website.
The reason being that they can check whatever you are doing with your player.......
Posts filed under Internet
Google for the Visually Challenged
Redelijkheid.com as a FireFox Search Engine
While the content on my website increases, it's getting (a bit) harder to find certain content. Sure, there's this search form in the top right of the website, but this means that you have to open the website first, enter the keyword and hit 'Enter'.
To speed things up I created a custom FireFox search engine. Using this I can search for content on my website directly from the browser. No matter what site I'm currently on.
The custom search engines are located in the profiles directory.
OSX: ~/Library/Application Data/Firefox/profiles/<random>/searchplugins/<searchengine>.xml
Windows: c:\Documents and Settings\<username>\Application Data\Mozilla\Firefox\Profiles\<random>\searchplugins\<searchengine>.xml
By adding the following XML file (right-click - Save As) to the directory listed above, you add the Redelijkheid.com search engine to your Firefox search engines.
OS X Calulator and Internet Access
This Little Snitch pop-up appeared after I launched the default Calculator application on Apple OS X.
Calculator Surfs the InterwebsWhy on earth would Calculator need Internet access? Looking for floating point error updates? Anyone else has any conspiracy ideas?
Internet Data Retention Law is Live in the Netherlands
It's a fact. As of this Tuesday, the Dutch ISP's are required (by Dutch law) to log all Internet activity of their customers and store the data for 12 months (at the moment). Gitmo Nation has expanded a bit further to the east, according to the No Agenda podcast host Adam Curry (which is a great podcast by the way).
Anyway, the logging is no longer limited to the basic IP connection data, the new law requires the ISP's to log the following information:
General Internet Access:
- Loginname
- IP Address
- Name and address details of of all the parties involved (when available)
- Time and Date the communication took place
- Used service(s)
- The callers phone number in the case of dial-up Internet access
- The number called for dial-up Internet access
- DSL, phonenumbers, MAC address (when using public/ISP sponsored WiFi/Network access)
E-mail:
- IP address used to access or send e-mail
- User ID
- E-mail address of the sender, recipients etc. (basically the FROM, TO, CC and BCC fields)
- Registered e-mail alias addresses when available
- Time and date of the communications
- Name and address details of all the parties involved (when available).
- Method used in sending/receiving the e-mail (webmail, POP, SMTP, IMAP, etc.)
Internet VoIP:
- Phone numbers of both parties
- IP addresses
- Name and address details of all the parties involved (when available)
- Time and date of the communication (start and finish)
- Protocols used during the communication
- Successful and failed attempts to communicate
The 'fun' part is that the Dutch government won't (or can't) give a real reason why this information is required..... Why can't they give the proper reasons for creating and passing this law. Theoretically we still live in a democracy.
My thought is that it's probably based on some vague report by some high-profile consulting company that scared the shit out of the politicians (accountability??). Especially the terms 'child pornography' and 'terrorism' are most likely THE keywords on which the decision is based. And no one wants be publicly not against those two.... And so the privacy of the Dutch citizens crumbles, and crumbles.
Time to start using more and more encryption in all of your communications if you ask me, and start running your own services on a server in your attic .
/me is removing the dust from his PGP keyrings....
How Average Is Your Life?
Or great, of even f*cked up?
Read about the things that are not making it to Twitter. The real things in life.
Starting for the 'average Joe' there's this MyLifeIsAverage website. For those who do (a lot) better, there's this MyLifeIsG(reat). And finally, for those whose life went completely down the drain a FMyLife ('F' as in F*ck :) ).
It's like Twitter; addictive, but different and a whole lot funnier.
(Is there an iPhone app yet for these services?)...
(Not that I really care, since I don't own one)
Broken SSL Trust
WebTrust broken?When a CA issues a SSL certificate they (the registration authority) should verify certain information provided by the requester. This includes at least the domain name ownership and preferably the person or company tied to the domain name ownership. Basic stuff really, but what happens when certificates get issued without any verification? Well, this happened to Mozilla [2].
Basically the complete trust framework collapses (for that CA). Especially combined with hosts file and/or DNS hijacking. What if this incident isn't the first? What if some cybercrook got some SSL certs due to similar mistakes of your favorite bank? You're no longer sure if the https connection of your bank really terminates on the servers of your bank. They could just as easily terminate on a server in Russia or Albania. Which leaves you with an empty bank account (most likely).
If the certificate is issued (signed) by a Comodo Root CA (as it was in this case), your browser accepts this as a valid/trusted CA and for the user everything seems fine. This takes me back to the issue of all those trusted root certification authorities in the average OS or browser.
This time, it's a Comodo affiliate that's screwed up (there's no other way of describing this), but what are the chances that some of those trusted 100+ CA's make a mistake? The bigger the list, the bigger the chance of wrongfully issues (SSL) certificates.
By the way, if you're using an older browser (pre IE6 e.g.), chances are that SSL certificate revocation checking is disabled by default. So even when the revoke they certificate you still wouldn't know.... You can verifiy this by opening the Internet Explorer options section and checking the Advanced tab.
MTV Music Video's Online
MTV placed a ton of music video's online. There are even several charts available. Guess which one is ranked numero uno @ 'Top Rated'?
XS4ALL Plans Outbound Port Filtering
A usenet posting suggests that XS4ALL will provide a filtering service to their subscribers. The filter would consist of 5 levels. Ranging from fully open to 'fully' closed. The first will give you the possibility of running your own services at home, and the latter means you're only able to e.g. surf and e-mail (through the XS4ALL SMTP server).
The filters would give the basic/ignorant user the opportunity of preventing the spreading of malware and other stuff by default. The more tech savvy subscribers can remove the filter for running a bunch of services (webserver, ftp, mail, DNS, etc).
Definitely a good decision. I just hope that the other ISP's will do something similar, because most of the virus/malware/massmailing 'software' is running on PC's run by the average user. Totally ignorant of the malware running on their PC's.
Yet another 'thumbs up' for the quality provider of the Netherlands
FireFox 3 Bug??
Like most security conscious people I use Firefox (FF) for my everyday browsing on the Internets. So when the Mozilla guys released version 3 I installed it on all my machines (2 Windows and 2 OSX platforms).
It was a bit getting used to. The underlying FF part had been changed. Bookmarks, history etc are all stored in sqlite databases. So no more flatfiles. This took me a couple of hours to figure it out, but finally I got 'there'.
Using FF was business as usual... Apart from one very annoying bug; Opening new windows (not new tabs) results often in an empty bookmarks bar. And this is happening on Windows and OSX versions of FF.
The bookmarks are 'there' but not click-able. Using the right mouse button (on OSX: ctrl-mouse click) on the bookmarks bar and selecting 'Open All in Tabs', FF opens every bookmark in the bar.
The only way of restoring the proper bar is the completely shutdown FF and restart it. After that it works for a certain amount of time.
The problem isn't isolated to my environment. Just google on the issue, and you'll find more people. There's one suggestion I haven't tried yet. Starting with a fresh/clean profile, but I do need my settings/passwords/bookmarks. I'm lost without those :(
UPDATE: I tried a new profile, and this seemed to work. After this I started to repopulate the new profile with the old settings, etc. Everything went fine until the point where I added the extensions. It seems that even old / not active extensions (SwitchProxy in my case) are still able to f*ck things up.