Saturday, August 30, 2008
Friday, August 8, 2008
Online social networking sites are hacker playgrounds
Online social networking sites are hacker playgrounds
Las Vegas - Computer security researchers on Thursday warned that online social networking websites are playgrounds for hackers who can easily take advantage of people's trust.
Opportunities for mischief abound as users place intimate details of their lives on profile pages and install mini-applications made by strangers that don't always have their privacy at heart.
In a trend pioneered with tremendous success by Facebook, social networking websites have opened their operating platforms to let outside developers craft fun, hip, or functional software "widgets" that can be added to profile pages.
Malicious code can be hidden in such applications, computer security specialists Nathan Hamiel and Shawn Moyer said at a premier Black Hat conference in Las Vegas.
"I can't necessarily attack Facebook or MySpace, but I can attack their users all day long," Moyer told AFP. "Don't put anything on a Facebook account that you don't consider public."
People are prone to place faith in social networking widgets and links from friends, said Idea Information Security consultant Nathan Hamiel.
"People are going nuts adding applications they don't need," Hamiel told AFP.
"Every time they do that they are showing an implicit trust in whoever wrote the application, and most people don't know who that is."
Hamiel and Moyer showed peers software capable of plundering profile information, swiping people's "friends," or locking people out of their own MySpace pages.
A pair of MySpace engineers who attended the demonstration said that hacks are known risks in today's social platforms and that they had Hamiel's application deleted by the end of the talk.
Fake postings on comment boards advising people to update software are ways to trick social network users into downloading malicious software that can commandeer control of machines, Hamiel said.
"Social networks really don't care if you get pawned or not," Hamiel said, using slang referring to a computer user being dominated and humiliated by hackers.
"People know if they go on a computer and download a program they could get a virus. They don't have the same view of how dangerous that can be on a social networking site."
Go rouge
Hackers can write seemingly legitimate widgets that "go rogue" after spreading to enough social network members, according to Hamiel.
"It is not a problem with a particular site," Hamiel said. "It is a problem with social networking in general."
Even if tainted applications are deleted, the odds are that the data from profile pages was already copied onto an outside computer, according to Hamiel and Moyer.
"MySpace and Facebook have no control over my servers," Hamiel said. "Once the content is moved from their site they have no control over that."
Those thinking that they will stay safe by not having social networking pages may still vulnerable to trouble, according to the security specialists.
Another ruse is to create social networking profiles for people using information mined from the Internet and then for the imposters to send out "friends requests."
Those that take the bait give open doors to the private data in their profiles.
"We think you should make a profile for yourself before somebody else does," Moyer said. "Just don't put anything there that you don't consider public. And trust, but verify when people want to be your friend."
Las Vegas - Computer security researchers on Thursday warned that online social networking websites are playgrounds for hackers who can easily take advantage of people's trust.
Opportunities for mischief abound as users place intimate details of their lives on profile pages and install mini-applications made by strangers that don't always have their privacy at heart.
In a trend pioneered with tremendous success by Facebook, social networking websites have opened their operating platforms to let outside developers craft fun, hip, or functional software "widgets" that can be added to profile pages.
Malicious code can be hidden in such applications, computer security specialists Nathan Hamiel and Shawn Moyer said at a premier Black Hat conference in Las Vegas.
"I can't necessarily attack Facebook or MySpace, but I can attack their users all day long," Moyer told AFP. "Don't put anything on a Facebook account that you don't consider public."
People are prone to place faith in social networking widgets and links from friends, said Idea Information Security consultant Nathan Hamiel.
"People are going nuts adding applications they don't need," Hamiel told AFP.
"Every time they do that they are showing an implicit trust in whoever wrote the application, and most people don't know who that is."
Hamiel and Moyer showed peers software capable of plundering profile information, swiping people's "friends," or locking people out of their own MySpace pages.
A pair of MySpace engineers who attended the demonstration said that hacks are known risks in today's social platforms and that they had Hamiel's application deleted by the end of the talk.
Fake postings on comment boards advising people to update software are ways to trick social network users into downloading malicious software that can commandeer control of machines, Hamiel said.
"Social networks really don't care if you get pawned or not," Hamiel said, using slang referring to a computer user being dominated and humiliated by hackers.
"People know if they go on a computer and download a program they could get a virus. They don't have the same view of how dangerous that can be on a social networking site."
Go rouge
Hackers can write seemingly legitimate widgets that "go rogue" after spreading to enough social network members, according to Hamiel.
"It is not a problem with a particular site," Hamiel said. "It is a problem with social networking in general."
Even if tainted applications are deleted, the odds are that the data from profile pages was already copied onto an outside computer, according to Hamiel and Moyer.
"MySpace and Facebook have no control over my servers," Hamiel said. "Once the content is moved from their site they have no control over that."
Those thinking that they will stay safe by not having social networking pages may still vulnerable to trouble, according to the security specialists.
Another ruse is to create social networking profiles for people using information mined from the Internet and then for the imposters to send out "friends requests."
Those that take the bait give open doors to the private data in their profiles.
"We think you should make a profile for yourself before somebody else does," Moyer said. "Just don't put anything there that you don't consider public. And trust, but verify when people want to be your friend."
Friday, August 1, 2008
India Kembangkan Laptop Harga Rp100.000
India Kembangkan Laptop Harga Rp100.000
Untuk mendukung pemanfaatan teknologi informasi dalam pendidikan, pemerintah India mendorong pengembangan laptop seharga 10 dollar AS atau sekitar Rp100.000-an. Laptop tersebut akan dipakai di sekolah-sekolah menengah atas.
"Risetnya akan dilakukan Institut Sains India di Bangalore dan Institut Teknologi India di Chennai," ujar D Purandeswari, Menteri Negara Pendidikan Menengah India dalam sebuah konferensi pers di Delhi, Selasa (29/7). Ia tidak menyebutkan lebih lanjut mengenai spesifikasi komputer tersebut, namun memastikan sebagian ongkos pembuatannya akan disubsidi pemerintah.
Selain penyediaan laptop murah, pemerintah India juga mengembangkan peralatan akses Internet murah. Jaringan Internet akan dibangun sampai ke pelosok untuk meningkatkan pembelajaran jarak jauh berbasis IT. Sekolah-sekolah menengah rencananya juga akan diberi bandwidth cuma-cuma untuk mengakses Internet dalam program pendidikannya.
India termasuk negara dengan penetrasi Internet rendah. Dari 1,13 miliar penduduk, hanya terdapat 4,38 juta pelanggan Internet berkecepatan tinggi.
Upaya memajukan IT India untuk pendidikan telah dirintis sejak lama bersama dengan sejumlah perusahaan besar seperti Microsoft dan Intel. India juga pernah mencanangkan pengembangan komputer dengan harga murah sebelumnya.
Pemerintah India tidak berminat dengan program One Laptop Per Child (OLPC) yang digagas Nicholas Negroponte. Alasannya, pemberian laptop untuk setiap anak sekolah dinilai akan menghasilkan dampak sampingan terutama menmghambat kreativitas dan daya analisis. Meski demikian, pilot project OLPC dilakukan di sana sejak tahun lalu dengan dukungan salah satu penyedia jasa Internet, Reliance Communication.
Microsoft Research Center di India, sejak dua tahun terakhir justru mengembangkan aplikasi agar satu komputer dapat diakses lebih dari satu orang. Selain akan menekan biaya, penggunaan berkelompok akan memacu kolaborasi. Salah satunya aplikasi MightyMice yang memungkinkan 30 mouse dapat dipakai bersama di satu komputer yang telah diinstal platform Multipoint.
Untuk mendukung pemanfaatan teknologi informasi dalam pendidikan, pemerintah India mendorong pengembangan laptop seharga 10 dollar AS atau sekitar Rp100.000-an. Laptop tersebut akan dipakai di sekolah-sekolah menengah atas.
"Risetnya akan dilakukan Institut Sains India di Bangalore dan Institut Teknologi India di Chennai," ujar D Purandeswari, Menteri Negara Pendidikan Menengah India dalam sebuah konferensi pers di Delhi, Selasa (29/7). Ia tidak menyebutkan lebih lanjut mengenai spesifikasi komputer tersebut, namun memastikan sebagian ongkos pembuatannya akan disubsidi pemerintah.
Selain penyediaan laptop murah, pemerintah India juga mengembangkan peralatan akses Internet murah. Jaringan Internet akan dibangun sampai ke pelosok untuk meningkatkan pembelajaran jarak jauh berbasis IT. Sekolah-sekolah menengah rencananya juga akan diberi bandwidth cuma-cuma untuk mengakses Internet dalam program pendidikannya.
India termasuk negara dengan penetrasi Internet rendah. Dari 1,13 miliar penduduk, hanya terdapat 4,38 juta pelanggan Internet berkecepatan tinggi.
Upaya memajukan IT India untuk pendidikan telah dirintis sejak lama bersama dengan sejumlah perusahaan besar seperti Microsoft dan Intel. India juga pernah mencanangkan pengembangan komputer dengan harga murah sebelumnya.
Pemerintah India tidak berminat dengan program One Laptop Per Child (OLPC) yang digagas Nicholas Negroponte. Alasannya, pemberian laptop untuk setiap anak sekolah dinilai akan menghasilkan dampak sampingan terutama menmghambat kreativitas dan daya analisis. Meski demikian, pilot project OLPC dilakukan di sana sejak tahun lalu dengan dukungan salah satu penyedia jasa Internet, Reliance Communication.
Microsoft Research Center di India, sejak dua tahun terakhir justru mengembangkan aplikasi agar satu komputer dapat diakses lebih dari satu orang. Selain akan menekan biaya, penggunaan berkelompok akan memacu kolaborasi. Salah satunya aplikasi MightyMice yang memungkinkan 30 mouse dapat dipakai bersama di satu komputer yang telah diinstal platform Multipoint.
Indonesia kapan ya???
Subscribe to:
Posts (Atom)
