November, 2008

Travelling challenges

Submitted by Kai on Fri, 2008-11-28 22:17.

I was going to Frankfurt this Wednesday. And for once, I was not in a rush, and I had everything with me. I went directly to the automatic check-in machine, and tried to get it working. It was not in a good mood this morning, so it told me I had to contact the service desk – yes, not the manual check-in, but the service desk.

At the service desk there was a huge line of people. I could not tell if this is normal or not, as it is not normal for me to go to the service desk.

As I wait in line, there are rumours that my flight has been cancelled. Since this is a small airport, I immediately understood that I would not be going to Frankfurt today. When I finally reach the counter, sure enough, she tells me that the flight was cancelled, and that she may reschedule me to a flight in a few days – as the plane tomorrow is stuffed already. I ask her for alternatives, and she brings up a few airports in Germany, including one called Düsseldorf Weese. And surely, Ryan Air does not plan to set up transportation from Düsseldorf to Frankfurt.

I call my contacts and tell them the news. That the flight is cancelled, and that Ryan Air will fly me to Düsseldorf, but not do anything else. I will be stuck in the middle of nowhere, in the middle of the night, and Ryan Air doesn’t seem to give it a second thought.

While we try to figure out a solution, I notice a man in a trench coat running about and organizing. I hear what sounds like setting up a bus, and I grab him:

“May I join the bus from Düsseldorf to Frankfurt, Sir?”

Günther, as his name turns out to be, replies:

“Yes, just grab a hold on me when we have landed!”

And off he went again. I did see him run by a few more times, and I decided that I would leave him alone and keep all my questions for myself.

Several hours later, we landed in Düsseldorf Weese, a place far out on the country side. It would be almost 4 hours drive to Frankfurt from here. It would be a long night for all of us.

I grabbed Günther as agreed, and he showed me – and 40 other passengers – two busses waiting for us. One would be for Günther’s group, and the other would take the rest of us to Frankfurt Hahn Airport. We fill the bus to the brim. Children, mothers, young people, old people, every seat in the bus is occupied.

Even a guy in a wheelchair is on the bus. He is going to Bangkok, via Bahrain in the morning.

Many hours later, we safely arrive in Frankfurt, and I meet up with the organizing committee that invited me to Frankfurt. Only 6 hours late. And an adventure richer!

What are your experiences of travelling? Have your flight been cancelled? If so, did the airline company stand up and help you, or did some passenger have to solve the problems?

On the road again

Submitted by Kai on Wed, 2008-11-26 11:05.

This sweet movie comes to mind these days:

As I am on my way to Germany today, will be there until Sunday giving trainings, then next week I am in Sweden doing trainings, and finally the week after that I am in Finland.

I live for this life! I enjoy it a lot!

If you happen to be in Franfurt, Mainz, Gothenburg or Helsinki the next weeks, I would love to meet up!

Kai's blog
Login to post comments

Facebook sues and win over spammer

Submitted by Kai on Tue, 2008-11-25 10:55.

Big cash will change owners if you decide to p*ss off Facebook by spamming their users!

Kai's blog
Login to post comments

SBN Update!

Submitted by Kai on Sat, 2008-11-22 08:39.

The Security Bloggers network have moved!

Please visit the new homepage, and subscribe to the new feed there!

As Alan puts it:

If you are are reading this, welcome to the new home of the Security Bloggers Network. You can reach this site from the URL http://www.securitybloggers.net or http://www.securitybloggersnetwork.com. Thanks to Lijit for providing a new home to the SBN. Also be on the look out for new features coming soon. You can subscribe to the feed for this site by clicking on the button on the right side.

Thanks for visiting and stay tuned for lots of great new features!

Kai's blog
Login to post comments

Trouble with passwords no more!

Submitted by Kai on Fri, 2008-11-21 22:45.

password policies

Password chart is a free tool to create passwords.

It is claimed to be secure, as no information is moving over the Internet. At least, it is an easy way to create a secure(rer) password.

1. Enter a phrase - a sentence you remember. This will create the chart.
2. Enter a password, and it will generate your new password using the chart.

Voila!

Kai's blog
Login to post comments

Children victims of identity theft

Submitted by Kai on Fri, 2008-11-21 13:50.

This is interesting: http://www.entrepremusings.com/index.php/2008/11/16/are-your-childrens-identities-safe/

Have you experienced anything like this? What do you do to protect your children?

Kai's blog
Login to post comments

Security Bloggers network update

Submitted by Kai on Thu, 2008-11-20 08:27.

The SBN is moving its network from Feedburner to Lijit according to Allan:

My Fellow SBN bloggers:

I am pleased to announce some exciting news about the future of the SBN. As you know since Google/Feedburner is discontinuing networks I have been looking for a good solution to continue the SBN feed and make it better than ever. I am pleased to tell you that working with the folks at Lijit (http://www.lijit.com), we have a new home for the SBN. I have been testing the spliced feed with them for the last few days and it seems to be working great. When we're done, not only will we have the spliced feed in html and the ability to subscribe to the feed, but we will have some other cool features:

The entire SBN will be searchable using Lijit search. So someone searching a particular term can search across the entire network at once. Including comments!
Lijit ad network. Lijit will have an ad revenue sharing network for your site in Q1. You can also use Google/Feedburner ads for your feed and site as well.
Lijit stats. Lijit has great stats for your site and search visitors. Feed stats will continue courtesy of Feedburner/Google

Additionally we have some more ideas on what we can do with the SBN site that might help our members. As we get closer we will keep you all advised. Once we are ready to launch under the new domain, I am going to ask you all to help out by announcing the new site and feed. We will also do a new SBN badge widget for your own blogs. As always, we are open to any ideas you have as well.

Will keep you posted and thanks for hanging in there as we transition!

Alan

PayPal phishing - again

Submitted by Kai on Mon, 2008-11-17 14:46.

PayPal is a great tool for many of us, and as with all great tools, they become targets for criminals. And since it usually is so much easier to fool a person than a full-fledged security enabled tool, phishing attempts are going on all over.

And to no surprise, I am not free from the attempts. This one I got today:

Dear Kai Roer ,

PayPal Resolution Center: Your account is limited.

Why is my account access limited?
As part of our security measures, we regularly screen activity in the PayPal system. During a recent screening, we noticed an issue regarding your account:
Our system detected unusual number of invalid logging attempts on you account from these Blacklist ip address. (Your case ID for this reason is PP-0041310.)

How can I restore my account access?
For your protection, we have limited access to your account until additional security measures can be completed. We apologize for any inconvenience this may cause. In order to assist us with this security measure, we ask that you send us a photocopy or scan of one document from each of the three categories listed below and return them via email to security@paypalfraudcheck.com

- A clear copy of your Passport, Photographic Drivers Licence or I.D. Card (both sides).
- A clear copy of both sides of the credit/debit card on your paypal profile.
- A clear copy of a recent bank statement or utility bill on which your name and address are clearly visible - less than 3 months old.

Completing all of the checklist items will automatically restore your account access

Thank you for using PayPal!
The PayPal an eBay Company

And as you can see, the e-mail is well written, and seems quite believable. At least it does to me. Except when they want to me send a full copy of my passport, and a bank statement! Hello! Wait a second. There are no reasons why PayPal would want - or even need that.

So, I decide to visit PayPal just to make sure. I type (yes, type) the address in my browser, and log in. Surely enough, nothing is wrong.

Next, I visit the security center of PayPal, and forward them the e-mail I got. The good thing about PayPal is that they do take these things seriously, so when I sent it, I received an answer only a few hours later (and this is during working hours in Europe!)

Their answer is:

Dear Kai Roer,
Thanks for taking an active role by reporting suspicious-looking emails.
The email you forwarded to us is a phishing email, and our security team is working to disable it.
**************************
What is a phishing email?
**************************
Phishing emails attempt to steal your identity and will often ask you to reveal your password or other personal or financial information. PayPal will never ask you for your password over the phone or in an email and will always address you by your first and last name.
Take our Fight Phishing Challenge at https://www.paypal.com/fightphishing to learn five things you should know about phishing. You'll also see what we're doing to help fight fraud every day. ***************************
You've made a difference
***************************
Every email counts. By forwarding a suspicious-looking email to spoof@paypal.com, you've helped keep yourself and others safe from identity theft.
Thanks,
The PayPal Team

I suggest you keep an eye out for Phishing attempts to your PayPal. Take the PayPal Fight Phishing Challenge. And stay on alert at all times. These things get more and more realistic by every day, and you need to check things before your click or answer such emails.

What are your experience with phishing? What did you do? How did you discover it?

Security Bloggers Network - on the move!

Submitted by Kai on Sat, 2008-11-15 09:10.

security

I got this e-mail from Alan Shimel today, explaining about changes to the Security Bloggers Network feed that I am part of:

Hi SBN Bloggers:

As most of you probably know Feedburner has been transitioning their platform over to the Google platform for some time. As part of this transition, as of today, they are not going to be continuing the networks feature anymore. I have known this for some time, but as it was not public knowledge, so I have been working on a solution. My friends at Feedburner will keep the spliced feed on a separate server for us, but adding new members and stats would not be possible.

I have been working on an alternative for this for sometime now. I have another company that worked with Feedburner that can host and aggregate the feed for us, provide better stats, as well as some other cool stuff. Nothing would change with your feed -- you may only need to change your blog badge. I will have more info in a few days, as well as disclosing the name of the company we are speaking to. Will keep you all posted.

Rest assured that I will not let all of the great things we have done with the SBN go to waste.

I will be in touch!

Thanks,
alan

I have been a member of this blogging network for quite some time now, and I have met some other great bloggers out there. I have also reached new readers and created some stir from time to time.

I am very happy to see Alan putting in the time and effort to keep this network alive! I think it is a great resource for many people.

(Since the new location is not yet ready, there will be no link...)

Kai's blog
Login to post comments

Welcoming Stepstone IT CEO Blog

Submitted by Kai on Thu, 2008-11-13 07:16.

Yes, I admit it. I am an addict to myself. Or at least my blogs and sites linking to me. So when someone links to me, I usually get a notice (using Snarfer), and I usually take a look (unless I know the source to be one of the harvesting sites out there).

No change with that this morning, so I head out to the blogosphere enjoying the attention I get. Yes, I like attention. Had not noticed, had you?

And surely enough, a link back to my blog showed up. This time, the link comes from the Stepstone IT CEO Blog, which seems to be fairly new. Not only does Nauman Kuraishi link to my post on WIFI security in his first post - something I enjoy very much on its own.

He goes beyond. He mention my post in the same sentence as he links to Wired and BBC. And he says these sites offer some:

"... interesting information on the state of wireless security ..."

I am bewildered. I am honored. And I am very happy.

On a sidenote, this happens the same week as I am introduced as the Information Security GURU (!!!!!) at the Norwegian school of Management (BI). What a week!

Kai's blog
Login to post comments