Privacy policy op sites.

October 8th, 2010 § Leave a Comment

Veel mensen hebben allerlei accounts op sites zoals Google, Hyves, Facebook, Linkedin, ….. Het punt is dat die sites soms zonder de gebruikers op de hoogte te stellen de policy aanpassen, zeg maar de voorwaarden waaronder je gebruik mag maken van de site.

Eind jaren 90 was er al veel ophef over de policy van Geocities. Tegenwoordig hoor je er steeds minder van. Wel hoorde ik van Hans Spaans dat Google onlangs haar policy heeft aangepast.

Nu kun je natuurlijk een beetje gaan lopen coden en automatisch de policy downloaden en vergelijken maar blijkbaar zijn er al mensen die dat voor je doen. Men is het IdM Policy Audit System project begonnen. Je moet op dit moment nog even zelf de source compilen maar wellicht dat het binnenkort gewoon te downloaden is voor de diverse operating systems.

Er is al een aardige lijst met sites die ze checken, o.a. wordpress.com en youtube komen er op voor.

 

 

 

Blog tracking via Jabber

September 17th, 2010 § Leave a Comment

Een paar weken geleden schreef ik er nog over, het is mogelijk om WordPress blog’s te volgen via Jabber. Het idee is helemaal 2010, je gaat niet meer zelf op zoek door actief te zoeken of rss feeds te lezen maar je neemt een ‘abbo’ op een site en als er een nieuwe pagina of een comment is krijg je een bericht via Jabber. Nu leek dat erg leuk maar de AOL popups over de features van de blog van WordPress.com zelf vliegen me al om de oren. Tijd om eens na te denken over of dit wel echt leuk is :-)

Jabber to monitor blogs

August 30th, 2010 § Leave a Comment

There is another nice feature I found. It is possible to get blog updates using Jabber accounts. WordPress let’s you create an account on their own Jabber server and subscribe to blogs using the chat interface.

sub hanswolters.wordpress.com will listen to updates on this site.

More WordPress security troubles

December 9th, 2009 § 5 Comments

After a few days of communicating with the people at wordpress.com about links that are showing up (pointing to viagra sites) I found a new link today, pointing to a domain that is trying to install a virus.

The domain used to trigger people to install it is hosted at a subdir of secure-19926.tld (the extention has been changed). This page holds an iframe pointing to a domain called http://tds.narrativepatterns.tld/ (extention changed). There you will see a so called explorer window stating you are having problems with mallware and offer you a download (exe file).

As stated before this proves to me that the code for showing the clicks, or the code it is calling, isĀ  the real problem, not the spamming itself. If, like stated on the wordpress fora, it was fixed we would not see these kinds of sites.

As for the plugin itself. I am not sure what the exact plugin is showing these stats. There are several of them available for download. Maybe the wordpress.com team can give more details about it.

If you are hosting your blog on wordpress.com then it might be a good idea to at least disable this plugin. In that case you visitors will not be bothered with them. Also think about hiding links to simular articles beneath your blogarticles.

Update: The exe file offered at that site is not being detected as a virus. Maybe it needs to be installed first. Have no idea how to do that :-)
Update2:

The malware or virus that is offered at these sites is called Suspicious:W32/Malware!Online (or other simular names, depending on the anti virus seller).

Currently only the following vendors support protection:

a-squared
AntiVir
DrWeb
F-Secure
Ikarus
Kaspersky
McAfee
McAfee+Artemis
McAfee-GW-Edition
Microsoft
NOD32
Panda
PCTools
Prevx
Symantec

This does not mean that it will not be cleaned by others soon. It’s a rather new thingy.

wordpress.com, first security problem found

December 7th, 2009 § 1 Comment

Ok, what some people already wondered seems to happen. Although I did not find the flaw by myself it seems this blog is hosted with a widget that has a security problem. For now I disabled the widget but it does worry me.

WordPress.com offers a widget to show what users are clicking on (outside/inside links from your blog). This morning I found that it showed links to some evil medical sites and posted about it at the forum. The links are not posted on my site but it seems the blog spammers found a way to bypass the module.

Some 12 hours after that nobody seems to pay attention, not even on irc. I sure hope I do not need to switch back to blogger.com.

Where Am I?

You are currently browsing the wordpress category at Zomaar ... maar dan anders.

Follow

Get every new post delivered to your Inbox.