Smurfs Running Up Your Credit Card Bills

March 16, 2011

Apple is already starting to see issues managing authorization in their payment systems as in my last post. In this case, it wasn’t malware related, but it was still a function of trying to find the right balance between user convenience and payment authorization. When you make a purchase through iTunes, your password is cached for fifteen minutes. In this case, parents were buying on iTunes then handing their phones over to kids who would go on to make huge purchases of Smurfberries in Smurf Village. It does sound irresistible. What’s happening is that Apple is changing the model for online [...]

Read more →

Smartphones, Malware and Payment Systems

March 10, 2011

A flurry of Android malware has been in the news lately, including some discussion of a hack which roots the device. That’s as significant as a compromise gets, but it’s not very interesting. Malware has been rooting devices for a long time, and Android, like anything else will have exploitable vulnerabilities. Much more interesting to me is a trojan app which runs up charges on premium SMS numbers. It’s simple as far as attacks go. The app appears to be a media player, but sends expensive texts in the background. It’s also very clever, as it takes advantage of a [...]

Read more →

Choosing an Open Source Desktop Search Tool: Part 4

March 26, 2010

Evaluation of open source desktop search tools continue from Part 1, Part 2 and Part 3 with a late entry and some updates.  During my work on Strigi, their documentation referred to related projects.  Of the several other search tools mentioned, there was one which wasn’t already on my list or a defunct project:  Pinot.  Another C++ based and GPL2 licensed tool, Pinot uses a xapien back end for its index and relies on dbus for its interprocess communication.  On its face, it’s very similar to recoll.  In testing, it showed some interesting differences. Pinot setup and searching Pinot was [...]

Read more →

Choosing an Open Source Desktop Search Tool: Part 3

February 28, 2010

My search testing continues in this post with tracker, details on using tracker, recoll, and strigi.  My overall intent and plans are laid out in Part 1.  Testing environment details and my work with beagle appear in Part 2. Tracker setup and searching As with beagle, tracker was installed using apt-get install tracker.  Apt had a hefty package count for tracker — 201 for tracker vs. 208 for beagle.  These fell into only two general buckets, though:  Tracker and its related libraries/parsers and X/gnome.  Tracker is a C based tool, so there was no need for all of the Mono [...]

Read more →

Choosing an Open Source Desktop Search Tool: Part 2

February 23, 2010

This is a continuation of my work to sort out the most useful desktop search tool. You can read about the background and motivation in Part 1. In this post, I’ll detail my test plans and work through setting up the tools themselves. My test platform is minimal and simple: Ubuntu 9.10 JEOS. I’ve updated it as of Feb 22, 2010, and added on a handful of packages: sshd, smb, some dev tools, sqlite, etc. What I don’t have is any kind of a desktop — everything I’m doing, I’ll be doing from scripts and command line. That’s because my [...]

Read more →

Choosing an Open Source Desktop Search Tool: Part 1

February 20, 2010

I have a few projects cooking that rely on full-content search.  There’s been a lot of work that’s gone into a number of tools, and the range of options has reached the point where there’s no clear-cut leader.  A number of people have done some work to compare a few of them, but I haven’t found anything both comprehensive and recent.  This is the first of 4 parts detailing my investigation of what seem to me to be the leading tools out there. Search is a pretty huge universe, and I’m really focused on a small part of it — [...]

Read more →