Security Advisor

Either Choose Security or Functionality for IE 10

Plus, the return of LulzSec.

Those who strive to have the newest software running on the newest OS will probably jump on downloading the release version of Internet Explorer 10 on their Windows 8 machine when both are released later this year.

And just like the two-for-one special on interfaces Microsoft is giving users, there will be two different versions of Internet Explorer 10.

Let's talk about the more-secure version first: It will be found on the tiled Metro  interface and will feature the AppContainer sandbox. Think of it as an unswayed parent that says "no" to everything. Want browser addons that allow remote access? Nope. Want to run Metro apps located on a locally installed IIS or Apache server for Web site testing purposes? Forget it. Want to have IE 10 remember cookies so that you don't have to keep inputting the same data on different Web sites? Not while you're living under IE 8's roof.

But, just like the strictest parent, this is all done for your good. Less access points means less chances of attackers getting in.

Now how about IE 10 running on the more traditional Desktop interface?

It's more of a laissez-faire parent -- you have freedom to make your own decisions. And while you may be losing some of the security of an overbearing, closed system, you'll have the freedom to customize, bookmark and share information to your heart's content.

 Just don't come running home crying when your system gets a nasty Trojan installed.

These Jerks Won't Go Away
To me, LulzSec always seemed like the lazy stoner brother of the guy (Anonymous) who went and joined the Black Panthers or Greenpeace

While both break the law, Anonymous operates with some sort of purpose (whether you agree with them or not). LulzSec just likes to stay at home and shoot off bottle rockets in the backyard, even though fireworks are clearly prohibited in his county.

So I was relieved when there was little noise coming from the online jokesters after last summer's span of time where they leaked pointless information (like user names of online video games) for 50 days straight. I even thought the book had been closed completely after the leader of the group turned on his comrades to the FBI last month, leading to the arrest of five individuals believed to be associated with the group.

 However, it now looks like the group is back. And it added the word "Reborn" to its title. The first act of LulzSec Reborn? The leak of over 170,000 user names and passwords from the online dating site Oh the humanity!

While it may be a bit annoying for those that had their info leaked, a quick change of the password should put things correctly. Unless the wisecracking hacker group decided to change the profile picture to something silly. Then it may take up to two minutes to get things back to how it was.

What's strange about this hack is that it might have been completely made up. The CEO of the company that operates said that the site was never hacked and that there are only 140,000 users on the site. So where did the 170,000 number come from?

So something definitely doesn't add up here. It is possible that the dating site's CEO is lying to save face with its customers and the public. But I'll tend to take the word of someone with an actual name (it's Robert Goebel) over the word of a group of faceless online pranksters – even though it comes from somebody in charge of a dating Web site.

About the Author

Chris Paoli (@ChrisPaoli5) is the associate editor for Converge360.

comments powered by Disqus
Most   Popular