Hendrik Weimer's Quantenblog

Having fun with science and technology.

  • Pseudonymity is Different from Anonymity

    Posted: 2008-06-06 06:43

    A paper (also available here) published yesterday in Nature analyzes moving patterns of humans based on position data provided by a European mobile network operator. While the paper itself is very interesting and provides new insights it also raises serious privacy concerns, and maybe even legal troubles for the telco in question.

    Read more

  • Microsoft to Get Malware Bailout in Germany

    Posted: 2009-12-08 19:18

    With the economic crisis still being in full effect, Germany wants to throw government money at another industry giant. However, this time it is not an ailing car manufacturer, but the software producer Microsoft. The German Federal Office for Information Security (BSI) plans to team up with internet service providers (ISPs) to establish a call center helping malware-troubled Windows users.

    Read more

  • Germany's New Computer Crime Law is Bad, but not that Bad

    Posted: 2007-08-13 20:07

    Last Friday, a new law on computer crime came into effect in Germany. The newly introduced Section 202c of the German penal code created much buzz around the net since it prohibits the distribution of certain computer programs assisting in committing data espionage.

    Although I think the law is bad and creates an uncanny area of uncertainty it is not the end of all security research done in Germany. In fact, much of the current outcry is overblown and counter-productive, as it contributes to spreading FUD about the issue.

    Read more

  • Few Banks Use Extended Validation Certificates

    Posted: 2008-08-04 06:55

    The latest thing against phishing are extended validation (EV) certificates. Supported by Firefox 3 and Internet Explorer 7, these certificates promise that the site has gone through a more extensive validation of its owner than ordinary SSL certificates. However, when it comes to market adoption after almost two years availability, these new certificates have failed badly. Only thirty percent of the world's largest banks already present an EV certificate in their online banking application.

    Read more

  • Bypassing Virus Scanners Using MIME Encoding Tricks

    Posted: 2006-12-06 10:32

    From time to time a vulnerability is found in a virus scanner that allows an attacker to disguise malicious content so that the scanner won't detect it but the virus is still fully functional. Much rarer are discoveries of new attack classes that are able to blindfold not one but many virus scanners. Here is one. Read more

  • Copyright 2006--2011 Hendrik Weimer. This document is available under the terms of the GNU Free Documentation License. See the licensing terms for further details.