From story on Stuff, Lush has its server compromised...
As many as 9000 New Zealanders may have had their credit card and personal details stolen after the Lush cosmetics website was hacked.
The company has urged its online customers in New Zealand and Australia to contact their banks to discuss cancelling their credit cards.
The article makes it sound like they stored credit card details in the same DB or same server. Not clear if that's the case, but that would be a big lack of security.
As well as credit card details, the database contained customers' names, addresses, phone numbers and dates of birth.
Sure, everything a scammer needs, in a single place.
Lush was contacting customers by email to inform them of the hacking and was not aware of any whose cards had been used fraudulently.
Of course they are not aware. Unless they monitor the underworld, credit card transactions on the other side of the world, and other things. They would only know if a customer complained, and customers wouldn't know how they information leaked, until now.
Its British website was hacked last month and some customers there reported their cards had been fraudulently used.
Mr Lincoln said he did not know whether the hackers were specifically targeting Lush or the type of software it was using."
It happened before to another server on the same company, but nothing was changed in that month?
It sounds like the Hell Pizza episode, when their site was accessed here in New Zealand, but the Australian one, based on the same application, was still running... Back then it took the company months before admitting to the breach. Lucky it was just email addresses, not credit card. But people receiving the spam weren't happy.
"Let's look at that baggage - Vodafone's coverage in the rural sector has always been less than optimal. The company says it covers 97% of where New Zealanders live work and play - but that's people, not geography and in rural and remote areas you can leave the township and immediately lose coverage."
Now this is nothing new, and we all knew it. The discussion about "people" and "geography" is a long one. And it's not only on Vodafone, but Telecom as well. With all the economic implications.
Obviously this all comes hot after the government announced the Telecom and Vodafone joint submission won the bid for the rural broadband initiative. One that will see broadband to rural areas with the help of mobile technology. This is from the original release from November 2010:
... to provide fibre to 97 percent of rural schools and a minimum 5Mbps broadband service to 80 percent of rural households within six years. It also aims to provide priority users with access to fibre-based broadband services.
The proposed solution announced today will meet the requirements of the scheme through the extension of Telecom's existing fibre infrastructure to key rural points of presence, including schools and hospitals, and an expanded Vodafone wireless infrastructure that harnesses the power of this fibre to deliver high speed broadband services wirelessly.
It will bring rural broadband users greater choice in terms of providers and technologies, both fixed and wireless.
The proposal extends Telecom's fast broadband (10Mbps+) rollout to 92 percent of the country, bringing city-grade fixed broadband to even more rural users.
At the heart of the proposal is the principle of open access. Both fibre and wireless components will be available on an equivalent basis to access seekers and wholesale customers, allowing any party to offer a retail service over the new infrastructure. This means that rural customers will have not only faster data services but also a much wider choice of technologies and suppliers for these services.
Telecom will be responsible for building fibre to schools and hospitals, cell sites and rural exchanges and cabinets.
Vodafone will be responsible for the design and build of open access tower infrastructure that Vodafone and Telecom XT will co-locate their mobile services on, as indeed could any other wireless service provider who wishes to do so.
Both Telecom and Vodafone will also be making additional investments in their networks in the areas covered by the RBI scheme to offer broadband services to their customers.
As for Paul, he's doing it right. His job at Vodafone was to say what the company wanted out there. So when people complained about rural coverage and he defended the company line. As TUANZ CEO he's on the opposite side. And perhaps, for knowing so well what goes inside a telco, he's the right person to be doing it.
An interesting chart from Arbor Networks showing the drop in Internet traffic to and from Egypt on 27th January 2011. At 5:20pm EST the Egyptian government started blocking communications traffic. The chart is based on data from 80 Internet providers from around the world using Arbor Networks Atlas technology:
Here is a framed picture I got today in the mail:
Of course it doesn't look like that at all... But you get the idea.
The IBM Centennial video video shows people who participated in the shaping of the company, and the shaping of our future.
One bad thing about the low quality newspapers we have here in New Zealand, trying to inflate the number of pages available online is that some of the articles are just a syndication of their Australian counterparts, without bothering to adapt those articles to local reality.
The following headlines are all taken from Stuff, republishing Sydney Morning Herald (can't be bothered giving link love, same policy as theirs):
- "Vodafone dealers pose as customers"
- "Vodafail submits damning Vodafone report"
- "I hate going to work: Vodafone dealer"
- "Vodafone sacks staff over database breaches"
- "Vodafone probes privacy breach"
- "Customers in Vodafone legal action"
Note that none of these headlines point out these are all about Vodafone Australia and Vodafone New Zealand is not implicated in this debacle at all. But if you are reading these headlines here in New Zealand then you'd automatically think of the local Vodafone subsidiary...
I've decided to compile a list of free anti-malware software you can use now on your PC, to have a safer 2011... Let's check the list (non-spammy suggestions welcome in the comments):
Windows Firewall: it's there, in Windows XP Service Pack 2, Windows Vista, Windows 7, Windows Server 2003 Service Pack 1 and Windows Server 2008. Quite flexible, and it's free.
Web Protection Add-on: as the name says it's not a firewall replacement, but another tool that will look at patterns on outgoing web requests, to find out if there's a risk of your PC being used as part of a botnet.
Microsoft Security Essentials: free malware protection for Windows-based PCs, very light. Version 2 comes with network protection that integrates with Windows Firewall. The new version also allows users to set a CPU utilisation limit. The very simple UI hides a good product. Recommended.
Avast: I've used Avast for years on my Windows PCs, until Microsoft Security Essentials came along. Good software, but overkill in some of the features.
PC Tools Antivirus Free: free antivirus for Windows-based PCs, from PC Tools.
HouseCall: non-active antivirus scan. You download the program, and run it, without installation. I use it on my servers and sometimes on my PCs, just to be sure there isn't anything the other security features didn't pick up.
RookitBuster: as the name says, it scans for rootkits: hidden files, registry entries, processes, drivers and MBR.
Sophos Antivirus for Mac: as the name says, a free antimalware tool for Mac OS-based PCs. It also scans a Mac for Windows malware.
iAntivirus: a free antivirus tool for Mac OS-based PCs, from PC Tools. It scans only for Mac OS malware. The picture in this blog post is from their site - PC Tools, if you have a problem with this please let me know.
ThreatFire: An additional layer of protection targeting zero day vulnerabilities yet to be covered by standard scan-based anti-virus. Also from PC Tools.
Norton SafeWeb for Facebook: this Facebook app will scan links in your wall and alert you if any link to a suspicious website is found.
Windows Live Family Safety: configure your PC to monitor what your kids are doing online: activity reports, manage access to websites, games and programs. Even set time periods when they can use the computer.
Norton Online Family: this is a tool for parents, to set house-rules and keep an eye on their children's online behaviour, as well as educate their kids on internet safety. The service can block objectionable content, give parents insight into search terms their kids use and help them learn more about how their children represent themselves on social networking sites.
eMail ID: will add a checkmark to webmail clients and Outlook Express to show emails come from the companies they claim to be coming from.
DNS solutions will work by blocking your PC access to a website by returning an address that will redirect your browser to a safe page instead. Note that DNS solutions may affect the ability of using your ISP's local cache and in some cases can cause sites using Content Distribution Networks to be very slow or not load at all. This includes sites such as Facebook, Twitter, and iTunes.
OpenDNS: you can register your home network on OpenDNS and automatically block certain types of contents, as configured by you.
Internet Guide: similar to OpenDNS, provided by DynDNS.
Norton DNS: it leverages Norton SafeWeb database to block unsafe websites. Does not have custom category blocking, but it's easier to setup.
Norton Safe Web: a free downloadable tool that identifies risky sites before users click on them in search results. It shows up as a small toolbar within either Internet Explorer or Mozilla Firefox. The free toolbar is powered by Norton Safe Web site-rating technology, the same one included in Norton Internet Security and Norton 360.
CWShredder: remove traces of a wide range of browser hijackers.
BrowserDefender: Another software from PC Tools, that will work on both Internet Explorer and Firefox to detect potentially unsafe websites.
What are you using? If it's a good suggestion I will update the post with your links. Spam will be removed.
It's that time of the year when we start thinking about pizza and beer... I have just posted about Geekzone Pizza 2011, again happening in Auckland, Christchurch and Wellington. More details for Geekzone Pizza 2011 here.
Companies interested in sponsoring the even in any way (drinks, prizes, etc) please contact me. Don't leave to the last minute, as you get more exposure the early you get on!