Tuesday 12 April 2011

No authorised Advertising at the Olympics.




Draft legislation has been proposed ans put forward for the Olympics which makes its illegal for any advertising which has not been paid for to the Olympics Committee.



These sponsorship deals cost millions of £££ for a few weeks of the games, so the Olympics committee is keen to make sure that who ever has not paid can't advertise.

An interesting angle to this is Smart Phones, Tablets and Laptops. The proposed law says that it is illegal "to carry an apparatus by which an advertisement is displayed at of within a few hundred meters of the Olympics venues during the games".

The Olympics committee will take this very seriously and will enforce it. So you better leave your phone, iPod, tablet or laptop at home.

Its obviously designed to stop the big boys advertising something they have not paid millions for at the games, but I  am sure the security teams at the Olympics will over exert their power in applying the law and have great fun doing so.

Make sure anything you wear is not displaying any logos or adverts...they will most likely check your underwear too for logos... ;->

 Advertising Legislation Link. 

Thursday 7 April 2011

When NOT to trust an SSL cetificate.


Comodo recently issued a security alert that after a breach 9 SSL certificates were falsely issued.

Unfortunately far too many people on the internet associate the SSL padlock as a symbol of ultimate trust.

Unfortunately this is seriously misplaced trust.

Sophisticated hacking attempts mean it is now getting easier for SSL issuers to be hacked into issuing certificates.

Moreover all a certificate really does in terms of integrity is that the host name you types in your browser is what the server hosting the SSL certificate claims to be.

Today it is easy to get (fool) a domain registrar to redirect a domain's IP address or poison DNS to give out a false IP. At this point even if you typed your bank's URL for instance, there is no gaurante that you are actually going to your bank.

So the next time you simply rely on the SSL padlock symbol to keep you safe, think twice... look at the page, is it all the same and if you credentials which are correct are rejected or you get a website error after putting in your credentials, chances are you are logging onto a hacker's site.

SSL and the padlock are NO longer a symbol of trust on their own