Robin Majumdar 2.0

Just a heads up that ZoneAlarm has an offer for a free 1 year license for ZoneAlarm ForceField. This fairly new product basically protects against web-based threats by encapsulating your web browser away from your operating system thereby limiting the potential for phishing software or keyloggers to be installed from surreptitious websites.

I just signed up for the free license, and I suggest you do the same ; ZoneAlarm is known for pretty well designed security software and you don’t need to install the ForceField software right aware. You will get an email with the download link as well as a ForceField serial number key valid for one year.

This “Patch Tuesday” promotion ends tomorrow, Wednesday, August 13 at 6:00am PST (or 9:00 EST)….

Well this is one of the first ScotiaBank phishing email attempts I have received:

Dear Customer,

As part of our strict commitment to online security, we automatically terminate your secure
online session after an extended period of inactivity. This prevents unauthorized users from
accessing your account information,It’s just one of the many ways we strive to protect you
and your personal information online.

To return to your online session normally we are necessitating a verification process on your account
as an added measure to ensuring adequate security on your access online. Log in your access to complete
the verification process and ensure you fill in the required information. Sign-On to Scotia OnLine .

We are indeed sorry for the inconveniencies we have caused you, but also remember
that as a Scotiabank customer, your security remains our greatest priority.

Thanks for your co-operation.

Account Security Dept.
ScotiaBank.
________________________________________

Accounts Management As outlined in our User Agreement,& Scotia Bank will
periodically send you information about site changes and enhancements.
Please do not reply to this e-mail. Mail sent to this address cannot be answered.

The “Sign-On to Scotia OnLine” is a hyperlink to http://sp2lancut.scholaris.pl/mambots/editors/scotiaonline.htm

The sad part is that there still plenty of people being taken in by these phishing scams…

Firefox 3.0.1 was just released for download and it’s highly recommended that you immediately upgrade your FF 3.x installation (tell me that you’re not running a beta or RC version of 3) as it includes several critical security fixes.

I’m hitting post on this article and then doing the upgrade on a few machines here at work… yeah, at work. :/

I came across this interesting video tour of the Equinix data centre facility in which they explain their 5-level biometric security system, N+1 redundancy architecture for everything from rack cages to UPS to diesel generator to utility grid supply.

25,000 gallons of on-site diesel fuel for their generators may sound like a lot, but when you’re hosting big players such as MySpace that means a lot of power requirements. Case in point, their UPS batteries provide for “only” 7.5 minutes of runtime, but considering that their transfer switch only requires “2-3 seconds” to switch to the generators… that’s decent. Mind you, I’ve seen power transfer switches fail or go freaky… or generators refuse to start up or run stable for more than 1-2 minutes…

Worth viewing if you have any interest in data centre design or you are considering a Tier 1 hosting facility.

It’s been almost 3 months since the release of phpFoX 1.6.20 and now there is the 1st significant security patch which affects all 1.5 and 1.6 versions of phpFoX. It works to fix a Moz Binding issue and can be installed by visiting the patch information and download thread (available to registered owners only).

Great support for a great product… as always if you have a license you longer need, I’m always interested in discussing a purchase of it. Please leave your email (never revealed) in a comment and I’ll be in touch.

For those interested in doing the patch, to fix the Moz Binding vulnerability, here are the instructions (thanks Porter for the tip!):

(more…)