futtta's blog

Warning: your computer might be infected while surfing the web! Because these days web criminals aren’t just attacking government or corporate servers any more, but your browser as well. That way they can steal/ manipulate your data or install other malware. Most of these attacks happen while you are surfing and all the anti-virus software and spyware-scanners in the world will not fully protect your system and data (as Clopin found out while cleaning multiple PC’s of his family). The good news? There are only two big threats: malicious javascript and your own utter stupidity. And both can easily be countered.

Although stupidity is normal, you should try to live by one simple rule: don’t download software. Just don’t. And if you really must, only install if it comes recommended by at least one trusted source such as a computer-literate friend or a high-profile tech website. But don’t download software because a flashing red text on some obscure website tells you your computer is “infected”. Don’t “install a new version of Flash Player” to see that free porn movie. Don’t download, don’t install. Don’t!

Protecting against evil javascript (and malicious html, css, flash, java, …) is another issue. Attacks such as XSS, XSRF or clickjacking are barely visible. You’ll be happily surfing, clicking hyperlinks left and right, logging into your favorite web-apps and before you know it your data has been stolen or tampered, a password was reset or someone gained access to one of your online accounts. Entirely disabling javascript is not an option (you need it for most of modern web-applications to run), but if you’re a security-conscious Firefox-user there’s an easy solution; Noscript.

Noscript is a Firefox-addon that simply blocks all code (Javascript, Flash, Java and Silverlight) from being executed, protecting you by default against almost all types of browser-based attack (“almost”, as I’ve seen a nice proof-of-concept of a history-stealing web-page that only uses CSS-trickery, which Noscript can’t block). If you’re on a site you trust, you simply tell Noscript to temporary or permanently allow javascript -and other code- for that site and you’re back in web2.0-land. It may take some getting used to (a.o. to build a good permanent whitelist to allow your default sites to function), but it’s a great tool that can even double as a flashblock and (to some extend) adblock plus replacement!

So, to summarize; don’t install software and install Noscript and all will (probably) be well.

Ge ziet hier niet veel foto’s meer van het schoonste, liefste en slimste dochterken ooit, maar dat is allemaal de schuld van Facebook. (meer foto’s op Picasa).

Gelukkig Twitter ik niet, anders zoudt ge hier -zoals op veel blogs- nog minder te lezen hebben

Het is zomer en daar hoort een zomerhit bij! Zomer, dat is vakantie en vakantie, dat is Frankrijk. Alors, un tube d’été Français misschien, zoals het  heerlijke “Voila l’été” van Les Negresses Vertes uit 1989? Of het opzwepende “Vivre la vie” van Kelly Joyce, niet doorgebroken bij ons, maar in Frankrijk wel grijsgedraaid in 2001?

Soit, in tegenstelling tot de geruchten is mijn zomerhit van het jaar dus niet een bizarre mashup van Nirvana en Rick Astley, maar wel “1901″ van het Franse Phoenix. Hieronder een live “tubeken”, met muzikale ondersteuning van het pracht-apparaat dat ik niet wil (maar de minimale versie of die met de volledige bezetting bij Letterman zijn evenzeer de moeite);

Nog een paar andere leuke dingetjes die ik al rondklikkend op Youtube vond;

• “Darlin2″ van Darlin’ (ofte Daft Punk voordat ze electronisch gingen, met de gitarist van Phoenix)
• “Playground Love” van Air, live en akoestisch door Phoenix (en hier bij Stubru in één teug met “Listzomania”, “One Time Too Many” en “Playground Love”)
• Air en Phoenix spelen samen “Kelly watch the Stars” héél erg live bij Jools Holland

Apparently I’m not the only one at work who cares about the lousy browser we’re still supposed to work with. A colleague sent me this personalized Hey IT-poster (click to download as pdf);

I’m not entirely sure I would prefer mobile Safari on an iPhone over MSIE6 on PC, but that might have more to do with the screen size and the lack of a keyboard than anything else.

Anyway, this is a powerful slogan if you’re in telecom, so I’m printing 10 of these as we speak. I might even try to put one up against the wall of our CTO’s office.