Terry Zink: Security Talk

Discussing Internet security in (mostly) plain English

February, 2008

  • Terry Zink: Security Talk

    More on CAPTCHA's (Google's in particular)

    • 5 Comments
    Websense is reporting in a blog article that Google's CAPTCHA has been broken with a one in five success rate.  More interestingly, they have a lot of technical details about how the botnet members coordinate with two different computers during the...
  • Terry Zink: Security Talk

    CAPTCHA's are broken - so now what?

    • 3 Comments
    A few weeks ago I blogged that it sure looked like spammers had broken the CAPTCHA for Windows Live (Hotmail), Yahoo and Gmail.  The evidence was circumstantial in that I was seeing a lot more spam from these services. Over the past couple of weeks...
  • Terry Zink: Security Talk

    More on PII and IP addresses

    • 1 Comments
    In a follow up to the blog post from Google arguing against IP addresses being Personally Identifiable Information, I have a couple of more comments. A couple of months ago we ran into the exact same issue.  While Whitten does make valid points that...
  • Terry Zink: Security Talk

    IP addresses and PII

    • 3 Comments
    I don't normally cheer for Google when I don't have shares in the company, but this time I will make an exception. Alma Whitten, Software Engineer at Google, today posted to their Public Policy Blog that IP addresses shouldn't be considered Personally...
  • Terry Zink: Security Talk

    How to use the Relative Performance Index

    • 2 Comments
    In my previous post , I described an indicator I just invented called the Relative Performance Index.  In this post, I'd like to describe how to interpret it. The RPI makes it possible to do an apples-to-apples comparison.   Our spam filter...
  • Terry Zink: Security Talk

    The Relative Performance Index

    • 5 Comments
    I’m so good sometimes I amaze even myself. I like to play around with metrics and measurements. For the longest time, this was difficult to do because I was unsure of how to determine our non-spam. Well, a couple of months ago I devised a system...
  • Terry Zink: Security Talk

    Facebook: I need to be more careful

    • 1 Comments
    The other day on Facebook, I kind of accidentally spammed my friends.  Here's what I mean: I got one of those Quiz invitations from one of my friends asking me to answer one of their questions, how well do I know them?  It may have been "What...
  • Terry Zink: Security Talk

    Was a CAPTCHA broken?

    • 7 Comments
    A couple of weeks ago, I blogged that some outfit in Russia claimed to have broken Yahoo's CAPTCHA for creation of new email accounts.  Someone posted a reply in the comments with a link to an article that this was unlikely.  Yet, in the past...
  • Terry Zink: Security Talk

    The advantages of being part of a large anti-spam company

    • 2 Comments
    Sometimes I moan about the difficulties of being part of large company in the time it takes to get things done, but it has its advantages. As part of a small company, stuff is often done ad hoc.  People write spam rules, write little scripts to do...
  • Terry Zink: Security Talk

    Stock spam and bear markets

    • 2 Comments
    If you're a stock trader at all, it'll come as no surprise to you that over the past three months we've been in a correction.  If the definition of a bear market is a drop of 20%, then from peak to trough we have seen a bear market in the Nasdaq...
  • Terry Zink: Security Talk

    A couple of more thoughts on the David Ritz case

    • 2 Comments
    I thought I'd post a couple of more thoughts on the David Ritz case.  There are a couple of points in the judgment that are simply bizarre: Ritz has engaged in a variety of activities without authorization on the Internet. Those activities include...
  • Terry Zink: Security Talk

    Summary of the David Ritz case

    • 4 Comments
    As I wrote in an earlier post, a judge in North Dakota recently ruled against David Ritz.  Ritz is an anti-spammer who was sued by Sierra Corporate Design, Inc.  The full judgment is here , I will attempt to summarize it.  The basis of...
  • Terry Zink: Security Talk

    Piles of stock spam from Gmail last couple of days

    • 2 Comments
    In the last few days, I have started receiving piles of stock spam from Gmail touting the ticker symbol RQST.PK.  I see these spams in my Gmail account, my Frontbridge account and now my Yahoo account. I still get spam from Hotmail, but it's confined...
  • Terry Zink: Security Talk

    Maybe the North Dakota judge should watch more South Park...

    • 3 Comments
    A couple of weeks ago, a judge in North Dakota ruled against anti-spammer David Ritz for conduct against Sierra, Inc, allegedly an enterprise that spams.  In a future post, I'll comment on the case.  But for the time being, the key point to...
  • Terry Zink: Security Talk

    Microsoft offers to buy Yahoo

    • 9 Comments
    Last Friday, Microsoft made an unsolicited offer to buy Yahoo for $31 per share, representing over a 50% premium from Yahoo's then-share price. Leaving aside the question of whether or not this is a good deal, and what Microsoft's true motivations are...
Page 1 of 1 (15 items)