All articles tagged as: security

iMessage Preview

So, iMessage has a handy new feature - both on iOS and MacOS - where if you send someone a URL it will extract some metadata from this URL and display it as a clickable link; You'll be used to this behaviour if you use Facebook or Slack, as it provides useful meaningful content for a link. However, there's a big difference between their implementation and iMessage. When you use Facebook or Slack, the website you've linked to will see a request from Facebook or Slack's servers. Information Leakage iMessage makes a request from the device itself which reveals some significant information; The ta…

Read more »

Phishing at LLoyds

Today I received a phishing eMail, nothing unusual there... I get loads of them, but this is a little more convincing than most for one reason, it contained my postal address (ok, one from many years ago, but nonetheless it proves that it was a lot more targeted than some) The eMail As usual the grammar and formatting are both terrible, so you'd be unlikely to believe this is from Lloyds bank, but many people do it seems. The usual fake urgency is a bit of a giveaway as well - Please respond within the next hour to avoid a permanent block. - why ? So, let's respond ... The website This is act…

Read more »

Reverse Lookup ("CNAM") in the UK

For many years the USA has had a 'CNAM' service (or Caller ID Name), allowing telecoms operators to show the name of the caller rather than a number. There are obvious advantages to this, having "BT" show when they phone rather than 0800 800 150 would be much more useful, but is also open to abuse. After all, would you trust a call appearing to be from your bank if the name appeared? The method of powering this is known as a Reverse Lookup. OpenCNAM Today I stumbled upon a service called OpenCNAM which claims to offer this across the globe and, surprisingly, matched my mobile number to my na…

Read more »

Nuisance calls, no drama.

Have you received a call from a number starting 020 7946? I have, and it took me by surprise, because these numbers can never exist. A little background; I am, and have been for many years, very actively engaged in trying to prevent misuse of telephone networks. This is a very 'cat and mouse' game, and we have to keep up with the mice who keep trying to find new ways to get calls through, or appear more genuine than they actually are. Most recently, there has been a move from Withheld / Unknown calls to those presenting a number, presumably because of people (like me) who will ignore anonymou…

Read more »

Security Theatre, Brussels and Beyond.

Somewhat shocked by Brussels today... and, especially since I know people there just now, my thoughts are with all those caught up in it :( Although, as I've intimated to a few close friends for many years but not been stupid enough to put on a public forum, I'm not at all surprised it's happened. Airport security has, for a long time, been no more than 'security theatre' going through the motions to make people feel safe. It achieves nothing - the airport itself is as big a target (and much easier), the weakest point is surely that massive queue BEFORE security where there's a gathering of fa…

Read more »