Microsoft Applies For Patent Telling You If A Website Is On A List Of Phishing Sites

It seems that every few days when new patents are announced there are a few gems from Microsoft. Take, for example, Microsoft's latest patent application on Phishing Detection, Prevention, and Notification. If they truly came up with an innovative way to stop phishing attacks, that would be interesting. Instead, it appears that the patent is for looking at the URLs found in an email or visited by a website, comparing them to a known list of phishing sites -- and then alerting you that the link might be fraudulent. In other words, it's the most obvious anti-phishing system around (and one that's proven to not be all that effective). If someone were to describe to you the problem of phishing, and ask you how to stop it, this would be nearly everyone's first attempt. It's hard to see how something so obvious deserves patent protection -- but the way our system works these days, the whole "non-obvious" requirement has been pretty much tossed out. -- Clarifying that this is simply a patent application, not a granted patent -- but the fact that Microsoft even thinks it's worth applying for such a patent highlights the way the system works these days.

New Drive-By Attack Taking Over Home Routers

Researchers at Symantec are warning users that if they haven't changed the default password on their home wireless router, they should finally just DO IT.

Symantec's Zulfikar Ramzan issued a warning Thursday that hackers are lacing phony Web sites with malicious code that actually will log into and mess with your home broadband router. He's coined a term for it: Drive-By Pharming.

"I believe this attack has serious widespread implications and affects many millions of users worldwide," wrote Ramzan in his blog
on Symantec's Security Response Weblog Thursday morning. "Fortunately, this attack is easy to defend against, as well."

Now, here's the thing… How long have security types been telling us to be smart about our passwords, whether the passwords are for our laptops, our smart phones or our home routers? It's not a new call to arms. But, obviously, it's one we all need to hear again.