Filter Spam or Detect Spammers with Alias in Gmail

Had to share this as I´m getting tired of companies selling out my email to advertisers, leaked to spammers or them starting to spam my inbox just because I once registered on their service. So by adding a company-specific string to your email-address you can filter all spam and identify the origin of who sold out your address. E.g., I tested this when buying a travel ticket. Upon registration I did not provide them with my original email-address (myadr@gmail.com), but rather an address specifically crafted for this travel service agency (myadr+travelservicex@gmail.com). I will still receive the emails from the company, but also filter out its origin, even if they shared it with cooperating companies or advertisers.

Check out Filter using Gmail aliases at the bottom here.

Windows 10 Telemetry

Yesterday Microsoft blogged about their privacy journey, finally. It appears they have done improvements(?) to the privacy in Windows telemetry and “functional” reporting, and provided some custom privacy settings. Finally what I think is most interesting in this context is how to manage and utilize all this data for corporate security management, prevention and detection purposes. They claim to be “developing a set of analytics customized for your internal use” which sounds very interesting. However, it remains to see how and what they can offer. Upgrade Readiness is their first step.

So, there is a “basic level” and a full level?

Excited to hear more about how(if) this fits the GDPR.

Mobile Trojans with SMS C&C

Looked into the Android SpySMS torjan as they say it has infected 40k users phones. This Mobile Trojan is using SMS as C&C protocol the way IRC C&C were used by PC Trojans back in the days. Got me thinking that the reliable SMS protocol is a nice protocol to control the android bots. The way this app try to block anti-virus from running and the long list of banking apps it controls is rather interesting as this has historically been more adapted by PC trojans and malware.

Tor’s problem; Traffic Correlation Attacks

onion-torIn the need for privacy (with bad or good intentions), people search for tools that can provide anonymous communication online. Tor is well known for that and have existed for a long time as a respected network of multiple layers of hops and encryption (“onion rings”). Just found this interesting article from Aaron M. Johnson et.al. where they have exploited vulnerabilities in Tor network by using traffic correlation attacks. Continue reading “Tor’s problem; Traffic Correlation Attacks”