Facebook has new simplified privacy options.

Including one for About Me, which it claims “refers to the About Me description in your profile”.

“About Me”? I don’t remember that.

So I went looking in my profile. It was nowhere to be found. I thought maybe somewhere on the Info tab. Nup, couldn’t see it.

Eventually with some clues from someone on Twitter pointing me to it, I discovered it’s invisible unless you’ve set it to say something. Very helpful.

So to find it, it’s under: Profile / Info tab / Personal Information, then if you can’t see About Me, click the Edit button for Personal Information. Only then will it appear.

And just to confuse things, the “Write something about yourself” box underneath your photo in your Profile is different.

So here’s the thing. The other day I was looking at Facebook, at the Wall of a friend of mine, Jason.

And for a few minutes there, Facebook decided I was logged-on as Jason.

Except I wasn’t. I didn’t have any permissions to look at his private stuff, nor change things, but every time I clicked on the Profile button it showed me his Wall, not mine.

When I clicked Home, it thought I was me again. Clicking back to Profile, Jason again. I just couldn’t get to my own Profile.

In the bottom-right it said I had a bunch of notifications. But it wouldn’t let me see them; they must have been his.

Then I clicked logoff, and became me again.

I had a look at a couple of other friends’ Walls, it didn’t do it. But back on Jason’s, it got stuck again. I let him know, of course.

Makes me glad it didn’t just assume I was him and let me do and see anything he could. All I ever saw (apart from the number of notifications he had) was stuff I could see anyway as his friend.

All very odd.

OK. This is a worry. I found it on my Start Menu (for All Users) and also on my Desktop.

As you can see, it’s got an eBay icon, and the name eBay, but it points to somewhere very different: adon-demand.de/red/2303/

Searching around, I see that McAfee Site Advisor has a page on it, and says “We tested this site and didn’t find any significant problems.”

A post on the FoxIt forums alleges it’s put there by the FoxIt Reader installer, and that appears to be right — an update of that is the only thing I’ve installed recently, and no other user on this PC has the privileges to install these shortcuts.

I love FoxIt Reader, it’s much faster than Adobe Reader. It asks if you want the ask.com toolbar, but this, it doesn’t ask about. [See comments]

FoxIt, is not nice behaviour.

I wonder what eBay would say about their logo being misused like this?

Ho boy.

The Bushfires Royal Commission has been told staff answering calls at the Bushfire Information Line on Black Saturday were unable to see crucial information about the fires because of an IT upgrade.

More than 12,000 Victorians called the Victorian Bushfire Information Line or on Black Saturday.

Calls that were not answered went to Centrelink.

But the commission was told staff there were unable to see the Department of Sustainability fire database because an IT upgrade had accidentally blocked that access.
…

– ABC News Online

So on the hottest forecast day ever, and which everyone from the Premier down had warned would be the worst fire danger day ever, Centrelink staff, who are the designated backup responders for the bushfire information line, were blocked from getting the information they needed from the DSE web site?

Apart from the timing issues of IT upgrades to systems that are important to the fire-fighting effort, it appears to underscore the severe dangers of restricting network access unnecessarily.

While I was walking down the street running an errand, I tried scanning for Wifi networks on my N95 phone.

I must have found about 20 or 25 of them during just a few minutes’ walk. Probably every fourth or fifth house seemed to have one.

Many of them appeared to be named after the families living there. Some had obviously default names of common brands… Netgear and the like. A few had gobbledygook names which may or may not have been defaults.

And to my surprise, almost all of them were secured.

Almost.

Two weren’t — one an apparent Apple network, and one Netgear one, both close by to each other.

Hopefully not too many of their neighbours are sponging off them!

Apparently it’s e-Security week in Australia. Who knew?

This post from Graham Cluley of Sophos (who does a very entertaining and informative blog on computer security) includes this short video on how to choose a good password which is easy to remember, but hard for hackers to guess.

Simple tips for better web password security from Sophos Labs on Vimeo.

Not sure I agree with his conclusion, but it’s certainly worth some thought.

It looks like Kaspersky Anti-Virus is blocking at least some web adverts from prominent advertiser Doubleclick, on the basis that they’re phishing.

Here’s the warning from Kaspersky itself:

And here’s what appears on the web page:

This warning is appearing on sites using Doubleclick, including Yahoogroups and Facebook Scrabble (international).

Interesting.

I noticed a lot of my Wordpress spam is coming from a handful of IP address ranges. I’ve checked, and in the five-ish years I’ve been using Wordpress, no valid comments seem to be coming from there. (Just tap the relevant IP address into the WP comment admin search box.)

Time for a little .htaccess magic, I think.

order allow,deny
deny from 194.8.75.
deny from 194.8.74.
deny from 87.118.112.
deny from 194.8.75.
deny from 194.8.74.
deny from 87.118.112.
deny from 61.18.170.
deny from 196.12.36.
deny from 219.64.175.
deny from 69.59.137.
deny from 80.88.242.
allow from all

By the way, in cPanel File Manager, to see .htaccess you have to switch on the option to view hidden files on the options page when you go in.

Anyway, the result is less spam, though there appears to be a rash of new attacks from a wide variety of IP addresses, with a shirtload of embedded links to upcoming.yahoo.com

Oh lordy. I wonder if this is some kind of joke, or if it’s true?

The Telegraph reports that Google has blurred the image of Colonel Sanders on KFC signs in the UK, on the basis that he’s a real person.

The company says it took the decision because he is ‘a real person’ – despite him passing away in December 1980 aged 90.

View Larger Map

If it’s true, then can I just say: IDIOTS!

1. It’s a cartoon image, not a photographic likeness.

2. He’s been dead for 29 years.

3. What, you think we won’t know who it is? “Hey, who’s that on the KFC sign?” “Dunno, could be any southern American military guy who knows about chicken.”

4. Are they doing the same for cartoons and photos of real people on billboards and the like?

5. How is the late Colonel’s privacy being spoilt if people could see the cartoon image of his face? Hasn’t the horse already bolted on that, given the image of him is up on thousands of KFC outlets all over the planet?

Of course, it could be that the whole story is a crock.

Or maybe they just haven’t implemented their policy (whatever it is) very well.

The reason I offer these two possibilities is that I found this unobscured KFC sign, and this one too, both in London.

Certainly it appears the Colonel in Australia is freely visible:

View Larger Map

If they did institute such a policy in Australia, I wonder what they’d do about other cartoon face logos, especially of people who are still alive. Dick Smith is one who springs to mind, though now I think about it, I think they’re phasing out use of his face on their signs and literature.

The new “psyb0t” worm infects modem/routers by getting in via unsecured ssh/telnet ports on common MIPS Linux-based models such as those by Netcomm, Netgear and Linksys. Apparently a lot of these devices are shipped unsecured… and of course, most people don’t know how to check and change that. I know I don’t.

My router has DD-WRT on it. The DD-WRT web site has an article saying they believe they are not vulnerable, unless WAN management has been enabled.

It’s probably worth checking with your router or firmware provider to see if you’re vulnerable, and/or steps to check and secure your equipment.

APCmag: New worm can infect home modem/routers

ZDNet: ‘Psyb0t’ worm infects Linksys, Netgear home routers, modems

DRONEBL: Network Bluepill – stealth router-based botnet has been DDoSing dronebl for the last couple of weeks — which clarifies the conditions under which the infection can spread.

Guitar Hero/Rock Band compatibility: For those looking at the options for Guitar Hero and Rock Band (insert grumble about RB2 not yet being available in Australia), check Joystiq’s instrument compatibility chart to see which instruments work with which games.

OpenID: Ooh, this I like: Jeff Atwood on how to use your own URL for your OpenID.

Unix quick reference: Here

Your Google account is now an OpenID, apparently… Jeff Atwood at Stackoverflow knows what he’s talking about, and reckons you just enter google.com/accounts/o8/id when asked, and it’ll throw you to a Google logon screen.

Neato.

(Ah, I must have missed it when it was announced: Google and Microsoft both jumped on the OpenID bandwagon in October.)