You want to be Facebook friends with a celebrity or some other target that you don’t know, but the cagey celebrity ignores your friend request. There has to be a better way, right? Now a team of Chinese, American, and Taiwanese computer scientists, headed by Wei Chen at Microsoft Research Asia in Beijing, has announced that they have developed an algorithm to maximize the chances that you’ll connect with your future friend.

The researchers explained:

“Most friending recommendation services today aim to support passive friending, where a user passively selects friending targets from the recommended candidates. We advocate active friending, where a user actively specifies a friending target.”

In other words, don’t sit on your hands and wait, just passively hoping that your target will respond to your request. Put the team’s formula to work, which they called Acceptance Probability Maximization (APM). The process of active friending seems to basically consist of having the program chart various routes across the social network in order to find a possible connection. It will also seek out friends in common — or suggest ways for you to connect with other people to create the illusion of having friends in common.

The target, then noticing your common links, is theoretically much more likely to accept your Facebook friends invitation.

The MIT Technology Review reported that Wei tested their algorithm on 169 Facebook users. They were asked to try to acquire the target friends in two ways — the old approach of just using their Facebook invitations and the new way of following the recommendations given by the test program.

According to Wei’s team, it worked. A lot more people were accepted as friends if they followed the route charted out by the program than if they just tried to do it themselves.

Not everyone was thrilled by the idea. A commenter to MIT’s blog called “lund1967″ grumbled, “Pretending to be friends with someone to be friends with someone else? What is this, junior high?”

Bob Yirka, reporting for Phys.Org found the fatal flaw. “The algorithm only works if implemented by the social network itself because they are the only ones that can analyze the structure of friend relationships between different individuals who don’t know each other or have any friends in common,” Yirka noted. He didn’t see a reason for Facebook to ever implement such a program, because “it would seem contrary to their most basic philosophy.”

Wei didn’t say why Facebook would want to install that option, but, if you read between the lines, it seems that the researchers think it might make a great paid option for the determined stalker … erm, user.

Would you use an “active friending” service to help you get celebrity Facebook friends?

Facebook Friend People You Don’t Know, Math Nerds Tell You How is a post from: The Inquisitr

How Wal-Mart was hacked is a cautionary tale about the vulnerability of information in the digital age.

The story of how Wal-Mart was hacked starts with a phone call to the manager of a store in a small military town. The call was allegedly from someone named “Gary Darnell” at Wal-Mart’s corporate headquarters in Bentonville, Arkansas.

Gary Darnell told the manager that he was giving a handful of Wal-Mart branch managers a chance to pilot a multi-million-dollar government contract, but first he needed a full picture of the store’s operations, CNN.com reported. Darnell spent 10 minutes giving details of himself, the government contract that would make the company “tons of cash,” and his plans for a visit.

In exchange, Darnell asked for information about the store including its janitorial contractor, cafeteria food-services provider, and even the shift schedule. By the end of the conversation, Darnell knew exactly when managers took breaks and where they went for lunch.

Then came the key detail of how Wal-Mart was hacked — Darnell asked the manager for details about the PC he used including the computer’s operating system and antivirus software. He then got the manager to click on an external website, but, when it was blocked Darnell, said he would call the IT department and fix the problem.

The manager thought nothing of it, CNN.com reported.

” ‘Sounds good,’ he answered. ‘I’ll try again in a few hours.’ “

Gary Darnell hung up the phone and stepped out of the soundproof booth where he had spent the last 20 minutes to applause. He had been performing for an audience of more than 100 people at the Defcon conference in Las Vegas who were listening to his every detail of how Wal-Mart was hacked. Darnell, who is really Shane MacDougall, was participating in a “capture the flag” contest to see who could capture every required data points, or flags, from a company.

For the competition, the social engineers are sent a dossier with the name and email of their target along with their list of targets, Social-Engineering.com reported. Participant are allowed to gather as much information as they can through public, open source information like company websites and even Facebook or Twitter.

Competitors then receive points based on how many flags they are able to get from their target.

“Social engineering is the biggest threat to the enterprise, without a doubt,” MacDougall told CNN.com after his call. “I see all these [chief security officers] that spend all this money on firewalls and stuff, and they spend zero dollars on awareness.”

How Wal-Mart was hacked might not be as important as why it was hacked, MacDougall explained. As the head of security firm Tactical Intelligence, he regularly conducts social-engineering tests for clients to check the vulnerability of their information.

The performances are poor across the board, he said, especially among sales employees.

“As soon as they think there’s money, common sense goes out the window.”

Bentonville executives see the story of how Wal-Mart was hacked as a stern warning to others, with Wal-Mart spokesman Dan Fogleman telling CNN.com: “We take the safeguarding of our business information very seriously and we’re disappointed some basic information was shared.”

How Wal-Mart Was Hacked: Lying Engineer Infiltrates Company is a post from: The Inquisitr

Where those behind the Tatanga virus were initially intent on targeting customers of a sole bank in Spain, they appear to have expanded their illicit operations to include the customers of other banks.

Those behind the financial malware intend on stealing money as well as identities in order to perpetrate crimes pertaining to identity fraud. In order to do so, the virus relies on social engineering techniques which are intended to trick the victim into bypassing security measures imposed by their banks. Security measures which include one-time passwords (OTPs) and transaction authorization numbers (TANs).

Director of product marketing for online security firm Trusteer, Oren Kedem, indicated that the Tatanga variant discovered last week was not aimed at the United States. In regards to the origins of the malware, Kedem was quoted by CSO having said:

“We don’t know where it originated, but it’s fair to assume that the people are Spanish speaking, and familiar with the Spanish banks. There is reason to believe it is coming from that part of the world.”

Tatanga currently affects nine web-browsers which include Mozilla Firefox, Internet Explorer, Opera, Safari, and Google Chrome.

A Trojan horse, in regards to computing, is composed of a server and a client. Once the server is executed on the victim’s machine, a communication port is opened through which the client is able to establish a connection in order to remotely control the infected computer. As software and hardware firewalls, like those commonly incorporated into home routers, thwart traditional Trojans by blocking unsolicited connection requests, reverse client/server viruses are now the apparent standard.

In regards to countermeasures, Kedem has indicated that banks should provide anti-malware services and training to their customers. He was quoted having said:

“Banks need to make customers watch for any change from normal. They should be suspicious if they see any unsolicited offering, anything that is asking for new information, if the screen changes or if suddenly somebody from the bank is chatting with you. Call the bank and ask if it is genuine. The best way to be safe is to be suspicious.”

In the constantly evolving world of online security, this writer suggests Internet users utilize a variety of anti-virus software suites, either a software or hardware firewall, avoid shady websites to the best of their ability, utilize complicated passwords, never use the same “universal” password for their various accounts, carefully scrutinize anything that seems too good to be true, never divulge personal information, and regularly backup important data. While following these directions has the ability to mitigate the risk of losing important data, being scammed, or infected with a virus, the directions will not make you impervious to infections or scams. For this reason, always exercise caution when accessing the wild west world that is today’s Internet.

Anti-virus software often incorporates anti-virus offset scanners in order to pinpoint infections. Essentially, an offset scanner works by scanning the code composing a given file for a string common to a known a virus in order to determine whether or not the file is infected. As the scanner is simply searching based on a library of virus definitions, a virus must first be discovered and analyzed, often through reverse engineering and execution in controlled environments, in order for there to be a definition in the database of known viruses. To relate to a more common world of understanding such as that of the corporeal, researchers are unable to provide a cure for a virus prior to having knowledge of the virus and the same is true when it comes to computer viruses. Such is the perpetual cat-and-mouse game that we play.

Online Security: Free Fraud Protection Scam Installs ‘Tatanga’ Financial Malware is a post from: The Inquisitr