Apparently someone at Google didn't realise that people can use  <script> tags to insert scripts in YT comments. Naturally, 4chan and ebaumsworld have discovered this vulnerability, and have spammed all popular videos with lord knows what scripts.

Some videos are redirecting to malicious sites, others have explicit content, or offensive marquee text.

Just thought I'd warn you all. Afterall, scripts are very dangerous. If you have visited YT lately, please ensure your PC hasn't been infected.

If you have an infected video, please disable comments.

Update: Youtube have removed the offending comments.

It's the age old argument. What platform is most secure, Windows, MacOS or Linux? Apple wants you to believe that their OS, MacOSX, is the best option, which is evident by their ad campaigns featuring two men depicting a 'PC' and a 'Mac' respectively. Perhaps the most relevant skit can be found here. Linux, on the other hand, is known to take security very seriously. Some would say too seriously, with constant nagging not unlike the infamous Vista UAC. Of course, it's arguable that security is a lot more important than avoiding the incessant tending to security dialogues. Then there's Windows. It has a reputation for being riddled with viruses, spyware, or just malware in general. This mentality may have started in 1986, five years after the first virus was deployed on the Apple II. Since Microsoft's software was so popular, it became the obvious target for future attacks.

Think to how operating systems are labelled in terms of common stereotypes. You've got Linux, the one that only the most hardened of 'nerds' can master, where problems can be fixed easily - if you know how the whole OS works from top to bottom - and it's locked down to nasties. MacOS, the virus free virgin OS where everything is simple and pure, and everything is creative and fun. Then there's Windows, the master of spreadsheets, and the one that's compatible with most software/hardware; but it's always chucking a sickie. Fortunately, stereotypes aren't my thing, so I find these attitudes quite amusing. Unfortunately, it only takes a few minutes of browsing an active forum or comment section of a news site to hear this nonsense spout as gospel. To the credit of online communities, most people have wised up; perhaps due to the introduction of 'rank' based comments and online reputation.

Your everyday computer user is often influenced by these lingering stereotypes. Not only have they been around for several years, but they require little explanation. To teach people the truth, or at least, put these claims into perspective, would require a fair amount of technical explanation; most of which people just don't care about. Herein lies a problem, one that boggles the minds of those competent enough to understand. Security is no longer a question of OS platform, but the product of user awareness. You see, a criminal can just as easily obtain your bank account details whether you're on a PC, Mac or multi-million dollar mainframe running a Linux distro. The platform that's going to cause you trouble isn't the OS - it's the Internet.

Viruses and spyware are old-hat. Sure, they're not extinct, but they're far from the preferred method of obtaining personal details. The Internet allows criminals to obtain your personal information the old fashioned way, by scamming you through trickery. I'm sure many of you have had friends initiate a chat session with something along the lines of "Hey, I found this funny picture of you: *insert link here*". Looks innocent enough to most people, so you click it. At this stage you're met with a site similar to the sign-in page of your awesome-newfangled-social-networking account. An experienced user would probably notice that the link is odd, or that asking for details is suspicious. The everyday user would probably think "Urghh, it always asks me to login", and would then proceed to enter their details. Naturally, this would leave the owner of the fake site with access to all your details associated with said account. This phenomenon is called 'phishing'. It's not a new occurrence, but it's definitely the hardest to combat. Whilst viruses can be tracked via software, phishing requires the user to employ common sense. Your 'secure' OS can't do a thing about it.

Whilst many phishing sites use your details to spam your friends with advertisements, others do a lot more damage. Many people share private data on sites such as Facebook, to the extent where obtaining that data can lead to identify theft. In addition, phishing attempts for your bank details is a common occurrence. For example, there's been official-looking e-mails sent out requesting updated bank details; banks will never e-mail you asking for sensitive data.

So what can users do to protect themselves? The obvious thing is to be vigilant when using the Internet. If something looks suspicious, don't use it. Common aspects to look out for are odd or misspelt URLs, inaccurate page layout, improper English, or a missing/invalid security certificate (if applicable). You can obtain software to help detect phishing sites, but these are not foolproof, so don't rely on them as your sole line of defence. Modern browsers may have inbuilt tools which will warn you if they detect a known phishing site.

The bottom line is, you can't choose an OS based on the assumption that one is infallible. In a day and age where the Internet is a larger platform than all the major OSs combined, it only makes sense for nasties to shift their focus online instead of a smaller section of the market. Each OS has their share of nasties, it's up to the user to implement the appropriate safeguards to avoid them. This includes installing software from trusted sources, avoiding illegal software, and steering clear of suspect sites. In addition, an OS can only block what you let it, so the next time you're asked "do you want to allow xyz to have access to your system", think about what's being installed, and whether you initiated it. That's not to say that each OS is equally vulnerable. Some OSs are better at dealing with malware than others. That being said, the reality is that they all have a consistent exploit - the end user.

The Internet is an insanely massive collection of servers and nodes, all of which serve a part of our rich online experience. At first it was a purely educational technology on a very slow connection; capable of text-only transmission. Since its mainstream acceptance in the 90s, there's been a massive drive to create a intuitive user experience. People have moved on from creating animated GIF filled pages about their favourite pets, and the horrible ad supported 'free' hosting services which allowed anyone to actively contribute to the worlds ASCII art collection. Not to mention the abundance of 'under construction' declarations - there's irony in that, I'm sure of it.

What was eventually formed is a generation of new sites which offer clean and dynamic infrastructures to create, share and discuss almost anything. Think content management systems (CMS) such as WordPress, media sharing services including YouTube and Photobucket, and perhaps most importantly, social networking sites. Facebook is one of these social networking sites, and quite possibly the most popular, with an estimated value of 10 billion US dollars and 100 million users worldwide. With a major rise in social networking, should we be concerned with security? Who has access to the information we're submitting to Facebook? Is this information secure?

Nothing on the Internet is private. It's a rule that several users tend to forget on a regular basis. Once information has been placed on a host accessable to the public, it's going to be very hard to remove every copy, particularly when it comes to controversial content. Social networking is no different. In some respects, it's worse. Users are easily lured into a false sense of security, and are often led to provide personal details to 3rd parties without realising.

First and foremost, there's the wealthy list of Facebook security options to run through. I think it's safe to say that many people outright ignore these settings, and it can get hard to keep up when they're constantly being amended - and in some cases - reset. It's arguable that that example was pure user ignorance, sure. However, it's unacceptable for security settings to be altered via an impromptu security notification, especially when it's to such a vulnerable state. Many people were caught out by this, and there's no reason why this couldn't happen again. It's critical that you keep your eyes peeled for tricks such as these.

Take the time to look at the security preferences that Facebook provides. It's as simple as navigating to 'Account' > 'Privacy Settings'. If you're like me, you'd lock everything down as tightly as possible. As constricted as that sounds, it's far from fool proof.

The problem with security and Facebook (apart from being on the Internet) is the fact that all your information is freely available to friends. Makes sense right? Afterall, that's the point of Facebook; to share information with people of your choosing. Unfortunately, this is also the single greatest flaw. Your friends can distribute your details any way they like. Assuming your friends are nice trustworthy people, there's several ways for your information to leak via their access. The most obvious is their account getting compromised, which can be caused by leaving a logged in PC unattended, or through successful phishing attempts. Perhaps a little more tricky is the use of 3rd party Facebook apps.

When a friend allows a quiz, game or other application to access information on their account, they may be inadvertently giving the developer access to your data. Although you can restrict how much information friends can share about you, there's no reason why your wall posts and comments cannot be read, in addition to "name, Profile picture, gender, current city, networks, friend list and pages".

Facebook, among other companies, need income to remain afloat. The free service is funded by ad revenue and virtual gifts, in addition to 3rd party investments. There's no reason why Facebook couldn't start selling information to advertisers in order to create targeted ads. Will this happen, is it already happening? Possibaly. The solution is simple. Don't put anything on the Internet that you don't want the world seeing. Think deleting your nasty photos will solve the issue? Not quite. You never know where your data will end up.

According to George "Geohot" Hoz, the man responsible for jailbreaking the iPhone, the infamous Playstation 3 Hypervisor is no longer an obstacle. His blog entitled On the PlayStation 3 suggests that his attempts at hacking the PS3 were very fruitful.

Hello hypervisor, I'm geohot
I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3. The rest is just software. And reversing. I have a lot of reversing ahead of me, as I now have dumps of LV0 and LV1. I've also dumped the NAND without removing it or a modchip.

3 years, 2 months, 11 days...thats a pretty secure system

Took 5 weeks, 3 in Boston, 2 here, very simple hardware cleverly applied, and some not so simple software.

Shout out to George Kharrat from iPhoneMod Brasil for giving me this PS3 a year and a half ago to hack. Sorry it took me so long :)

As far as the exploit goes, I'm not revealing it yet. The theory isn't really patchable, but they can make implementations much harder. Also, for obvious reasons I can't post dumps. I'm hoping to find the decryption keys and post them, but they may be embedded in hardware. Hopefully keys are setup like the iPhone's KBAG.

It's hard to believe that it's taken over three whole years for someone to crack this pesky security obstacle. What can be believed is that this guy may very well be the first to achieve such a feat. He was able to pioneer the iPhone jailbreaking escapade that many people utilise today, so it appears we're in for a good chance.

This milestone should make it possible for many interesting PS3 projects to start up. This includes homebrew applications, running 'backup' copies of your games, and perhaps some interesting physical modifications. If you have a PS3, this is definitely something you'll want to look out for. :)