1,400 Topics
 | |
 | Last Saturday, Republican vice presidential nominee and Alaska Governor Sarah Palin held a rally in Los Angeles in the Home Depot Center, and the California Democratic Party rented a giant electronic billboard during the event, and solicited questions from people, via texting, to display during the presentation (exhorting submitters to … |
 | How on earth can you 'lose' the names, addresses, dates of birth, email addresses and, one has to assume, the mobile phone numbers of some 17 million of your customers? It's a good question, and to get the answer you might want to shout it in the direction of T-Mobile … |
| | As unlikely as it may sound, Elvis Presley has been cloned. OK, it's a fair cop, not your actual Elvis Presley but rather his passport. According to reports a gang of Dutch hackers have managed to clone RFID driven e-passports of the type we are always being told are highly … |
| | Peter Wood admits he walked unchallenged into an insurance company and was able to steal all their data. He is not in trouble though, it was part of a security exercise and he was hired to try and steal that data. Of course, as Wood says, very often companies "unwittingly … |
 | On the face of it it's excellent news that Microsoft and the Washington State Attorney General are fighting against web scams. The sort of scam they're looking at is pretty clever if you're an inexperienced user. You're surfing a website or three - never mind what sort, we're not here … |
| | Effective Wednesday, October 1, each business in Nevada must encrypt customers’ personal information when it is transmitted outside the business’ secure network, such as when it's transmitted over wifi. Initially passed in October 2007, it was said to have been the [URL="http://www.privsecblog.com/archives/state-legislation-some-state-data-encryption-requirements-more-effective-than-others.html"]first law[/URL] of this type. The Commonwealth of Massachusetts … |
| | Sun Microsystems managed to fix multiple security vulnerabilities in JDK and JRE months ago now, so why has it taken Apple so long to finally plug pretty much the same Java holes in Mac OS X? Apple has known that its Java implementation has been, quite frankly, screwed since way … |
| | We were all treated this week to a lovely example of why it's a good idea to use standard email for government business (or corporate business, for that matter). First, Republican vice presidential nominee Sarah Palin mentioned that [URL="http://www.washingtonpost.com/wp-dyn/content/article/2008/09/09/AR2008090903044.html"]she used Yahoo Mail[/URL] for some of her email, which is a … |
| | Yesterday I was having breakfast in Madrid, as you do, enjoying the 30 degree heat and the ice cold orange juice. I was also enjoying the opportunity to be my usual grumpy self and throw awkward questions in the direction of my breakfast companion, Con Mallon the Director of Regional …  |
| | I was privileged to attend the 5th [URL="http://www.kaspersky.com/"]Kaspersky[/URL] Lab forum, held in the city of London, yesterday. It was actually a Cybercrime Forum (I have no idea if the other forums were as well, as this was my first), and so the main focus was – yeah, you guessed it … |
| | Microsoft yesterday released a [url=http://support.microsoft.com/kb/954593]security update[/url] intended to fix eight critical vulnerabilities in as many as 42 Windows apps and components, including IE6, Media Player, Office, SQL Server and Visual Studio. The patch was made available before they could be discovered and exploited by malicious hackers, or at least before … |
| | According to [URL="http://www.sophos.com/blogs/gc/g/2008/09/02/sex-spyware"]Sophos[/URL] it seems that cyber-tension between North and South Korea is increasing of late. Not least thanks to allegations from the South that officers of the military command and control centre have been targeted by the North in a spyware attack on the orders of the infamous electronic … |
| | This is incredible. In the UK, police are worried that criminals can use mobile devices to [URL="http://news.cnet.com/8301-1035_3-10032823-94.html?tag=nl.e703"]wipe a corporate network[/URL] if they know what they're doing Well, OK, I understand the concept. Same as I understand the threat to internal network security when someone can walk into their workplace with …  |
 | Twitter users are a loyal bunch and few would argue that it's a useful networking tool. The one thing Twitter is not, however, is private. While that's not a big deal for most people, it certainly is in the world of academics where it's ill-advised to have children using communication … |
 | A few days ago, Red Hat, Inc., [URL="https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html"]announced[/URL] that an intruder had broken into some of their systems and possibly compromised some important software packages. The most significant among them is OpenSSH--a secure method of connecting to a remote Linux system. Red Hat quickly took the systems offline to investigate … |
| | There were quite a few interesting stories to come out of the recent [URL="https://www.blackhat.com/"]Black Hat[/URL] security conference in Las Vegas. If all you remember hearing about were the [URL="http://www.periscopeit.co.uk/news/article/web-monitoring-gets-hack-hackers-into-trouble/255"]ejected reporters[/URL] and [URL="http://www.cio.com.au/index.php/id;424905265"]DNS cache poisoning[/URL], then you missed a lot. Network and infrastructure security, the conference's focus, is a vitally important … |
| | Nobody likes the [URL="http://www.itwire.com/content/view/19936/53/"]iPhone kill switch[/URL] that was recently confirmed by [URL="http://www.itpro.co.uk/blogs/daveyw/2008/08/11/big-brother-apple/"]Big Brother Apple[/URL] as being very much a reality. Apparently it is there for our own good, just in case something nasty gets on to the iPhone by way of a rogue App Store application. Apple can then remotely … |
| | Linus Torvalds, creator of the Linux kernel, posted a [URL="http://article.gmane.org/gmane.linux.kernel/706950"]nasty smackdown [/URL]on security nerds and their obsession with security in the gmane.linux.kernel newsgroup. Linus is referring to security professionals who feel that security should be the only focus for bug fixes and patches. His argument is that all bugs are … |
| | According to VeriSign, more than half of the Internet using people on the planet can get protection from an EV SSL-enabled web browser. Protection, that is, from data and identity theft. According to Net Applications, as revealed in their latest Web browser market share report, a total of 52.8 percent … |
| | Well, at least as far as getting reasonably unrestricted access to the Internet is concerned it does. It had been [URL="http://www.itwire.com/content/view/19764/53/"]widely reported[/URL] that the Chinese authorities had backtracked on their promises to the IOC that reporters would get free and unrestricted access to the Internet during the games. This, no … |
| | Apple has grabbed lots of headlines this week, some for things it has done, others for things done to it. Of all the major Apple products, only the iPod has escaped mention. With perhaps the potential to affect the most people is the deal announced this week with AT&T to … |
| | I guess you could call it karma. HD Moore's company, BreakingPoint, found that traffic was being diverted to a scammer Google page. This kind of cache poisoning attack on DNS servers is not unusual, however this particular case was because HD Moore is the man who created the Metasploit hacking … |
| | While the full story behind [URL="http://www.daniweb.com/blogs/entry2842.html"]San Francisco city government computer engineer Terry Childs[/URL] hasn't yet come out, one thing is certain: the mainstream media is ignorant about technology. Moreover, either the city government and prosecutors are deliberately painting things in as negative a light as possible in order to force … |
| | According to the [URL="http://www.guardian.co.uk/world/2008/jul/27/internationalcrime.hacking?gusrc=rss&feed=technologyfull"]Observer newspaper this morning[/URL] Gary McKinnon, the British hacker accused of what US prosecutors refer to the biggest military computer hack of all time, has claimed he was threatened with a military tribunal at Guantanamo Bay. His lawyers are using this as part of their defence against … |
| | Claiming he was protecting San Francisco city government's computer system from incompetent coworkers, computer engineer [URL="http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/07/22/BAGF11T91U.DTL"]Terry Childs[/URL] changed the system's passwords and then for more than a week refused to give them to anyone, even after being arrested. Childs was under four felony counts for blocking administrative access to the … |
| | That, my friends, is the message being touted by the latest Security Threat report to emerge from [URL="http://www.sophos.com"]Sophos[/URL] which says that one web page was infected every five seconds (count them) during the first half of 2008. Last year it was only, and I feel bad enough saying only, one … |
| | Halvar Flake is a researcher. Here's how he describes himself on [URL=http://www.blogger.com/profile/12486016980670992738]his blog[/URL]: "I like simple things. And complex things. And drinking beer with people like Fyodor Yarochkin. I like South America. And some parts of Asia, specifically Kuala Lumpur. I like French. I like Spanish. I'd like to like … |
| | It might come as a surprise to some that there is an underground economy online which revolves around the sale of malware. However, with botnets for hire by the hour and rootkits to purchase outright such off-the-shelf security nightmares have been the norm for a number of years now. What … |
| | According to IM services provider [URL="http://www.process-one.net"]ProcessOne[/URL] a staggering 72 percent of UK businesses have banned the use of IM software such as MSN and AIM citing security fears as the main reason. At the same time, some 75 percent of those businesses admit that IM could be a valuable collaboration …  |
| | Security researchers within the Marshal TRACE Team have [URL="http://www.marshal.com/trace/traceitem.asp?article=714"]warned[/URL] that malicious spammers are using fake United Parcel Service invoices in order to deliver a malware payload. Always looking for a new and convincing hook to snare the unsuspecting user into downloading malicious components from the web, this new attack utilises … |
| | The Advanced Research Team of security tools vendor Ounce Labs has identified two vulnerabilities in the Spring framework for Java. The vulnerabilities have the potential, the team says, to allow an attacker to “subvert the expected application logic and behavior,” and gain control of an application and access any personal … |
| | Following on from [URL="http://www.daniweb.com/blogs/entry2739.html"]my posting[/URL] two days ago, the [URL="http://www.eff.org/deeplinks/2008/07/viacoms-statement-youtube-user-data-controversy"]EFF is reporting[/URL] that Viacom has issued a statement regarding the US court ruling over disclosure of those YouTube video viewing logs. Here is the statement in full: [QUOTE]It is unfortunate that we have been compelled to go to court to …  |
| | According to a [URL="http://www.theregister.co.uk/2008/07/04/iphone_security_patch_lag/"]report[/URL] at The Register Apple is failing to keep iPhone software up to date with security patches. This despite the iPhone 1.1.4 software being nothing more than a "pared-down version of Mac OS 10.5" it says. The Jesus Phone is said to be vulnerable to a number … |
| | [URL="http://www.theinquirer.net/gb/inquirer/news/2008/07/04/hundreds-thousands-laptops-left"]According to The Inquirer[/URL] a new report by the Ponemon Institute, rather appropriately sponsored by Dell, has revealed that an astonishing number of laptops are lost at airports across the United States on a weekly basis. Asking questions of 800 business travellers at some 106 major airports in the US, … |
| | Sometimes I am left almost loss for words, and today is one of them. Judge Louis Stanton gave a ruling in the federal court for the Southern District of New York which has, quite frankly, dismissed the right to privacy of anyone who has ever watched a video clip on …  |
| | It’s been more than 10 days since the latest AppleScript.THT Trojan horse for Mac OS X reared its ugly head, yet still no word or fix from Apple. The new threat to versions 10.4 and 10.5 is classified as critical by the SecureMac security site, exploits a hole in the … |
| | Heads up users of Yahoo Mail. A cross-site scripting vulnerability has been discovered that could allow hackers to steal a user’s session IDs and ultimately private information, according to [URL=http://blog.cenzic.com/public/item/207752]a report[/URL] yesterday from security risk assessment firm Cenzic. In an excerpt from the Cenzic blog post, the company reports: “If … |
| | Remember the big fuss that spread all over the world when HM Revenue and Customs, the UK government department that deals with income tax and the like, managed to lose discs containing the financial details of 25 million people? amazingly, the official Independent Police Complaints Commission enquiry into the shameful … |
| | Sandro Gauci, founder of [URL="http://enablesecurity.com"]EnableSecurity[/URL], has revealed that six years on from his 2002 report into extended HTML form attacks the problem has simply refused to go away. The original report included details of how attackers could abuse non-HTTP protocols in order to launch Cross Site Scripting attacks, even in … |
| | [URL="http://www.ruby-lang.org/en/news/2008/06/20/arbitrary-code-execution-vulnerabilities/"]Multiple arbitrary code execution vulnerabilities in Ruby[/URL] have been revealed by the [URL="http://www.apple.com/support/security/"]Apple Product Security[/URL] team which could lead to Denial of Service attacks. A total of five vulnerabilities have been reported, with versions impacted being: [INDENT]1.8.4 and all prior versions 1.8.5-p230 and all prior versions 1.8.6-p229 and all prior … |
| | Amazingly, according to [URL="http://www.theinquirer.net/gb/inquirer/news/2008/06/20/teen-faces-years-hacking"]The Inquirer[/URL], an Orange County hacker is facing an incredible 38 years in prison if found guilty of several counts relating to hacking into his school computer. It seems that Omar Khan, 18, of Coto de Caza, California hacked into computer in order to change his grades. … |
| | Not my sentiment but that of Johnathan Nightingale, the Firefox security interface designer no less who has [URL="http://news.cnet.com/8301-10789_3-9967829-57.html"]gone on record[/URL] as saying that "we didn't want to put in something that was half baked" when talking about how the privacy button might interact with websites and mashups alike. Which might … |
| | Fellow DaniWeb blogger Guy Clapperton [URL="http://www.daniweb.com/blogs/entry2585.html"]makes some excellent points[/URL] about why, as a "self-employed Mac user," he bought himself a new iPhone following yesterday's announcement of the new 3G model. Are there any compelling reasons to get a new iPhone if you're a corporate employee or business owner, though? Actually, … |
| | [URL="ttp://www.kaspersky.com"]Kaspersky Lab[/URL] is warning the public at large to be on the lookout for a new version of the blackmail virus Gpcode which has started to appear in the wild. This particularly nasty twist on the virus format encrypts your files using an RSA encryption algorithm, this time with a …  |
| | [URL="http://www.verdict.co.uk"]Verdict Research[/URL] has published a report which suggests that the credit crunch is benefiting web-based businesses as consumers in the UK flock to the Internet in search of money saving bargains. With £15bn ($30bn) spent online by UK consumers in the last 12 months, [URL="http://www.startups.co.uk/6678842909857992097/online-sales-rise-by-a-third.html"]according to the research[/URL], this equates … |
| | [I]Even on a slow day, I can have a three-way chat with two women at the same time -- Brad Paisley, [URL="http://www.youtube.com/watch?v=7GcVnhNjWV0"]Cooler Online[/URL][/I] But what if you work for the government? Particularly if you're a teacher? A number of [URL="http://www.sun-sentinel.com/news/local/southflorida/sfl-flpfacebook0601pnjun01,0,7309360.story?page=1&track=facebook"]teachers in Palm Beach County[/URL], Fla. -- some of them 20somethings … |
| | Google would argue that it does not need to make the privacy policy it has any easier to find, after all you only have to click the 'About Google' link on the homepage and then go and click the 'Privacy Policy' link that can be found at the foot of … |
| | The [URL="http://www.oecd.org/dataoecd/53/34/40724457.pdf"]Malicious software (malware): a security threat to the Internet economy[/URL] report published by the Organisation for Economic Co-operation and Development over the weekend suggests that the PC malware infection rate in the US has hit 25 percent. These OECD cybercrime infection findings are highly disturbing, admits Geoff Sweeney, CTO … |
| | According to reports the most serious forthcoming threats to IT security will be revealed during the Gartner Security Summit in Washington this coming week, and it looms like the consumerization of IT will be right there front of stage. Something that Gartner research fellow, John Pascatore, describes as the Gen … |
| | Mac OS X is safer today than it was Tuesday, thanks to Apple. The company on Wednesday posted [URL= http://support.apple.com/kb/HT1141]Security Update 2008-003[/URL], containing forty one performance and security fixes for the enhanced Active Directory, AirPort, iChat, Mail, Time Machine and several other components of the company’s operating system. It also … |
The End.