Computer Security (general)
Categories underneath Computer Security (general):
Articles and Resources
Date Fairness.com Resource Read it at: Oct 03, 2008 Skype: We didn't know about security issues
QUOTE: ...Josh Silverman, Skype's president, explained he did not realize that TOM-Skype, Skype's partner in China, was logging and storing users' instant messages that were deemed offensive by the Chinese government. He said the company knew that instant-messaging chats were monitored by the government...
CNET Sep 26, 2008 California's secretary of state says open-source software is needed to safeguard electronic voting systems.
QUOTE: The study revealed a variety of problems, from software vulnerabilities that could let an attacker install malicious software that changes the outcome of a vote, to opportunities to tamper with the devices while they are held in storage.
Technology Review Sep 25, 2008 Clickjacking: Researchers raise alert for scary new cross-browser exploit
QUOTE: a scary new browser exploit/threat affecting all the major desktop platforms....when you visit a malicious website and the attacker is able to take control of the links that your browser visits.
ZDnet Sep 18, 2008 Hackers claim break-in to Palin's email account
QUOTE: The Secret Service contacted The Associated Press on Wednesday and asked for copies of the leaked e-mails, which circulated widely on the Internet. The AP did not comply. The disclosure Wednesday raises new questions about the propriety of the Palin administration's use of nongovernment e-mail accounts to conduct state business.
Forbes Sep 11, 2008 New tool creates fake YouTube pages for spreading malware
QUOTE: Panda Security said it has uncovered a tool circulating in underground hacking forums, dubbed YTFakeCreator, that enables anyone to easily create a fake YouTube page that surreptitiously installs a Trojan, virus, or adware on a visitor's computer, said Ryan Sherstobitoff, chief corporate evangelist of Panda Security.
CNET Aug 25, 2008 Road Tolls Hacked: A researcher claims that toll transponders can be cloned, allowing drivers to pass for free.
ABSTRACT: In many cities, commuting requires the use of digital technology to verify the commuter's identification as a paying user of a given transportation system. These digitally integrated systems have become vulnerable to fraud, and manufacturers of the systems have not addressed the security issues.
Technology Review Aug 19, 2008 Why You Should Enable Gmail's SSL Feature Right Now
QUOTE: SSL requires a key generated on your end and on the Gmail server’s end. There’s no way for the local guy at Starbucks to get those keys and unencrypt the data by packet sniffing...Did Google know about this? It turns out they were well aware of it. The reason Google didn’t grant users the SSL feature before, according to Perry, was because SSL is expensive.
Wired Aug 14, 2008 How (Not) to Fix a Flaw Experts say disclosing bugs prevents security flaws from festering.
QUOTE: argues that researchers need to be protected as they investigate these types of flaws. "It's extremely rare for a court to bar anyone from speaking before that person has even had a chance to speak," she says. "We think this sets a terrible precedent that's very dangerous for security research."
Technology Review May 15, 2008 Taking your laptop into the US? Be sure to hide all your data first
QUOTE: a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days. Customs and Border Patrol has not published any rules regarding this practice...how do you protect yourself?
Guardian Unlimited Feb 22, 2008 A Method for Critical Data Theft
QUOTE: a simple method to steal encrypted information stored on computer hard disks. The technique, which could undermine security software protecting critical data on computers, is as easy as chilling a computer memory chip with a blast of frigid air from a can of dust remover.
New York Times Feb 14, 2008 Cyberthieves go phishing to rob banks
QUOTE: One sneaky thing some malware (malicious threats) does is to modify a user's server information. For example, a user types www.bankofamerica.com into his or her browser. But instead of the computer using the service provider's server, which would take the user to the real Bank of America server, the computer uses a bogus server run by phishers -- and that takes the user to a fake Bank of America server.
CNN (Cable News Network) Feb 05, 2008 Industry giants lobby to kill pro-consumer data-breach legislation
QUOTE: In a direct slap in the face to consumers, tech industry giants including Microsoft, AT&T, and Verizon are frantically engaged in an effort to kill pro-consumer provisions in a data breach notification bill currently being considered by the Indiana State Senate.
CNET Jan 11, 2008 Google Hacking Not Fun For You
QUOTE: Securing one's server is a waste of time if someone leaves a spreadsheet full of usernames and passwords where it can be found with a public search...They call it Google Hacking, and it means being able to find secret stuff with the help of a well-crafted query fed to Google...
WebProNews Dec 06, 2007 Enemies at The Firewall
QUOTE: Though the evidence remains mostly circumstantial, a picture is emerging of a coordinated effort by Chinese-military authorities to recruit hackers such as Tan and his group to winkle out information from computer systems outside China and launch cyberattacks in future conflicts.
Time Magazine Dec 05, 2007 Maintaining privacy is getting harder for Web surfers: Privacy alert: Cookie variants can be used to skirt blockers, anti-spyware tools
QUOTE: Just because your Web browser is set to block third-party tracking cookies, that doesn't mean all of them are being blocked. A growing number of Web sites are quietly resorting to the use of "first-party," subdomain cookies to skirt anti-spyware tools and cookie-blockers and allow third-party information-gathering and ad-serving
Computerworld Nov 07, 2007 AT&T's Piracy/Privacy Dilemma
QUOTE: It wants to incorporate antipiracy technology to protect video content and attract advertisers, but runs the risk of enraging privacy advocates and others.
BusinessWeek Oct 21, 2007 Scam Czars: What’s Russian for ‘Hacker’?
QUOTE: The security firms have not received much assistance from the Russian government, which seems to show little interest in a crackdown, as if officials privately take some pleasure in knowing that their compatriots are tormenting millions of people in the West.
New York Times Oct 08, 2007 Chess Group Officials Accused of Using Internet to Hurt Rivals
QUOTE: According to the lawsuit, Ms. Polgar and Mr. Truong broke a federal law that prohibits using electronic means to harass or annoy another person. Mr. Sloan is asking for new board elections and punitive damages, among other requests.
New York Times Sep 28, 2007 Whois Directory, a Tool for Brand Defenders, May Be Veiled
QUOTE: The Whois directory can be a critical tool for companies to identify and shut down typo squatters, cyber squatters and phishers...A working group within ICANN is now reviewing proposals to determine whether to allow Whois, which houses the contact details of domain owners and administrators, to remain open to the public or to restrict access to only a few parties.
Clickz.com Sep 24, 2007 Contractor Blamed in DHS Data Breaches
QUOTE: The FBI is investigating a major information technology firm with a $1.7 billion Department of Homeland Security contract after it allegedly failed to detect cyber break-ins traced to a Chinese-language Web site and then tried to cover up its deficiencies, according to congressional investigators. At the center of the probe is Unisys Corp...
Washington Post Sep 13, 2007 Microsoft updates Windows without users' consent
QUOTE: Microsoft has begun patching files on Windows XP and Vista without users' knowledge, even when the users have turned off auto-updates.
WindowsSecrets.com Aug 15, 2007 Airport screening raises privacy issue: The terrorist-watch program, scaled back after protests, will be run by the US government.
QUOTE: Earlier proposals included plans to create a massive data mining operation that would match passengers' names not just against the terrorist watch list, but also commercial and law enforcement data, court filings, and other public records....That raised the hackles not just of civil libertarians, but also of the business and leisure travel industries.
Christian Science Monitor Jul 21, 2007 Military Medical Breach Revealed: Unencrypted Data Sent Via Internet
QUOTE: A government contractor handling sensitive health information for 867,000 U.S. service members and their families acknowledged yesterday that some of its employees sent unencrypted data -- such as medical appointments, treatments and diagnoses -- across the Internet.
Washington Post Jul 12, 2007 Site Plans to Sell Hacks to Highest Bidder
QUOTE: A Swiss Internet start-up is raising the ire and eyebrows of the computer security community with the launch of an online auction house where software vulnerabilities are sold to the highest bidder.
Washington Post Jun 15, 2007 U.S. Customs Include Requiring Use of IE
QUOTE: There is a lot of concern these days over whether those responsible for securing our borders are up to the job. So it's a bit unsettling to learn that they seem to think it's a good idea to force overseas businesses to use that most insecure of browsers, Internet Explorer, in order to communicate online with U.S. Customs.
InfoWorld May 17, 2007 Microsoft, McAfee, Symantec charge cards repeatedly
QUOTE: the practice of enrolling customers in automatic renewal for antivirus and other security products is not limited to Symantec. Indeed, it has become an industry standard. Microsoft Windows Live OneCare, Symantec, McAfee, and ZoneAlarm all enroll customers into the companies' automatic subscription-renewal programs with the purchase of a subscription-based product. In most cases, customers aren't given a choice to opt out, and only find out about the annual renewals when they receive an e-mail notice or see a charge on their credit card.
WindowsSecrets.com Apr 28, 2007 Car's onboard data system could haunt you
QUOTE: As vehicles have become more sophisticated and systems monitor nearly all functions, it's possible to reconstruct what a driver was doing just prior to an impact. But in our litigious society, some car owners are worried that their vehicles are tattletales, ready to rat them out for driving 20 mph over the speed limit. Proponents of privacy rights argue that a car should not become a witness for the prosecution.
Bankrate.com Mar 27, 2007 Invasion of the Data Snatchers: Data theft via removable storage devices is a big problem. Are you prepared to prevent podslurping?
QUOTE: Podslurping (a neologism for the illicit copying of data to a portable storage device, such as an iPod) came about with the widespread availability of tiny gadgets with massive storage capabilities and high-speed connections—specifically, USB and FireWire. Endpoint security products, which protect against this kind of misappropriation, tend to be targeted at large enterprises that want to protect sensitive corporate data. Small businesses and individuals are also likely to have data they don't want slurped. Now they, too, can get protection, thanks to the apps reviewed here.
PC Magazine Mar 27, 2007 Consultant Warns of Web 2.0 Risks: Security vendor Clearswift says employees pose security risks by discussing work issues on social media Web sites
QUOTE: Security vendor Clearswift has advised companies to review or implement security policies and procedures around web 2.0 applications after a survey found that 42 per cent of company employees aged 18 to 29 had discussed work-related issues on social media websites.
BusinessWeek Mar 02, 2007 'Embarrassed' Gun Suspect Sues Microsoft After FBI Finds Sex Videos On His PC: Despite efforts to keep the data private, FBI lab agents were able to access the files by making a mirror image
QUOTE: Michael Alan Crooker, currently in jail in Connecticut, says security features advertised by Microsoft and its business partners should have kept federal agents from accessing the files on his PC. In court papers filed this week in Massachusetts Superior Court, Crooker says he "suffered great embarrassment" as a result of Microsoft's failure to keep the FBI's prying eyes off his computer.
InformationWeek Mar 01, 2007 Wife e-surveilled in divorce case (Police blotter)
QUOTE: Once upon a time, tempestuous divorces might have included one spouse snooping through the other's private correspondence ... That kind of snooping was, for the most part, entirely legal. But when the same kind of snooping happens in electronic form, it can be a federal crime.
News.com Feb 22, 2007 Phone threats will soon strike
QUOTE: There are two methods that scammers use to do their dirty business over phone or mobile lines -- smart phones, such as mobile, and the more PC-like phones and regular land lines.
Bankrate.com Jan 24, 2007 Citizendium Web Encyclopedia Opens Doors
QUOTE: "We are demonstrating that experts and non-experts can work shoulder-to-shoulder on a wiki, using their real names, in a collegial atmosphere," Sanger said in a statement...We are learning that accountability has merit in the world of wikis."
PC Magazine Jan 17, 2007 'Oops, Darn It, We Lost Your PIN': The new Cyber-Security Bill lets custodians of sensitive, personal, electronic data rely on the honor system when it comes to disclosing breaches in security
QUOTE: There is no provision for immediate notification to the public or business community at large of such breaches, so businesses and consumers cannot make informed decisions about where to put their spending dollars and customer loyalty.
BusinessWeek Jan 11, 2007 Firms Fret as Office E-Mail Jumps Security Walls
QUOTE: A growing number of Internet-literate workers are forwarding their office e-mail to free Web-accessible personal accounts offered by Google, Yahoo and other companies. Their employers, who envision corporate secrets leaking through the back door of otherwise well-protected computer networks, are not pleased.
New York Times Dec 01, 2006 Security Of Electronic Voting Is Condemned: Paper Systems Should Be Included, Agency Says
QUOTE: Paperless electronic voting machines used throughout the Washington region and much of the country "cannot be made secure," according to draft recommendations issued this week by a federal agency that advises the U.S. Election Assistance Commission.
Washington Post Oct 27, 2006 Handicapping Hacker Plays
QUOTE: hackers have been actively targeting customer accounts--not to steal money from them but to use them to pump up thinly traded stocks that hackers can then profit from in their personal accounts.
Forbes Oct 08, 2006 Good deed of donating computer could end badly
QUOTE: You wouldn't sell your Social Security number to a friend. You wouldn't donate your bank account pass codes to a stranger. But you might do both if you chuck your old computer without first stripping the hard drive of important data.
Bankrate.com Aug 25, 2006 Trojan horse leads to porn convictions (Police blotter)
QUOTE: In early 2000, a computer hacker who used the now-defunct e-mail address email@example.com [used a Trojan horse program to track owners of child porn] .... Instead of informing "1069" that he was committing federal felonies and should cease immediately...the FBI encouraged the hacker to continue.
News.com Aug 03, 2006 Cybercrooks constantly find new ways into PCs
QUOTE: While software vendors agree that security holes, once discovered, ought to be patched quickly, they've yet to adopt a common minimum standard for notifying customers and issuing a security patch
USA TODAY Jul 12, 2006 Top Cyber Security Post Still Unfilled After a Year
QUOTE: One year after the Department of Homeland Security created a high-level post for coordinating U.S. government efforts to deal with attacks on the nation's critical technological infrastructure, the agency still has not identified a candidate for the job...[some candidates--Ed.] were apparently knocked out of the running for political or professional considerations.
Washington Post Jun 22, 2006 Spike in Laptop Thefts Stirs Jitters Over Data
QUOTE: In the past six weeks, laptop thieves have found themselves holding thousands of credit card numbers from Hotels.com, birthdates from District pensioners who put their retirement funds in ING, addresses of nuclear power plant employees, account numbers of Mercantile Potomac Bank customers -- or even the Social Security numbers of people who work for Equifax, the credit reporting giant. Untold millions of Americans are affected.
Washington Post Jun 21, 2006 Firms Seek Federal Privacy Rules: 12 Big Businesses Say 'Patchwork' of State Laws Is Confusing
QUOTE: Several large technology companies, including Google Inc. and eBay Inc., announced support yesterday for stronger federal regulations to protect consumer privacy on the Internet.
Washington Post May 01, 2006 The RFID Hacking Underground: They can steal your smartcard, lift your passport, jack your car, even clone the chip in your arm. And you won't feel a thing. 5 tales from the RFID-hacking underground.
QUOTE: most commercial RFID tags don't include security...It's just not cost-effective for your average office building to invest in secure chips. This leaves most RFIDs vulnerable to cloning or - if the chip has a writable memory area, as many do - data tampering.
Wired Apr 17, 2006 The Fear Industry: Shameless self-promoters? Fear mongerers? Sure, security researchers aren't always model citizens, but business technology pros want them on the job.
QUOTE: Many researchers bring serious flaws to light, but others are all too willing to cash in on their cleverness by posting information about software vulnerabilities before vendors have a chance to patch their products. This shameless self-promotion of being the first to expose a key vulnerability can bring fame and consulting contracts. Other firms readily open up their checkbooks to pay hackers for dirt on flaws, doling out premiums for the worst flaws--ones that, say, Microsoft ends up rating critical.
InformationWeek Feb 25, 2006 'Phishing' Season For Tax Scammers: IRS Warns Public Of Phony E-Mails
QUOTE: Government officials say they are currently seeing about one widespread IRS-themed e-mail scam a week, but Internet security experts expect them to escalate as the April 15 tax deadline nears.
Washington Post Dec 14, 2005 Anti-spyware Battles Rootkits with Rootkit Tactics
QUOTE: Anti-spyware software companies are adding features to their products that spot rootkits and other malicious programs that operate at the Windows "kernel," or core processing center....they have raised warnings from security analysts about instability in Windows and conflicts with anti-virus programs that also work at the kernel level.
eWeek Dec 05, 2005 Case Against Zone Labs is 180 Degrees Off
QUOTE: ...180's real problem with ZoneAlarm is that it doesn't phrase its warnings about 180's products as politely as some other anti-spyware products do.
InfoWorld Nov 17, 2005 Real Story of the Rogue Rootkit
QUOTE: That all the big security companies, with over a year's lead time, would fail to notice or do anything about this Sony rootkit demonstrates incompetence at best, and lousy ethics at worst...What happens when the creators of malware collude with the very companies we hire to protect us from that malware?
Wired Aug 21, 2005 Keeping Your Computer and Its Contents Safe
QUOTE: Perhaps the most important safety measure, Ms. Westerheim said, is protecting the information on your computer, so that if it is damaged, lost or stolen, the data remain safe. Travelers now have many backup devices to choose from.
New York Times
- Arts & Humanities
- Businesses & Organizations
- Computers & Information Technology
- Family & Friends & Interpersonal
- Government & Politics / History
- Health & Medicine
- Law & Justice
- Media & Journalism
- Personal Finance & Career
- Philosophy & Religion
- Recreation & Entertainment
- Science & Technology
- Social Sciences & Groups
- Arctic / Antarctic / Greenland
- Central America / Caribbean
- Eurasia / Central Asia
- Middle East
- North America
- Oceania / AustralAsia
- South America
- About Fairness.com
- Contact Us
- Conditions of Service
- Fair Use Notice
- Advisory Board
Not a current user? Sign up!