For the past 18 months, engineers at PayPal, Google, Facebook, Yahoo, AOL, Microsoft and
nine other technology companies have spent their off-hours (and some on-hours) working hand in hand to tackle the problem that plagues them all: e-mail
phishing. The result is
DMARC, or, "Domain-based Message Authentication, Reporting & Conformance". It's not new, but puts
SPF and
DKIM to work in a new
way.
posted by Blake
on Jan 31, 2012 -
45 comments
The long strange trip of a Singaporean Cold-War-era assault rifle into the hands of Somali pirates in the Gulf of Aden, and what it reveals about the unintended consequences of the global trade in small arms and ammunition.
[slnyt]
posted by killdevil
on Jan 26, 2012 -
9 comments
Security researchers at North Carolina State University led by Xuxian Jiang (who had previously discovered
12 malicious Android applications sold through Google's Android Market) have
uncovered holes in how the permissions-based security model is enforced on numerous Android devices. Called "leaks", these vulnerabilities allow new and existing malicious applications to eavesdrop on calls, track the user's location, install applications, send SMS messages, delete data from the device, and more. (
via)
posted by Blazecock Pileon
on Dec 5, 2011 -
30 comments
Hacked! James Fallows writes in the Atlantic Monthly on how his wife's Gmail account was hacked, and years of email were deleted. Summary: if you have Gmail, you should be using its new 2-step verification; use strong passwords; don't re-use passwords.
[more inside]
posted by russilwvong
on Nov 5, 2011 -
97 comments
Wikileaks has
alleged that Guardian editor David Leigh negligently leaked the encryption passphrase to the unredacted 'Cablegate' archive in an upcoming book.
The Guardian denies the charges, but states that
"[a] Twitter user has now published a link to the full, unredacted database of embassy cables", potentially putting informants at risk.
posted by p3on
on Aug 31, 2011 -
203 comments
Robert Morris, a pioneer in the field of computer security, early major contributor to the UNIX operating system, and father of Robert Tappan Morris (author of the Morris Worm), has
died at 78.
NYT [more inside]
posted by fireoyster
on Jun 29, 2011 -
23 comments
"
Hackers of the world are uniting and taking direct action against our common oppressors - the government, corporations, police, and militaries of the world" says LulzSec
(previously) in their latest release,
Chinga La Migra. "
We are releasing hundreds of private intelligence bulletins, training manuals, personal email correspondence, names, phone numbers, addresses and passwords belonging to Arizona law enforcement. We are targeting AZDPS specifically because we are against SB1070 (previously) and the racial profiling anti-immigrant police state that is Arizona."
#antisec is a new track from nerdcore rapper
ytcracker (previously)
posted by finite
on Jun 23, 2011 -
47 comments
People who use Sony
don't make very good passwords. "None of this is overly surprising, although it remains alarming. We know passwords are too short, too simple, too predictable and too much like the other ones the individual has created in other locations. The bit which did take me back a bit was the extent to which passwords conformed to very predictable patterns, namely only using alphanumeric character, being 10 characters or less and having a much better than average chance of being the same as other passwords the user has created on totally independent systems."
[more inside]
posted by -->NMN.80.418
on Jun 7, 2011 -
142 comments
Sony's PlayStation Network and Qriocity have been down since April 20 2011 due to an illegal intrusion. Today
Sony announced that user data - birthdate, user name, password, e-mail address, possibly credit card information, and more - has been compromised for its
69 million users, exposing them to identify theft amongst other things.
[more inside]
posted by Foci for Analysis
on Apr 26, 2011 -
285 comments
Computer security vendor RSA, maker of two-factor authentication SecurID,
has been hacked by unknown parties. In an
open letter to it customers RSA Executive Chairman Arthur W. Coviello, Jr. calls the attack the work of an Advanced Persistent Threat, meaning a highly skilled, well-funded group acting deliberately & precisely to achieve a specific goal. RSA's clients include many Fortune 100 companies, US Government, Military & Intelligence Community organizations.
posted by scalefree
on Mar 17, 2011 -
118 comments
A thread at Apple's Support site has popped up with frustrated users describing nearly identical iTunes account disruptions: up to hundreds of dollars of charges are being racked up by fraudulent buyers, using iTunes gift card balances and even credit card information to fund the purchases.
[more inside]
posted by Khazk
on Mar 9, 2011 -
71 comments
Security-in-a-Box.
A complete guide to digital security for advocates and human rights defenders (and for you too!). It includes all the info and tools you'll need for anything related to personal digital security.
Mobiles in-a-box: Tools and tactics for mobile advocacy.
Message in-a-box: Everything you need to make and distribute your own media.
NGO-in-a-box: Set up you NGO using free and open-source software.
[more inside]
posted by lemuring
on Feb 28, 2011 -
14 comments
