Trusted Computing. Microsoft and friends are proposing some major alterations to the way that computers work, the ostensible goal being to increase security. But others say that the real goals are much more insidious.
posted on May 22, 2004 - View this thread

A new MS Internet Explorer vulnerability is discovered. Most digerati already know about the spammer and lamer trick to publish URLs that look like legitimate hostnames to fool people in to trusting a malicious site. This trick is frequently used by spammers to steal people's PayPal accounts, by tricking them in to "resetting" their password at a site owned by the spammer but disguised as PayPal.com. Today's new IE vulnerability is significantly worse. By including an 0x01 character after the @ symbol in the fake URL, IE can be tricked in to not displaying the rest of the URL at all. Don't expect a patch right way, the guy who found the hole released it to BugTraq on the same day he notified Microsoft. (via Simon Willison)
posted on Dec 9, 2003 - View this thread

At InfoSecuity 2002, an annual corporate security conference, new "computer forensics" software is on display, including software "that allows corporate IT folks to research employees' criminal histories, credit information, financial asset details, friends and associates. "

The software is called Red Alert 2.0, and more specifically the research software is an optional subscription based add-on called Intelligent Information Dossier plus. Isn't this tantamount to your employer spying on your private life, in real time?

As I work for a very large military contractor myself, I could easily see something like this being used where I work. Would you feel comfortable working for a company that uses this sort of intrusive software?
posted on Dec 13, 2002 - View this thread

Open Source or Bust? "Named the "Digital Software Security Act," the proposal essentially would make California the "Live Free or Die" state when it comes to software. If enacted as written, state agencies would be able to buy software only from companies that do not place restrictions on use or access to source code. The agencies would also be given the freedom to "make and distribute copies of the software."" If open source wants to be taken seriously, shouldn't it compete on the merits (or with martketing) rather than forcing gov't agencies to use it?
posted on Aug 11, 2002 - View this thread

Trillian Users blocked from AIM service? The bit about this that scares me is the solution to the problem involves disabling the Secure IM functions. Is this a technical glitch or a conspiracy by AOL to reserve the ability to spy on our IM chats? Or build intentional security loopholes?
posted on Jan 29, 2002 - View this thread

"MS releases mother of all IE security patches" Per the article: Microsoft has released a cumulative patch for Internet Explorer which the firm says is a "critical" security precaution against crackers which should be applied "immediately". Time to update/upgrade boys and girls. :)
posted on Dec 14, 2001 - View this thread

AirSnort. The dangerous app with the unlikely name allows users to snatch data being passed over wireless networks, eventually capturing passwords to the network.
posted on Nov 29, 2001 - View this thread

Gartner's opinion proliferates into the mainstream Internet news sources. any further thoughts?
posted on Sep 25, 2001 - View this thread

Anti-rip CD system bypassed. heh. nice try, boyos. i've never understood how people can believe something digitized can possibly be protected in such a manner as to be foolproof. what one process can scramble, another can undo. [via /.]
posted on Aug 1, 2001 - View this thread

Law enforcement and intelligence agencies now have access to software that can remotely record every keystroke and see every file on a target PC. Data Interception by Remote Transmission (D.I.R.T.), developed by Codex Data Systems (you need a username and password to get past the opening screen) can supposedly see through PGP, firewalls, whatever you throw at it apparently. Only works against Win95 so far, but that won't last. Is this hogwash or something crucial?
posted on Jun 4, 2001 - View this thread

John Draper says he's going straight for good and looking to "pay back society for [his] deeds in the past," by working with a software security outfit.
posted on Jan 29, 2001 - View this thread

Roll your own Carnivore. A network security firm has released its own software package to duplicate the abilities of the FBI's packet-sniffing black box. Or at least, its admitted abilities.
posted on Sep 21, 2000 - View this thread

jon kats on "geek profiling": "W.A.V.E joins new sofware "security" programs ... being tested in public schools in America to compile and computerize information on students believed to be dangerous or potentially violent. This new rat-on-kids industry is an offshoot of the Geek Profiling anti-Net hysteria that broke out all across the United States after the Columbine High School killings, whose first anniversary is fast approaching. Despite the fact that horrific incidents like Columbine are extremely rare, and that the FBI and Justice Department have both reported that youth violence has dropped to its lowest levels in more than half a century, the belief persists in much of America that technologies like the Internet (and activities like computer gaming) are turning otherwise healthy school children into mass murderers."
posted on Mar 29, 2000 - View this thread

This page seems to be over a year old, but it's news to me. Did you know that cookies set on international domains (those ending in generic things like co.uk or co.nz) can be read by other servers within those top level country domains? Scary stuff if you're using even the latest versions of Netscape on international sites.
posted on Jan 17, 2000 - View this thread