662 posts tagged with security.
Displaying 601 through 650 of 662. Subscribe:

The Winux virus

The Winux virus is reported to affect both Windows and Linux boxes/applications. The article says it's "written in a primitive computer language called 'assembly language'." On a side note, who do they get to write these articles? Certainly they are uncomfortable with technology...
posted by fooljay on Mar 28, 2001 - 5 comments

Up to 20% of the internet vulnerable

Up to 20% of the internet vulnerable to a virus. There is a new Linux worm virus. Apparently, it steals passwords, installs and hides other hacking tools on infected systems, and then uses those systems to seek other servers to attack. Sys admins are advised to run a check on their servers and upgrade their BIND version.
posted by borgle on Mar 25, 2001 - 5 comments

SF Gate article

SF Gate article states, "with a wireless ethernet card, a laptop and some basic software savvy," people walking around downtown San Francisco could just point their antenna at a building and be privy to private, unprotected coporate networks.
posted by paladin on Mar 22, 2001 - 9 comments

Vulnerabiity in OpenPGP

Vulnerabiity in OpenPGP You don't even need to crack the key, just get hold of it, modify a few bytes, and presto, sign away from other persona. The issue here is signing, not encrypting. The implications are evident when you think of internet voting, tax filing, etc., but it is still a victory for open cryptography, where peer review can find serious flaws.
posted by pecus on Mar 22, 2001 - 2 comments

One million credit card numbers stolen! News at 11!

One million credit card numbers stolen! News at 11! The FBI has gone public with a rather dry account of a huge organized attack on ecommerce sites, exploiting security flaws in NT which Microsoft fixed and offered patches for nearly two years ago.
posted by Steven Den Beste on Mar 9, 2001 - 5 comments

Beyond the bar code:

Beyond the bar code: Tags on retail products will send radio signals to their manufacturers, collecting information about consumer habits -- and raising privacy concerns. Radio tag technology is already here, used in fields such in livestock, freight-train cargo and highway tolls. The only barrier to widespread use is consumer products is price. When they can be made for a penny, expect to see them everywhere. From the March issue of MIT Technology Review.
posted by jhiggy on Feb 20, 2001 - 13 comments

NSA has lost the techno war. It says.

NSA has lost the techno war. It says. But do we believe them? Or is this merely intended to lull us into complacency?
posted by Steven Den Beste on Feb 19, 2001 - 25 comments

John Draper says he's going straight for good

John Draper says he's going straight for good and looking to "pay back society for [his] deeds in the past," by working with a software security outfit.
posted by idiolect on Jan 29, 2001 - 2 comments

Chiariglione steps aside.

Chiariglione steps aside. SDMI over?
posted by aflakete on Jan 25, 2001 - 0 comments

FTC ends investigation of DoubleClick

FTC ends investigation of DoubleClick and finds no evidence of wrongdoing. I don't know about you, but I feel cheated. Don't forget to opt out of their cookie-bending racket.
posted by mathowie on Jan 23, 2001 - 16 comments

A while back, you'll remember, a professor from Princeton cracked the SDMI watermark, but couldn't publish [MeFi search], and weren't awarded the prize because they wouldn't NDA. Well, a French team has also cracked it, and not being bound by the US DMCA, they've published. Good thing? Or bad?
posted by baylink on Jan 23, 2001 - 3 comments

A guy paid $5000 to a bank

A guy paid $5000 to a bank for a list of 4 million credit card numbers, complete with name/address of the owners. He proceeded to start making false charges to those cards totalling some $37 million. He's going to jail. My question is, what the hell was the bank thinking? Why are they selling something like that? Didn't they recognize the potential for abuse? What possible legitimate use could such a list have?
posted by Steven Den Beste on Jan 23, 2001 - 8 comments

Linux no longer foolproof?

Linux no longer foolproof? And a smile descened upon Redmond...
posted by mecawilson on Jan 22, 2001 - 21 comments

Contact information viewable with Alexa toolbar?

Contact information viewable with Alexa toolbar? Disturbing. Anyone with the Alexa toolbar installed can apparently see your address and telephone number, along with helpful information like maps to your home. This information is in the public record, but providing it instantly can only lead to more stalking incidents. You may want to follow Leia's advice and visit Alexa.com's site editor to make sure you're protected.
posted by jmcnally on Jan 11, 2001 - 16 comments

Well, we talked about NORAD a few posts back, I guess now it's time for everyone's *other* favorite agency: the NSA has a logo. That's funny. No, really, the topic of this posting is their release of Security-Enhanced Linux, including Mandatory Access Control and other cool B-1'ish stuff. Ted T'so has some interesting observations in this Slashdot thread on the topic as well.
posted by baylink on Dec 23, 2000 - 5 comments

In the latest Cryptogram newsletter,

In the latest Cryptogram newsletter, security expert Bruce Schneier makes some interesting points about voting, voting machines and computers. The web version of this article won't be up for a few weeks so I have reproduced it here. Read more...
posted by lagado on Dec 16, 2000 - 2 comments

Judiciary Seeks Public Comment on Internet Access to Court Documents

Judiciary Seeks Public Comment on Internet Access to Court Documents "As federal courts make the transition from paper to electronic case files, the Judicial Conference of the United States is studying the privacy and security implications of vastly wider public access to court documents via the Internet. Public comment is sought."

Further down they tell you that it'll cost 7 cents a page, even online. From the same folks who waited years to put up Supreme Court dockets and opinions on the official site.
posted by thescoop on Nov 15, 2000 - 6 comments


Do as we say, not as we do.

Do as we say, not as we do.
posted by solistrato on Nov 6, 2000 - 15 comments

AIPAC Hacked, Credit Card numbers exposed.

AIPAC Hacked, Credit Card numbers exposed. This morning the Web site of the American Israel Public Affairs Committee was defaced by Doctor Nuker of the Pakistan Hackerz Club. I didn't think anything of it which was why I missed getting the mirror the first time around. Apparently this is a pretty large organization according to my co-worker, a former Washingtonite. It's the biggest American Jewish lobbying organization in the US from what I hear... which is going to piss people off when they realize their credit card information was leaked in the defacement.
posted by bkdelong on Nov 2, 2000 - 0 comments

The OPE Campus Security Statistics Website allows you to research criminal offenses that were reported at over 6000 colleges nation wide, (United States). University participation is compulsory.

Of course, what they don't mention is lots of schools, including my alma mater, refer certain complaints (commonly those dealing with sexual assault) directly to local law enforcement, and keep no official record of the incident with the school itself. I was semi-involved with my school's Women's Resource Center in '98, and I can tell you there were a lot more incidents of sexual assault than listed on the OPE site.
posted by alan on Oct 24, 2000 - 2 comments

The SDMI Hack challenge seems to have gone down in flames.

The SDMI Hack challenge seems to have gone down in flames. And apparently it wasn't even very difficult to break into it. This article goes into it in some detail. [more]
posted by Steven Den Beste on Oct 17, 2000 - 5 comments

Excellent, in-depth analysis

Excellent, in-depth analysis of "spyware" used by insidious and horrible software entities such as RealPlayer. Written by my hero and yours, Steve Gibson.
posted by Succa on Oct 16, 2000 - 14 comments

NYTimes.com has low security

NYTimes.com has low security
Even me, the casual passerby, could access secret documents about the mysterious "partners," while trying to avoid downloading a cookie. Heh, "channel", "partners", the number 10. They're all related somehow? PS: "channel.nytimes.com" doesn't give access to pages without logging in. Any ideas?
posted by rschram on Oct 13, 2000 - 8 comments

Anyone trading on E*trade should read this thread at securityfocus.
posted by dabitch on Sep 29, 2000 - 7 comments

Roll your own Carnivore.

Roll your own Carnivore. A network security firm has released its own software package to duplicate the abilities of the FBI's packet-sniffing black box. Or at least, its admitted abilities.
posted by harmful on Sep 21, 2000 - 0 comments

Apparently, the conventional wisdom is not quite right. The SDMI's Executive Director says they have "thousands of entries" in their contest to hack the various proposed digital music security schemes. As I pointed out recently in a similar context, the "Linux community" and the population of computer literate, financially motived, non-OS-sectarian hackers are far from being one and the same...
posted by m.polo on Sep 20, 2000 - 6 comments

Another innovation from Digital Convergence:

Another innovation from Digital Convergence:
In addition to having a pretty much useless product, CueCat's product-release-to-privacy-violation rate is spectacular! To quote their email:

Dear :CueCat member,
We've been alerted to a security breach in our system that may have exposed certain members' names and email addresses. As one of the members who may be susceptible, we want to explain to you how you may be affected and what we are doing to rectify the situation. (more...)
posted by anildash on Sep 17, 2000 - 1 comment

Western Union's site

Western Union's site is down, as hackers have accessed their "secure" database. Western Union's only suggestion so far is to tell all customers to cancel their credit card accounts. Is anything really secure on the internet? Do you trust amazon to hold your credit card numbers, Wells Fargo to keep your checking account private, and Kozmo employees not to pilfer your credit card numbers for fun?
posted by mathowie on Sep 10, 2000 - 8 comments

Does Amazon deserve my statistics?

Does Amazon deserve my statistics? I knew this was coming but I was hoping that it would all turn out for the better and Amazon would come to their senses. So the question is, are Wish Lists worth my data? Will ownership of my spending habits, phone number, address, credit card, browsing habits, and email address become the new price for using the Internet as a consumer?
posted by Brilliantcrank on Sep 5, 2000 - 3 comments

Airport BodySearch may reveal more than passengers know

Airport BodySearch may reveal more than passengers know
Does anyone really care if the lonely airport security guards have a look under your clothes?
posted by chiXy on Aug 21, 2000 - 0 comments

The bastards at Symantec

The bastards at Symantec are now charging for virus updates. They've just lost a customer, a hopefully many more. The feedback form is here if you feel the need to bitch at them.
posted by skallas on Aug 12, 2000 - 20 comments

An article on espionage and security lapses? FBI says No Thanks

An article on espionage and security lapses? FBI says No Thanks The FBI has seized a computer hard drive used by former Energy Department intelligence chief Notra Trulock, concerned that he may have included classified data in a proposed article. Or maybe they just wanted to spell check it for him.
posted by Outlawyr on Jul 20, 2000 - 1 comment

Yet another outlook vulnerability.

Yet another outlook vulnerability. This one's significantly nastier than the previous ones, because it can attack and run programs on your computer as you download the email from your server
More >>
posted by cCranium on Jul 19, 2000 - 12 comments

Mitnick is free to use computers for work

Mitnick is free to use computers for work
"[The] federal judge has ruled that such blanket restrictions are unacceptable and job offers should be considered on a case-by-case basis."
posted by rschram on Jul 18, 2000 - 5 comments

MSNBC's Robert Wright seemes confused

MSNBC's Robert Wright seemes confused in this story about the Global Positioning System. He misinforms the reader about how terrorists can now use the military's encrypted GPS signals for more accurate positioning. (FYI: you are still unable to use the military's encrypted GPS signals, contrary to what Wright claims.)
more inside>>
posted by darainwa on Jun 28, 2000 - 2 comments

Does it bug anyone else

Does it bug anyone else that if you have a MetaFilter account with cookies enabled, it automatically enters your password (which can be read in view source)???
Personally I think this is a very bad thing, as I've visited metafilter at the library a few times..
posted by Bane on Jun 28, 2000 - 15 comments

The overthrow of Premier Mossadeq

The overthrow of Premier Mossadeq Last week the NYT posted PDF files of a CIA report detailing the overthrow of Premier Mossadeq of Iran in 1953. Names of Iranian participants who assisted in the operation were digitally "removed" because of fears that there families would face retribution when their status as foreign agents was revealed. John Young of cryptome discovered that the redacted text was not really gone -- by cancelling the PDF rendering at a certain point, the hidden names were revealed. He contacted the NYT and after some discussion told them he would not post the full files; the Times removed their copies of the files until they could edit out the names more securely. Young has since heard that other people also noticed the flawed redaction and has concluded that the information is therefore public. He is now posting the full text of the files (first installment up now) with the names restored. Is Young playing fast and loose with people's lives? Or does belief in a free press obligate this sort of thing?
posted by tingley on Jun 22, 2000 - 14 comments

Identity swapping makes life relative

Identity swapping makes life relative

Do any of you do the Safeway Card Shuffle? I think I probably would, but then again the level of tracking where I live is currently negligible, so it isn't yet an issue. How about where you live?

And how does this tie in to online privacy, like advertising cookies and programs like RealPlayer and GoZilla that track and report where you've been and what you've been doing?
posted by lia on Jun 8, 2000 - 8 comments

There, now, don't you feel safer?

There, now, don't you feel safer?
posted by Steven Den Beste on May 25, 2000 - 2 comments

New Microsoft Bug Found

New Microsoft Bug Found This one's pretty serious. Because it affects the whole world.
posted by PaperCut on May 20, 2000 - 13 comments

Microsoft's latest security loophole

Microsoft's latest security loophole involves the much-hated animated paperclip "Office Assistant". Despite its ability to create or delete files, someone chose to mark it as "safe for scripting", allowing it to be controlled by script on a web page.
posted by harmful on May 17, 2000 - 2 comments

Blame MICRO$OFT

Blame MICRO$OFT for the "I love you" virus, ohh, and it has 40 authors to it
posted by tiaka on May 16, 2000 - 14 comments

[ Damn, it's busy this morning... ]
"Outlook is perfectly safe... perfectly safe; that's why we're fixing it."
posted by baylink on May 16, 2000 - 4 comments

From Microsoft support: General Information About Using VBScript with Outlook

From Microsoft support: General Information About Using VBScript with Outlook
VBScript is designed to be a secure programming environment. It lacks various commands that can be potentially damaging if used in a malicious manner. This added security is critical in enterprise solutions.
(via Phil Agre's RRE mailing list)
posted by tregoweth on May 14, 2000 - 0 comments

Any server can read all your IE cookies.

Any server can read all your IE cookies. From any domain. Anyone. I was just explaing to my folks that the reason cookies are (generally) safe is that this was NOT possible. Well, it's possible now.
posted by ericost on May 11, 2000 - 32 comments

RedHat Linux security problem uncovered.

RedHat Linux security problem uncovered. Today, apparently it was discovered that if you install the Piranha package with RedHat 6.2 (ostensibly part of the default installation, but there's controversy over this), a default password is installed that would give anyone access to the Piranha configuration package; from there, it is apparently trivial to execute any command on the box that you want.
I find it very interesting that the fact that Microsoft had a "backdoor password" in a DLL made huge news (and it turned out to be patently false), yet this has gotten almost no press. I'd like to think otherwise, but I know it's because people hate Microsoft, and thus are eager to deride it... and yet here's proof that even the mighty Linux is susceptible to the same exact problems.
Next time you reach for the keyboard to cry out "nyah nyah!" at the discovery of some problem with Windows, remember this...
posted by delfuego on Apr 24, 2000 - 15 comments

Do security apps like this one actually work? Anyone here with a DSL or ISDN, or other "always on" connections, have any tips on security at home?
posted by milhous on Apr 19, 2000 - 17 comments

They bagged the kid who was responsible

They bagged the kid who was responsible for all those Denial-of-Service attacks a couple of months ago. He's Canadian.

Here's an interesting legal question: could the US extradite him? The crimes were committed in the US, but he was in Canada at the time he did it, since he worked through the Internet. Whose laws apply?

(By the way, I've seen no indication that the US is considering extradition; I was just curious whether they could extradite him.)
posted by Steven Den Beste on Apr 19, 2000 - 18 comments

You know their server isn't particularly secure; well neither is their browser.
posted by ericost on Apr 19, 2000 - 2 comments

More news on the IIS exploit

More news on the IIS exploit After acknowledging the problem last week, Micro$oft is now saying that the backdoor in IIS... is a flaw. M$ Technet seems to have a fix for this problem, delete the offending file! So, if systems are your bag, my advice is to start researching security if you are running M$ internet server products (SQL 7, Exchange, IIS, Index Server, etc.).
posted by Dean_Paxton on Apr 17, 2000 - 2 comments

Page: 1 ... 7 8 9 10 11 12 13 14