In The News...

Codename of the day: Nitrogen
[Wed, 27 Aug 2008 15:50:40 -0700]
The Microsoft codename contest continues. Today's entry is Nitrogen, which is the next version of Microsoft's ISA Server. by Mary Jo Foley

Taiwan busts hacking ring, 50 million personal records compromised
[Wed, 27 Aug 2008 11:45:01 -0700]
Taiwan's Criminal Investigation Bureau CIB has successfully tracked down and arrested six people in what the CIB believes to be the biggest personal data breach in Taiwan to date. Apparently, the group also managed to obtain personal data on Taiwan's current and former presidents : "The suspects are believed...

The Gammima Strain
[Wed, 27 Aug 2008 11:10:51 -0700]
Photo: NASA Is the International Space Station just another bot in a botnet? Are criminal hackers tapping away in some dark warehouse now in control of critical command-and-control systems on board? No, that would make a good Michael Crichton novel, though. It seems some...

Worst news for McCain is not from Denver
[Wed, 27 Aug 2008 09:12:57 -0700]
The news is that even a milder form of McCain's skin cancer puts patients at increased risk, not just for more skin cancers, but for other cancers as well. by Dana Blankenhorn

Virtualization software revives dumb terminals, cuts IT costs
[Wed, 27 Aug 2008 08:57:33 -0700]
With computers growing smarter by the day, why would anyone want to step back more than a decade and fill office cubicles with dumb terminals? The answer is simple - to keep cubicle computers in service longer, uncluttered and free of malware, viruses and hacking programs. At...

Has Firefox already matched IE privacy features?
[Wed, 27 Aug 2008 07:29:28 -0700]
Perspectives, hatched at Carnegie Mellon, thwarts so-called "Man in the Middle" attacks on SSH secure sites by creating a virtual notary that can check the validity of an unsigned security certificate. by Dana Blankenhorn

Major security hole found in iPhone
[Wed, 27 Aug 2008 07:24:35 -0700]
Gizmodo has unearthed a security flaw in the iPhone OS and boy is it a doozy. According to the post it's simple to access a locked iPhone's address book, Mail, SMS, Contacts, and Safari. The vulnerability works like this on a password protected and locked iPhone: ...

Google Suggest goes live, will people like it?
[Tue, 26 Aug 2008 16:42:47 -0700]
Google Suggest is a feature that gives you automatic recommendations when you begin to search for something -- it's eluded the official Google homepage for several years, but today it has finally found it's way there. The question now, as Philipp Lenssen puts it, is weather it will be...

Feel like taunting an identity thief? Don't.
[Tue, 26 Aug 2008 15:06:26 -0700]
The next time you get the urge to enter angry messages to phishers on fake malicious Web sites, stop and consider this discovery by researcher Joe Stewart. The identity thieves behind the Asprox botnet have built extra logic into phishing sites to detect taunts and subject those...

Malware detected at the International Space Station
[Tue, 26 Aug 2008 14:37:30 -0700]
Malware is reaching new heights, and going into Space through a removable media carrying the W32.Gammima.AG password stealing malware to the International Space Station. According to SpaceRef.com : "W32.Gammima.AG worm is a level 0 gaming virus intended to gather personal information. Virus was never a threat to any of...

Linux under attack: Compromised SSH keys lead to rootkit
[Tue, 26 Aug 2008 14:13:02 -0700]
The U.S. Computer Emergency Readiness Team CERT has issued a warning for what it calls "active attacks" against Linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to...

Go ahead...bring in your laptop
[Tue, 26 Aug 2008 09:25:02 -0700]
There is a growing controversy in our district over the use of personal laptops and other computing devices that can access our wireless or wired networks. A significant majority, myself included, believe that, aside from WPA and a strong password for the routers, teachers and students should be able...

A (Microsoft) Codename a day: Geneva
[Tue, 26 Aug 2008 08:55:53 -0700]
Today's codename-contest submission is "Geneva," one of a growing number of Swiss codenames in the Microsoft family. Geneva is related to Zermatt, a previously disclosed Redmond name and, like Zermatt, has to do with federated identity. by Mary Jo Foley

Patch issued for Ubuntu security flaw
[Tue, 26 Aug 2008 06:23:21 -0700]
Canonical has warned users of all machines running recent versions of Ubuntu to patch their systems and shut an open door for hackers. Canonical is the latest Linux vendor to patch a vulnerability in the open-source operating system's kernel that could have left the door open for hackers to...

News to know: IE 8; Code name of the day; Facebook security; Office 2.0
[Tue, 26 Aug 2008 01:59:52 -0700]
Here are today's notable headlines. You can get News To Know via email alert and RSS daily: Mary Jo Foley: A Microsoft Codename a day: Rouge Dancho Danchev: Hundreds of Dutch web sites hacked by Islamic hackers Twitter's "me too" anti-spam...

Twitter's "me too" anti-spam strategy
[Mon, 25 Aug 2008 16:08:39 -0700]
With Twitter's continuing growth, its popularity is logically starting to attract the attention of malicious parties, like spammers, phishers, and malware authors who wouldn't mind the fact that nobody is following them when they're actively updating several hundred users with their latest propositions. Last' week's Twitter announcement...

Facebook refuses to fix obvious security flaw
[Mon, 25 Aug 2008 15:44:02 -0700]
[ UPDATE:  Facebook has reversed itself and fixed this vulnerability ]  The Register's Dan Goodin has the scoop on an obvious security vulnerability that's being ignored by the powers at Facebook. The issue, as demonstrated by this proof-of-concept, shows...

New StopBadware guidelines take aim at software update bundling
[Mon, 25 Aug 2008 14:45:03 -0700]
If the StopBadware coalition has its way, software updaters from Sun Microsystems see screenshot above and Apple will carry the embarrassing "badware" label. According to a draft of revamped guidelines (.pdf) from the Google-backed computer security consortium, the badware label will expand to...

Hundreds of Dutch web sites hacked by Islamic hackers
[Mon, 25 Aug 2008 13:46:43 -0700]
In what appears to be a mass defacement, where several hundred domains take advantage of a shared hosting provider, starting as of this Friday, an Islamic hacker known as nEt^DeViL -- this is not the NetDevilz team that hijacked the DNS records of the ICANN and Photobucket in June --...

Joe Biden loves RIAA, DRM; hates encryption, George Bush
[Mon, 25 Aug 2008 07:30:05 -0700]
Does Joe Biden have more in common with Metallica's Lars Ulrich than Facebook's Mark Zuckerberg? CNET colleague Declan McCullagh has a superb analysis of Dem. vice presidential candidate Joe Biden, who has an interesting (read: depressing) voting history when it comes to tech issues. ...