Date: 07/28/05 (Security)    Keywords: security

Networking giant and ISS ask a court to silence the security expert who described how attackers could take over Cisco routers.

Source: http://news.zdnet.com/Cisco+hits+back+at+flaw+researcher/2100-1009_22-5807551.html?part=rss&tag=feed&subj=zdnn

Date: 07/27/05 (Security)    Keywords: software, security

Commentary--Oracle's Mary Ann Davidson says myths have grown up around the role of security researchers who seek out software flaws.

Source: http://news.zdnet.com/When+security+researchers+become+the+problem/2100-1009_22-5807189.html?part=rss&tag=feed&subj=zdnn

Date: 07/28/05 (Java Web)    Keywords: security, microsoft

Microsoft's effort to refuse access to updated versions of Windows Operating System has been foiled by hackers within 24 hours. Microsoft demanded that those who wanted Windows updates, other than security updates, will have to download an Active X program that sniffed their operating system to see if their OS copy had been pirated. When a Windows [...]

Source: http://blog.taragana.com/index.php/archive/microsoft-windows-genuine-advantage-check-cracked-under-24-hours/

Date: 07/29/05 (Security)    Keywords: security

Security company to begin delivering new consumer products as they are ready for release, rather than saving them up.

Source: http://news.zdnet.com/Symantec+to+change+consumer+product+rollouts/2100-1009_22-5809336.html?part=rss&tag=feed&subj=zdnn

Date: 07/28/05 (Security)    Keywords: software, security

Software giant weighs what to do with almost half of Sybari's work force after taking over the security tools maker.

Source: http://news.zdnet.com/Fate+uncertain+for+ex-Sybari+workers+at+Microsoft/2100-1009_22-5808920.html?part=rss&tag=feed&subj=zdnn

Date: 07/28/05 (Security)    Keywords: security

Three congressional committees meet to work on new security breach laws, though their proposals aren't quite ready for final vote.

Source: http://news.zdnet.com/Senate+moves+toward+new+data+security+rules/2100-1009_22-5808894.html?part=rss&tag=feed&subj=zdnn

Date: 07/29/05 (Security)    Keywords: security

New version of Internet Explorer, released for testing this week, taps WholeSecurity for antiphishing feature.

Source: http://news.zdnet.com/Microsoft+enlists+security+partner+in+IE+update/2100-1009_22-5809417.html?part=rss&tag=feed&subj=zdnn

Date: 07/29/05 (Open Source)    Keywords: security

Is timely disclosure -- an open source security process -- the key to a timely fix? Or do loose lips sink chips?

Source: http://blogs.zdnet.com/open-source/?p=391&part=rss&tag=feed&subj=zdblog

Date: 07/29/05 (Security)    Keywords: security

Disagreement persists about the scope of the IOS vulnerability, which is at the center of a dispute between Cisco and a security researcher.

Source: http://news.zdnet.com/Cisco+details+controversial+router+flaw/2100-1009_22-5810669.html?part=rss&tag=feed&subj=zdnn

Date: 07/29/05 (Security)    Keywords: security

Security company to begin delivering new consumer products as they are ready for release, rather than saving them up.

Source: http://news.zdnet.com/Symantec+to+change+consumer+product+launches/2100-1009_22-5809336.html?part=rss&tag=feed&subj=zdnn

Date: 07/31/05 (Computer Geeks)    Keywords: php, programming, software, css, html, xml, database, asp, sql, java, security, web

A few weeks ago, I asked about programming languages and which I should learn, and your reaction had me thinking that I could have offered more info about what I hoped to do with computers. My request was so vague that I can see why you found it difficult to reply. Perhaps this time I'll do better. To make things easier, I'm providing a list of what I want to do, and I ask you if you know what languages or applications I should consider in order to fulfill my technological goals. I'd like to: build web pages provide internet security for large & small clients make computer games build my own OS from scratch (a big task, I know) create, edit, download, and manipulate multi-media images and files develop application software build and manage my own server develop databases get a general feel for everything else, in case I ever need it So my current list of stuff I wish to learn now includes: Java Java Script Perl C, C+, & C++ PHP SQL CSS HTML XML Adobe Photoshop Adobe Illustrator Flash & Dreamweaver .Net (VB.net, ASP.net, C#) CGI If you know anything about the above, feel free to post: What are each of the above used for? How did it come out? Are any of them similar or used for similar tasks? Etc., etc., etc. Finally, I was told to learn some Assembly language, but unless I am mistaken, I think I learned that already. If someone could give me a rundown on what it is, I could be sure if its what I think it is. I think I learned 8086 in my day (came with a card, too), so all I have to do is review it I think. Your help and suggestions are welcome and I thank you in advance for your time.

Source: http://www.livejournal.com/community/computergeeks/740093.html

Date: 08/03/05 (Security)    Keywords: security

The unpatched flaw in a core component of the OS has no workaround and could be used to create a worm, a security firm warns.

Source: http://news.zdnet.com/Worm+hole+found+in+Windows+2000/2100-1009_22-5817400.html?part=rss&tag=feed&subj=zdnn

Date: 08/04/05 (Security)    Keywords: security

Security vulnerability in BrightStor backup products could put corporate networks at risk of cyberattack.

Source: http://news.zdnet.com/CA+plugs+serious+hole+in+backup+software/2100-1009_22-5817704.html?part=rss&tag=feed&subj=zdnn

Date: 08/05/05 (Opera Browser)    Keywords: security

I write a panel (sidebar) for opera, to write a posts to LJ, with realtime preview, support of tags, typographic symbols, current music/mood, security level, and so on and so for.
Link to sidebar
Unforcently, my english is very bad, so script contains many bugs (typo).
Please, add your opinions to comments to this message… ;-)
Sidebar require Opera 8+ with js and cookies enabled.

Source: http://www.livejournal.com/community/opera_browser/38822.html

Date: 08/09/05 (Security)    Keywords: security

Homeland Security hopes the chips, embedded in customs forms, will make entry and exit speedier and more secure for foreign visitors.

Source: http://news.zdnet.com/Feds+pilot+RFID+controls+at+U.S.+borders/2100-1009_22-5823958.html?part=rss&tag=feed&subj=zdnn

Date: 08/09/05 (Security)    Keywords: security

Homeland Security hopes the chips, embedded in customs forms, will make entry and exit speedier and more secure for foreign visitors.

Source: http://news.zdnet.com/Feds+test+RFID+controls+at+U.S.+borders/2100-1009_22-5823958.html?part=rss&tag=feed&subj=zdnn

Date: 08/09/05 (Security)    Keywords: browser, security, web

New version of Netscape 8 brings it as up to date on security as its underlying Firefox Web browser.

Source: http://news.zdnet.com/Netscape+catches+up+to+Firefox+patches/2100-1009_22-5825342.html?part=rss&tag=feed&subj=zdnn

Date: 08/11/05 (Security)    Keywords: technology, security, tracker

Antitheft technology for notebooks includes a LoJack-style tracker and a controversial security chip.

Source: http://news.zdnet.com/Gateway+puts+a+trace+on+laptops/2100-1009_22-5827500.html?part=rss&tag=feed&subj=zdnn

Date: 08/11/05 (C Sharp)    Keywords: programming, software, xml, security, web, google

Hello all. First time posting -- I'm an executive/part owner of a small, 30-40 employee software development company in the US. Can't get any more specific, due to LJ drama that occurred in the past, from which I learned that my constant insistence upon plausible deniability is never a bad thing.

Anyway, all of our current contracts are in .NET, from winforms applications, to windows services, to webservices, to web applications. We write in C#.NET and VB.NET depending on the contract, application, and developer. We've been working with .NET for the past 2-3 years.

I don't do as much programming with my company as I did when I first started there as Lead Developer; a good deal of my responsibilities have changed to software design/architecture, scheduling, project management, and having my time wasted by as many meetings as possible, at the most inconvenient times.

So perhaps these latest developments will lend an excuse to the following ignorance. :)

I am writing an application for myself, completely unrelated to my company, in my "free time." It has a fairly eccentric variety of functionality, all of which is related in a certain way, but the functionality with which this post concerns itself is keypress logging.

I've written a class that uses the SetWindowsHookEx() WinAPI call to install a hook for keyboard events (using WH_KEYBOARD_LL). It sets up the hook, which simply raises an event (passing the keypress data along) before giving the keypress back to the system (which continues down the chain of installed hooks). I've written a parent class which attaches a method to the event that takes the useful information from the keypress data and stores it in a queue. The remainder of this parent class provides access to the queue, functionality to clear it, etc. The class that implements SetWindowsHookEx() is in a DLL (I wrote it as part of a separate application back when I was more comfortable with VB.NET, while the current project is in C#, thus the DLL), and the parent class (in C#) imports this DLL.

The class performs flawlessly in the Windows Forms application I wrote to test all of the classes destined to be part of the final solution. It properly logs all of the keypresses in its queue, its methods provide the proper access to the queue, and the test application could write the keypresses to a file, store them in an XML object, or whatever needed to happen. I was pleased, since the whole mess only took about 2 hours to develop and test.

However, the final application that will be doing the keylogging is a Windows Service. Now that I finished developing and testing all the classes I needed to use in the final application, I've begun building the service. I've got the service properly installing, starting, and logging to the system's event log, so I know the service itself is working. However, the keylogging class is not working. No exceptions are thrown, and the WinAPI call (from user32.dll) returns no error codes. However, the queue count remains at 0, and no keys are logged at all.

I've simply dragged the class from the test Winforms application into the Windows Service application, and used it in the same way. While keypresses were logged efforltessly in the Winforms application, not a single one is being logged in the Windows Service.

I have tried pretty much everything I can think of, from checking the "Allow this service to interact with the desktop" checkbox, to changing the account running the service (currently the Local System account). However, as I said above, programming is not a day-to-day thing for me anymore, so I am most likely ignorant of something here.

I've read many accounts via Google of people successfully using SetWindowsHookEx() in a Windows Service, so I know it can be done. What gives? Is this a permissions/security issue, and if so, why are no errors/exceptions being thrown? Do I need to register the DLL containing the class that calls SetWindowsHookEx() in the GAC for any reason?

Any information or help will be greatly appreciated. Thanks in advance...!

Source: http://www.livejournal.com/community/csharp/32613.html

Date: 08/15/05 (Mozilla)    Keywords: security, linux, yahoo, microsoft

I was taken by suprise this morning, when I read the news that FX's market share shrunk from 8.71 percent in July to 8.07 percent in June. On the other hand, IE grew its market slice to 87.20 in July from 86.56 percent in June. I was under the impression that FX had been receiving a push from the Linux side, attracting the corporate community to its side.

I wonder if negative publicity of security flaws detected in FX's v.1.0.4. and 1.0.5., scared FX's users to the IE's camp. Some of my friends and colleagues, have commented that they are very positive of new features to be included in next v.1.5. which would probably be announced by late summer. I, for one, am very excited about this upgrade.

FYI, Total Market Share Percentage is distributed as follows:

1. Microsoft - Internet Explorer: 87.20
2. Mozilla - Firefox: 8.07
3. Apple - Safari: 2.13
4. AOL - Netscape: 1.50
5. Opera - Opera: 0.49
6. Others: 0.61

Any comments regarding this news?

If you want to read PC World Magazine's article, please click here: http://news.yahoo.com/s/pcworld/20050815/tc_pcworld/122213

Regards,

Omar.-

Source: http://www.livejournal.com/community/mozilla/306236.html