Date: 08/08/07     Keywords: software, security

An IBM security strategist wants software vendors to stop acknowledging companies and researchers who buy and sell security vulnerabilities.Gunter Ollman, director of security strategy at IBM Internet Security Systems (ISS), believes there's no real accountability attached to the trading of vulnerability information by third party companies like iDefense and TippingPoint.iDefense...

Source: http://blogs.zdnet.com/security/?p=433

Date: 08/08/07     Keywords: security

Harrah's CIO Tim Stanley explains how Harrah's is using RFID technologiesfor customer loyalty and security initiatives. by ZDNet Editor

Source: http://video.zdnet.com/CIOSessions/?p=115

Date: 08/07/07     Keywords: security, virus

I ran across three different articles on eVoting over the last little while that interested me:E-voting systems vulnerable to viruses and other security attacks, new report finds - This report documents the efforts of two teams of security researchers from UC Berkeley and UC Davis (my alma mater). The...

Source: http://blogs.zdnet.com/BTL/?p=5882

Date: 08/06/07     Keywords: security

Mozilla has moved swiftly to put the kibosh on late-night chatter that it can turn around patches for security flaws within ten days.The "ten f-ing days" boast came directly from Mozilla Director of Ecosystem Development Mike Shaver during a Black Hat party conversation with hacker Robert "RSnake" Hansen.We showed up,...

Source: http://blogs.zdnet.com/security/?p=423

Date: 08/03/07     Keywords: software, security, virus, antivirus

Virus Bulletin security certification body tested a number of antivirus software solutions for 64-bit versions of Windows Vista and discovered that security firms are struggling to provide satisfactory protection for the operating system and users.Here's how an article on vnunet.com describes the situation:Of the 20 antivirus product tested, 35 per...

Source: http://blogs.zdnet.com/hardware/?p=672

Date: 08/03/07     Keywords: software

VDA Labs, which finds flaws in software, has a unique business model that's at the center of a debate over bug disclosure.

Source: http://news.zdnet.com/2100-1009_22-6200489.html

Date: 08/02/07     Keywords: security, web

Robert Graham (CEO Errata Security) gave his Web 2.0 hijacking presentation to a packed audience at Black Hat 2007 today.  The audience erupted with applause and laughter when Graham used his tools to hijack someone's Gmail account during an unscripted demo.  The victim in this case was using a typical...

Source: http://blogs.zdnet.com/Ou/?p=651

Date: 08/02/07     Keywords: no keywords

In response to yesterday's Tech Shakedown of McAfee's personal firewall product for issuing a useless dialog -- one that asks me to allow or block some behavior but that doesn't give me any idea, clues, or hints as to which of those two options to pick -- one ZDNet reader...

Source: http://blogs.zdnet.com/Berlind/?p=697

Date: 08/02/07     Keywords: no keywords

Will the Internet still be here in 20 years? Of course it will, but that was the question asked of Nick McKeown, associate professor of electrical engineering and computer science at Stanford; Andy Bechtolsheim, co-founder of Sun; and Phil McKinney, vice president and CTO of the Personal Systems Group at...

Source: http://blogs.zdnet.com/BTL/?p=5844

Date: 08/02/07     Keywords: no keywords

Testing gets under way a full year before the event opens, with 500 worst-case scenarios to be rehearsed.

Source: http://news.zdnet.com/2100-1009_22-6200383.html

Date: 08/02/07     Keywords: no keywords

Parents of a young student were worried that he was being harassed by his bus driver, so they put a voice-activated tape recorder in the kid's backpack. Turned out they were right. However, Wisconsin state law holds that conversations (though it wasn't exactly a conversation) cannot be intercepted except by...

Source: http://blogs.zdnet.com/BTL/?p=5761

Date: 08/02/07     Keywords: security

Several presentations at the Black Hat security conference in Las Vegas yesterday illustrated some of VoIP's security vulnerabilities.According to Forbes.com's Andy Greenberg, who was in attendance, the presentations documenented ways  "in which cybercriminals can eavesdrop on VoIP calls, steal data from Internet telephony devices, intercept credit card numbers from...

Source: http://blogs.zdnet.com/ip-telephony/?p=2137

Date: 08/01/07     Keywords: security

As far as security solutions go, personal firewalls are probably the most problematic category for vendors to get right, let alone users to get working. Not only are there differing philosophies about what belongs in a personal firewall and what doesn't (eg: whereas many personal firewalls can and will...

Source: http://blogs.zdnet.com/Berlind/?p=693

Date: 08/01/07     Keywords: software

Guest Editorial by David EndlerWhile compiling some stats this week for our Zero Day Initiative two year anniversary, I came across this recent news article by the Associated Press, Researchers Seek Cash for Software Flaws. It's the latest in a long line of media coverage on the launch of...

Source: http://blogs.zdnet.com/security/?p=415

Date: 08/01/07     Keywords: no keywords

Dan Farber is featuring news of another 451 Group study showing that open source is "just about" to take over the system management business.As Yogi Berra once said, "it's deja vu all over again."I have been giving, and getting, this prediction since I first joined ZDNet almost three years ago....

Source: http://blogs.zdnet.com/open-source/?p=1269

Date: 07/31/07     Keywords: software, technology, virus, antivirus

It has been less than 24 hours since I published ZDNet's first Technology Shakedown (regarding McAfee's antivirus software running amok on Vista's tray) and I was already itching to do another. So this time, I picked on a small problem that's driving me nuts in Windows Vista that has to...

Source: http://blogs.zdnet.com/Berlind/?p=692

Date: 07/31/07     Keywords: no keywords

Here on ZDNet, in the blogs, their comment areas, and in e-mails you have not seen, my fellow blogger George Ou and I have been debating the challenges to securing e-mail.Although many Internet users assume it to be otherwise, most e-mail traversing the Internet and even corporate networks is insecure....

Source: http://blogs.zdnet.com/Berlind/?p=690

Date: 07/31/07     Keywords: microsoft

Symantec CEO John Thomspon drinks deeply from the Microsoft well. In fact, three-quarters of his company's $5.2 billion in revenue last year was derived from the Windows platform. But Symantec's relationship with Microsoft is complex and at times contentious. Thompson describes Microsoft as a partner, ally and competitor.On the competitor...

Source: http://blogs.zdnet.com/BTL/?p=5800

Date: 07/30/07     Keywords: security, google

Google has snapped up one of the sharpest minds in the hacker community, luring Michal Zalewski to help lock down its long list of Internet facing products.Zalewski, a 26-year-old computer security whiz from Poland, joined the search engine giant about a week ago to work as an Information Security Engineer.He...

Source: http://blogs.zdnet.com/security/?p=410

Date: 07/30/07     Keywords: no keywords

One would think one of the biggest Pentagon contractors would know a little something about data encryption. Alas, SAIC Inc. likely compromised the personal information of more than 500,000 military personnel and family members because it kept the information online and unencrypted, the Virginian Pilot reports.As usual in these...

Source: http://government.zdnet.com/?p=3335