Date: 03/08/05 (Security)    Keywords: security

Security experts warn that "pharming" could be the new frontier for online thieves looking to steal your personal data.

Source: http://news.zdnet.com/Phishers+using+DNS+servers+to+lure+victims%3F/2100-1009_22-5604555.html?part=rss&tag=feed&subj=zdnn

Date: 03/09/05 (Mozilla)    Keywords: php, browser, security, web

I know this isn't totally an advocacy group, but I think some of you might enjoy seeing the publicity that moz and firefox are getting. The Kojo Nnamdi show, on WAMU-FM
(Howard University PBS radio) had a show on browsers today, and what I was able to catch of it sounded pretty positive to firefox. For a while they'll have a stream up on their web site: (updated edit: seems they're up for quite a while, the archive is back to 2003).

http://www.wamu.org/programs/kn/index.php

The Kojo Nnamdi show is always pretty interesting. Glad I found out about it. Too bad it wasn't in time for the show to post here so folks could call in or email. :( It aired Tuesday at 12.06 hours Eastern US time. On air were guests columnist Mark Kelner from the Washington Times (bleh ..to the paper not the columnist) and Alan Paller, research director of The Sans Institue (computer security).

And if folks really don't want these kinds of posts, let me know. :)

Source: http://www.livejournal.com/community/mozilla/259189.html

Date: 03/11/05 (Security)    Keywords: security

SEC filing raises questions about whether the security breach went beyond the 145,000 Americans notified.

Source: http://news.zdnet.com/ChoicePoint+data+loss+may+be+higher+than+reported/2100-1009_22-5609253.html?part=rss&tag=feed&subj=zdnn

Date: 03/10/05 (Security)    Keywords: security

RSA Security is in high-level discussions with all the big U.K. banks, as concern over ID theft and data protection rises.

Source: http://news.zdnet.com/British+banks+in+talks+to+fight+ID+theft/2100-1009_22-5608885.html?part=rss&tag=feed&subj=zdnn

Date: 03/10/05 (Application Development)    Keywords: security, microsoft

Q&A Microsoft's founder rates the company's ongoing efforts in security and discusses how to get PCs into more hands across the globe.

Source: http://news.zdnet.com/Gates+talks+business/2100-9593_22-5608501.html?part=rss&tag=feed&subj=zdnn

Date: 12/19/04 (Java Web)    Keywords: browser, security, web, microsoft

Here's some interesting observations from the article: FIREFOX is a classic overnight success, many years in the making. Firefox is a Web browser that is fast and filled with features that Microsoft's stodgy Internet Explorer lacks. Today, it's the Internet Explorer code that is long overdue for a top-to-bottom redesign, one that would treat security as integral, [...]

Source: http://blog.taragana.com/index.php/archive/firefox-in-nyt-the-fox-is-in-microsofts-henhouse-and-salivating/

Date: 03/12/05 (PHP Community)    Keywords: php, blogging, html, java, security, web

i'm building my own blogging system for my website, and i was interested in having a bit of security when it comes to code in the comments.

• disallow html code


• disallow javascript


• special tags (standard BBcode - [quote][url][img])


• keep it xhtml1.1 compliant

webdev

php

Source: http://www.livejournal.com/community/php/272239.html

Date: 03/12/05 (Web Development)    Keywords: php, blogging, html, java, security, web

i'm building my own blogging system for my website, and i was interested in having a bit of security when it comes to code in the comments.

• disallow html code


• disallow javascript


• special tags (standard BBcode - [quote][url][img])


• keep it xhtml1.1 compliant

webdev

php

Source: http://www.livejournal.com/community/webdev/181116.html

Date: 03/14/05 (Computer Geeks)    Keywords: security

Maybe this is worth a post, maybe it's not, i'll let those more evolved decide. Regarding AOL's new TOS with AIM stripping away all rights to privacy, users can get the following free security cert: http://www.aimencrypt.com . The site contains complete and simple setup instructions. Important Note on Page:
Q. My friend doesn't have a security certificate are our conversations encrypted?
A. Simply put, no. Both users must be running AIM v5.2+ and have security certificates.

I'm sure anyone with basic understanding of encryption knows this already, but I thought I'd post it just incase.

The best part is the "cool" lock next to your name : ) hahaha

Source: http://www.livejournal.com/community/computergeeks/634994.html

Date: 03/15/05 (Web Technology)    Keywords: security

People are zapping cookies to protect their privacy or security, according to a JupiterResearch study.

Source: http://news.zdnet.com/Study%3A+Cookies+in+security+crosshairs/2100-9588_22-5618296.html?part=rss&tag=feed&subj=zdnn

Date: 03/15/05 (Security)    Keywords: security, web

Plans to supplement passwords with security devices won't solve the problems plaguing Web businesses, warns a crypto expert.

Source: http://news.zdnet.com/Expert%3A+Better+ID+checks+won%27t+beat+fraud/2100-1009_22-5618486.html?part=rss&tag=feed&subj=zdnn

Date: 03/16/05 (WebDesign)    Keywords: browser, css, security, web, microsoft

article [microsoft-watch.com]
article on /. [slashdot.org]

I assume most of you read slashdot, but if you don't here's a quote of their article:

webdev

webdesign

Source: http://www.livejournal.com/community/webdesign/832698.html

Date: 03/16/05 (Web Development)    Keywords: browser, css, security, web, microsoft

article [microsoft-watch.com]
article on /. [slashdot.org]

I assume most of you read slashdot, but if you don't here's a quote of their article:

webdev

webdesign

Source: http://www.livejournal.com/community/webdev/181847.html

Date: 03/16/05 (Computer Help)    Keywords: html, security, yahoo, google

T_T I was reading away messages and my brother's was about new pictures or whatever, so him being far away I was interested in seeing them. I believe the link was http:// www.TravisArket. com/photos. pif or at least something similar to it. Whatever you do, don't click on it! I ended up downloading shit onto my computer and now it's infected (at least, more than before). I deleted the files I downloaded earlier, scanned my computer with PestPatrol, Ad-aware, and AVG.. The first two detected some junk and I deleted it, while AVG didn't detect anything. I searched through recently modified files and deleted what I believe was the AIM away message crap. However, even after deleting it I still have the problem (I think). Does anyone know what I'm talking about? This is aggravating. How do I get rid of this?

Ooh ok, so now it's just randomly but frequently putting up away messages now. It says, "NEW PICS FROM THE BEACH http:// www.TravisArket .com/photos. pif !!!!!" =(

Also, I've discovered that I now cannot view my processes, memory, and the other stuff alt ctrl del does. Every time I try to open it, it closes after about one or two seconds. I tried searching for more information about this on Yahoo and Google, but apparently my textboxes aren't working. I keep receiving the error message "Your current security settings do not allow you to send HTML forms." I know that I had not recently changed any settings whatsoever.. I do believe that my cookies have now been disabled, or at least on Yahoo, cuz I've just been logged out and cannot log back in due to "disabled cookies." =(

Edit: New fake URL at the domain of softhue.com, same ending though.

Source: http://www.livejournal.com/community/computer_help/356305.html

Date: 03/17/05 (Security)    Keywords: security

Leaping into cheap Internet telephony before looking at the security risks could create a lot of risk for companies.

Source: http://news.zdnet.com/VoIP+could+provoke+%27electronic+Pearl+Harbor%27/2100-1009_22-5623365.html?part=rss&tag=feed&subj=zdnn

Date: 03/18/05 (Computer Geeks)    Keywords: security

First off, happy ST. Patty's day to everyone.

I'm not having a problem, but rather asking for advice from those of you with experience with wireless home networks. I refuse to bother with wireless due to its slower speed and lack of security, so therefore I know little about it or problems I may come across.

Next week I'm suppose to setup a simple wireless network for a woman, nothing special just a laptop,desktop (both winxp) and wireless router, however she is the owner of the bar I frequent almost daily, so I need to make sure this goes as smoothly as possible, my question is, are there any snags I may run into when dealing with wireless? It's crucial I don't run into any major problems, for one, she could recommend me to alot of people which would boost my customer base considerably, and 2nd, i'm there everyday, i don't want her to think I'm an asshole, I really don't forsee any problems, but then again this will be my first time with wireless. ALso, i'm assuming there really aren't any problems when installing a wireless card on a laptop? Any input is appreciated, thanks again all.

Source: http://www.livejournal.com/community/computergeeks/638190.html

Date: 03/18/05 (IT Professionals)    Keywords: security

So today, I was feeling experimental and decided to set my GPO to insane security mode on my desktop.
after rebooting any service running as 'localsystem' wouldn't start (access denied)
this led to a series of other funky problems... including explorer not loading...

I love GPO's to death... but this was ridiculous..
anyway, it was easy as hell to reset with a 'secedit /import' command of my default security script..
and i'm as good as new now, except now when people try to connect to my shares they get a user name Guest, and insert password prompt. I'm not posting to ask for help just thought I would share..
I'm sure i'll figure it out.


**Comment on this:

Has anyone else done anything incredibly stupid to their home systems??

Source: http://www.livejournal.com/community/itprofessionals/8087.html

Date: 03/18/05 (Security)    Keywords: security

Mergers and buyouts are muddying the lines between security and other industries. Can purely security-focused providers survive?

Source: http://news.zdnet.com/Security%27s+new+deal/2100-1009_22-5624251.html?part=rss&tag=feed&subj=zdnn

Date: 03/20/05 (IT Professionals)    Keywords: security, web

A friend of mine told me about a talk this coming Thursday, the 24th, by Gerry Wilson, the CIO of RSA. I think lunch is also going to be provided. It sounds like a good opportunity to talk to someone about authentication beyond just key tokens or passwords. RSA is also supposed to have a new product that replaces Windows XP logins with secuirID logins.

The talk is at a restaurant in Framingham from 11 to 1. I think it's sponsored by a local VAR, but AFAIK they're only there to buy lunch for everyone. I wish I could go, but I'm on the wrong coast. ;-)

For more info, check this website:
http://216.142.81.73/Events/01701/2005/03/

(cross-posted to itprofessionals, infosec, and itsecurity)

Source: http://www.livejournal.com/community/itprofessionals/8486.html

Date: 03/21/05 (Security)    Keywords: security

Most companies have upped security spending, but that hasn't stopped pests from invading corporate networks, survey finds.

Source: http://news.zdnet.com/Worms+whack+half+of+businesses/2100-1009_22-5628715.html?part=rss&tag=feed&subj=zdnn