Date: 03/10/08     Keywords: security

In a much ballyhooed media event, Apple released the iPhone SDK at a press conference last week.  I've been watching the wire to see if other security researchers are as concerned about Apple's development and deployment model as I am.  They are. A good friend and colleague...

Source: http://blogs.zdnet.com/security/?p=938

Date: 03/10/08     Keywords: security

Core Security Technologies on Monday named Mark Hatton CEO. Hatton was the president of North American operations for Sophos. Last year, Core lost CEO Paul Paget and product manager Max Caceres, who is well known in the penetration testing world. Hatton's mission is to grow the company,...

Source: http://blogs.zdnet.com/security/?p=935

Date: 03/09/08     Keywords: no keywords

I travel a lot. It has been almost ten years since I had a job that was based in the same place I live. Whenever I get a call from friends and family the first question I get is "where are you?"   People who have known me for years but...

Source: http://blogs.zdnet.com/threatchaos/?p=555

Date: 03/07/08     Keywords: programming, web

Cell phone television supplier, MobiTV, issued a cease and desist order to a popular website covering mobile devices. A website user posted unadvertised, yet publicly available, links to programming on the MobiTV site. Here's how ZDNet's Matthew Miller described the situation: [A]...

Source: http://blogs.zdnet.com/projectfailures/?p=632

Date: 03/07/08     Keywords: google

Well, this may be old news to some, as Johnny Long is pretty well known for his Google hacking exploits, but I thought it was worth bringing up again as it was news to me.  In July of 2007, Johnny started a group called "Hackers for Charity", with the goal of applying the skills...

Source: http://blogs.zdnet.com/security/?p=932

Date: 03/06/08     Keywords: security

The accepted wisdom is that Mac users are immune to most of the security afflictions which plague those mere mortals that are still using Windows.  But is all this set to change?  Is a wave of Mac-homing malware getting ready to flood the Internet? I ask because...

Source: http://blogs.zdnet.com/hardware/?p=1440

Date: 03/06/08     Keywords: security

As most of the tech industry knows, Apple launched its long-awaited iPhone SDK on Thursday. With the move Apple has gone more corporate with its iPhone (Techmeme) and talked a good security game by offering features like remote wipe. Here's a snippet via Tom Krazit from the...

Source: http://blogs.zdnet.com/security/?p=930

Date: 03/06/08     Keywords: technology

Apple has given technology managers their iPhone wish list in full in an effort to make its phone more business friendly. The mission: Lure enough enterprises to the iPhone so Apple can hit its 10 million unit goal by the end of 2008. Apple CEO Steve...

Source: http://blogs.zdnet.com/BTL/?p=8179

Date: 03/06/08     Keywords: browser, security, microsoft

Amid all the hubbub about the first beta of IE 8 the security features haven't gotten a lot of attention. Part of the problem is that Microsoft hasn't disclosed a lot, but it does appear that the browser will block malware. About its Safety Filter feature, Microsoft...

Source: http://blogs.zdnet.com/security/?p=924

Date: 03/06/08     Keywords: no keywords

There are, it seems to me, only three kinds of cryptology systems known: there are the magic hand wave methods - like DES - which attempt to disguise the information content of the encoded message by combining information hiding (typically via some form of transposition) with information...

Source: http://blogs.zdnet.com/Murphy/?p=1085

Date: 03/06/08     Keywords: no keywords

If your company or organization runs an enterprise wireless LAN network, I have some troubling news for you.  Odds are high that your current "enterprise-class" wireless LAN deployment is vulnerable to authentication leakage which not only exposes your internal network but all of your server access controls. ...

Source: http://blogs.zdnet.com/security/?p=922

Date: 03/05/08     Keywords: no keywords

I've just downloaded and installed the beta 1 of Internet Explorer 8 into a virtual machine (no way am I ready to let that loose on my systems outside of a VM). I've only been using it a few minutes so there's no...

Source: http://blogs.zdnet.com/hardware/?p=1426

Date: 03/05/08     Keywords: no keywords

I've been using the same Linksys WRT54GS 802.11g router for a couple of years now, and it has reliably met my home networking needs. That includes connecting two laptops and a desktop, sharing a broadband connection, backing up files across the network, and shuffling video from my network-attached storage (NAS)...

Source: http://blogs.zdnet.com/soho-networking/?p=156

Date: 03/04/08     Keywords: security, google

Google's Android SDK is facing multiple vulnerabilities that are remotely exploitable, according to Core Security Technologies. In an advisory, Core Security noted heap and interflow overflow issues with Android and reserved eight CVE identifiers. Core noted: Several vulnerabilities have been found in Android's...

Source: http://blogs.zdnet.com/security/?p=921

Date: 03/04/08     Keywords: no keywords

It seems that hackers have figured out how to resurrect news about a Vista activation hack that's over a year old. Yesterday I received several emails from readers pointing to a post on Slashdot.  The site was running a piece which pointed to a an article on APC Magazine from...

Source: http://blogs.zdnet.com/hardware/?p=1407

Date: 03/04/08     Keywords: microsoft, google

GPLMedicine advocate Fred Trotter (right) has given some inspection to both Google Health and Microsoft's HealthVault, coming down solidly on Google's side. Trotter writes that Google Health's privacy policies and APIs are superior to those of Microsoft HealthVault, and its access control system looks better. ...

Source: http://healthcare.zdnet.com/?p=765

Date: 03/04/08     Keywords: browser, technology

A PayPal executive last week recommended that its users ditch Apple's Safari browser since it doesn't have anti-phishing technology. If other phishing targets--banks, brokers and such--follow suit it could make anti-phishing technology the price of admission to recommend browsers. Infoworld last week quoted Michael Barrett, PayPal's CIO,...

Source: http://blogs.zdnet.com/security/?p=916

Date: 03/04/08     Keywords: security, microsoft, ebay

Notable headlines: Mary Jo Foley: Microsoft caves: 'Super-standards' mode to become IE 8 default. Microsoft's IE blog Microsoft, Nokia to port Silverlight to Symbian phones Nate McFeters: eBay Red Team Event - Creating Security Awareness and Sharing Strategies Ed Bott's 10 Favorite...

Source: http://blogs.zdnet.com/BTL/?p=8139

Date: 03/04/08     Keywords: security, ebay

I recently attended the eBay Red Team event at the eBay campus in San Jose, CA. and got a chance to sit in on several presentations, meetings, and discussions aimed at creating security awareness and knowledge sharing opportunities for several major decision makers in the information security space.  Numerous companies...

Source: http://blogs.zdnet.com/security/?p=915

Date: 03/03/08     Keywords: spam

What do geeks hate more than free speech restrictions? Spammers! Thus, anti-spam laws are an interesting collision. Spamming is clearly speech -- albeit commercial speech. So are antispam laws constitutional? The Virginia Supreme Court took that matter up in the case of Jeremy Jaynes, a particularly obnoxious...

Source: http://government.zdnet.com/?p=3689