Date: 02/28/08 (Security)    Keywords: security

When I reported on the Vocera certificate security bypass flaw, SecurityFocus picked up on it and created Bugtraq ID 27935 to warn their customers about the vulnerability.  I dropped a note to Secunia about the flaw but they seem to believe that a flaw is only a flaw if it...

Source: http://blogs.zdnet.com/security/?p=909

Date: 02/28/08 (Security)    Keywords: software, security

Software problems with a 28-mile pilot project send Homeland Security officials back to the drawing board--and cause a three-year delay in plans to seal off the southwestern border of the U.S. WASHINGTON--Technical problems have forced the Bush administration to retool a high-tech "virtual fence" along the U.S.-Mexico border and...

Source: http://news.zdnet.com/2424-9595_22-189986.html

Date: 02/29/08 (Security)    Keywords: security

Sighs of relief can be heard coming from Brazil this week as police arrested four men (port security guards) responsible for heisting some computers that had lots of data from the newly discovered mega-oil-patch off the coast of Brazil. Way back when I was an industry analyst...

Source: http://blogs.zdnet.com/threatchaos/?p=552

Date: 02/29/08 (Security)    Keywords: security

Bain Capital and Huawei will resubmit its bid for 3Com to the Committee on Foreign Investment in the U.S. in hopes of closing a deal. A $2.2 billion buyout of 3Com has been hung up over concerns that China's Huawei would have access to critical U.S. security...

Source: http://blogs.zdnet.com/security/?p=910

Date: 02/29/08 (Security)    Keywords: security

Airport security is obviously a major concern in our country, and I've made some observations that I'd like to share from my recent travels. February and March has turned out to be an insane travelling road show for me. When March completes, I will have spoken...

Source: http://blogs.zdnet.com/security/?p=911

Date: 03/03/08 (Computer Geeks)    Keywords: security, google

Hi guys, I'm in need of help.

First a little about me.  I'm one of those that grew up around 2 older brothers that were a/v geeks, one of whom is a computer geek for hire (he lives 50 miles away and we're both busy with our various jobs, so I can't run over to his place any time I'm in need of this kind of help).  Thanks to both of them their geekness rubbed off on me.  Though I've had very little formal computer training, as far as classes goes, I know quite a bit about them and can almost always get myself out of some sort of jam when it comes to my own computer (even can do this at work though most places don't like it when a non IT person does such things), if it's something I don't know how to do, I can google it with the best of them.  At my last job I wore many hats, including IT.  Granted I'm more of an advanced usser, but still far from being at the same level as those that majored in computer engineering and other such computer degrees. 

which brings me to my problems. 

I have an IBM thinkpad R50 and while I love this laptop and plan on keeping it for some time mostly due to lack of funds, I am in need of help.  One day, ages ago, I unintentionally activated the secure disc featuer.  I say unintentionally because I was curious about it, wanted to see what it was about, but didn't want or need it.  So now I'm stuck.  I have tried to disable it, at least the password prompt but no joy.  I've found that if I enter the password wrong, then my laptop boots up really screwy, or should I say takes forever and a day to load my personal settings.  That happened yesterday.  Course after nearly throwing this through the wall today I ran an update (don't ask how I managed to get it to load up or how long it took, you'll get the headaches I had dealing with it just hearing what I went through) and found one of the things making out the CPU got a patch for that same reason.  *sigh* 

So here I am, after much hair pulling and agrivation (not to mention, stress), my laptop is back up and running in the barest of sense.  I have my own set of settings that I prefer as far as how this thing runs but my laptop is now refusing to allow me to do that.  For instance, it won't let me activate virtual scrolling on the touchpad, I can't disable tapping, and various little things like that. 

I also want to fully disable the security chip, don't want a password prompt, don't even want my laptop to check the status of the chip at bootup for that matter.  As it is I need to log in and the password that I set and have always used to log on, is coming up as wrong.  I'm at the point where I hesitate to shut this down when I go to bed tonight because I don't have the time, energy or want to deal with the stress I went through since yesterday. 

So if you managed to get through this post and figure out what I'm asking, GREAT!  now how do I fix it, without having to wipe the HD clean.  I'd rather not because I used my laptop at my old job (which is when/where I got it) and got a lot of sotfware there, none of which I have discs for and wouldn't be able to reinstall.  I also don't have the money for any of it, so I'd REALLY rather not have to go that route.

THANKS!!!!!!!!!

Source: http://community.livejournal.com/computergeeks/1156649.html

Date: 03/03/08 (Security)    Keywords: software, security, virus, web

In the security industry it's not hard to run into someone predicting the demise of the anti-virus industry. But the end game will take forever to play out. The common argument: Anti-virus software can never keep up, is outdated and outgunned against rapidly evolving threats. Websense CEO...

Source: http://blogs.zdnet.com/security/?p=913

Date: 03/03/08 (Apache)    Keywords: security

Some of our IE7 users receive security certificate mismatch warnings with every secure page view on subdomain.domain.net.  The cert was originally issued to www.domain.net. 

Is it possible to add aliases to existing certificates (my hunch is no, but I'm not well versed on them)? 

Source: http://community.livejournal.com/apache/40574.html

Date: 03/04/08 (Security)    Keywords: security, microsoft, ebay

Notable headlines: Mary Jo Foley: Microsoft caves: 'Super-standards' mode to become IE 8 default. Microsoft's IE blog Microsoft, Nokia to port Silverlight to Symbian phones Nate McFeters: eBay Red Team Event - Creating Security Awareness and Sharing Strategies Ed Bott's 10 Favorite...

Source: http://blogs.zdnet.com/BTL/?p=8139

Date: 03/04/08 (Security)    Keywords: security, ebay

I recently attended the eBay Red Team event at the eBay campus in San Jose, CA. and got a chance to sit in on several presentations, meetings, and discussions aimed at creating security awareness and knowledge sharing opportunities for several major decision makers in the information security space.  Numerous companies...

Source: http://blogs.zdnet.com/security/?p=915

Date: 03/04/08 (Security)    Keywords: security, google

Google's Android SDK is facing multiple vulnerabilities that are remotely exploitable, according to Core Security Technologies. In an advisory, Core Security noted heap and interflow overflow issues with Android and reserved eight CVE identifiers. Core noted: Several vulnerabilities have been found in Android's...

Source: http://blogs.zdnet.com/security/?p=921

Date: 03/06/08 (Computer Geeks)    Keywords: security

I fixed the touchpad and the security chip seems to be behaving (I tested the laptop Monday night by rebooting it and had no problems, so I've gone back to my regular routine with it). 

so disregard my last post here.  just wish I could delete it.  :/

and for those wondering how I fixed it, lots of beatings.  ;)

Source: http://community.livejournal.com/computergeeks/1157608.html

Date: 03/06/08 (Security)    Keywords: security

The accepted wisdom is that Mac users are immune to most of the security afflictions which plague those mere mortals that are still using Windows.  But is all this set to change?  Is a wave of Mac-homing malware getting ready to flood the Internet? I ask because...

Source: http://blogs.zdnet.com/hardware/?p=1440

Date: 03/06/08 (Security)    Keywords: security

As most of the tech industry knows, Apple launched its long-awaited iPhone SDK on Thursday. With the move Apple has gone more corporate with its iPhone (Techmeme) and talked a good security game by offering features like remote wipe. Here's a snippet via Tom Krazit from the...

Source: http://blogs.zdnet.com/security/?p=930

Date: 03/06/08 (Security)    Keywords: browser, security, microsoft

Amid all the hubbub about the first beta of IE 8 the security features haven't gotten a lot of attention. Part of the problem is that Microsoft hasn't disclosed a lot, but it does appear that the browser will block malware. About its Safety Filter feature, Microsoft...

Source: http://blogs.zdnet.com/security/?p=924

Date: 03/07/08 (Web Technology)    Keywords: security

Update 3/7/08 7:45pm EST: CNET news reports MobiTV has withdrawn the threats, backpeddled on its original legal intentions, and is fixing the security problems. What were those guys smoking in starting all this nonsense? Cell phone television supplier, MobiTV, issued a cease and...

Source: http://blogs.zdnet.com/projectfailures/?p=632

Date: 03/10/08 (Security)    Keywords: security

Core Security Technologies on Monday named Mark Hatton CEO. Hatton was the president of North American operations for Sophos. Last year, Core lost CEO Paul Paget and product manager Max Caceres, who is well known in the penetration testing world. Hatton's mission is to grow the company,...

Source: http://blogs.zdnet.com/security/?p=935

Date: 03/10/08 (Security)    Keywords: security

In a much ballyhooed media event, Apple released the iPhone SDK at a press conference last week.  I've been watching the wire to see if other security researchers are as concerned about Apple's development and deployment model as I am.  They are. A good friend and colleague...

Source: http://blogs.zdnet.com/security/?p=938

Date: 03/11/08 (Security)    Keywords: security, virus, antivirus

When Mac owners move into Windows virtualization, they should be responsible and that means running PC security. Making this task a one-click purchase, Symantec this week released a Norton AntiVirus package covering both Mac and Windows platforms. The $69.95 package includes Norton AntiVirus 11 for Mac and...

Source: http://blogs.zdnet.com/Apple/?p=1399

Date: 03/11/08 (Security)    Keywords: security

With wireless penetration tools like KARMA and the new FreeRADIUS-WPE, users who are using urban legend security and enterprise wireless LANs are more vulnerable than ever. One of the biggest threats facing wireless LAN users is SSID probing which is forced by the reckless usage of SSID broadcast suppression....

Source: http://blogs.zdnet.com/security/?p=941