Privacy, Security Archive

Information Security in Campus and Open Environments

Submitted by LogError 2005-08-23 Privacy, Security 1 Comment

This article is geared towards techies at libraries and schools and will attempt to address common security problems that may pop up at these institutions. The author gears the solutions towards Open Source, freeware, and base operating system security in a Windows XP/2k environment.

IBM Makes Biometric Breakthrough

David Adams 2005-08-17 Privacy, Security 13 Comments

One of the weaknesses of biometric security systems is that you can't just replace your finger or your eye if someone figures out how to compromise the system, like you can with a password. IBM researchers have applied more sophisticated cryptographic theory to the problem, providing a way to "construct a kind of technological screen separating a user's actual biological identification information from the records stored in profile databases."

Copy-protection Enters the Mainstream

Submitted by Jophn Deo 2005-08-17 Privacy, Security 29 Comments

A USA Today article briefly covers the debut of several new consumer-oriented technologies that contain copy-protection technology, including tech for digital textbooks that can't be copied and "expire" after a year. It also touches on copy-protection tech that failed in the marketplace.

Modern History of Cryptography Techniques

Submitted by anonymous 2005-08-17 Privacy, Security 2 Comments

The encryption scheme you rely on today might be full of holes just a few years down the road. Learn how far we've come in the last few decades, and why your apps need to be ready for change. This article builds on a previous article about Enigma, Germany's WWII-era encryption system.

Microsoft’s HoneyMonkeys Prove Patching Windows Works

Submitted by Not_Today 2005-08-10 Privacy, Security 33 Comments

Microsoft unveiled details of its Strider HoneyMonkey research, a project that sniffs out sites hosting malicious code, and hands the information to other parts of the company for patching or legal action. The technical report (pdf) outlines the concept of cruising the Web with multiple automated Windows XP clients - some unpatched, some partially patched, some patched completely - to hunt for Web sites that exploit browser vulnerabilities.

Submitted by bsnipes 2005-08-07 Privacy, Security 94 Comments

Researchers from a little-known security software company named Sunbelt Software have seemingly uncovered a criminal identity theft ring of massive proportions. According to one of their employees, Alex Eckelberry, during the course of one of their recent investigations into a particular Spyware application - rumored to be called CoolWebSearch - they've discovered that the personal information of those "infected" was being captured and uploaded to a server.

On WiFi and Security

Submitted by anonymous 2005-08-05 Privacy, Security 3 Comments

This article covers the various forms of wireless data transmission, and addresses the main security problems in WiFi today.

Assess System Security Using a Linux LiveCD

Submitted by anonymous 2005-08-01 Privacy, Security 8 Comments

Want to assess security vulnerabilities on your Linux system without lengthy installation and configuration efforts? We introduce four packages -- Auditor, Whoppix, Knoppix-STD, and PHLAK -- that bring you that ability through the magic of LiveCD.

Cisco Losing Battle to Censor Blackhat Researcher

Submitted by george 2005-08-01 Privacy, Security 12 Comments

It looks as if Cisco's cease and desist letters to Web sites hosting Michael Lynn's banned Blackhat presentation detailing a critical flaw in the company's IOS operating system are not having the effect the company desires. An increasing number of other Web sites are now making available Lynn's presentation to whomever cares to read or download it.

Cisco Curbs Security Researcher

Submitted by phaceton 2005-07-30 Privacy, Security 38 Comments

A security expert has agreed never to repeat what he knows about various flaws in Software from networking giant Cisco.

USB Devices Can Crack Operating Systems

Thom Holwerda 2005-07-23 Privacy, Security 47 Comments

Vulnerabilities in USB drivers for Windows could allow an attacker to take control of locked workstations using a specially programmed Universal Serial Bus device, according to an executive from SPI Dynamics, which discovered the security hole. However, SPI tested attacks on Windows systems, but any operating system that is USB-compliant is probably vulnerable.

Review: GFI LANguard Network Security Scanner 6

Submitted by LogError 2005-07-21 Privacy, Security 4 Comments

LANguard Network Security Scanner will scan computers for known vulnerabilities and common misconfigurations and other potential security issues. It produces reports that can be used to assist in the tracking and mitigation of security issues that have been identified.

Dan Kaminsky on Microsoft’s Security

Submitted by anonymous 2005-07-21 Privacy, Security 30 Comments

SecurityFocus published an interview with BlackHat/Defcon speaker Dan Kaminsky. He was guest-hacker at the Microsoft BlueHat event, and met Redmond's engineers and management. His conclusion: "My sense is that a combination of respect for SP2 and growing fear of Google (which has an entirely different, and arguably more managable security posture than Microsoft can achieve) has really pushed people towards seeing security in 2005 as stability was in 2000/2001."

Securing Wireless Technology: Wireless Devices, Part I

Submitted by DTY 2005-07-18 Privacy, Security 17 Comments

Wireless networking frees mobile workers from wires and cables, allowing them to collect and view data whenever, wherever they choose. The popularity of wireless networking is broad and continues to grow. The Gartner Group stated in an April 2005 study that by 2015, the average urban citizen in the United States and Europe will use at least six wireless networking technologies per day. read more.

Microsoft Investigates New XP SP2 Flaw

Submitted by Peter Deckers 2005-07-16 Privacy, Security 15 Comments

Microsoft has acknowledged that it is working on a patch for a potentially serious security hole in fully patched versions of Windows XP Service Pack 2.

Windows RDP Exploit Discovered

Submitted by GeekGod 2005-07-16 Privacy, Security 21 Comments

A denial of service vulnerability reportedly affects the Windows Remote Desktop Protocol. Either disable RDP or make sure you have a firewall enabled for port 3389 until a fix is available.

Desktop Port Proliferation a Security Risk?

Submitted by Ben Deckers 2005-07-15 Privacy, Security 12 Comments

Opera's announcement of in-browser support for Bittorent highlights the trend for common desktop applications requesting an ever-larger number of TCP ports to be opened up for them, essentially poking holes into firewalls. File transfer apps, VoIP, games, and other programs routinely request open ports, and that's a security risk, say some security experts.