Quality of free software?

Ben Chaff argues that Free Software is better than average in terms of security when compared to the proprietary software market, but falls short of the standards that apply for software used in crash-and-people-will-die type of mission critical applications.

ISPconfig - ISP Control panel Security hole

isp control panel ispconfig is having security hole check this debian-isp mailing list message

Curiosity is bliss: Crossdomain.xml security warning

Julien Couvreur tells of a cross-site request forgery (CSRF) flaw researched by himself and Chris Shiflett in which Flash could be used to exploit Flickr and cause people unknowingly to send arbitrary requests to Flickr (e.g. adding a friend without knowledge of doing so). The two notified Flickr, which promptly moved their APIs, fixing the flaw.

More Hackers Targeting the Little Guy

According to the latest semiannual Internet Security Threat Report from a computer security company, home users are the weakest link in the Internet security chain.

Microsoft SPP the ultimate security risk?

While Microsoft is busily spreading the word about how it is going to crack down on pirate copies of Vista, there are some quite disturbing issues being raised by commentators and bloggers. One of them is that Microsoft's zealous anti-piracy Software Protection Platform (SPP) could pose the mother of all security risks.

Prisoner Abuse by US at Gitmo Described in US Marine Document

The affidavit, signed on Wednesday, was provided by lawyers representing some of the approximately 455 foreign terrorism suspects held at the U.S. naval base at Guantanamo Bay, Cuba. It represents the latest in a series of allegations of abuse of Guantanamo detainees by U.S. personnel.

$100 Laptops: ultra secure

Programmers are designing security protocols, "they hope will greatly surpass those found in mass-market computers today" and already, "they believe the security setup could make it unnecessary for the laptops to have anti-virus software".

Internet Security Sucks!

Symantec has published a new report into various aspects of Internet security, and pretty unsurprisingly tells us what we already know: things are getting worse. The 10th Symantec Internet Security Threat Report complete with Homer Simpson ratings...

Managed Insecurity

Here’s how it works: you pay the bad guys and they will infect your target web sites, harvest the user data and return it to you in the format you want. The latest, and perhaps most worrying, in the evolution of the script kiddie hacker...

From Reagan to Bush Jr. - How Each President Has Handled North Korea

North Korea says it plans to carry out a nuclear weapons test, and U.S. officials say the test may come “as early as this weekend.� Last night, the U.N. Security Council issued a joint statement saying a nuclear test would “jeopardize peace, stability and security in the region and beyond�

Top of the Malware Pops

Old threats remain a big problem, as the September security exploit charts reveal no new entries at all.

Firefox security jokers about as funny as rabies

I wonder why the ToorCon Firefox flaw hoaxers made Mozilla the fall guy, couldn't be anything to do with the legal power of Microsoft that would have fallen on them like a ton of bricks had IE been the butt of their 'joke' perhaps?

Topic Overview: UN Security Council warns North Korea it will act

Japan said Saturday it will push for a punitive United Nations resolution if North Korea doesn't heed a UN Security Council statement urging it to cancel plans to test its first nuclear weapon.

Topic Overview: Sudan's UN ambassador defends stance on peacekeepers

The United States demanded an emergency meeting of the U.N. Security Council on Thursday over a letter in which Sudan's government said it would view any troop commitments to a future peacekeeping force in Darfur as a "hostile act" and a "prelude to an invasion," a U.S. official said.

Retired S1Ws Recalled To Active Duty

STRONG ISLAND, NY—With recruitment down sharply, and the prospect of being held back by the nation of millions appearing once again likely, top-ranking Public Enemy officials issued an order Monday for all retired Security Of The First World personnel to return to active duty.

Why I won't be using OcUK any more - nice new design but security issues

See this forum post on their own forum. If i were you I'd be very carefull before using overclockers uk again...

Topic Overview: Symantec Snaps At Microsoft

Vendors of security software, such as Symantec, are criticising Microsoft for not allowing them access the the Vista kernel.

Topic Overview: Network Security Microsoft To Fix Windows, Office Security

The updates, part of Microsoft's regularly scheduled monthly patch cycle, come after sample attack code has surfaced for vulnerabilities in the Windows Shell component of the operating system.

Topic Overview: $100 Laptop May Be at Security Forefront

The $100 laptops planned for children around the world might turn out to be as revolutionary for their security measures as for their low-cost economics.

Hackers find use for Google Code Search

The company’s new source-code search engine, unveiled Thursday as a tool to help simplify life for developers, can also be misused to search for software bugs, password information, and even proprietary code that shouldn’t have been posted to the Internet in the first place, security experts said Friday.

Gary Smith, John Williams and Robert Johnson "you are terrorists!"

If your name is Gary Smith, John Williams and Robert Johnson or you are the dead hijackers from 9/11 then you are considered a threat to US national security and are not allowed to fly in the US.

$100 laptop may be at security forefront

The $100 laptops planned for children around the world might turn out to be as revolutionary for their security measures as for their low-cost economics.

Data theft scandal - what we can learn from India

Recent undercover 'sting' operations reveal how easy it is to purchase customer information from call centres. But that doesn't mean India deserves a bad reputation for data security, says Mark Kobayashi-Hillary. These stunts could happen anywhere.

Fourth-Generation Warfare and the International Jihad (Not Light Reading)

Analysts from Janes give their insight into the writings of Mustafa Setmariam Nasar aka Abu Musab al-Suri on global jihad that establishes the strategic guidance for the "international Islamic resistance generation" He promotes the idea of a self-perpetuating global insurgency of autonomous jihadists to force the US to fight on too many fronts.

Symantec Snaps At Microsoft

The security firms are certainly acting like they want out of their relationship with the software giant. This week they proclaimed loudly, to anyone who would listen, that Microsoft's new Vista operating system will shut them out of users' PCs

Fitzgerald: Libby Wants to Load Up Trial

Vice President Dick Cheney's former chief of staff intends to load up his criminal trial with information about nine national security matters, the names of foreign leaders and details about various terrorist groups, say court filings in the Valerie Plame leak case.

Report: Thousands Wrongly on Terror List

More than 30,000 airline passengers have asked just one agency the Transportation Security Administration to have their names cleared from the lists, according to the Government Accountability Office report.

Report: Thousands wrongly on terror list

Thousands of people have been mistakenly linked to names on terror watch lists when they crossed the border, boarded commercial airliners or were stopped for traffic violations, a government report said Friday. More than 30,000 airline passengers have asked just one agency — the Transportation Security Administration — to have their names cleared.

'Manhattan Project' Building Preserved

This weekend, a series of events will mark the restoration of a wooden, garage-like building where the world's first plutonium bombs were assembled. Preservationists have gone behind the security fences to preserve for the first time a structure in which the Manhattan Project scientists did their work at Los Alamos National Laboratory.

Microsoft, Apple eyed for AJAX alliance

InfoWorld Editor at Large Paul Krill spoke with Boloker at the AJAXWorld Conference and Expo in Santa Clara, Calif. about AJAX, the security issues around it, and the possibilities of other vendors such as Microsoft and Apple joining the alliance

Microsoft Will Release 11 Patches Next Week

Microsoft will release 11 security updates next week, marking the third time in the last five months that it has posted a double-digit number of patches, the company has said.

Dutch voting machines hacked to play chess

With as much fuss as we raise over the myriad of Diebold security and stability failures, it looks like we've got it pretty good in the States when compared to the e-voting methods of the Dutch. Their ES3B voting system is based on circa-1980's computing hardware, which seems to be rather lacking in the areas of physical and software security.

Pod Slurping – an easy technique for stealing data

The problem with uncontrolled use of iPods, USB sticks and flash drives on your network A common misconception is that perimeter security measures such as firewalls and anti-virus software are enough to secure corporate data residing on the corporate network. In this white paper, we explore how the uncontrolled use of portable storage devices such

In a Fake Country, still Real Problems for the U.S.

Recent events in Afghanistan have demonstrated clearly that righteousness is no guarantee of success, as a resurgent Taliban has caused increasing security problems in and around Kandahar and along the rugged border with Pakistan

How to Speak Anonymously in Public: A Hacker's Guide

It's a dangerous world out there for security researchers. Between DMCA violations, full disclosure issues, miscellaneous lawsuits, government harassment, or simply having your name dragged through [WWW] the mud by corporate spin....

How secure is VoIP compared to legacy systems?

This blogger asks whether or not the security concerns over VoIP are real. Read the article and judge for yourself!

RED HERRING | Chinese Hack Attack on Security

RED HERRING | Chinese Hack Attack on SecurityBureau of Industry and Security

Bush asserts right to edit Homeland Security privacy reports

Bush is required by the Constitution to either veto a bill or sign it into law. If signed into law, the President is sworn to uphold it. However, Bush keeps issuing signing statements, such as the one with the Homeland Security funding bill, saying he, as a "unitary (totalitarian?) executive" will not enforce numerous provisions of the law.

National Security Whistleblowers Expose 9/11 Commission's Cover-Up Activity

Sibel Edmonds names 13 whistleblowers who attempted to testify about the 9/11 Crime. In vain. Makes you want to rename the resulting document into "9/11 Ommission Report". Mindboggling details. Smashing evidence for a cover up job well executed by Prof. Zelikow (self-confessing expert in "creation + maintenance of public myths").