Home Vulnerabilities Exploits Hacking IT Security Malware
Twitter
RSS

Archive for July 15th, 2010

« Older Entries

Researchers: Password crack could affect millions

By admin on Thursday, July 15th, 2010 | No Comments

IDG News Service - A well-known cryptographic attack could be used by hackers to log into Web applications used by millions of users, according to two security experts who plan to discuss the issue at an upcoming security conference.

Researchers Nate Lawson and Taylor Nelson say they’ve discovered a basic security flaw that affects dozens of open-source software libraries — including those used by software that implements the OAuth and OpenID standards — that are used to check passwords and user names when people log into websites. OAuth and OpenID authentication are accepted by popular Web sites such as Twitter and Digg.

They found that some versions of these login systems are vulnerable to what’s known as a timing attack. Cryptographers have known about timing attacks for 25 years, but they are generally thought to be very hard to pull off over a

Read the rest

Read More...

Amazon and IBM are ‘cloud champions,’ report says

By admin on Thursday, July 15th, 2010 | No Comments

Network World - Amazon and IBM are the “cloud champions” according to a new report, but Microsoft, Google, Cisco, Red Hat and VMware are also among the list of heavyweights in the emerging cloud computing field.

Amazon cloud uses FedEx instead of the Internet to ship data

All tech vendors are embracing the cloud. Even those that don’t provide public cloud services are fighting to become the top builders of infrastructures to support emerging cloud networks.

A new quarterly report from BTC Logic, an IT consulting firm, attempts to rank the top cloud players, and puts them into seven broad categories: cloud foundations, infrastructure, network services, platforms, applications, security and management.

BTC Logic claims Amazon and IBM are the “cloud champions” because they rank in the top five in four of the seven categories.

Read the rest

Read More...

Some experts question efforts to identify cyberattackers

By admin on Thursday, July 15th, 2010 | No Comments

IDG News Service - Efforts by the U.S. government to better identify cyberattackers will likely lead to violations of Internet users’ privacy and anonymity, and technological means to attribute the source of the attacks may be inaccurate, privacy and cybersecurity experts said Thursday.

Witnesses at a U.S. House of Representatives subcommittee hearing disagreed about whether the government should explore new ways to attribute the sources of cyberattacks. Several cybersecurity experts have called for new attribution efforts, including trusted identification systems, but Robert Knake, an international affairs fellow for the Council on Foreign Relations, said oppressive governments would use new identification technologies to track their political enemies.

Proposals to label IP (Internet Protocol) packets with unique identifiers “would be far more useful for authoritarian regimes to monitor and control Internet use by their citizens than it would be in combating cyberwarfare, crime and nuisance behavior,” Knake

Read the rest

Read More...

BlackBerry Protect Will Back Up, Restore or Wipe Data

By admin on Thursday, July 15th, 2010 | No Comments

Research In Motion has taken the wraps off a new security Relevant Products/Services app called BlackBerry Protect that will let BlackBerry handset users automatically back up and restore their data Relevant Products/Services. And should a handset ever become misplaced, lost or stolen, BlackBerry Protect provides additional features such as remote device locate, lock and wipe.

Carriers like Verizon Wireless already offer device-management services, and some companies have management software for their corporate-liable smartphones, noted Lisa Pierce, an independent wireless analyst with the Strategic Networks Group. What RIM’s announcement does is expand “the market for BlackBerry device management to individuals, small organizations, and even individuals/families who buy phones and services through corporate discounts” but are not protected under corporate-liable plans, Pierce said.

Backing Up and Restoring Data

The Blackberry Protect beta slated for release this week will initially be offered by invitation to selected… Read the rest

Read More...

Understanding the market for buggy software: Complexity blurs line between bugs and features

By admin on Thursday, July 15th, 2010 | No Comments

The prevalence of bugs in mainstream software is difficult to deny, but the reason for it is poorly understood and subject to debate.

The question of why people accept buggy software, but not other products with similar levels of flawed design, is perhaps not a valid question. It is unrealistically optimistic to think that people would not accept “bugs” in products such as cars. People do not accept design flaws in software that, in practice, end up killing people in very obvious ways — and the same is true of automobiles. On the other hand, most American cars seem to start developing major mechanical issues somewhere around fifteen or twenty thousand miles.

In both cases, there are people who do not accept such design flaws as manual transmissions that are always rough when shifting between first and second gear after the first ten thousand miles,… Read the rest

Read More...
« Older Entries