Thursday, February 01, 2007 9:22 PM EST
Counterpane CTO and noted security expert Bruce Schneier estimates that despite all the political pressure being applied, any effort to create a Real ID is likely to result in at least $11 billion in spending and very little additional security.
Schneier, in this post, says the plan is fundamentally flawed because cards will be forged while other people will obtain cards under fraudulant names, while others still will simply lose their cards. Worse yet, the system would require a network of databases full of sensitive data that in themselves would become centralized targets for every black hat hacker on the planet.
The bottom line argument, according to Schneier, is that the whole concept of secure idnetification cards is little more than a myth that is likley to cause more trouble than it's worth -- Michael Vizard.
Thursday, February 01, 2007 9:37 PM EST
This month marks the fifth anniversary of the organization that brings us the Phishing Incident Response Team that works with law enforcement agencies to help bring phishers to justice.
It's hard to believe that the folks at CastleCops, a volunteer forum, have been chasing phishers for over five years now given the fact that phishing has only gain national attention in the last two to three years.
In this post by Brian Krebs of the Washington Post, walks people through a brief history of an organization that could probably use a few more volunteers given the ever increasing scope of the problem.
Friday, February 16, 2007 1:16 PM EST
Patches are available on Apple's Web site, but two of the flaws could be used to execute code on an unpatched system.
Wednesday, February 28, 2007 2:55 PM EST
Ever the friend to its most attentive audience, Google has begun to offer more tools to Webmasters to combat malware. Previously, Google only informed webmasters that their sites had been identified as having malware and made generic suggestions for fixing the problem. Now, the company also points webmasters to specific offending pages from their sites that Google has determined contain malicious components. Related: Google recently fixed a vulnerability in Google Desktop.
Wednesday, March 07, 2007 3:07 PM EST
Bouncing back from a few security problems, Google has released version 5 of its popular Google Desktop software.
Tuesday, March 27, 2007 4:45 PM EST
HD Moore's open-source Metasploit Framework, rewritten from scratch, has been released with 177 exploits, 104 payloads and new modules to exploit Wi-Fi driver vulnerabilities in the Windows kernel, Ryan Naraine reports. Version 3.0 of the point-and-click hacking tool, which is used for pen testing and to verify patch installations, is now available as a free download.
Monday, April 02, 2007 3:44 PM EST
Microsoft will jump its monthly patch schedule to a release a patch this Tuesday for the animated cursor attack that's been pestering Windows users for a week. The regular schedule would have been for patches to come out on Tuesday, April 10. However, testing was completed earlier than anticipated, Microsoft said, and is being released so as to help protect customers.
