Here’s a great example of the phenomenon Jerry wrote about recently–the blogger network being more knowledgeable about many subjects than the old media “experts.” Juan Cole is a professor at the University of Michigan, an expert on the Middle East and is fluent in Persian, the language of Iran. He recently reported on an...
Read more »

A how-to on boarding early on Southwest… …Use any HTML editor to change the “B” or “C” graphic on your saved boarding pass to the “A” graphic that you saved. Not rocket science, but points out the inherent insecurity of boarding passes you print out yourself. I suspect it’s similarly easy with other airlines....
Read more »

“When is a deleted file really deleted? With Windows Vista, that answer gets complicated. Microsoft recently revealed that Windows Vista would inherit ‘volume shadow copy’ technology from Windows XP and Windows Server 2003. In those older operating systems, volume shadow copy is used to take periodic snapshots of key system files, though the service can...
Read more »

“Most of the papers deal with the potential gains a honeypot can give you, and the proper way to monitor a honeypot. Not very many of them deal with the honeypots themselves. Honeypots are a hot topic in the security research community right now. It seems everyone is starting up their own honeypot system....
Read more »

“Later this week, the group will release the latest draft of a set of guidelines for utilities and manufacturers that offers specific requirements for suppliers of supervisory control and data acquisition (SCADA) systems, SecurityFocus has learned. The guidelines aim to elevate system security to an explicit part of negotiations between customer and supplier with...
Read more »

Click here to listen/download (08:03). Happy half-birthday, Speaking of Security Podcast! Yes, we are 6 months old and this is our 24th weekly edition of the RSA Security podcast. To celebrate, we take a trip in the “wayback machine” to revisit an enduring theme: Security vs. Usability. We feature Bruce Cundiff, Research Analyst, Javelin Strategy...
Read more »

Counter to what the movies might say, hacking grades is not just cheating it’s a crime: An investigation showed the professor’s network account had been accessed without her permission and grades were assigned to nearly 300 students, prosecutor Robert Fratianne said. I bet they just guessed her password but still, there’s more legal ways to...
Read more »

Evidently the criminals that utilize stolen credit card and ATM numbers for profit are called Cashers. Wired profiles a former Casher, and this is my favorite part: It was his mother who introduced him to the online world of card thieves. In 2002, after completing a stint in drug rehab, his mother, “a big-time...
Read more »

An interesting use of the traditionally trusted medium of the phone: leave “accidental” messages on answering machines and voicemail hyping a stock: The messages were made to seem mistakenly left on answering machines, often made by a caller identifying herself as “Debbie” who wanted to pass along to a girlfriend a “hot” stock tip...
Read more »

“In a meeting that will go down in internet history, the United States government last night conceded that it can no longer expect to maintain its position as the ultimate authority over the internet. Having been the internet’s instigator and, since 1998, its voluntary taskmaster, the US government finally agreed to transition its control over...
Read more »

Internet Explorer 7 will be a huge win for web security, and Microsoft has announced how they will be distributing it: AU will notify you when IE7 is ready to install. Alternately, you will be able to visit the Windows Update or Microsoft Update sites and obtain IE7 by performing an “Express” scan for high-priority...
Read more »

The seems to be a rash of news reports lately about vulnerabilities in Vista. Maybe it’s a quick way to grab a headline, to beat up the product that promises a better security model but has been delayed infinitely. The attacks are interesting, and reinforce that no new OS will be a...
Read more »