Sheraton Boston Hotel, Â Â Boston, Massachusetts.
     Contact: Conference Department:   conference@usenix.org
Phone #: 10-528-8649
Paper submissions due: February 1, 2007
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security of computer systems and networks.
On Monday, February 5 “Speaking of Security” the RSA Blog and Podcast will have a new URL.
The new URL for “Speaking of Security” will be http://www.rsa.com/blog/.
Original post by blog@rsa.com (Blog Editor) and plugin by Elliott Back
So Hannes tagged me, so here are five bits of information you might not know:
My brother and I compete in finding the crappiest DVDs around. On my last birthday, he gave me Daniel der Zauberer, and it was hard not to puke while watching it. I got my revenge last christmas when I gave him Santa With Muscles—the IMDB trivia says it all.
By a series of coincidences, I am mentioned in the credits of Mozilla-based browsers
When I was younger, I played a bit of chess, however never really successful. However by a series of coincidences, I was captain of the German team at the 1999 World Cities Chess Championship in Shenyang (China). If you want to see how I was crushed by GM Hua Ni (currently #82 in the world), you will find a focal point of the game here.
My first participation in a book project was translating a few chapters in a book on QuarkXPress, since the other translators were behind schedule. I selected topics much more diligently since. My first book was writing 50% of an encyclopedia. I was brought into the project so late that my name actually did not make it on the cover of the book any more, but only on the first page. I selected publishers much more diligently since.
I have to travel a lot, and love to go to concerts wherever I am, so Ticketmaster is my friend. Unfortunately, I usually first buy the tickets and later check how to get to the venue, so from time to time I have to forfeit tickets. However quite often I am lucky and actually can attend. In 2005, among the concerts I attended were Live 8 in London and Oasis in Los Angeles; 2006’s highlights included Guns N’ Roses in [...]
Read more at nospam@example.com (Christian)
Since ASP.NET AJAX has been published last week, it was time to compile information regarding Programming Atlas. On the book page, you now find a document describing changes made in the Atlas to ASP.NET AJAX migration that affect the book. In the meanwhile, I am already working on updating the whole book; expect more infos on that soon!
Update: Now als Amazon Amazon offers the PDF for download.
Read more at nospam@example.com (Christian)
Quite often I have to revise old code in IDA Pro. Given its age, it happens almost every time a new feature is added (two exceptions: the bTree and the virtual memory manager are basically the same as about 17 years ago).
Original post by Security Wonk and software by Elliott Back
Quite often I have to revise old code in IDA Pro. Given its age, it happens almost every time a new feature is added (two exceptions: the bTree and the virtual memory manager are basically the same as about 17 years ago).
Original post by Security Wonk and plugin by Elliott Back
Windows Vista is going to be released tonight. As I sit here writing this article it is only 3 hours, 3 minutes, 24 seconds before it is unleashed to the general public.
It is times like this I get nostalgic and start thinking of the first time I got my hands on a copy of Windows. I remember when I was a student interning at a local computer store, and DOS was the only game in town. I still thought my Commodore 64 kicked its butt at the time.
They purchased a new demo system – I had to set it up for the sales floor. Yes. They had real sales people on commission back then, and they made a mint selling systems. They wanted me to install Windows. Windows? I said. What the heck is that?
Once I started to play with it I was hooked. It was the first time [...]
Original post by Steve Wiseman and plugin by Elliott Back
This is a listing of Web Application Vulnerabilities that were released by SANS in their @RISK newsletter yesterday -
————–
Summary of the vulnerabilities reported this week:
————–
– Web Application – Cross Site Scripting (8)
07.5.44 – ezDatabase Login.PHP Cross-Site Scripting
07.5.45 – Openads phpAdsNew Admin-Search.PHP Cross-Site Scripting
07.5.46 – 212cafeBoard Multiple Cross-Site Scripting Vulnerabilities
07.5.47 – Bitweaver Articles and Blogs Multiple Cross-Site Scripting Vulnerabilities
07.5.48 – 212Cafe Guestbook Show.PHP Cross-Site Scripting
07.5.49 – Openads for PostgreSQL Unspecified Cross-Site Scripting
07.5.50 – PostNuke Reviews Index.PHP Cross-Site Scripting
07.5.51 – Sabros.US Index.PHP Cross-Site Scripting
— Web Application – SQL Injection (10)
07.5.52 – Makit Newsposter Script News_Page.ASP SQL Injection
07.5.53 – GPS CMS Print.ASP SQL Injection
07.5.54 – ASP News News_Detail.ASP SQL Injection
07.5.55 – ASP Edge User.ASP SQL Injection
07.5.56 – Drupal Acidfree Module Node Title SQL Injection
07.5.57 – Website Baker Login.PHP SQL Injection
07.5.58 – FishCart Olst Parameter SQL [...]
This is a listing of Web Application Vulnerabilities that were released by SANS in their @RISK newsletter yesterday -
————–
Summary of the vulnerabilities reported this week:
————–
– Web Application – Cross Site Scripting (8)
07.5.44 – ezDatabase Login.PHP Cross-Site Scripting
07.5.45 – Openads phpAdsNew Admin-Search.PHP Cross-Site Scripting
07.5.46 – 212cafeBoard Multiple Cross-Site Scripting Vulnerabilities
07.5.47 – Bitweaver Articles and Blogs Multiple Cross-Site Scripting Vulnerabilities
07.5.48 – 212Cafe Guestbook Show.PHP Cross-Site Scripting
07.5.49 – Openads for PostgreSQL Unspecified Cross-Site Scripting
07.5.50 – PostNuke Reviews Index.PHP Cross-Site Scripting
07.5.51 – Sabros.US Index.PHP Cross-Site Scripting
— Web Application – SQL Injection (10)
07.5.52 – Makit Newsposter Script News_Page.ASP SQL Injection
07.5.53 – GPS CMS Print.ASP SQL Injection
07.5.54 – ASP News News_Detail.ASP SQL Injection
07.5.55 – ASP Edge User.ASP SQL Injection
07.5.56 – Drupal Acidfree Module Node Title SQL Injection
07.5.57 – Website Baker Login.PHP SQL Injection
07.5.58 – FishCart Olst Parameter SQL [...]
Original post by rcbarnett and a wordpress plugin by Elliott
After we announced Outpost Security Suite Pro in January’s Agnitum Directions, we received a huge number of comments and questions from our users.
In today’s blog post, I am going to cover the most common questions we’ve received, along with our vision for how Agnitum will be helping you protect your computers in 2007 and beyond.
But let me start with users and their needs, not products and their features.
Broadly speaking, there are two types of user when it comes to Internet Security:
People looking for an all-in-one solution
People looking for individual best-of-breed solutions
While both types of user are obviously looking for robust security, the former clearly places a greater emphasis on convenience and ease of use. The latter is probably more technically inclined and prefers to implement ‘best-of-breed’ solutions in each category (firewall, antivirus, antispyware, antispam, etc) in order to maximize their online protection.
It is worth noting that in each [...]
Original post by Agnitum BLOG and plugin by Elliott Back
Julie Amero, a substitute teacher in Norwich Connecticut, has been found guilty of four felony counts of injury to or impairing the morals of children, each count caries a maximum of 10 years in prison as a sentence. 40 years for something that wasn’t her fault.
Why is this blog entry entitled WTF Guilty? For the simple reason that there is no way in hell this woman did anything wrong.
Julie Amero, showed up to work as a substitute teacher, was logged into the computer in the classroom by the teacher she was substituting for and specifically told not to turn the computer off, which is all well and good. Until it comes time for students to get on the computer. Most people know that children will click any popup that comes up and not know where it takes them or care for that matter as long as they can see the site they want, hell most adults click through popups and don’t bat an eye.
Add to the fact that its children operating this computer that the operating system wasn’t updated, an antivirus that wasn’t even available on the market anymore, an outdated version of Internet Explorer (5.5) that had more holes than colander and that the content filter on the machine hadn’t been updated in ages and you have the perfect recipe for disaster.
The blame for this whole incident should fall squarely on the school district for not having properly maintained equipment. I realize updating all of the above items takes time and money, but if they aren’t gonna do it they shouldn’t have computers in the classroom.
When Julie Amero saw the the porn popups she immediately moved the students away from the computer. She didn’t turn it off as she was specifically told not to. Being a computer illiterate she [...]
Read more at atribune
Click here to listen/download (07:26).
Meet another new Speaking of Security blogger, Uriel Maimon, a researcher in the CTO office of the consumer solutions group at RSA. Uriel specializes in financial fraud, crimeware analysis and cyber-forensics. We also discuss the findings from RSA’s Annual Consumer Online Fraud Survey.
Original post by blog@rsa.com (Podcast Producers) and software by Elliott