| |
| Current Topic: Computer Security |
|
CNN.com - Microsoft plans Windows overhaul to fight hackers - Oct. 16, 2003 |
|
|
|---|
| Topic: Computer Security |
12:56 pm EDT, Oct 16, 2003 |
] Microsoft promised to improve the way in which Windows
] manages computer memory to protect users against commonly
] exploited software flaws known as buffer overruns, which
] can trick Windows into accepting dangerous commands. Some
] of the most damaging attacks in recent months fall under
] this category. MS deploys non-executable stack patch. (What year is it?) CNN.com - Microsoft plans Windows overhaul to fight hackers - Oct. 16, 2003 |
|
A Voting System for Internet by Domain Name Owners - Part I |
|
|
|---|
| Topic: Computer Security |
1:32 pm EDT, Oct 15, 2003 |
] The primary intended use for this is to allow
] identifiable participants in the domain name system to
] vote on matters that affect the whole domain name system
] in an easy (and easily-verifiable) fashion. The method
] for voting is specifying a string in the whois data for a
] domain name. I beleive that the primary problem with the DNS that has lead to the present difficulties with Verisign, as well as previous difficulties, and future difficulties as well, is that the regulatory body which controls the DNS, ICANN, does not have democratic legitimacy. ICANN attempted to enable open elections, but this process fell apart for various reasons. A former roommate of mine (for a short period of time) wrote this essay at circleid on the subject. I'd like to know what people think. A Voting System for Internet by Domain Name Owners - Part I |
|
CD 'shift-key' Hackers Sued |
|
|
|---|
| Topic: Computer Security |
11:13 pm EDT, Oct 9, 2003 |
] SunnComm Technologies Inc. (OTC: STEH), a leader in
] digital content security and enhancement for optical
] media, announced today that it intends to take legal
] action against the writer of a critical report titled:
] "Analysis of the MediaMax CD3 Copy-Prevention System." CD 'shift-key' Hackers Sued |
|
Guardian Unlimited | Online | Hacker attack left port in chaos |
|
|
|---|
| Topic: Computer Security |
7:38 am EDT, Oct 7, 2003 |
] The "denial of service" bug meant the port's web service
] was not accessible to provide crucial data for shipping
] pilots, mooring companies and support firms responsible
] for helping ships to navigate in and out of the harbour,
] placing shipping at risk. So, let me get this straight. Houston has computers associated with the navigation of ships in their harbor connected to the internet? Guardian Unlimited | Online | Hacker attack left port in chaos |
|
[IP] Torvalds: geeky kids need dates [risks] Risks Digest 22.92 |
|
|
|---|
| Topic: Computer Security |
10:39 pm EDT, Oct 6, 2003 |
] Should we blame the teenager? Sure, we can point the
] finger at him and say, 'Bad boy!' and slap him for it. Will that
] actually fix anything? No. The next geeky kid frustrated about not
] getting a date on Saturday night will come along and do the same thing
] without really understanding the consequences. So either we should make
] it a law that all geeks have dates -- I'd have supported such a law when I
] was a teenager -- or the blame is really on the companies who sell and
] install the systems that are quite that fragile." Linus is in a position to say things directly that some of us cannot be trusted to say objectively. [IP] Torvalds: geeky kids need dates [risks] Risks Digest 22.92 |
|
|
|---|
| Topic: Computer Security |
7:27 am EDT, Oct 6, 2003 |
The basic premise for this paper is the observation that for all network communications, there is a non-zero (and often considerable) delay between the act of sending an information and receiving a reply. The effect should be contributed to the physical constrains of the medium, and to the data processing times in all computer equipment. A packet storing a piece of data, just like an orange with a message written on it, once pushed travels for a period of time before coming back to the source - and for this period of time, we can safely forget its message without losing data. This is an old idea, but a fun one... Juggling with packets |
|
ZDNet UK - News - New Trojan appears to attack VeriSign |
|
|
|---|
| Topic: Computer Security |
12:41 pm EDT, Oct 3, 2003 |
] A Trojan program has emerged in Australia that may be
] triggering a concerted assault on VeriSign's domain name
] server. ZDNet UK - News - New Trojan appears to attack VeriSign |
|
Microsoft faces class-action suit over security breaches - Oct. 2, 2003 |
|
|
|---|
| Topic: Computer Security |
1:51 pm EDT, Oct 2, 2003 |
] Microsoft Corp. faces a proposed class-action lawsuit in
] California based on the claim that its market-dominant
] software is vulnerable to viruses capable of triggering
] "massive, cascading failures" in global computer
] networks. For those of you in the "make'em liable and they'll fix it" camp, this bud's for you... Microsoft faces class-action suit over security breaches - Oct. 2, 2003 |
|
Security Expert Geer Sounds Off on Dismissal |
|
|
|---|
| Topic: Computer Security |
8:07 am EDT, Oct 1, 2003 |
] "I think there should be a huge outcry over his firing.
] It is that kind of intimidation against scientists
] speaking their minds that can be extremely dangerous to
] our society," Rubin said. Security Expert Geer Sounds Off on Dismissal |
|
Response to Linux Crypto Packages Demolished |
|
|
|---|
| Topic: Computer Security |
8:05 am EDT, Sep 30, 2003 |
] All because we do not have a stateless cryptosystem that
] works. It may very well be that such a demand is
] impossible. Stateless cryptosystems can send a message
] and not only not prenegotiate a session key, but tolerate
] large number of dropped packets. Replay attacks need to
] be suppressed, but packets need to be able to survive
] high latencies. CPU load needs to be kept reasonable,
] but no message can rely on the asymmetric results of
] another. Interesting response to that recent article on weaknesses in linux crypto packages... Response to Linux Crypto Packages Demolished |
|
