| |
| Current Topic: Computer Security |
|
A Voting System for Internet by Domain Name Owners - Part I |
|
|
|---|
| Topic: Computer Security |
5:32 am EDT, Oct 16, 2003 |
] The primary intended use for this is to allow
] identifiable participants in the domain name system to
] vote on matters that affect the whole domain name system
] in an easy (and easily-verifiable) fashion. The method
] for voting is specifying a string in the whois data for a
] domain name. This sounds like a good idea. I need to think about it more. Something tells me that this doesn't necessary put the power in a better place.. I need to think about the math in play. Wouldn't this just mean that the lion-share of the voice just goes to domain speculators? A Voting System for Internet by Domain Name Owners - Part I |
|
CD 'shift-key' Hackers Sued |
|
|
|---|
| Topic: Computer Security |
12:07 am EDT, Oct 10, 2003 |
] SunnComm Technologies Inc. (OTC: STEH), a leader in
] digital content security and enhancement for optical
] media, announced today that it intends to take legal
] action against the writer of a critical report titled:
] "Analysis of the MediaMax CD3 Copy-Prevention System." CD 'shift-key' Hackers Sued |
|
[IP] Torvalds: geeky kids need dates [risks] Risks Digest 22.92 |
|
|
|---|
| Topic: Computer Security |
9:05 am EDT, Oct 7, 2003 |
] Should we blame the teenager? Sure, we can point the
] finger at him and say, 'Bad boy!' and slap him for it. Will that
] actually fix anything? No. The next geeky kid frustrated about not
] getting a date on Saturday night will come along and do the same thing
] without really understanding the consequences. So either we should make
] it a law that all geeks have dates -- I'd have supported such a law when I
] was a teenager -- or the blame is really on the companies who sell and
] install the systems that are quite that fragile." Linus is in a position to say things directly that some of us cannot be trusted to say objectively. [IP] Torvalds: geeky kids need dates [risks] Risks Digest 22.92 |
|
Guardian Unlimited | Online | Hacker attack left port in chaos |
|
|
|---|
| Topic: Computer Security |
9:02 am EDT, Oct 7, 2003 |
] A lovesick hacker brought chaos to America's busiest
] seaport after launching a computer attack on an internet
] chatroom user who had made anti-American comments,
] a court heard yesterday. ] "The defendant's girlfriend was an American called
] Jessica. The defendant was deeply in love with her - in
] fact somewhat obsessed with her. He named his computer
] after her and he dedicated parts of the attack script to
] her rather like the way some adolescents draw graffiti
] on walls with 'I love so-and-so'. This defendant managed
] to weave into the script a sentence about his girlfriend
] Jessica." Guardian Unlimited | Online | Hacker attack left port in chaos |
|
IE Gets Blame for Theft of Half Life 2 Code |
|
|
|---|
| Topic: Computer Security |
5:57 pm EDT, Oct 4, 2003 |
] Security experts are blaming known but unpatched
] vulnerabilities in Microsoft Corp.'s Internet Explorer
] for the theft and distribution of the source code for a
] much anticipated new video game.
]
] The source code for Valve Corp.'s Half Life 2, a sequel
] to the popular shoot-'em-up game that was due out by
] December, was posted on the Internet on Thursday,
] according to a statement from Valve Managing Director
] Gabe Newell. ] "This is what happens when you have 31 publicly
] known unpatched vulnerabilities in IE," wrote Thor
] Larholm, senior security researcher for PivX Solutions
] LLC, in a posting to the NTBugTraq mailing list. "I have
] seen screenshots of successfully compiled HL2
] installations, with WorldCraft and Model Viewer running
] atop a listing of directories such as hl2, tf2 and cstrike." IE Gets Blame for Theft of Half Life 2 Code |
|
[Politech] Dan Geer loses CTO job at AtStake after criticizing Microsoft |
|
|
|---|
| Topic: Computer Security |
8:14 am EDT, Sep 26, 2003 |
] A computer security expert who contributed to a paper
] deeply critical of Microsoft has been dismissed by his employer,
] a consulting company that works closely with the software giant. [Politech] Dan Geer loses CTO job at AtStake after criticizing Microsoft |
|
VeriSign Wildcard Infrastructure Changes |
|
|
|---|
| Topic: Computer Security |
7:48 pm EDT, Sep 20, 2003 |
"Snubby" has been replaced, its now something based on Postfix. I can't count the number of SMTP servers in each server pool like I could with the previous SMTP implementation, but it is worth noting that the number of HTTP servers in each redirection pool has dropped. There were 30 machines in each of four clusters at different two locations, for what looks like a total of 120 servers in the US. Now the clusters are down to 20 machines in each, so 80 total US. Its safe to assume those machines have been transfered to the SMTP pool in this change. That would be at least 20 SMTP servers on each coast. |
|
Cross Site Scripting with VeriSign SiteFinder |
|
|
|---|
| Topic: Computer Security |
9:59 pm EDT, Sep 15, 2003 |
Looks like the VeriSign engineers have a thing or two they need to learn about sanitizing input. I promise this link will not fuck up your system, but it could.. [U: They fixed this.. ] Cross Site Scripting with VeriSign SiteFinder |
|
Diebold appears to have conflict |
|
|
|---|
| Topic: Computer Security |
2:34 am EDT, Sep 5, 2003 |
] A wealthy businessman helping the Ohio Republican Party
] try to win the state in 2004 for President Bush also is
] the head of a company competing for a state contract to
] sell voting machines.
]
] Walden O'Dell, chief executive of Diebold Inc., told
] Republicans in an Aug. 14 fund-raising letter that he is
] ``committed to helping Ohio deliver its electoral votes
] to the president next year.'' Watch the bouncing ball here. The mainstream press has widely discredited the security analysis of the Diebold's machines because the person that performed it is on the board at a competing company. On the other hand, there is hardly a peep about this. There are 9 links on google news from 6 outlets, 4 small local news stations, and two leftist journals. Want undeniable proof of press culpability, compare a google news search for "Walden O'Dell" with "Avi Rubin votehere" Not all of the Avi Rubin stories are critical, but we're talking about 63 to 9 here. Furthermore, consider the impact that the blaster worm stories have had on the American mindset. We may not say "this kid created the blaster worm" but we build that association in your head anyway. The AJC: "Furor over the report was partly defused when the lead researcher acknowledged this week that he failed to disclose that he had stock options in VoteHere, a company that competes with Diebold in the voting-software market, and was a member of VoteHere's technical advisory board." From ABC: Diebold officials said they were "shocked and disappointed" by Rubin's admissions. "Diebold Election Systems has consistently questioned the conclusions drawn by the Johns Hopkins-issued report," the company said in a statement. "It is now clear, by Mr. Rubin's own admission, that questions of bias must be considered." Diebold appears to have conflict |
|
Yahoo/Reuters | Blaster culprit's High School yearbook photo |
|
|
|---|
| Topic: Computer Security |
4:32 am EDT, Aug 30, 2003 |
] The FBI (news - web sites) on August 29, 2003 arrested
] Jeffrey Lee Parson, 18, Minnesota teenager officials said
] admitted to making a copycat variant of the devastating
] Blaster Internet worm. Parson is pictured in this Hopkins
] High School 2003 yearbook photo. Photo by Reuters
] (Handout) Yahoo/Reuters | Blaster culprit's High School yearbook photo |
|
