Archive for March, 2010

A Comfortable and Secure Login Method

As most Internet users know, it is often hard to remember or keep apart all the passwords and login names for one’s different online accounts. Dr. Bernd Borchert, together with students at the Computer Science Department of Tübingen University, has tackled this issue. They developed a new method that saves the users not only the trouble of memorizing the passwords […]

March 31, 2010 · 0 comments · security

A Portable Security Risk

More and more employees are bringing personal mobile devices, such as media players, flash drives and smart phones, to work for entertainment, communications and other purposes. Equally, many employers issue their staff with such devices to allow them to be more mobile and to run business applications as part of their job. This explosion of personal devices with built in […]

March 31, 2010 · 0 comments · security

What If All Software Was Open Source? A Code to Unlock the Desktop

What if all software was open source? Anybody would then be able to add custom features to Microsoft Word, Adobe Photoshop, Apple iTunes or any other program. A University of Washington project may make this possible. “Microsoft and Apple aren’t going to open up all their stuff. But they all create programs that put pixels on the screen. And if […]

March 30, 2010 · 0 comments · miscellaneous

Soft Spots in Hardened Software

Over the past decade, Microsoft, the target of choice for many online attackers, has hardened its operating system, adopting technologies designed to make it harder for attackers to find and exploit vulnerabilities. Apple and many other software makers have followed suit, introducing similar additional security measures to their operating systems. Yet last week, during the “Pwn2Own contest” at CanSecWest, a […]

March 30, 2010 · 0 comments · security

Free Software: Phase Two

Free software is ubiquitous. It runs everywhere on (almost) everything. The question that dominated most of the discussions at the Libre Planet Conference in Boston about a week ago is what now? How can the community capitalize on its achievements to make the movement more inclusive and reconceive the relationship between free software and privacy? Most attendees seem to agree […]

March 30, 2010 · 0 comments · privacy and licensing
Governments May Fake SSL Certificates

Governments May Fake SSL Certificates

Today two computer security researchers, Christopher Soghoian and Sid Stamm, released a draft of a forthcoming research paper in which they present evidence that certificate authorities (CAs) may be cooperating with government agencies to help them spy undetected on “secure” encrypted communications. (EFF sometimes advises Soghoian on responsible disclosure issues, including for this paper.) More details and reporting are available […]

March 24, 2010 · 0 comments · privacy and licensing, security