Other Posts

A Portable Security Risk

More and more employees are bringing personal mobile devices, such as media players, flash drives and smart phones, to work for entertainment, communications and other purposes. Equally, many employers issue their staff with such devices to allow them to be more mobile and to run business applications as part of their job. This explosion of personal devices with built in […]

March 31, 2010 · 0 comments · security

What If All Software Was Open Source? A Code to Unlock the Desktop

What if all software was open source? Anybody would then be able to add custom features to Microsoft Word, Adobe Photoshop, Apple iTunes or any other program. A University of Washington project may make this possible. “Microsoft and Apple aren’t going to open up all their stuff. But they all create programs that put pixels on the screen. And if […]

March 30, 2010 · 0 comments · miscellaneous

Soft Spots in Hardened Software

Over the past decade, Microsoft, the target of choice for many online attackers, has hardened its operating system, adopting technologies designed to make it harder for attackers to find and exploit vulnerabilities. Apple and many other software makers have followed suit, introducing similar additional security measures to their operating systems. Yet last week, during the “Pwn2Own contest” at CanSecWest, a […]

March 30, 2010 · 0 comments · security

Free Software: Phase Two

Free software is ubiquitous. It runs everywhere on (almost) everything. The question that dominated most of the discussions at the Libre Planet Conference in Boston about a week ago is what now? How can the community capitalize on its achievements to make the movement more inclusive and reconceive the relationship between free software and privacy? Most attendees seem to agree […]

March 30, 2010 · 0 comments · privacy and licensing
Governments May Fake SSL Certificates

Governments May Fake SSL Certificates

Today two computer security researchers, Christopher Soghoian and Sid Stamm, released a draft of a forthcoming research paper in which they present evidence that certificate authorities (CAs) may be cooperating with government agencies to help them spy undetected on “secure” encrypted communications. (EFF sometimes advises Soghoian on responsible disclosure issues, including for this paper.) More details and reporting are available […]

March 24, 2010 · 0 comments · privacy and licensing, security

All Your Browsing History Are Belong to Us

For several years, it has been a poorly kept secret that any Web site you went to could secretly search your browser’s history file to see what sites you had previously visited.  All the site owner had to do was ask.  And while browser history “sniffing” has been around for a long time, companies are finally starting to actively take […]

March 24, 2010 · 1 comment · privacy and licensing