|
Last updated: April 6, 2007 6:15:52 PM Pacific Time
O'Reilly Network: The Next 50 Years of Computer Security. Q&A with Alan Cox. In theory as we get better at security the expected standard rises and those who fail to keep up would become more and more exposed to negligence claims. The bad case is that someone or some organization unleashes a large scale internet PC destroyer before we are ready and legislation gets rushed through in response. eWEEK: Microsoft Scraps Old Encryption in New Code. The Redmond, Wash., software company instituted a new policy for all developers that bans functions using the DES, MD4, MD5 and, in some cases, the SHA1 encryption algorithm, which is becoming "creaky at the edges," said Michael Howard, senior security program manager at the company, Howard said. Technology Review: Virus Hunter. But as it turned out, the hours spent taking on alien invaders served as training for battling an altogether different kind of assailant: computer viruses. Hypponen, now the chief research officer of the Finnish computer security firm F-Secure, has become one of the most respected virus hunters in the business. News.Com: Something fishy's going on. Bruce Schneier. This sounds great, but it's a double-edged sword. The same system that prevents worms and viruses from running on your computer might also stop you from using any legitimate software that your hardware or operating system vendor simply doesn't like. eWEEK: Researchers Chase Away Worms, Wi-Fi Bandits at Intel. The computer chip giant here at its Intel Developer Forum on Thursday discussed technology designed to head off computer worms and virus attacks in PCs, by stopping the agents before they can begin to spread and attack other systems. InfoWorld: The summer of PKI love. Jon Udell. But as we learned at the summit, there's been progress on both fronts. Growing adoption of hardware tokens is making cryptographic identities independent of machines. And emerging trust bridges are enabling those identities to be federated among universities, the federal government, and industry. USA Today: Electronic passports set to thwart forgers. The U.S. passport is joining the digital age. After three years of research and discussion, the State Department has finalized most of the technical and logistical details of new, supposedly tamper-proof passports embedded with a "smart-card" chip. Schneier on Security: More Lynn/Cisco Information. By attempting to muzzle Lynn, the two companies ensured that 1) the vulnerability was the biggest story of the conference, and 2) some group of hackers would turn the vulnerability into exploit code just to get back at them. Wired News: Router Flaw Is a Ticking Bomb. In the aftermath, Lynn reached a legal settlement with Cisco and ISS in which he agreed to erase his research material on the vulnerability, to keep secret the details of the attack, and to refrain from distributing copies of his presentation, among other concessions. eWEEK: Privacy Pioneer Promises Secure VOIP. Using the open-source, cross-platform softphone Shtoom and the Diffie-Hellman key agreement protocol, Zimmermann has developed a session-based encryption tool that lets two users on a SIP (Session Initiation Protocol)-based VOIP connection verify each other's identity to avoid snooping.
| 