News for 4 July 2008 Year

17:39 Virus Center: Independence Day brings down attack on computer users

Sophos is warning computer users of a widespread email spam campaign that poses as a video of American Independence Day fireworks, but is really an attempt to lure innocent victims into having their c... >>>



16:38 The Antivirus Industry in 2008

The folks at Ikarus Security Software seem to have enjoyed drinking of the truth serum, to come up with such a realistic retrospective of  the antivirus industry for the past 10 years, summarized in a single cartoon. Congrats, keeping it realistic means taking the issues seriously, compared to living in a self-serving twisted reality on their own. There's no such thing as cat and mouse game anymore, since the mouse has gotten bigger than the cat.

>>>



15:52 Maybe privacy is dead after all

At least it will be for YouTube viewers if this judge has his way. I rarely agree with Michael Arrington, but in this case he’s right: with all due respect, Judge Stanton is an idiot. If nothing else, this judge needs to go back and review some recent history about what can happen when [...] >>>



15:44 Storm Worms Independence Day campaign

A Storm Worm’s Independence Day campaign is circulating online using email as propagation vector, attempting to trick users into visiting a Storm Worm infected host, where a multitude of what looks like over five different exploits attempt to automatically infect the visitors next to the malware binary fireworks.exe. Historically, Storm Worm is constantly changing its [...]
>>>



09:52 MS readies Vista code injection risk fix

Redmond security gnomes get tough

Critical bug fixes are on the agenda for this month's monthly patch update from Microsoft.

>>>



03:28 Off the wire: Book review - Google Apps Hacks

With all Google's offerings, getting the best out of them and discovering cool features can sometimes be time consuming. Fortunately, there's "Google Apps Hacks", a typical O'Reilly title that cuts to... >>>



00:07 Off the wire: An introduction to the Kismet packet sniffer

Kismet is a wireless "detector, sniffer, and intrusion detection system," and one of the growing list of essential open source tools for computer network security professionals. >>>



00:00 Time Bomb Neckties

Not recommended to wear at the airport.

>>>



00:00 Encrypting Disks

The UK is learning: The Scottish Ambulance Service confirmed today that a package containing contact information from its Paisley Emergency Medical Dispatch Centre (EMDC) has been lost by the courier, TNT, while in transit to one of its IT suppliers. The portable data disk contained a copy of records of 894,629 calls to the ambulance service's Paisley EMDC since February 2006. It was fully encrypted and password protected and includes the addresses of incidents, some phone numbers and some patient names. Given the security measures and the complex structure of the database it would be extremely difficult to gain access to any meaningful information. News story here. That's what you want to do. There is no problem if encrypted disks are lost. You can mail them directly to your worst enemy and there's no problem. Well, assuming you've implemented the encryption properly and chosen a good key. This is much better than what the HM Revenue & Customs office did in November. I wrote about disk and laptop encryption previously.

>>>



00:00 Hundreds of Thousands of Laptops Lost at U.S. Airports Annually

This is a weird statistic: Some of the largest and medium-sized U.S. airports report close to 637,000 laptops lost each year, according to the Ponemon Institute survey released Monday. Laptops are most commonly lost at security checkpoints, according to the survey. Close to 10,278 laptops are reported lost every week at 36 of the largest U.S. airports, and 65 percent of those laptops are not reclaimed, the survey said. Around 2,000 laptops are recorded lost at the medium-sized airports, and 69 percent are not reclaimed. Travelers seem to lack confidence that they will recover lost laptops. About 77 percent of people surveyed said they had no hope of recovering a lost laptop at the airport, with 16 percent saying they wouldn't do anything if they lost their laptop during business travel. About 53 percent said that laptops contain confidential company information, with 65 percent taking no steps to protect the information. I don't know how to generalize that to a total number of lost laptops in the U.S.; let's call it 750,000. At $1,000 per laptop -- a very conservative estimate -- that's $750 million in lost laptops annually. Most are lost at security checkpoints, and I'm sure the numbers went up considerably since those checkpoints got more annoying after 9/11. There aren't a lot of real numbers about the costs of increased airport security. We pay in time, in anxiety, in inconvenience. But we also pay in goods. TSA employees steal out of suitcases. And opportunists steal hundreds of millions of dollars of laptops annually.

>>>



00:00 Friday Squid Blogging: Giant Squid Found off Santa Cruz Coast

It's twenty-five feet long, with tenticles the size of human legs.

>>>