Showing headlines posted by zanek

The boss of the VA analyst who was allowed, though not authorized, to take home critical personal information belonging to over 26 million veterans, has finally fallen (or been pushed) onto his sword. No word on the fate of other personnel who covered up the theft. To hammer home official incompetence, the VA is offering a reward for the return of the equipment that held the data, apparently employing a theory that burglars don't know how to copy data.

So far, a programming lawyer seeking a patent for what appears to be a database-driven software application has been denied three times by UK patent officials and judiciary. The third rebuff instructively dissects both traditional and evolving UK Patent Law concerning software patents, before dismissing the supplicant's appeal.

Symantec started 2006 with its hand caught in the cookie jar, admitting to embedding rootkit-like functionality in Norton SystemWorks. Since then, Symantec LiveUpdate for Macintosh, Symantec Scan Engine and Symantec Gateway Security have all served up steaming plates of embarrassment. And now, Symantec Antivirus and Symantec Client Security allow remote exploits. With Wintel closing in on its a/v franchise and its stock already in the tank, the timing couldn't be worse.

While Big News Media frets that the NSA may be sifting through cell phone chatter to find terrorists, the VA lets crooks steal Social Security Numbers by the millions. As if that's not bad enough, local officials across the nation have become ID-thief enablers by posting individuals' Social Security Numbers on their websites. Email Battles tells you why locals do it, and what you need to do to protect your own identity from local officials' incompetence.

The death of the Blue Frog anti-spam client has mobilized a small group of developers to rethink Blue Security's concept. Not the tit-for-tat spam opt-out methods, mind you. The network architecture. Developers suggest that, if Blue Security had built a distributed P2P network, it could have withstood the type of attack that brought it down, along with Prolexis, Tucows, Typepad and UltraDNS. After looking over the plans, Email Battles offers a few suggestions.

Jayson Harris was the irritant that helped mold the legal approach now commonly used by Microsoft's crack Internet Safety Enforcement Team. In fact, he's logged two firsts: The Harris case is the first civil case filed by Microsoft related to phishing, and the biggest phishing case in Iowa's history. Microsoft actually calls him the "MSN Billing Phisher." So why the short sentence and puny fine?

Most who have read China's Internet Email Service Management Regulations know that, in an effort to control spam, it limits commercial email, while forcing email service providers to register all IP addresses and keep logs of email correspondents. But an article incorporated by reference strips all anti-spam pretensions aside, by aiming squarely at email communications between consenting, and possibly religious or political, adults.

An Israeli company's anti-spam effort that deployed unorthodox methods to respond to spammers ended today. Blue Security claimed it was raising the white flag because too many non-combatants were being hurt in its Denial of Service battles with spammers. Others suggest that the venture capital funds dried up. In any event, the Blue Security website is down again. Just in case, Email Battles performed the post-mortem, and captured the company's final words for posterity.

After Maxthon gulped down yet another infusion of cash from yet another venture capitalist, observers are wondering what's next for the better-than-IE browsing platform based on Microsoft's rendering engine. Will the cash allow Maxthon to withstand a coming onslaught from the new, improved Internet Explorer 7? Or is the money intended to buy lipstick for an upcoming sale to a well-known suitor?

Every day, it seems, some security company or industry anti-phishing coalition is grinding out a press release either extolling the virtues of its solution, or gloomily predicting the demise of Western civilization... or at least the Internet... due to phishing. But while experts cluck about phishing, users are still more concerned over a spam problem that is either too hot, too cold, or just about right. Depends on how you look at it.

The number two digital certificate vendor, Comodo, expected their new, free, anti-virus engine's release to be greeted with accolades. Instead, they're drawing fire from critics who claim that the software sneakily installed more than they bargained for. Another case of Sony-style corporate deceit, or a few spoiled endusers looking a gift horse in the mouth? Email Battles ruminates.

Until AMD undermined Intel's PC hegemony, most designers believed faster processors had to eat more power and create more heat. Since then, the industry has aimed to reduce power and cooling costs, while continuing to build ever more powerful processors. And a tiny startup is applying the mobius loop concept in an innovative way to assure that more powerful, less power-hungry processors keep coming.

In the rosy scenario provided by SSL Certificate Authorities, users would be instantly warned off when a web site contained no certification that verified its authenticity. Thus, the anti-phishing toolbar would protect the unwary from the moral turpitudes of predators. In practice, however, researchers have found that anti-phishing toolbars for web browsers that depend on verification of SSL certificates are the least likely of all to stop phishing. Email Battles explains why.

In its "Gunfight at the OK Corral" with a spammer, controversial Blue Frog maker, Blue Security, was shot out of the saddle, completely losing its own website to a denial of service attack. In addition, Blue Frog client email addresses were reportedly exposed, and 10 million non-combatants in Typepad's blogging community assumed room temperature for at least twelve hours. So what did Blue Frog mean when it assured skeptical experts that there would be no innocent victims?

Pay-per-click fraud. First, Google was on the hook. Now it's Yahoo's turn. The plaintiffs charge Yahoo enabled all manner of it. Anybody can file a lawsuit. But to assess Yahoo's chances of getting off, you need to see who they're up against. After taking a look at each of these battle-hardened class-action litigators, you'll probably conclude that Yahoo's going to be writing a real big check.

The Firefox 1.5.0.3 patch blocks an open hole for attackers while further stabilizing Javascript. That will make a lot of Firefox power users happy. But a Firefox contributor reports that the new patch still doesn't completely solve the issue that stimulated his bug report. Even so, developers say the vulnerability no longer exists. And when you stack up Firefox security flaws against Internet Explorer, Opera and Safari, Firefox looks pretty good.

Once again, everyone's talking about the patents aimed at Blackberry's heart. But this time, it's not just about Blackberry. Nearly everyone in the mobile industry is at risk from a slew of much tougher software patents, served up by Visto. When you see the patents, and compare them to the earlier patents that caused RIM to cave, you'll see why the cost of mobile email's on its way up.

To hear some banks and other financial outfits tell it, digital certificates are the answer for all your email security worries. But at the 15th European Institute for Computer Anti-Virus Research Conference, one researcher discussed how digital signatures could be perverted on virtually any operating system, including BSD, Linux, OSX and Windows. Conclusion: A digital signature is only as valid as the combined security of the sending and receiving computers allow.

Way back in 2003, a survey by the Pew Internet & American Life Project concluded that while over 32 million Americans had exchanged health-related email, only 7% had exchanged messages with their doctors or health professionals. Three years later, while a huge segment of America uses email, over 60% of the medical community still refuses to engage. Email Battles explores the dangers of email, as doctors see them.

The Microsoft ISA Server Team says the firewall lets IPv6 traffic pass through the system regardless of your firewall policy settings. The only solution offered: Disable IPv6 traffic entirely. For those who require IPv6 solutions, Email Battles serves up a study list of vendors offering a broad array of IPv6-ready firewalls, along with other IPv6 products.

[We know many GNU/Linux users still have some Windows boxes around. You should know about this one. - dcparris]