|
News for
100300
contributed by weld pond
After a long and grueling process, Rijndael has been selected by NIST to
replace DES. The new algorithm's speed and simplicity helped it beat out
the secure designs of other finalists in the competition. Chosen through a
completely open process, the effects of Rijndael on security and privacy
have unlimited potential. Let's just hope people implement the algorithm
in their products as carefully as the algorithm was designed.
Wired
ZDNet
SecurityFocus
AES
FAQ
NIST's
Press Release
|
contributed by pyle
The General Accounting Office (GAO) continues to line 'em up and knock 'em
down during the course of what has quickly become a notoriously poor string
of U.S. government website security reviews. The latest disappointment is
FirstGov.gov, a website that links to all 27 million U.S. government sites.
Like its predecessors, the site has a long way to go before it meets
government-imposed, common sense approved standards.
Reuters
via Excite
(new source)
(new source)
|
contributed by laney
Vulnerabilities discovered on financial sites Nasdaq.com,
CBS.MarketWatch.com, BigCharts.com, and FTMarketWatch.com. by Gerrie Mansur,
member of Dutch group Hit2000, were plugged after he notified each site's
webmaster. Mansur claims to have written the exploit himself however it is
believed to bear a strong resemblance to the Source Fragment Disclosure
Vulnerability. Mansur has decided against publishing the exploit.
InfoWorld
|
contributed by pyle and iron river
While the FAA has managed to clean up its act considerably since the General
Accounting Office's 1999 audit, other branches of the Department of
Transportation are in rough shape when it comes to security measures. The
lack of back ground checks performed appears to be of great concern to the
Department as well as the ease in which people are able to gain access to
supposedly private sites.
Federal
Computer Week
|
contributed by laney
The Security Vision Roundtable, an event sponsored by Andersen Consulting
and Purdue University's Center for Education and Research in Information
Assurance and Security (CERIAS) brought together some of the best security
minds in the U.S. to discuss industry trends - past and present. Quality
assurance, PKI and research were among several topics covered in the group's
recommendations. Dan Geer, CTO of @stake, participated in the roundtable.
CRN via
TechWeb
|
|
![](right-bar.jpg)
|