|
News for 120299
contributed by Jordan
After what seemed like an agonizingly long beta period Zero Knowledge
Systems has finally shipped Freedom 1.0. Freedom works seamlessly
alongside your favorite browser and other Internet applications. You can
surf the web, send email, chat, telnet, and participate in newsgroups as
you normally would, only now with complete confidence that your personal
information is not being collected without your consent. Freedom
identifies you on the net with a 'nym' that you choose. There can be
only one 'nym' so unless you want something like 'Tom4538720' you should
reserve yours today.
Freedom
1.0
|
contributed by Theo
What is probably the most secure operating system available has shipped
its new version. OpenBSD 2.6 is a FREE, multi-platform 4.4BSD-based
UNIX-like operating system. It emphasizes portability, standardization,
correctness, proactive security and integrated cryptography. Some of the
new features include the addition of ssh (OpenSSH) and Perl 5.005_03 to
the base system, reliability patches for the PowerPC port, improved
support for ext2fs, USB support, a faster install process and a lot
more.
OpenBSD
|
contributed by dj.tazz and P_Simm
The Canadian ISP, Videon, was warned that it had left its customer
database available on the web for all to see. Days later, after the
database had made the rounds on the net the security issue was resolved.
Customers however where never notified by the company. They did not find
out about the problem until weeks later when it appeared in the local
newspaper. Videon has confirmed that they received the emailed warning
and failed to act in a timely manner to prevent the loss of customer
account numbers, names, addresses, phone numbers, user names and
passwords.
Winnipeg
Free Press
|
contributed by cripto
After months of intense lobbying for a secure system and only days after
being ratified by the European Union the German Digital Signature has
been broken. The digital signature card, developed by Siemens, is to be
used in cashless payment systems and access control systems. With data
dumps of the SLC44/66 chip and information explaining its design
floating around the Internet anyone using the so-called Geldkarte system
stands the risk of having money transferred without their knowing it.
The UK
Register
|
contributed by Weld Pond
Some members of the Internet Engineering Task Force seem to be under
investigation by the DOJ and FBI. The reason for the investigations
seems to be the desire to include encryption and exclude back door
capabilities in new protocols proposed by the IETF. The investigations
are centered around treason charges.
NT
Security
ZD
Net
|
contributed by turtlex
Jane's Information Group has released its much anticipated report on
cyberterrorism. While the actual information in the article seems
rudimentary and crude its conclusions about the possibility of a full
out terrorist attack over the internet being extremely remote seem dead
on. (Warning this is an extremely long and dry article that presents
litte new information.)
Jane's Defense
Weekly
|
contributed by Evil Wench
Think your safe from the prying eyes of the data collector when you're
peacefully driving your car and listening to the radio? Think again. New
technology being tested in Atlanta, Toronto, Los Angeles and Phoenix can
remotely determine what radio station you are listening to in your car.
Small shoebox-size electronic sensors posted on billboards and light
poles can listen to the signal from the oscillator in the car radio,
determine the frequency and log the information in a central database.
This information is then made available to subscribing radio stations in
real time to help in determining ratings numbers. (Even though this
system does not collect demographic data, can't collect AM yet, and
doesn't listen to homes or businesses, it is still scary as hell.)
The
Atlanta Journal Constitution
|
contributed by Weld Pond
The Common Vulnerabilities and Exposures database run by Massachusetts
defense contractor Mitre has gone online. The database hopes to help
standardize computer security terms and set a common vocabulary
for building more secure systems. The database hopes to contain all
known system vulnerabilities. (It is unlikely that any of the big 5
security companies will give up new vulnerabilities that only they know
about for their competitors to find in this database. The database is
already missing some key advisories that have been publicly
released.)
The
Boston Globe
Common Vulnerabilities and Exposures
Database
|
contributed by Pammyleey
More Busts Reported
Yesterday we had an unconfirmed report that Darkness, a member of the
group [sSh], had been raided. It looks like a simultaneous raid also
snagged YTCracker. It has been reported to us that he was charged with 4
counts of computer fraud and has been given a court date of December 15.
(If anyone can confirm this information with links to news articles
we would appreciate it.)
Late Update 1240EST
We have received word that YTCracker has not been arrested. The raid and
arrest of Darkness is still unconfirmed.
|
|
|