Vulnerability Disclosure: Is it Blackmail, Whitemail or Bluemail
Hackers (or security researchers) come with a range of rainbow colored hats. Some guys'n'gals are nice (the White Hats). They find and disclose problems in communication products using approved responsible disclosure models. Others are in the business for money, and are not satisfied by the fame they get for disclosing problems. The process can easily get close to what some would consider unethical, or even direct blackmailing.
The Kilo-Day threat and mundane security
In the security business we spend a lot of time worrying about the "zero-day" threat that appears out of nowhere and immediately starts attacking a hereto unknown vulnerability. We worry so much that we overlook the vulnerabilities we already know about. The ones that have been hanging around on our systems, known but unaddressed, unpatched and wide open.
Windows bugs never really die
Hackers can successfully attack Windows PCs months -- even years -- after Microsoft Corp. fixes a flaw, a security expert said Thursday, because there's always a pool of unpatched systems.
Black Hat 'supertalk' halted due to vendor concerns
The Black Hat security conference is full of drama again in Amsterdam with the last-minute cancellation of a presentation.
Firefox fix due next week after attack is published
Mozilla developers are scrambling to fix a critical bug in the Firefox browser after attack code was released Wednesday.
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
Developer fixes 33-year-old Unix bug
Security experts knock Apple for not patching DNS bug
How the feds are locking down their networks
Ruby creators warn of serious flaws
A photo that can steal your Facebook account
Vulnerability Disclosure: Is it Blackmail, Whitemail or Bluemail
$1B market for meddling with DNS poses security problem
Firewall vendors scramble to fix DNS problem
Microsoft warns of new Access attack
Symantec: IE 6 more vulnerable to unpatched Microsoft flaw