funsec mailing list archives

Previous By Date Next
Previous By Thread Next

today's security news wrapup

From: Paul Vixie <paul () vix com>
Date: Mon, 18 Dec 2006 20:26:17 +0000
Homeland Security Director Defends Real ID
http://politics.slashdot.org/article.pl?sid=06/12/14/2215219

        "The Homeland Security chief, who is nearing his two-year mark with
        the agency, was likely trying to quell rampant skepticism about the
        IDs voiced by some privacy advocates, immigrants and other
        groups. Some have said they fear that the IDs are a stepping stone to
        a veritable police state, complete with ready surveillance of
        individuals. Some have argued that the idea of creating more
        tamperproof IDs is only a marginally better way to screen out those
        intent on committing terrorist acts because ID cards don't even begin
        to tackle a core crime prevention challenge: determining a person's
        unspoken intentions. "

Give an Internet Freedom Disk
http://linux.slashdot.org/article.pl?sid=06/12/17/2143249

        An anonymous reader, perhaps the blogger himself, writes to tell us
        about a new blog aimed at getting non-techies excited over the idea of
        running from a Live CD. The blogger doesn't call it that, preferring
        instead "Internet Freedom Disk"; Linux is never mentioned. The
        submitter adds: "This is just a great gift to drop on your non-geek
        friends and potentially wake up a sleeping giant." Cheap, last-minute,
        and you can make them yourself. The blogger isn't selling anything; he
        provides links to Ubuntu and Knoppix Live CDs. Or pick your favorite.

ORDB.org Going Offline
http://it.slashdot.org/article.pl?sid=06/12/18/154259

        "ORDB.org has announced that they will shut down their services after
        fighting open relays and spam for more than five and a half years. The
        RBL DNS service and mailing lists will be taken down today (December
        18, 2006) and the website will vanish by December 31, 2006."

Oklahoma Anti-Spammer Loses Big in Court
http://www.circleid.com/posts/oklahoma_anti_spammer_loses/

        In November, Mark Mumma, who runs a little design firm at webguy.com,
        lost an appeal in the Fourth Federal Circuit. He'd filed suit against
        cruise.com and their parent Omega World Travel under CAN SPAM and an
        Oklahoma anti-spam law. Omega countersued for defamation. The court
        threw out Mumma's case, and allowed part of the defamation case to
        proceed. At first blush, this looks like a big win for spammers.

Jailed ID thieves thwart cops with crypto
http://news.com.com/2100-7348_3-6144521.html

        ...

        When the gang's premises were raided by the members of the Serious and
        Organised Crime Agency (SOCA), Kostap was handcuffed with his hands in
        front of his body. He managed to leap up and flick an electrical
        switch that wiped databases that could have contained records of the
        gang's activities stretching back more than 10 years, SOCA said.

        Kostap's action also triggered intricate layers of encryption on the
        gang's computer systems, which SOCA's experts were unable to crack,
        the court heard.

        ...

Hackers Selling Vista Zero-Day Exploit
http://www.osnews.com/story.php?news_id=16742

        Underground hackers are hawking zero-day exploits for Microsoft's new
        Windows Vista operating system at USD 50000 a pop, according to
        computer security researchers at Trend Micro. The Windows Vista
        exploit - which has not been independently verified - was just one of
        many zero-days available for sale at an auction-style marketplace
        infiltrated by the Tokyo-based anti-virus vendor.

Justin Mason's Anti-Challenge-Response Linkfest
http://www.oreillynet.com/onlamp/blog/2006/12/justin_masons_antichallengeres.html

        SpamAssassin hero Justin Mason has posted a summary of opinions
        against challenge-response mail systems. I particularly like the
        pyschopathic challenge-response system user in the comments who
        defends blowback by arguing that it only affects a few innocent users.
        Sorry, folks. CR fails my one question certification test for mail
        filter authors, and not just bad and wrong, but profoundly antisocialb
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: