Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

Secunia launches pay-as-you-go exploit shop

Danish security research firm Secunia has launched a pay-as-you-go vulnerability analysis service aimed at providing technical details, exploits and proof-of-concept code to security software vendors.The new Binary Analysis Service is billed as a one-stop-shop for indepth analysis of the "worst and most interesting vulnerabilities" affecting widely deployed software products.

September 11, 2008 by Ryan Naraine


NoScript mitigates HTTPS cookie hijacking attacks

The invaluable NoScript for Firefox plug-in just got a tad better.According to Giorgio Maone, the developer behind the popular browser extension, a new experimental feature called "Forced Secure Cookies" has been added to NoScript v1.

September 10, 2008 by Ryan Naraine


Google closes hole in Single Sign-On service

Google has fixed an implementation flaw in the single sign-on service that powers Google Apps follow a warning from researchers that remote attackers can exploit a hole to access Google accounts.The vulnerability, described in this white paper (.

September 10, 2008 by Ryan Naraine


Apple plugs gaping QuickTime security holes

Apple today released a major makeover to its iTunes and QuickTime software products, fixing at least 11 documented security vulnerabilities that could lead to Mac and PC takeover attacks.QuickTime 7.

September 9, 2008 by Ryan Naraine


Countrywide warning: Ex-employee (may have) sold customer, mortgage data

Countrywide Mortgage has started notifying customers that a rogue employee (since dismissed) may have sold sensitive personal information to an unidentified third party.The company mailed "urgent security notification" letters to customers this week, warning that the customer information involved included names, addresses, social security numbers, mortgage loan numbers and "various other loan and application information.

September 9, 2008 by Ryan Naraine


MS Patch Tuesday: 8 critical security holes patched

Microsoft shipped four high-priority security bulletins today with patches for at least eight code execution vulnerabilities affecting millions of Windows computer users.The September Patch Tuesday updates, all rated "critical," correct security flaws in the Windows Media Player, the Windows Media Encoder, Microsoft Office and the Microsoft Windows GDI+ (graphics device interface).

September 9, 2008 by Ryan Naraine


Google patches 'critical' Chrome code execution flaws

The first security patch for Google's new Chrome browser is out, fixing at least two "critical" vulnerabilities that put Windows users at risk of code execution attacks.[ SEE: Google Chrome vulnerable to carpet-bombing flaw ]The patch, which is rolled out automatically via Chrome's auto-update feature, also addresses two additional security vulnerabilities -- the carpet-bombing issue and a denial-of-service flaw that could lead to browser crashes and data loss.

September 8, 2008 by Ryan Naraine


Spammers are social, too

If you have a social networking account, you are aware that spam has moved to that media. Each social network is scrambling to deploy technologies and policies to prevent spam from becoming as endemic their platforms as it is in the e-mail space.

September 8, 2008 by Adam O'Donnell