Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

DDoS + Web 2.0 == Buckets o' traffic

Denial of Service attacks are based upon a simple idea: generate the maximum amount of traffic using the minimum amount of work. At one time this was as simple as sending a spoofed ICMP echo packet to a broadcast address or similar shenanigans.

September 5, 2008 by Adam O'Donnell

Comments

Google Chrome vulnerabilities starting to pile up

[ UPDATE: See below for Google's official response to these issues ] Security vulnerabilities in the new Google Chrome browser are beginning to pile up.Following our coverage of the carpet bombing combo threat and denial-of-service crashes, several readers have sent pointers to Chrome exploit code floating around the Web:First up is an automatic file download bug found by researchers in the Ukraine.

September 5, 2008 by Ryan Naraine

120 Comments

Demo Facebook app creates DoS botnet

Do you know what that innocent-looking Facebook app is really doing?Researchers at the Institute of Computer Science (ICS) have created a proof-of-concept Facebook application capable of covertly herding users of the popular social network into a powerful -- and malicious -- botnet.

September 5, 2008 by Ryan Naraine

16 Comments

Malware and spam attacks exploiting Picasa and ImageShack

In the wake of the recent malvertising attacks where malicious flash ads were appearing at trusted web sites, evidence from multiple vendors and researchers indicates that spammers and malware authors have once again switched tactics, and are one again abusing legitimate services such as Google's Picasa and ImageShack.

September 4, 2008 by Dancho Danchev

Comments

Critical WMP, MS Office bugs on Patch Tuesday swat list

Microsoft today announced plans to ship four security bulletins next Tuesday (September 9, 2008) to cover worm holes affecting Windows users.All four bulletins in September's Patch Tuesday will be rated "critical," Microsoft's highest severity rating.

September 4, 2008 by Ryan Naraine

7 Comments

Security-wise, Google Chrome is (potentially very) Good

Security bloggers are already commenting on Google's slightly premature "Chrome" browser leak. Built on top of the Apple sponsored WebKit engine, the browser offers several security features that we have only seen so far in the beta releases of IE8.

September 2, 2008 by Adam O'Donnell

18 Comments

Google Chrome vulnerable to carpet-bombing flaw

Google's shiny new Web browser is vulnerable to a carpet-bombing vulnerability that could expose Windows users to malicious hacker attacks.Just hours after the release of Google Chrome, researcher Aviv Raff discovered that he could combine two vulnerabilities -- a flaw in Apple Safari (WebKit) and a Java bug discussed at this year's Black Hat conference -- to trick users into launching executables direct from the new browser.

September 2, 2008 by Ryan Naraine

131 Comments

Microsoft downplays BitLocker password leakage

Microsoft is downplaying the severity of a password leakage issue in BitLocker, the full disk encryption feature built into Windows Vista, insisting that a real world attack scenario is "very unlikely."According to an advisory from iViZ, the password checking routine of Microsoft Bitlocker fails to sanitize the BIOS keyboard buffer after reading passwords, resulting in plain text password leakage to unprivileged local users.

September 2, 2008 by Ryan Naraine

5 Comments