Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

Measuring (not so) recent BIND nameserver patching

Guest editorial by Derek CallawayThis post is meant to provide an approximation of BIND nameserver updates that occurred during the past month, most likely in response to Dan Kaminsky's DNS cache poisoning vulnerability. I conducted this research because I was curious as to how widely BIND nameserver updates have been deployed given that a month has passed since US-CERT first alerted the public about the nature of the vulnerability and availability of patches.

August 14, 2008 by Ryan Naraine

1 Comment

The Last PHP 4

The PHP Group has shipped the last and final patch in the PHP 4.4 series.

August 13, 2008 by Ryan Naraine


VMware blames stray code for 'time bomb' hiccup

VMware boss Paul Maritz is blaming "a piece of code" mistakenly left in the final release of ESX for the time-bomb hiccup that crippled virtual machines around the world.In a message posted online, Maritz said the glitch caused a license expiration hiccup that caused virtual machines to be powered off, suspended fail or disrupted migration.

August 13, 2008 by Ryan Naraine


New Gpcode (encryption) ransomware speading via botnet

There are confirmed reports on a new version of the Gpcode ransomware being spread via a botnet.According to Vitaly Kamluk of Kaspersky Lab (my employer), the Trojan encrypts files on an infected machine (AES-256) and leaves a text file named crypted.

August 13, 2008 by Ryan Naraine


Microsoft plugs IE, Office in big patch haul

Microsoft patched 26 vulnerabilities with its latest patch including 20 flaws that were deemed critical.Here's the rundown of critical flaws (full bulletin):CVE-2008-2254, CVE-2008-2255, CVE-2008-2256, CVE-2008-2257, CVE-2008-2259 and CVE-2008-2258: These patches fix IE 5 through 7 on various flavors of Windows and address HTML objects memory corruption vulnerabilities as well as memory corruption issues.

August 12, 2008 by


Google releases open-source crypto toolkit

Google's security team has released an open-source cryptographic toolkit aimed at making it easier and safer for developers to use cryptography in their applications.The toolkit, called KeyCzar, was originally developed by Steve Weis (Google) and Arkajit Dey (MIT) and is available under an Apache 2.

August 11, 2008 by Ryan Naraine

1 Comment