Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

Can Mozilla's security metrics project end the patch-counting nonsense?

In partnership with indie security consultant Rich Mogull (left) Mozilla has launched a valuable Security Metrics Project that could help to -- we can only hope -- put an end to the silly notion that patch-counting helps to determine a product's security posture.The idea is to develop a metrics model that goes beyond simple bug counts to accurately reflect the effectiveness of secure development efforts and the relative risk to users over time.

July 3, 2008 by Ryan Naraine

10 Comments

Getaway day: How to secure your laptop for holiday travel

It's getaway day and as we prepare to hit the road, trudge through airport security and snag that car rental, spare a thought for the valuable data that travels with you on that trusty old laptop.According to a recent study by the Ponemon Institute, more than 637,000 notebooks vanish each year in mid-to-large airports.

July 3, 2008 by Ryan Naraine

16 Comments

NoScript vs. Internet Explorer 8 Filters

NoScript plugin writer Giorgio Maone posted a commentary on IE 8's new filters, drawing comparisons to his own widely popular NoScript Firefox plugin.  Maone writes:I’m happy to learn that IE8 is going to implement a less ambitious version of a feature which NoScript users have enjoyed for more than one year now.

July 2, 2008 by Nathan McFeters

11 Comments

Gmail, Yahoo and Hotmail's CAPTCHA broken by spammers

Breaking Gmail, Yahoo and Hotmail's CAPTCHAs, has been an urban legend for over two years now, with do-it-yourself CAPTCHA breaking services, and proprietary underground tools assisting spammers, phishers and malware authors into registering hundreds of thousands of bogus accounts for spamming and fraudulent purposes.

July 2, 2008 by Dancho Danchev

18 Comments

Multiple Facebook vulnerabilities reported on Full-Disclosure

Jouko Pynnonen posted a message to the Full-Disclosure mailing list today, citing multiple "script injection" vulnerabilities within Facebook.  I'm not sure if this is a surprise to anybody out there, it's certainly not to me, as numerous web applications have major problems with Cross-site Scripting vulnerabilities, but I think this is important to note due to the widespread use of Facebook.

July 2, 2008 by Nathan McFeters

5 Comments

Antivirus vendor introducing virtual keyboard for secure Ebanking

Kaspersky's most recent product launch of the Kaspersky Internet Security 2009, is featuring a virtual keyboard "a secure pop-up that enables logins, passwords, bank card details and other important personal information to be entered safely to prevent the theft of confidential information" aiming to protect users from keyloggers, and consequently provide a safer Ebanking experience.

July 2, 2008 by Dancho Danchev

3 Comments

Matasano ships Web-based firewall manager

The firewall is one of the few security tools that has been proven to be very effective at improving a company's security posture.  However, staying on top of policies  -- and responding to change requests -- while trying to manage multiple firewalls from different vendors can be a never-ending nightmare for IT admins.

July 2, 2008 by Ryan Naraine

Comments

300 Lithuanian sites hacked by Russian hackers

A recently accepted legislation in Lithuania banning communist symbols across Lithuania, has prompted Pro-Russian hackers to start defacing Lithuanian sites, an indication of the upcoming attack was detected last week with active discussions around Russian forums greatly reminding us of the Russia vs Estonia cyberattack sparkled due to the removal of a Red Army memorial from the capital Tallinn.

July 2, 2008 by Dancho Danchev

5 Comments

Tiller Beauchamp on the Recon 2008 conference

Guest Editorial by Tiller BeauchampEarlier this month I had the opportunity to present RE:Trace at the Recon conference, a reverse engineering conference held every other year in Montreal, Canada.  The conference consisted of three days of training and three days of talks in a single track.

July 2, 2008 by Nathan McFeters

Comments