Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

Finding and exploiting holes in software features

* Ryan Naraine is on vacation. Guest Editorial by Nate McFetersWith the holiday season fast approaching, and being so in the spirit of giving,  I thought I'd compile a list of the top features that led to security issues I discovered with co-researcher Billy Rios.

November 23, 2007 by Ryan Naraine

4 Comments

Defense-in-depth starts with DNS

Guest Editorial: It's become painfully clear to that DNS can no longer be a fire hose that just pierces the firewall. Here are some simple action items that can be implemented on just about every network out there...

November 20, 2007 by Ryan Naraine

2 Comments

In zombies we trust

* Ryan Naraine is on vacation. Guest Editorial by Dan GeerWhen the Internet was young, the design assumption for electronic commerce was clear: The client initiated the connection from a trusted machine and needed to be assured that the server side was not an impostor.

November 19, 2007 by Ryan Naraine

27 Comments

Belated Firefox patch coming for (another) protocol handling bug

Mozilla security chief Window Snyder says the "jar:" protocol handler issue that currently haunts Firefox will be fixed very soon in the next refresh of the browser.The problem (see previous coverage) is that Firefox's "jar:" protocol handler does not validate the MIME type of the contents of an archive, which are then executed in the context of the site hosting the archive.

November 16, 2007 by Ryan Naraine

11 Comments

Rogue anti-malware lures squirming though Skype

Malicious hackers are using Skype to try to trick Windows users into buying a rogue anti-malware application. The lures arrive via Skype's instant messaging feature with a warning that malware has been detected on the machine and urging users to buy and run a fake "repair utility.

November 15, 2007 by Ryan Naraine

5 Comments