Tag: security
-
On-line storage – safe or not?
Cloud computing has become a major buzzword this year and entails the provisioning of application and storage services within a distributed system operating on the Internet. Think Google Apps ( Wave, Docs, GMail, etc. ), T-Mobile SideKick, Amazon Elastic Compute Cloud ( EC2 )/Web Services, Salesforce, Bittorrent and many others. These can be put into…
-
Windows and on-line banking
The 2 concepts above should never be spoken ( let alone used ) together considering the poor security track record of all Windows operating systems but somehow people still ‘trust’ the venerable OS to do their daily banking, paying of accounts and transferring of monies. So the question is why? I can only think of…
-
Adobe security issues – again
A new 0-day vulnerability has been found in Adobe Reader and Acrobat – this time relating to how the 2 products handle Javascript. The only ‘fix’ at the moment is to turn Javascript off in these products. Or don’t open email you get from unexpected sources. Let’s see how long Adobe take to fix this…
-
Local insurance company loses client data
So it’s not just the Americans who are poor at client data security – the South Africans have got into the act as well. Local insurance firm Zurich SA said it had lost a tape containing client information. Apparently the backup tape was lost during a routing tape transfer to a data storage centre in…
-
SCO’s Darl McBride terminated
Finally it seems that they’ve had enough of poor old Darl at SCO. Took them long enough but they’ve filed some paperwork with the SEC in the USA indicating as much.
-
Microsoft hijacks Firefox Part 2
So there was a call for Mozilla to blacklist the MS plugins. And that is exactly what they have done! The Microsoft .NET Framework Assistant and Windows Presentation Foundation were added, for reasons of their vulnerability to remote code execution. All versions for all applications have been blocked. Apparently the Framework Assistant has now been…
-
Microsoft hijacks Firefox
Microsoft was quite upset with Google recently with the latter’s attempt to install a plugin ( Google Frame ) for IE; it seems though that it’s fine for Microsoft to install a plugin for Firefox – and it’s come back to haunt them with a security hole in the plugin that they silently installed! Earlier…
-
Data loss for Sidekick users Part 2
So yesterday Microsoft/Danger indicated that they had managed to get back most of the users’ data that was ‘lost’ as part of a problem with their core database earlier this week. Unfortunately not many of their customers are amused and have started a host of legal challenges regarding the system failure. Most of this revolves…
-
Apple and data leakage?
Wow, looks like it’s getting to be a very bad week for data security. First Microsoft and Co. lose ALL of your Sidekick data, then Apple has a pretty serious bug in terms of their OS and the possibility of data loss. Now from Apple’s MobileME service, there comes a report of data leakage –…
-
Data loss for Sidekick users
It appears that Sidekick users in the USA, who stored their data/backups on-line though the Microsoft/Danger on-line cloud service, have lost access to all their data after a server failure: “Regrettably, based on Microsoft/Danger’s latest recovery assessment of their systems, we must now inform you that personal information stored on your device—such as contacts, calendar…
-
Possible data loss in Mac OS X 10.6
Based on the amount of Apple forum postings on this issue, it seems to be very serious: there is the possibility of data loss if you have a guest account enabled prior to installing/upgrading Snow Leopard. It is speculated that the actual bug is that after logging in to the Leopard-created guest account while running…
-
Online mail services, security and your identity
A number of high profile on-line mail services were hit with a phishing scheme which resulted in the posting on-line of thousands of account details over the weekend. Hotmail seems to have been hit the hardest but both GMail and Yahoo were also targetted. There are 2 serious issues here: many people are still using…
-
Windows and critical systems
I’ve blogged previously about using Windows in critical systems ( Win2k in French air-force fighters and British attack submarines ) and my disregard for this platform in these kinds of applications. Honestly, would you really want a Windows machine running your life-support system when in hospital? or the device that decides whether or not a…
-
The SMB2.0 zero-day vuln
The SMB 2.0 vulnerability that was found earlier this month, is set to be covered with a patch soon according to Microsoft. Next Patch-Tuesday is only on Oct 13 so one would hope that it comes before. Especially as there is exploit code out in the wild now, with Stephen Frewer of Harmony Security adding…
-
Bind and Nominum
I thought yesterday’s article ( well it actually reads like an advertorial ) on ZDNet UK regarding Bind and Niminum’s new Skye offering, was a joke. Then I realised that no, it wasn’t. But why would the ZDNet author, Toby Wolpe, start with such an inflammatory header? Is he actually looking to be flamed and…