Security

Owen Thor Walker, an 18-year-old bot herder from Whitianga, New Zealand, plead guilty on Monday to six charges resulting from a botched botnet upgrade that led to a 2007 denial-of-service attack on the University of Pennsylvania.

Walker plead guilty to two charges of accessing a computer for dishonest purposes; two charges of accessing computer systems without authorization; one of damaging or interfering with computer systems; and one of possessing software for committing a crime. He could face five years in jail. However, according to reports from The New Zealand Herald, Judge Arthur Tompkins is considering Walker's age and cooperation … Read more

Don't click on that silly April Fools' Day e-mail, says one security expert.

In a blog, Arbor Networks' Jose Nazario reports that within the last 24 hours he's seeing new releases of the Storm worm designed to take advantage of the first day of April. This new spam campaign is a lure to infect new computers that will become part of the larger Storm worm botnet.

The e-mail body is spartan: the words "Doh! April Fools" followed by a numeric URL. If a user clicks on that URL, the default Internet browser will open to a … Read more

There's simply no reason for any computer user to lose important data.

My hat is off to the tech companies that provide the hardware, software, and services we rely on every day. From Microsoft's Shadow Copy feature in Windows Vista (though only partially implemented in the Home Edition), down to the smallest Web start-ups offering free and easy online storage (though you have to pay for unlimited storage capacity), they have made tremendous strides in helping to keep our valuable data safe. Now it's up to us to take advantage of these great products and services.

For … Read more

Hackers have turned their attention to Facebook's hundreds of independent applications. The results are not terribly surprising, but do not tell a good tale: app developers don't seem to know a thing about basic security, and are putting private user information at risk. As a result, malicious hackers are able to access and change what should be private user data managed by the application providers.

Just a few months after this blog brought you exclusive news of privacy problems in Facebook's application system, we are now already seeing the consequences of Facebook's decision to pass the … Read more

With a stroke of the Governor's pen on Monday, Indiana became one of the few states in the country to provide strong incentives for businesses to encrypt sensitive customer data. Unlike many of the laws that pass through state legislatures - this one was not ghost written by lobbyists or special interests. It was co-written by a tech-savvy state legislator, and a blogger constituent .... me.

One of the biggest problems in the hundreds of data breach and data loss incidents that have been reported over the past few years is that so little of the data is encrypted. If … Read more

Corrected at 6:50 a.m. PDT March 26: The last paragraph has been revised to correctly describe a second antivirus partnership.

The Anti-Malware Test Lab and AV-Comparatives.org announced on Tuesday an alliance designed to create one of the most respected sources of objective, independent information about antivirus products.

Together, the pair said, they intend by year's end to create a unique system of integrated tests for determining the effectiveness of commercial antivirus software.

Andrea Clementi, founder of AV-Comparatives, said in a statement that "the partnership with Anti-Malware Test Lab will allow us to evaluate more aspects … Read more

The battle for your in-box shows no signs of waning.

Despite the efforts of software companies large and small, spammers and phishers continue to find and exploit weaknesses in junk-mail filters at the server and client levels. After years of foil and parry between these two forces, you would think that Microsoft Outlook, the most widely used e-mail program in the world, would be a paragon of in-box defenses.

Then again, this is Microsoft we're talking about, a company not noted for being the paragon of anything more than profitability.

A few years back, Service Pack 2 for Office … Read more

Part of the Sequoia Voting Systems Web site was defaced and subsequently taken down on Thursday, according to a report in InfoWorld. As CNET prepared this blog, the entire Sequoia Voting System site was frequently inaccessible.

The defacement and subsequent takedown occurred Thursday morning on the company's Ballot Blog page. Sequoia is one of a handful of electronic voting companies used in the United States. It has in recent days come under fire for apparent discrepancies in voter tallies in last month's New Jersey primary election.

The Ballot Blog page on SequoiaVote.com had contained information from Sequoia … Read more

Update 3:15 p.m. PDT: The headline and opening sentence have been changed to clarify that VeriSign is expanding its Project Titan initiative to strengthen and secure Net infrastructure.

On Thursday, VeriSign announced plans to increase the level of security within Project Titan, a global initiative to expand the infrastructure of the Internet to anticipate future demand brought by increased e-commerce transactions.

In its announcement, VeriSign said that it is going to spend more than the $100 million-plus initially budgeted.

One of the goals of Project Titan is to increase the overall capacity of the Internet to sustain a … Read more