Spyware, Viruses, & Security forum

General discussion

NEWS . March 16, 2005

Expert: Better ID checks won't beat fraud
By Robert Lemos, CNET News.com
Published on ZDNet News: March 15, 2005, 12:35 PM PT

Plans to bolster online security with code-generating doodads, fingerprint readers or smart cards are not likely to solve the identity fraud problems currently plaguing database companies and online stores, a security expert has warned.

Two-factor authentication, or the use of a method in addition to a password to verify identity, could still be defeated by Trojan horses and phishing attacks, Bruce Schneier, a cryptographer and chief technology officer at network protection company Counterpane Internet Security, said on Tuesday.

"Since we have proposed the solution, the problems have changed," Schneier said in an interview with CNET News.com. "People are selling two-factor authentication as the solution to our current identity-theft problems, but it was designed to solve the issues from 10 years ago."

more here
Discussion is locked
You are posting a reply to: NEWS . March 16, 2005
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS . March 16, 2005
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
EU backs off ContentGuard inquiry

In reply to: NEWS . March 16, 2005

Published on ZDNet News: March 15, 2005, 5:10 AM PT

A top European Commission official said Tuesday that the agency would continue to monitor Microsoft's purchase of antipiracy software firm ContentGuard Holdings.

Earlier the Commission had said it lacked authority to review the deal once Microsoft had extended its purchase from a two-way joint venture with Time Warner to a three-way partnership including France's Thomson.

more here

Collapse -
Hardware security sneaks into PCs

In reply to: NEWS . March 16, 2005

By Robert Lemos, CNET News.com
Published on ZDNet News: March 16, 2005, 4:00 AM PT

Millions of workers will get the latest in PC security this year--but they won't get the full benefit.

The three largest computer makers--Dell, Hewlett-Packard and IBM--have started selling desktops and notebooks with so-called trusted computing hardware, which allows security-sensitive applications to lock down data to a specific PC.

But Microsoft's plans to take advantage of the technology have been delayed, meaning the software heavyweight likely won't get behind it until the release of Longhorn, the Windows update scheduled for next year.

That leaves hardware makers in a rare position: They are leading Microsoft, rather than working to support one of the software giant's initiatives.

"Our success is not dependent on Microsoft," said Brian Berger, executive vice president at security company Wave Systems and the marketing chair for the Trusted Computing Group. "When Microsoft comes on board with some of what they have talked about, it will be that much better, but this is not a Microsoft-centric activity."

more here

Collapse -
ChoicePoint: We're sorry for data leak

In reply to: NEWS . March 16, 2005

By Declan McCullagh, CNET News.com
Published on ZDNet News: March 15, 2005, 1:01 PM PT

The chairman of ChoicePoint, which disclosed the personal information of 145,000 Americans to identity thieves, publicly apologized on Tuesday for the data mishap.

ChoicePoint's Derek Smith, also the chief executive, told a congressional committee he wanted to offer an "apology on behalf of our company," which he said would help anyone who suffered identity fraud as a result. The data disclosure has led to 750 known cases of identity fraud so far.

The incident "has caused us to undergo some serious soul-searching," Smith said. ChoicePoint is a data warehouse that compiles electronic dossiers on Americans and sells them to insurance companies, other businesses and police agencies

more here

Collapse -
Bot nets use Windows for wicked work

In reply to: NEWS . March 16, 2005

Published: March 16, 2005, 10:32 AM PST
By Dan Ilett
Special to CNET News.com

Despite Microsoft's renewed focus on security, latest research shows that computers running Windows XP and 2000 form the bulk of bot nets.

The study, carried out by the German Honeynet Project, found that more than 80 percent of Web traffic from the networks of compromised computers used four ports designated for resource-sharing by various versions of Windows. The research also indicated that the vulnerabilities behind some of the exploits used to take over a PC can be found by searching for information on Microsoft's security bulletins.

"Clearly most of the activity on the ports...is caused by systems with Windows XP (often running Service Pack 1), followed by systems with Windows 2000. Far behind, systems running Windows 2003 or Windows 95/98 follow," Honeynet Project researchers wrote in the report.

more here

Collapse -
Are You Safer With Firefox?

In reply to: NEWS . March 16, 2005

Is Firefox a more secure web browser than Microsoft's Internet Explorer? The answer may be yes, but the issues are more complicated than most people realize. In fact, Firefox has its share of security problems, and has probably been saved from real-world attack so far only by its single-digit market share.

You probably hadn't read about any of those bugs before the update. That's because it's only recently that the Mozilla Organization began issuing security advisories of the sort that Microsoft issues every month (see www.mozilla.org/security/announce). For the most part Mozilla wasn't hiding these bugs prior to publishing advisories, but it wasn't publicizing them either.

And unlike Microsoft, when Mozilla fixes a bug it doesn't release a patch for users. If you want to stick to release-level programs, your only option is to wait for the next general release; the upgrade to version 1.0.1 from 1.0 took about 3.5 months.


Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.