Passenger Says He Hacked Windows In New York Taxi Display Screen

A New York City software engineer managed to gain access to the operating system for a touch-screen display available in the back seat of many Manhattan taxicabs and also used it to connect to the Internet. But no sensitive information or critical systems were compromised, according to the display systems vendor. The display is used to present short videos and ads to taxi riders, and can be used to pay the taxi fare with a credit card. A VeriFone Transportation Systems spokesman told InformationWeek Thursday that passengers’ credit card data is encrypted and isn’t stored locally, so it wasn’t compromised. … Continue reading Passenger Says He Hacked Windows In New York Taxi Display Screen

Microsoft Security Vulnerability Research and Defense Blog

We’re going to use the new blog to go deep into the technical guts of vulnerabilities, workarounds, and mitigations without disclosing too much information.  We’ll also post notes from our research that we expect will be interesting to IT professionals and security researchers.  Check out the new blog at http://blogs.technet.com/swi http://blogs.technet.com/msrc/archive/2007/12/27/microsoft-security-vulnerability-research-and-defense-blog.aspx

Antispyware coalition: History and future of spyware

Spyware: What’s Worked, What’s Left, and What’s Coming is what Antispyware Coalition hopes to tackle in its 4th public workshop next month – 31st of January 2008. The agenda is online and open for registration.  More info at http://www.antispywarecoalition.org/index.htm A very small error though that they need to modify (email sent).  The page shows “Third Public Workshop”.  That’s their 4th.  The 3rd public workshop is if I’m not mistaken was held on June 2007.  BTW, while viewing their current member listing… I noticed mi5 Networks and SurfControl are no longer members of ASC.  Update: ASC corrected the page by showing … Continue reading Antispyware coalition: History and future of spyware

Apple released Security Update 2007-009 1.1

hhmm another one from Apple.  They released Security Update 2007-009 for Mac OS X few days ago.  Today they are releasing it again but the version is 1.1 Apple Security Update 2007-009 1.1 Security Update 2007-009 1.1  is recommended for all users and improves the security many components.  Please see below links on list of components: Security Update 2007-009 1.1 (10.4.11 Universal) : http://www.apple.com/support/downloads/securityupdate20070091110411universal.html Security Update 2007-009 1.1 (10.4.11 PPC) : http://www.apple.com/support/downloads/securityupdate20070091110411ppc.html Security Update 2007-009 1.1 (10.5.1) : http://www.apple.com/support/downloads/securityupdate2007009111051.html

If it looks too good to be true… (How to Tell)

The new Buying Guide will help you purchase genuine Microsoft software and avoid the dangers that accompany software that’s counterfeit or unlicensed. It shows you ways to visually identify genuine and how to question the seller. If the deal looks too good to be true, check out the guide before you buy. Before You Buy – Understand the Dangers of Counterfeit or Unlicensed Software According to an IDC study, counterfeit software can include some spyware, malware or other dangerous code. The Business Software Alliance (BSA) estimates that a considerable amount of software that is sold is counterfeit. While sellers may … Continue reading If it looks too good to be true… (How to Tell)

Apples For The Army

Given Apple’s marketing toward the young and the trendy, you wouldn’t expect the U.S. Army to be much of a customer. Lieutenant Colonel C.J. Wallington is hoping hackers won’t expect it either. Wallington, a division chief in the Army’s office of enterprise information systems, says the military is quietly working to integrate Macintosh computers into its systems to make them harder to hack. That’s because fewer attacks have been designed to infiltrate Mac computers, and adding more Macs to the military’s computer mix makes it tougher to destabilize a group of military computers with a single attack, Wallington says. http://www.forbes.com/technology/2007/12/20/apple-army-hackers-tech-security-cx_ag_1221army.html

Apple Squashes Mac Rumor Site ThinkSecret.com

Following news that Apple has settled its lawsuit against the publisher of ThinkSecret.com, Tim Deal, a senior analyst at Pike & Fischer, said it’s a shame that Apple is using its heavyweight status and obvious financial strength to squash some of these small players. “Apple’s entire marketing strategy is based upon secrecy,” Deal said. http://www.cio-today.com/news/Apple-Squashes-Mac-Rumor-Web-Site/story.xhtml?story_id=11100A793I8I

5 Secure Reasons for Thin Clients

Access to Web applications is typically the most frequent use of a personal computer. Whether this should be done by means of a “fat” computer or by the increasingly available “thin” client is a question on many enterprises’ agendas. The fat solution offers mainframe-like—as well as stand-alone–capabilities for the desktop that make it attractive from the standpoint of the individual user. The thin approach has demonstrably lower operating costs and significantly lower security risks, both of which favor a corporate point of view. The following are five security justifications that underscore why enterprises should adopt thin-client models. 1. Zombie Prevention2. … Continue reading 5 Secure Reasons for Thin Clients

Apple files patent for WGA-style anti-piracy tech

Could sniff for pirated Mac OS X as often as every 5 minutes Apple Inc. has filed an updated application with the U.S. Patent & Trademark Office for a product activation and anti-piracy technology that would give the company the same kind of control over its software as the oft-criticized Windows Genuine Advantage platform provides its rival, Microsoft Corp. Patent application 20070288886, titled “Run-Time Code Injection To Perform Checks” and dated Dec. 13, spells out a “digital rights management system” that would “restrict execution of that application to specific hardware platforms.” In the application, Apple noted the ease with which … Continue reading Apple files patent for WGA-style anti-piracy tech