Tor Browser is a privacy-focused web browser that routes traffic through the Tor network to obscure a user’s identity and destination—and that design has direct implications for Linux security teams. It’s built to limit tracking, resist surveillance,...
RSA 2005: Concerns over online security are continuing to slow consumer e-commerce growth. A quarter of the respondents in a recent survey have reduced their online purchases in the past year and 21 per cent refuse to conduct business with their financial institutions online because of security fears. More than half (53 per cent) of the 1,000 consumers quizzed believe that basic passwords fail to provide sufficient protection for sensitive personal information.
"Identity theft continues to be a very serious threat. One in 23 adults will be victimized this year, with a total loss exceeding $50 billion. To prevent the misuse of our personal information, survey research shows we should be as safety-conscious in our home and office, as we are on the Internet," said Ken Hunter, President of the Council of Better Business Bureaus, Inc.
A vulnerability in radio-frequency ID chips could put millions of users of wireless car key tags or speed pass payment devices at risk, according to a recent study by researchers at Johns Hopkins University and RSA Laboratories. Using a relatively simple electronic device, criminals could wirelessly probe a car key tag or payment tag and then use the information obtained from the probe to crack the cryptographic key on the tag, Ari Juels, principal research scientist at RSA, explained.
Biometrics authentication technology should be a promising means to confirm a cardholder's authenticity. With a Linux-based radio frequency (RF) personalizer that reads and writes in memory, the administrator can set various parameters of the smart security controller, such as real-time clock, personal identification number (PIN) option, alarm options and reader delays. Biometric security Relevant Products/Services from Verisign -- Free E-Commerce Start-up Kit with fingerprint matching involves protecting results -- a user's template, fingerprint images, a fingerprint's features, and a user's finger. The simplest design solution for a client considering finger-print matching is to embed all functions and data in tamper-resistant smart cards.
Complicated by too many systems, too many applications, and too many passwords, identity management is a major headache for most organizations. Can an intelligent, Web-services approach employing new standards ride to the rescue?
Lycos Europe appeared to have pulled a controversial anti-spam screensaver program from its site on Friday, after coming under fire from both security experts and the spammers themselves.
Lycos Europe is offering a "screensaver that spams the spammers," using idle computer time to attack sites that have been blacklisted for abusive spamming practices. Monitoring of three of the targets housed on Chinese servers shows that two of the sites, bokwhdok.com and printmediaprofits.biz, have been knocked offline by the attack. A third target, rxmedherbals.info, has remained largely available, with intermittent outages.
Every organization requires some type of a network site security policy that will protect the organization's valuable assets -- everything from systems to data. The policy guidelines presented here will help you to establish an enterprise-wide program for how internal and external users will interact with a company's computer network, how the corporate computer architecture topology will be implemented, and where computer assets will be located. . . .
The efforts of the "Source Code Club" to sell the source code to Cisco firewalls may be despicable, but they may also be a blessing in disguise. By making a public show of Cisco's inability to keep its secrets to itself, these desperados may actually be doing us all a big favor. . . .
I was sitting in the cardiologist's office waiting for what seemed like an eternity. Around me in the room were people mostly older than I, which means they were pretty old. . . .
Last year I was the victim of identity theft, a sobering reality in today's world. An unscrupulous criminal managed to social engineer his way past the formidable security checks and balances provided by my credit card company, my bank, and one of my investment accounts. . . .
The U.S. Department of Transportation has dismissed a claim filed against Northwest Airlines that accused the carrier of violating its own privacy policy when it gave government officials passenger . . .
A steady stream of passengers handpicked by AMR's American Airlines showed up yesterday at a sectioned-off area of National Airport's baggage claim to submit to the scans, present two forms of government identification and fill out a form that will be used to perform a criminal background check. . . .
A new worm can spy on users by hijacking their Web cameras, a security firm warned Monday. The Rbot.gr worm -- the latest in a long line of similar worms; one security firm estimates that more than 4,000 variations have appeared -- has the capability of turning Webcams against their owners, said officials at U.K.-based Sophos. . . .
Resellers of old computer equipment say they will no longer accept used equipment without charging for erasing hard drives to ensure they aren't held liable for exposing sensitive data. . . .
California's Assembly has voted to require the state's employers to inform their workers in writing if email and other Internet activity is monitored at the office. If it becomes law, supporters said the bill would place the state at the forefront of protecting employee privacy online and may serve as a model for similar bills in other states. . . .
Proof that the United States is capitalism's capital, a survey released Thursday said that nearly all the world's spam is spewed by a limited number of hard-core spammers within the U.S. . . .
By now just about every person with an email inbox has been exposed to a phishing scam. Spoofs are showing up with alarming frequency and to make matters worse, criminals have upped the ante with increasingly sophisticated coding and graphics. Gone are the childishly misspelled emails from the High Prince of the Sudan. Advanced techniques leveraging secure phishing servers and high-quality reproductions have contributed to a lucrative criminal enterprise. . . .
LS: Some of you may remember that we at LinuxSecurity confidently predicted that the CAN-SPAM act was bound to fail. We might congratulate ourselves for this foresight, if only it weren't so obvious. No serious security or privacy expert thought that it stood a chance of reducing the volume of spam. Our question still remains: was CAN-SPAM really just a cover for Congress, so that they could pretend to be legislating against spam while instead doing the bidding of the Direct Marketing lobbyists? . . .
A federal judge has handed a preliminary victory to the recording industry by granting its request to unmask anonymous file swappers accused of copyright infringement. U.S. District Judge Denny Chin ruled Monday that Cablevision, which provides broadband Internet access in Connecticut, New Jersey and New York, can be required to divulge the identities of its subscribers sued over copyright violations. . . .
