Security

Yahoo has launched new technology making it easier for users to get website information personalised to their current location. However, privacy advocates say the search engine's safeguards aren't enough to protect web surfers from misuse by ... third-party organisations. The new tool, FireEagle, is primarily designed for mobile devices such as handheld PCs and smart phones. The idea is that the system will be open so that any website you visit can use the information about your location without needing separate software or coding. A reported 50 or more sites have already begun using the scheme, ... (view more)

A school testing company's blunder left personal details of more than 100,000 students publicly viewable on the web. The Princeton Review, which produces courses designed to help students prepare for tests including the SAT (the standard entry exam ... for US universities), recently switched Internet providers. During the move, password protected mechanisms were inadvertently disabled, allowing for full public exposure to sensitive student records. Among those which lost their cloaking were one file with names and birth dates of 74,000 Virginia students, and another with more extensive details ... (view more)

While Apple has opened the iPhone to third-party applications, they are also reportedly keeping a very close eye on which applications are allowed to run on your phone. According to hacker Jonathan Zdziarski, the iPhone has the ability to 'phone ... home' and tell Apple what applications are installed, and if Apple doesn't like what it sees, they can neutralize the offending application. Zdziarski says this suggests that the iPhone calls home once in a while to find out what applications it should turn off. He discovered this ability tucked away in a configuration file deep inside the iPhone ... (view more)

Three French journalists have been booted from a major security conference amid claims they were able to hack the laptops being used by fellow reporters. It's particularly embarrassing for those reporters, many of whom write for Global Security Mag, ... an official sponsor of the Black Hat Las Vegas event. Only one of the hackers, Mark Brami, has spoken out; though he blamed colleague Mauro Israel for the 'attack', he said it was meant as a prank. The men involved reportedly told organisers they were attempting to raise the issue of privacy risks among people using public Internet connections. ... (view more)

A new technique has reportedly been developed by two security researchers that bypasses all of the memory protection safeguards in Windows Vista. The tactic is expected to have far-reaching implications for Microsoft the rest of the tech industry. ... Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov of VMWare Inc. will discuss the new methods they've found to get around Vista's Address Space Layout Randomizations (ASLR), Date Execution Prevention (DEP) and other functions built into Windows Vista by using Java, ActiveX controls and .NET objects to load arbitrary content into ... (view more)

A hacker who allegedly crept his way through Pentagon computer systems shortly after the 9/11 attacks recently had his appeal against extradition to the United States dismissed by the British House of Lords. Called the "world's most dangerous ... hacker" by U.S. authorities, Gary McKinnon could soon face trial stateside for his actions. Despite the setback, McKinnon maintains his innocence -- and that Europe offers a better place to prove it. "It might be naive of me, but perversely, I think I might have more chance in Europe than I do in my own country." McKinnon, who has pled his innocence ... (view more)

Businesses' internal networks are becoming increasingly less secure, a new study shows. A scan of 100,000 corporate PCs and servers found that every single organisation was facing some form of security threat. The industries studied included ... healthcare, insurance, finance and manufacturing, with Promises Inc warning that the risk might extend outside the networks and out into the public domain among customers and clients. Security firm Promises Inc carried out the study between January and June this year. The research found even the most secure networks had at least three threats: the two ... (view more)

Online banking makes life easier, at least for those of us comfortable with the idea of transacting money from the home or office. Like most people, I assume that my bank's website is an extremely secure site, rigorously monitored to protect my ... money. Along with many other people, I may have been wrong. A University of Michigan study released last week suggests that, of 214 financial institutions' websites, every one had design flaws and over three-quarters contained at least one flaw that could potentially put customers at risk. (Source: cnet.com ) One of the larger problems seems to be the ... (view more)

In yet another case where government appears to be above the law, the Electronic Frontier Foundation (EFF) has issued a report warning that your printer may be spying on you. Some color laser manufacturers are encoding each page with identifying ... information -- secret code that could be used to identify the printer and, potentially, the person who used it. Without your knowledge or consent, an act you assume is private could become public. What's worse is that there are no laws to prevent abuse. There's little to stop the Secret Service from using printer codes to secretly trace the origin of ... (view more)

Users of some firewall software, including the popular Zone Alarm, have found Microsoft's latest security update works a little too well: it effectively blocks their Internet access completely. The offending update fixes a pretty serious flaw in ... Windows which would have allowed hackers to redirect network traffic. However, it's proved incompatible with the entire ZoneAlarm series of software, leaving its users unable to access websites, instant messaging, email or any other Internet services. (Source: channelregister.co.uk ) ZoneAlarm has published three possible solutions. The first is to ... (view more)