Forgot your password?

Close
typodupeerror
Cellphones

James Murdoch's Defense Crumbles 272

Posted by timothy
from the and-in-the-alternative-no-one-saw-me-do-it dept.
Hugh Pickens writes "Brian Cathcart writes that whatever happens to News Corp., it will surely happen without James Murdoch, the clever, dashing heir apparent to his buccaneer father, Rupert, who has become a liability with little hope of survival. James Rupert told members of Parliament that when he approved a payment of about $1.1 million in 2008 to settle the first lawsuit brought by a phone-hacking victim, he was not shown an email that suggested phone hacking was more widespread at the News of the World, and not limited to one 'rogue' reporter. 'He is saying one thing—that in briefing him they gave an "incomplete picture" — and, remarkably, in a statement Thursday, they publicly denied that,' writes Cathcart. All the News Corp. executives used to tell the same story but one by one as the pressure has grown these people have been cast off or have drifted away and now as the little group has splintered and scattered, and they all need to save their own skins. 'It's not just James who is done,' writes David Carr in the NY Times. 'Rupert Murdoch, as we have long known him, is done as well.'"
Security

+ - Questions Remain Following RSA Cyber Attack->

Submitted by wiredmikey
wiredmikey writes "After notifying customers on Thursday that it had been breached after hackers mounted a highly sophisticated cyber attack that has put its SecurID product at risk, RSA has yet to expand on the details and potential impact of the attack, leaving customers concerned and with many questions.

In the meantime, reactions are pouring in from customers and the information security community in general, some saying to prepare for the worst, and some brushing it off as not-so-serious incident."
Link to Original Source

Comment: Not PCI compliant (Score 1) 136

by 12ahead (#34815556) Attached to: Vodafone Customer Database Breached

How the heck do they get away with having retrievable credit card details in their db? Once the CC# is in the database it shouldn't be retrievable.

How many places out there don't actually follow this simple rule?

Where I work we were worried that the banks may turn off our credit card processing facilities if we don't get PCI compliant. And that is maybe 1/40 of the customer base.

I am really puzzled - how does Vodafone get away with this in the first place? No audits?

OS X

Apple Patches Massive Holes In OS X 246

Posted by timothy
from the well-it-wouldn't-be-polite-to-patch-windows dept.
Trailrunner7 writes with this snippet from ThreatPost: "Apple's first Mac OS X security update for 2010 is out, providing cover for at least 12 serious vulnerabilities. The update, rated critical, plugs security holes that could lead to code execution vulnerabilities if a Mac user is tricked into opening audio files or surfing to a rigged Web site." Hit the link for a list of the highlights among these fixes.

Comment: Been there done that (Score 1) 70

by 12ahead (#23784061) Attached to: Building an Effective Information Security Policy Architecture
Easy solution. Work at a company and ... have a backup of their security policy ready. Think of it as a template.

When you leave that company do a replace on the company name and make it the official policy of the new company.

In case you get an audit match the auditors requirements with your security policy and enhance it where it lacks using the format of the template you brought along.

During the time of the audit have signs up in the office, revoke the CEO's and any other big shots/pain in the ass user's special privileges like having no password complexity, automatic timeout, etc.

When the auditors leave relax and congratulate yourself on how you played your part in the whole accreditation/compliance/certification placebo crap.

On the other hand if you really dislike a user point out a random clause in the policy and have them fired for violating it.

The Matrix

+ - Fate - is it a myth?

Submitted by
Matthendrix
Matthendrix writes "http://www.cavemanpower.com/forum/fate_is_it_a_myt h-t15.0.html How many time do you hear somebody say "oh, it was meant to happen" when reflecting on a misfortune? I hear it occasionally, and I find it fascinating, because by making that statement the person is actually implying some massive presuppositions. They include: * Belief that life is intelligently controlled by an ethereal power * Belief that they are part of a "grand" or "divine" plan Are these people just whistling in the dark? Too afraid to face the terrifying prospect that life is chaotic?"
Businesses

Best & Worst Decisions Starting Companies 127

Posted by kdawson
from the if-i-had-it-to-do-over-again dept.
markfletcher writes "Today I launched a new site, Startupping, dedicated to helping Internet entrepreneurs. For the launch I asked several successful entrepreneurs about lessons they learned starting and running Internet companies. The first set of replies includes responses from Paul Graham, John Battelle, Chris Pirillo, Ross Mayfield, and Dick Costolo."

What Would You Recommend for IT Training? 79

Posted by Cliff
from the if-your-company-had-the-money-to-spend dept.
ITPhantom wonders: "It is that time again and my supervisor has been coming around and asking what training and conferences I would like to attend in the upcoming year. I have recently been put in charge of the management and security of a few dozen machines in our department, and our internal network (simple as it may be). While most of the machines that I am responsible for are running Windows, there are a few Linux machines in the mix. I am fairly proficient with Windows, but have not had any real experience managing Linux machines, though I have been a casual user for about a year. With all of the options available, from online training to extensive boot camps and seminars, what would you recommend for training in the areas above?"

Bloodless Surgery 226

Posted by samzenpus
from the walk-it-off dept.
isaacbowman writes "Dr. Charles Bridges, a Pennsylvania Hospital cardiologist, says says regarding new bloodless surgery options - "Among the benefits are reductions in recovery time, hospital stay, cost and complications -- as well as an estimated $20,000 in savings per patient." Advances in medicine have made this possible and Dr. Bridges also says, "There's no downside to it that we can see, and there's certainly no downside that's been documented." Dr. Patricia Ford, director of Pennsylvania Hospital's Center for Bloodless Medicine & Surgery, further states, why blood transfusions are dangerous, saying that they are "like getting a transplant; they can be risky and should be a last resort.""

The .XXX Saga Continues in Wellington 302

Posted by ScuttleMonkey
from the site-your-sights-on-pr0n dept.
netrover writes "CircleID is reporting on the latest developments on the .XXX top-level domain as the related ICANN meeting is currently underway in Welligton, New Zealand. From the article: 'The .XXX TLD was widely expected to receive its final approval at the ICANN's last meeting held in Vancouver about 4 months earlier but the discussion was unexpectedly delayed as the organization and governments requested more time to review the merits of setting up such a domain.' But as it has been reported, it appears the discussions at ICANN Wellington are in limbo once again."

Mystics always hope that science will some day overtake them. -- Booth Tarkington

Close