Daniel Appelquist writes: As reported in the Daily Mail, independent security researcher and frequent blogger Terence Eden has identified over 2000 UK National Health Service (NHS) websites that are vulnerable to cross-site scripting (XSS) and similar attacks, mostly due to out-dated versions of Wordpress. More worryingly, nobody is taking responsibility for many of these sites, which means there is a follow-on risk that they could be hijacked as vectors for malware or scams (a problem exacerbated since these sites sit under the nhs.uk domain name and people will therefore assume them to be trustworthy).
meltoast writes: Got notice today of a pending lawsuit between the Southeast Texas Medical Associates and Verisign, claiming that there is no difference between Verisign's Secure Site SSL Certificate (40-bit) and the Secure Site Pro SSL Certificate (128-bit). A copy of the notice can be found here. Are the courts capable of deciding that there is no ostensible difference between 40-bit and 128-bit encryption?
Lucas123 writes: "Computerworld reporter Mary Brandel spoke with academics and head hunters to compile this list of computer skills that are dying but may not yet have taken their last gasp. As 'Stewart Padveen, Internet entrepreneur and founder of AdPickles Inc., says, "Obsolescence is a relative — not absolute — term in the world of technology.".
'In the early 1990s, it was all the rage to become a Certified NetWare Engineer, especially with Novell Inc. enjoying 90% market share for PC-based servers.
'"It seems like it happened overnight. Everyone had Novell, and within a two-year period, they'd all switched to NT," says David Hayes, president of HireMinds LLC in Cambridge, Mass.'"
Rhys Newman writes: "Oxford Physics Developers have just released a demo version of JPC; a pure Java applet which boots original DOS and can run a selection of classic DOS games. See the JPC homepage for more information and online demo.
JPC emulates all the hardware of a standard PC sufficient to get DOS booting and running classic (or old) software in original form. As the DOS software is running in a completely emulated environment, the standard JVM security model applies and makes JPC a 100% safe environment to run third party x86 untested/unvetted code.
JPC can run on a mobile phone (or any other device which supports a Java 2 VM), and is also intended to enable secure sharing of CPU resources in a computer grid deployment."