Forgot your password?
typodupeerror
Security

TSA Changes Screening Based on Blog Suggestion 279

Posted by Soulskill
from the hey-they-actually-listened dept.
hhavensteincw writes "Less than a week after it launched a new blog aimed at gathering suggestions from air travelers to improve airport security processes, the Transportation Security Administration changed a practice where some screeners were requiring passengers to remove all electronics, including Blackberries, iPods, and cords from carry-on luggage. Seems the TSA didn't know this was going on, and after the question was raised on its blog, it clamped down on the practice. The TSA also provided a detailed description of their reasoning behind the liquids policy. We discussed the opening of the blog last week."
Security

+ - BT flaw puts broadband users at risk->

Submitted by
SecFreak
SecFreak writes "A flaw in a DSL home gateway could lead broadband users inadvertently to divulge personal information, according to a group of self-styled ethical hackers. In summary, if the victim visits our evil proof-of-concept webpage, his/her browser sends a HTTP request to the BT Home Hub's web interface. After this, the Home Hub starts a VoIP/telephone connection to the recipient's phone number specified in the exploit page. This is what the attack looks like: the victim's VoIP telephone starts ringing and shows an external call message on the LCD screen along with the recipient's phone number. However, what's interesting is that from the point of view of the victim, it looks like he/she is receiving a phone call from the number shown on the screen, but in fact he/she is calling that number! http://www.gnucitizen.org/blog/call-jacking http://www.pcworld.com/article/id,141587-c,onlinesecurity/article.html"
Link to Original Source
Communications

Preparing for the Worst in IT 172

Posted by Zonk
from the in-a-post-blah-blah-blah dept.
mplex writes "How vulnerable is the internet to terrorist attack? Is it robust enough to handle an outage on a massive scale? Should the commercial infrastructure that powers the internet be kept secret? These are the sorts of questions raised by Mark Gibbs in his latest column in Network World. 'There is an alternate route available for nearly all services through Las Vegas or Northern California serving all facilities-based carriers in Los Angeles -- all interconnected at numerous L.A. and L.A.-area fiber-optic terminals supporting both metro and long-distance cable.' Given that the internet thrives on open networks, it's hard to imagine keeping them a secret. At best, we must be prepared to deal with the worst."
Security

+ - Why high level languages are potentially dangerous

Submitted by
insane_coder
insane_coder writes "The Insane Coding Blog has a nice story up about wether one can trust their applications. An interesting point from the article: "Not using a high level compiler or virtual machine gives us a layer of security in that it would be harder for one to pass out an 'evil compiler' that would understand what the developer was trying to do and instead have it do something malicious." If you're wondering where your 'evil compiler' would come from, "If you're using a Linux distro which offers binary packages, what really stops a package maintainer from compiling a modified application and putting that in the distro's repositories?""

Do not use the blue keys on this terminal.

Working...