He started from hacking for fun (cracking phone systems), then he founded DefCon and Black Hat hacker conferences (btw, we had a chance to visit DefCon9 in 2001) and now Jeff Moss is chosen to take care of US cyber security affairs. No doubt, Jeff Moss has the guts to resist cyber terrorism and protect national interests. Good luck, Jeff!

Securing home Wi-Fi remains uncertain when it comes to law. Some urge users are not liable when they use default security settings and it is manufacturer who is guilty when/if wireless network was ‘successfully’ abused. Others put whole responsibility on users. This is practically a question to law and usually its resolution depends on lawyers’ skills to gather and manipulate the details. Your security encompasses not only security against the law when you happen to fall a victim to an intruder, but also protection against that very intruder. In the long run, it’s up to you whether to endeavor to prove your innocence or take measures to build a reliable fence.

Wow, Adobe rethinks PDF security. Curious why? Because of vulnerabilities in Abobe Reader (and so zero-day exploits), of course. From the article:

A number of D-link routers are now equipped with captcha feature. Sounds interesting. 

Today’s businesses are very mobile. Sometimes you don’t even need to have a conventional office, it becomes virtual, it is always with you in your mobile phones, netbooks and laptops. Such mobile mini-offices stuffed with corporate documents and reports, partners’ data, confidencial correspondence, access passwords are in danger of being stolen, both virtually and physically. You can try to protect your laptop using laptop security cable locks but what if it was stolen? Let all your information go into adversary’s hands? Do you _really_ think that your Windows logon password is an impenetrable barrier for the adversary? Have you heard of Elcomsoft System Recovery? You still think your laptop is secure because you have BIOS password and/or partial drive encryption? Read an article by Kevin Beaver ‘Securing corporate data on your laptops’ , take off rose-colored glasses and revise your laptop security as suggested in Kevin’s step-by-step outline. 

We never thought that our participation would bring such kind of trouble (or at least a disappointment).

From F-Secure advises against using Adobe Reader article:

The key findings of the survey of the 35860 wireless networks (in 12 Indian cities) are:

Sad information: Hackers grab more than 285M records in 2008. Just curious, how about Sarbanes-Oxley Act, does it really work? 🙂

Michael Kassner placed an article about Surveillance Self-Defense in the TechRepublic, where he gives brief outline of the SSD website. Though some can endlessly brood over the grounds for the project foundation, for me one is clear that this site can be very much helpful to put all principal computer security guidelines together and close the gaps in your own security.
(more…)