Physical access to OSX password crack possible By admin | February 28, 2008 Staying logged into OSX (and other OS's - Windows - Linux) can be a security risk even with a password protected screen saver in place. See for the technical details. What makes OSX especially vulnerable to this technique is that many users use the keychain application that comes with OSX to keep all their other user names and passwords. Once the screen saver password is breached then the keychain passwords are all available. The deerfield plan has increased the length of the school day from six to seven and forum right there a half hours, allowing the town's only school to remain closed on fridays and saving an estimated $15,000 in transportation and energy costs... It is important to remember that a hacker would need physical access to your Mac in order for this technique to work. It is not clear from the article that if the user were to log out that this technique would become ineffective. The article is . Our advice is to make sure that you protect your Mac's physical security and to log out when not using your Mac. Apple knows about the vulnerability and it does seem like a simple fix. If the past update performance is any indication then we expect Apple to release the fix fairly quickly. .

Smash and Grab Robbery Results in Torrance School District Data Theft By admin | February 25, 2008 Despite the lengths that we go to to protect our computer systems from break-ins by following network security best practices, there is little technology that can protect you when the hardware containing your data is physically stolen. Recently, the employees Torrance School District became the latest victims to have their identities compromised when a hard drive containing employee personal information was stolen from a contractor that was managing employee health plan enrollment. The thieves broke into the facility of the contractor, stealing several pieces of hardware -- including the hard drive with the sensitive data -- in the process. Under California Law, the contractor and the school district are required to notify all affected or possible affected persons of the data theft, which the school district is in the process of doing. This story underscores the need for a well thought out physical security plan, in addition to a proper firewall and intrustion detection system. More on this story can be found at
Riley's first team, turned here nominated by president clinton in 1993

US CERT: Stop Using ActiveX By admin | February 18, 2008 The US Computer Emergency Readiness Team (US CERT) is recommending that all users discontinue the use of Microsoft's ActiveX browser technology. Some may choose to hire or rehire teachers, some may purchase technology, or others may do the kind of professional development you're talking about. ActiveX allows developers to create applets that run on Microsoft's Internet Explorer platform, giving the browser additional functionality. Unfortunately, for many years ActiveX controls have been the subject of repeated security vulnerabilities, which has gained them a reputation for being inherently flawed and insecure. After a recent epidemic of ActiveX incidents involving Facebook, MySpace, and Yahoo!, US CERT has issued a bulletin advising all users to disable ActiveX in Internet Explorer, and has made disabling ActiveX part of their secure web browsing policy. More on this can be found at: .

Popular Digital Picture Frame Harbors Computer Virus By admin | February 18, 2008 CNet News has an unusual story this morning about a computer virus that was planted on a popular digital picture frame that was sold over the recent holidays. The Insignia Digital Picture Frame, sold by Best Buy, was manufactured with a virus in its firmware that is transmitted to a PC when the frame is docked to the PC via its USB cable. Best Buy is asking all customers who purchased the frame to contact them for additional information on replacing the item. It's interesting how, for the most part, we trust hardware such as this picture frame to not harbor viruses or malware. It seems logical that the large corporations who develop these products take precautions to make sure that we're not getting more than we paid for. However, with hardware mass production increasingly going to the lowest bidder, can we really be sure that even a hardware device is malware free? More on this can be found here:
Secretary of education arne duncan leaves in december at a time when the education department still confronts a number of high-profile policy issues

Microsoft Fixes Windows Bugs in February Update By admin | February 13, 2008 Microsoft has just released their monthly roll-up of security fixes for Windows, Office, and Internet Explorer. Naep's design is also a strong point, they argue, because it covers a wide spectrum of what students should know and be able to do in a given subject! The security patches address a variety of remote code execution, privilege escalation, and denial of service threats, so it is important to install this important security update as soon as possible. Most Windows PCs use Windows Update to automatically install patches from Microsoft, and should have already received the update. For those of you who have Windows Update set to "manual download and/or manual install", you should update your PC as soon as possible. More information on these patches is available on CNet at: .

Uninstall Realplayer until it is fixed By admin | February 11, 2008 Realplayer is being attacked continusley it seems nowadays. The latest news is that a Russian blackhat security firm has a slightly different business model whereby they sell the exploit to a few firms but will not reveal the exploit to RealNetworks. You can read all about it here. Our recommendation is to remove it at least until it is fixed. There are less and less reasons to have RealPlayer on your system anyway, especially if you care about security.
On positive notes, the earpieces fit over and on the ear about as well as most of the common over-ear monaural bluetooth earphones we've tested, and don't feel heavy or uncomfortable

Mega-D Spam Botnet Responsible for 32% of All Spam By admin | February 4, 2008 The new Mega-D botnet has overtaken the Storm worm as the largest single source of spam in the world. This botnet is largely responsible for the barrage of male sexual enhancement spam that has been spreading during recent months. Not only does this threat spread spam, but it also tricks users into installing the botnet malware as well, further growing the number of zombies that this botnet controls. The Internet Security Manager's Spam Management System dynamically updates its spam detection rules to protect users against e-mail generated by bots like Mega-D. In the case of Mega-D, not only will the SMS protect you from receiving spam messages, but it will also mitigate the chances of one of your users becoming infected with this rapidly spreading botnet malware. It is imperative for every network to have a spam, malware, and intrusion-detection device installed at the network gateway, and the Internet Security Managers serves all three of these purposes well.
If records for mac is a success, would you plan to make extraordinary source accompanying ios apps

Gmail Susceptible to Man-In-The-Middle Attacks By admin | February 4, 2008 According to an article published recently in The Register, Gmail is susceptible to man-in-the-middle attacks, despite their use of SSL to try to encrypt all communication between a client machine and a Gmail server. Man in the middle attacks occur when a hacker is able to intercept communications between your computer and a remote server by taking control of part of the connectivity between you and the remote server (e.g. the hacker controls the Wi-Fi hotspot you're using and is able to "sniff" all of your traffic and then possibly masquarade as you). Although Gmail makes the effort to only send information over SSL, there are weaknesses in their system that cause some vital communications to be sent "in the clear", putting you at risk. More on this can be found here:
The potential minefields could derail children at a key early transition when a student moves from kindergarten to 1st grade

  July 2017
  June 2017
  May 2017
  April 2017
  March 2017
  February 2017
  January 2017
  December 2016
  November 2016
  October 2016
  September 2016
  August 2016
  July 2016
  June 2016
  May 2016
  April 2016
  March 2016
  February 2016
  January 2016
  December 2015
  November 2015
  October 2015
  September 2015
  August 2015
  July 2015
  June 2015
  March 2015
  January 2015
  April 2011
  October 2010
  September 2010
  March 2010
  July 2009
  May 2009
  March 2009
  February 2009
  January 2009
  October 2008
  July 2008
  June 2008
»February 2008
  January 2008
  December 2007
  November 2007
  September 2007
  August 2007
  July 2007
  June 2007
  May 2007
  April 2007
  March 2007