Cody Taylor

FreedomFighter writes “In a Cloud Standards breakthrough, the FSF is teaming up with major cloud computing vendors to form the Free and Open Cloud Alliance (FOCA), a trade marketing association supporting Free(TM) and Open Cloud Computing (FOCC). The new CloudLeft Public License (CPL) is based on the ideas that data wants to be Free(TM) and all your Cloud(TM) are belong to us. It closes the ‘user data loophole’ by requiring the release of not only the source code for a CloudLeft platform but also the data passing through it. This renders most security issues void while appropriately setting the users’ expectation of privacy. ‘In the past, I’ve said that “cloud” is complete gibberish, but while discussing fashion during my weekly squash game with Stallman he convinced me that this was a great opportunity.’ said Larry Ellison, CEO of Oracle. RMS, who previously said that ‘cloud’ is worse than stupidity was also pleased about the return of the advertising clause, requiring the use of the ‘GNU/Cloud’ name, as he is ‘tired of haranguing the GNU/Linux community about this.’ Full details will be available next Monday, including the first marketing and outreach program — ‘FOCC: IT in 2009.'”

Read more of this story at Slashdot.

Jibbler writes “Following the recent Pwn2Own competition, in which Firefox, IE8 and Safari all fell quickly to exploits, Netcraft has observed a surge in popularity of the text-based Lynx browser. Netcraft points out that Lynx supports the latest cryptographic ciphers, and at least one online banking site has seen Lynx usage overtake that of Internet Explorer and Firefox. To boost Lynx’s excellent security history, Netcraft has even developed a version of its anti-phishing toolbar for Lynx.”

Read more of this story at Slashdot.

eldavojohn writes “A bill introduced today, similar to one that died in 2007, would reform the plague of National Security Letters and greatly narrow their scope. On top of that, it would mandate the destruction of any wrongly obtained information discovered in audits by the Inspector General that uncovered widespread improprieties in NSLs.”

Read more of this story at Slashdot.

Security experts have sounded the alarm – and many others are just as loudly trying to quell the furor – over fears the Conficker computer worm could trigger Internet havoc on April 1 .

TechCrunch is running a story about three possible security issues with Google Docs recently uncovered by researcher Ade Barkah. It turns out that an image embedded into a protected document is given a URL which is not protected, allowing anyone who knows or guesses it to see the image regardless of permissions or even the existence of the document. Barkah also pointed out that once you’ve shared a document with another person, that person can see diagram revisions from any point before they gained access, forcing you to create a new document if you need to redact something. The last issue, the mechanics of which he disclosed only to Google, affects the document-sharing invitation forwarding system, which can allow somebody access to your documents after you’ve removed their permissions. Google made a blog post to respond to these concerns, saying that they “do not pose a significant security risk,” but are being investigated. We previously discussed a sharing bug in Google Docs that was fixed earlier this month.

Read more of this story at Slashdot.

BobB-nw writes “Many have been worrying that the Conficker worm will somehow rise up and devastate the Internet on April 1. These fears are misplaced, security experts say. April 1 is what Conficker researchers are calling a trigger date, when the worm will switch the way it looks for software updates. A 60 Minutes episode about the worm on Sunday will stoke concerns. But the worm has already had several such trigger dates, including Jan. 1, none of which had any direct impact on IT operations, according to Phil Porras, a program director with SRI International who has studied the worm. ‘Technically, we will see a new capability, but it complements a capability that already exists,’ Porras said.”

Read more of this story at Slashdot.

This week’s news coverage of another online storage company’s data loss has people weighing in on whether “cloud computing” storage poses an unacceptable security risk.

Uh oh Apple — it looks like even your attorneys are dirty, thieving jailbreakers.The images from the iPhone biometric security patent application show a jailbroken phone, complete with Installer.app, SMBPrefs, and the iWood Realize theme from the iSpazio repository

Security consultant Ade Barkah checked in with us to alert us to a couple of serious security issues associated to Google Docs.

The European Parliament has approved a report which goes against the French plan to implement a ‘3 strikes’ regime for alleged P2P copyright infringers. The proposals to increase security and ensure freedom on the Internet were accepted, but disconnecting users from the Internet was ruled out.