Cody Taylor

BobB-nw writes “The U.S. federal government is accelerating its efforts to secure the Internet’s routing system, with plans this year for the Department of Homeland Security to quadruple its investment in research aimed at adding digital signatures to router communications. DHS says its routing security effort will prevent routing hijack attacks as well as accidental misconfigurations of routing data. The effort is nicknamed BGPSEC because it will secure the Internet’s core routing protocol known as the Border Gateway Protocol (BGP). (A separate federal effort is under way to bolster another Internet protocol, DNS, and it is called DNSSEC.) Douglas Maughan, program manager for cybersecurity R&D in the DHS Science and Technology Directorate, says his department’s spending on router security will rise from around 0,000 per year during the last three years to approximately .5 million per year starting in 2009.”

Read more of this story at Slashdot.

BuhDuh writes “The New York Times is carrying a story concerning that well known bastion of legal authority, the ‘Foreign Intelligence Surveillance’ court, which has ruled that the National Security Agency’s warrantless eavesdropping program was perfectly legal. It says, ‘A federal intelligence court, in a rare public opinion, is expected to issue a major ruling validating the power of the president and Congress to wiretap international phone calls and intercept e-mail messages without a court order, even when Americans’ private communications may be involved, according to a person with knowledge of the opinion.'”

Read more of this story at Slashdot.

MojoKid writes “Russian-based ElcomSoft has just released ElcomSoft Wireless Security Auditor 1.0, which can take advantage of both Nvidia and ATI GPUs. ElcomSoft claims that the software uses a ‘proprietary GPU acceleration technology,’ which implies that neither CUDA, Stream, nor OpenCL are being utilized in this instance. At its heart, what ElcomSoft Wireless Security Auditor does is perform brute-force dictionary attacks of WPA and WPA2 passwords. If an access point is set up using a fairly insecure password that is based on dictionary words, there is a higher likelihood that a password can be guessed. ElcomSoft positions the software as a way to ‘audit’ wireless network security.”

Read more of this story at Slashdot.

An anonymous reader writes “The European Parliament has signed up to a plan to introduce computerized biometric passports including people’s fingerprints as well as their photographs, despite criticism from civil liberties groups and security experts who argue that the move is flawed on technical grounds. (Back in 2005 Sweden and Norway began deploying biometric passports.)”

Read more of this story at Slashdot.

CWmike writes “A new Government Accountability Office report (PDF) finds that taxpayer and other sensitive data continues to remain dangerously underprotected at the IRS. The news comes less than three months after the Treasury Inspector General for Tax Administration reported that there were major security vulnerabilities in two crucial IRS systems. Two big standouts in the latest finding: The IRS still does not always enforce strong password management rules for identifying and authenticating users of its systems, nor does it encrypt certain types of sensitive data, the GAO said.”

Read more of this story at Slashdot.

CurtMonash writes “Much is being made of the deliberations as to whether President Obama will be able to keep using his beloved “BarackBerry.” As the NYTimes details, there are two major sets of objections: infosecurity and legal/records retention. Deven Coldeway of CrunchGear does a good job of showing that the technological infosecurity problems can be solved. And as I’ve noted elsewhere, the ‘Omigod, he left his Blackberry behind at dinner’ issue is absurd. Presidents are surrounded by attendants, Secret Service and otherwise. Somebody just has to be given the job of keeping track of the president’s personal communication device. As for the legal question of whether the president can afford to put things in writing that will likely be exposed by courts and archivists later — the answer to that surely depends on the subject matter or recipient. Email to his Chicago friends — why not? Anything he’d write to them would be necessarily non-secret anyway. Email to the Secretary of Defense? That might be a different matter.”

Read more of this story at Slashdot.

For years now, the little blue “E” has been gracing the desktops of Windows users around the world (though many might say it’s doing just the opposite!). Internet Explorer, notorious for its many security holes and being slow to patch them, continues to be one of the top choices for web browsing…

When reports of security issues in Apple’s Safari browser come over the transom, they get our attention. When they’re exploitable in both the Mac and Windows versions of Safari, they get our full and undivided attention. When the person reporting them is Brian Mastenbrook (credited with discovering multiple previous vulnerabilities in Mac OS X)…