Berkeley CSUA MOTD:Entry 12984
Berkeley CSUA MOTD
 
WIKI | FAQ | Tech FAQ
http://csua.com/feed/
2025/05/25 [General] UID:1000 Activity:popular
5/25    

2004/4/2 [Computer/SW/Security] UID:12984 Activity:nil
4/2     "leading software companies' including Microsoft and Computer
        Associates and industry organisations such as the BSA, has asked
        the Department of Homeland Security to regulate what they call
        'Cyber Security'"  What will be the impact of this?
        http://www.forbes.com/business/newswire/2004/04/01/rtr1320997.html
        \_ I'm guessing they want to shut down the people announcing all the
           donkey sized security holes in their products so they stop looking
           so stupid.
2025/05/25 [General] UID:1000 Activity:popular
5/25    

You may also be interested in these entries...
2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil
8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...
2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil
8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...
2012/7/18-8/19 [Health/Men, Computer/SW/Security] UID:54438 Activity:nil
7/18    "Largest penis record holder arouses security suspicions at airport"
        http://www.csua.org/u/x2f (in.news.yahoo.com)
        \_ I often have that same problem.
        \_ I think the headline writer had some fun with that one.
           \_ One time when I glanced over a Yahoo News headline "U.S. busts
              largest-ever identity theft ring" all I saw was "U.S. busts
	...
2012/4/23-6/1 [Computer/SW/WWW/Browsers] UID:54360 Activity:nil
4/19    My Firefox 3.6.28 pops up a Software Update box that reads "Your
        version of Firefox will soon be vulnerable to online attacks."  Are
        they planning to turn off some security feature in my version of
        Firefox?
        \_ Not as such, no, but they're no longer developing this version,
           so if a 3.6.x-targeted hack shows up, you're not going to get
	...
2011/11/8-30 [Computer/SW/Security, Computer/SW/OS/Windows] UID:54218 Activity:nil
11/8    ObM$Sucks
        http://technet.microsoft.com/en-us/security/bulletin/ms11-083
        \_ How is this different from the hundreds of other M$ security
           vulnerabilities that people have been finding?
           \_ "The vulnerability could allow remote code execution if an
               attacker sends a continuous flow of specially crafted UDP
	...
2011/11/11-30 [Computer/SW/Security] UID:54224 Activity:nil
11/11   MacOSX's Sandbox security hole:
        http://preview.tinyurl.com/7ph2wtg [arstechnica]
	...
2011/2/10-19 [Computer/SW/Security] UID:54034 Activity:nil
2/9     http://www.net-security.org/secworld.php?id=10570
        Summary: iPhone passwd storage is unsafe after all
	...
Cache (2550 bytes)
www.forbes.com/business/newswire/2004/04/01/rtr1320997.html
By Andy Sullivan WASHINGTON Reuters - The United States government may need to step in to protect the nations computer networks from viruses, worms and other cyber-attacks, a technology-industry group said Thursday in a reversal of a long-held stance. Business groups have lobbied successfully for years against cyber-security laws or regulations, but the task force concluded that critical systems that oversee power plants, banks and other sensitive areas may need government regulation. It is possible that national security or critical infrastructure may require a greater level of security than the market will provide, the report said. Any such gap should be filled by appropriate and tailored government action that interferes with market innovation on security as little as possible, said the task force, which was led by Microsoft Corp and Computer Associates International Inc. The report says programmers should be held personally accountable for security holes in the software they write. Task force co-chairman Ron Moritz said the report calls for a limited government role, such as helping to develop certification standards for software that runs in sensitive systems. Still, it does reflect a new attitude in the private sector, he said. We all have a better appreciation and understanding of the challenges we face, said Moritz, chief security strategist for Computer Associates. Viruses, worms and other cyber-attacks can clog networks and knock Web sites offline, costing businesses billions of dollars in lost productivity. Emergency-response centers, automatic tellers and freight trains have been idled by attacks in the past, and experts worry that water-treatment plants and other critical infrastructure could fall victim in the future. The Bush administration released a plan to increase online security last year, but it contained few hard-and-fast requirements for the businesses that control roughly 85 percent of the nations Internet infrastructure. Experts say businesses can still be held liable for security breaches, thanks to court decisions and new laws in areas such as accounting, banking and consumer protection. The report said industry groups should work with the Homeland Security Department to look at ways to reduce liability, as well as examining whether new rules are needed. The report also recommends an industry-wide bounty program to help track down hackers and virus writers, similar to a program set up by Microsoft last year. Task force members include high-tech companies like Hewlett-Packard Co.