Monthly Archives: August 2010

I recently received a snail mail to renew my Sirius XM Satellite radio account.  They gave me two simple options for renewal: 1) Call via telephone  or  2) Renew online.  They were nice enough to include my username and password in the … Continue reading →

There’s been some recent news regarding the insecurity of web browsers’ Private Browsing feature and how not so private it really is.  A big culprit leaving a trail on your computer are Flash cookies which are stored and governed outside … Continue reading →

F-Secure has posted a Q+A about the recent jailbreakme.com website and the PDF/kernel vulnerability it exploits in iOS.  It’s worth a read and can be found here: http://www.f-secure.com/weblog/archives/00002004.html Of note: Effects iOS, NOT just the iPhone (this means ipod, touch, … Continue reading →

David Shpritz from the Securabit podcast wrote a short paper aimed at developers on how to build secure password reset functionality. Highlights: Always email a password reset link as another means to verify identity Consider use of SMS message for … Continue reading →

The Secunia Half Year report has been released and can be found here: http://secunia.com/gfx/pdf/Secunia_Half_Year_Report_2010.pdf There’s an interesting article on Apple Insider which is critical of the findings especially considering Secunia really throws Apple under the bus as “having the most … Continue reading →

Andy Greenberg from The Firewall has a nice wrap-up from the recently completed security conventions…. Employees at Apple, Google, BP and many other companies spilled secrets in a “social engineering” contest that challenged Defcon attendees to call corporations and trick … Continue reading →

Found this comprehensive list of recently released mid year security reports on the SecuraBit website: Verizon 2010 Data Breach Investigations Report (DBIR) The big news here is that the DBIR now includes data from the U.S. Secret Service, giving the … Continue reading →