
FTC to Investigate Cloud Computing
The Federal Trade Commission (FTC) is
investigating the privacy and security implications of
cloud
computing.
That could be quite an inquiry as the debate is still open about
how to actually define cloud computing in the first place. The
investigation should raise some concerns with the enterprise
community. Such an investigation could cover aspects of Internet
communications that have been in use for years.
How would the FTC distinguish between the rights of the consumer
and businesses that also use cloud computing services? What
regulations would drift into the enterprise sector?
Hackers yet to succeed in $250,000 encryption challenge
Hackers have yet to claim
the $250,000 prize offered by Israel-based
data
encryption firmGold Lockto anyone who can defeat
its technology.
In October 2009 the firm offered $100,000 in gold to anyone that
could provide a transcript of a cellular call that was encrypted
using one of the company's products and posted on its website.
In November, the company upped the reward to $250,000 in gold,
but the company claims that none of the thousands of would-be
hackers who have so far responded to the challenge have
succeeded. Gold Lock CEO Noam Copel is confident the prize,
which also includes a job at the company, will remain unclaimed
by the end of January when the contest expires.
operation; you'll need to roll up your Terminal sleeves for a few simple steps here. And, of course, replace the kernel of your operating system—the fundamental code that underlies everything else in Mac OS X—with a file you've downloaded from the Internet. Written by a guy whose blog is in Russian. Not that there's anything wrong with that, but I just wanted to point out the Frankenstein allegories involved here; this is "new brain" stuff.
Despite Danger, Adobe Says JavaScript Support Important
Despite the fact that the majority of malware
exploits use JavaScript to trigger an attack in Adobe's PDF Reader
product, the company says it's impossible to completely remove
JavaScript support without causing major compatibility problems.
In a Q&A with Threatpost editors Dennis Fisher and Ryan Naraine,
Adobe security chief Brad Arkin says the removal of JavaScript
support is a non-starter because it's an integral part of how users
do form submissions.
"Anytime you’re working with a PDF where you’re entering
information, JavaScript is used to do things like verify that the
date you entered is the right format. If you’re entering a phone
number for a certain country it’ll verify that you’ve got the right
number of digits. When you click “submit” on the form it’ll go to
the right place. All of this stuff has JavaScript behind the scenes
making it work and it's difficult to remove without causing
problems," Arkin explained.
Hacking the clouds: Exploiting shared physical infrastructure
Brute-force attacks target two-year hole in Yahoo! Mail
Google Apps sics crawlers on public docs and sheets




