Time to Squish SQL Injection
Heartland Payment Systems and Hannaford Bros. both fell prey to botnets wielding SQL injection flaws. Corporate IT managers need to place a priority on fixing Web site vulnerabilities, argues Gunter Ollmann, vice president of research for Damballa.
Lazy Workers May Be Deemed Hackers
"Exceeding authorization" rules could turn employees who sneak in personal Web surfing into their free time from layabouts to hackers, argues attorney and SecurityFocus contributor Mark Rasch.
The Scale of Security
Companies looking to secure their systems have a problem from the get-go: People have difficulty understanding the scale of computer-security issues, SecurityFocus contributor Adam O'Donnell argues.
Hacker-Tool Law Still Does Little
In 2007, Germany passed a law that could be interpreted to make the creation or distribution of computer security software a criminal offense. Two years out, the German law has been effectively used to scare legitimate security researchers, but little else, says SecurityFocus contributor Mark Rasch.
A Botnet by Any Other Name
To better fight against botnets, we first need to give them meaningful names, argues guest contributor Gunter Ollmann, vice president of research for security firm Damballa.
Projecting Borders into Cyberspace
The United States and other nations need a better way to attribute online attacks. SecurityFocus contributor Jeffrey Carr argues that cyberspace, like airspace or territorial waters, should be divvied up and controlled by nations.
Celebrity Viruses Improve Security
Conficker and Katie Couric's colon — both media sensations have had net positive effects, leading SecurityFocus contributor Adam O'Donnell to argue that the occasional overhyped security threat is good for the hygiene of the Internet.
Good Obfuscation, Bad Code
As malicious coders become better at hiding what their software is doing, the best way to be sure that computers are only running good software is to make obfuscation bad, argues SecurityFocus contributor Chris Wysopal.
Facebook, Privacy and Contracts
The social networking site Facebook made a minor change to its terms of service, setting off a firestorm, with customers worrying that the company was laying claim to everything they had posted. Attorney and SecurityFocus contributor Mark Rasch warns that service terms and contracts are only getting more draconian.
Act Locally, Pwn Globally
Billions of dollars lost each year to cybercrime, but there isn't universal agreement as to what steps are necessary to fix the problem. It's time to act globally, argues cyber intelligence expert and SecurityFocus contributor Jeff Carr.