Just EnCase It's Not a Search
The U.S. government attempts to exclude a scan of a computer's file system from the definition of a search. They failed, but the issue will rise again, argues attorney and SecurityFocus contributor Mark Rasch.
Microsoft's Stance on Piracy Affects Us All
Operating-system piracy hurts Microsoft's bottom line, but in its fight against software pirates, the company maybe hurting the rest of the Internet to help itself.
Clicking to the Past
Clickjacking may be new, but attacks on the user interface are not. Security professional Chris Wysopal argues that browsers will have to be more restrictive to defend against this type of attack.
The Vice of Vice Presidential E-Mail
The recent investigation of the "hack" into U.S. vice presidential candidate Sarah Palins Yahoo e-mail account demonstrates that the law is not a clearly defined thing.
Blaming the Good Samaritan
A student at Carleton University faces charges for finding flaws in the school's e-mail system. In a guest column this week, Auburn University Professor Houston Carr argues that intentions should count when dealing with a network intruder.
The Boston Trio and the MBTA
Three MIT students found themselves under legal attack last month for exposing flaws in the Boston subway system. Despite the attempt to silence the trio, the law continue to support vulnerability disclosure, says SecurityFocus contributor and attorney Mark Rasch.
From Physics to Security
Contributor Federico Biancuzzi chatted up Wietse Venema, the co-creator of the Security Administrator Tool for Analyzing Networks, to talk about the current state of security, anti-spam technology and how to reduce the number of vulnerabilities in software.
Get Off My Cloud
A recent decision by a federal appeals court in Cincinnati leaves U.S. citizens up in the air, if they hoped that nebulous privacy rules would apply to cloud-computing services.
An Astonishing Collaboration
On Tuesday, software developers and network-hardware providers released a patch for a significant flaw in the domain-name service (DNS) system. The researcher who found the bug, Dan Kaminsky, talks about the issue and the history of DNS problems in the column, reprinted with permission from his site.
Despite advances in secure-coding practice, most developers continue to let serious security bugs slip into their programs. SecurityFocus contributor Don Parker argues that until customers hold their software providers responsible, bad code will keep coming.