Christmas Shopping: Vista Over XP?
Microsoft has announced Vista's release dates. From a security standpoint what choice should consumers take during this Christmas shopping season? Most will be faced with Windows XP only or Windows XP with Microsoft's Express Upgrade option to Vista. Federico Biancuzzi interviewed a wide range of security researchers and anti-virus folks to get some consensus on the security of Vista over Windows XP for consumers, with some advice for corporate users as well.
A Hard Lesson in Privacy
Scott Granneman looks at a hard lesson in personal privacy and security through the lens of a very public and well-known female television show host in Europe.
Vista's EULA Product Activation Worries
Mark Rasch looks at the license agreement for Windows Vista and how its product activation component, which can disable operation of the computer, may be like walking on thin ice.
FreeBSD Security Event Auditing
The upcoming release of FreeBSD 6.2 includes the new Security Event Auditing system, that "permits the selective and fine-grained logging of security-relevant system events for the purposes of post-mortem analysis, intrusion detection, and run-time monitoring analysis." Federico Biancuzzi interviewed Robert Watson, founder of the TrustedBSD project, and discussed the advantages and potentialities it brings.
Employee Privacy, Employer Policy
Surprises Inside Microsoft Vista's EULA
Scott Granneman takes a look at some big surprises in Microsoft's Vista EULA that limit what security professionals and others can do with the forthcoming operating system.
Viruses, Phishing, and Trojans For Profit
Following the 2006 International Virus Bulletin Conference, Kelly Martin takes a look at the profit motives of the cyber criminals behind modern viruses, targeted trojans, phishing scams and botnet attacks that are stealing millions from organizations and individuals.
ModSecurity 2.0 with Ivan Ristic
ModSecurity is an open source web application firewall that runs as an Apache module, and version 2.0 offers many new features and improvements. Federico Biancuzzi interviewed Ivan Ristic to discuss the new logging system, events tracking and correlation, filtering AJAX or AFLAX applications, and just-in-time patching for closed source applications.
Liar, Liar, and Pretexting
Mark Rasch details the legality of pretexting by putting it in context with how it used, comparing it with legal forms of lying, and by looking at previous court cases involving pretexting in the United States. Hewlett Packard's use of pretexting also brings up potential charges of criminal fraud, violations of consumer protection laws, issues of deception, and the use of spyware. Together these issues make for a very interesting legal situation at HP.
A Question of Ethics
Ethics are of incredible importance in the security field. Scott Granneman looks at recent examples of poor security decisions made at HP, Diebold, Sony, and Microsoft.