Open-Source Security Flaw Exposes Millions

Security experts warn about vulnerable computer systems

(NEWSER) - A prison warden's worst nightmare came true a few years ago: A freak power surge opened every death row inmate's door at the same time. All ended well, but a security engineer recounts the anecdote to the Huffington Post to highlight a scary vulnerability of modern prisons controlled by computers: the potential for cyber jailbreaks, either by accident or through the work of hackers. Researchers demonstrated how easy it can be at the recent Internet security conference in Vegas. More»

Simple precautions can keep info out of scammers' hands

(NEWSER) - Phishing scams are becoming a lot more sophisticated. Unwary Internet users can easily end up with their bank account and credit card details in the hands of crooks. CNET lists the best ways to avoid becoming a victim:

• Change passwords regularly. Experts recommend that passwords be changed every three months or so, and warn against using the same password for multiple sites.
• Click with caution. Any apparently legitimate email asking you to click a link to another site—especially if it mentions updating security information—could be from a rogue site. It's safer just to type in the URL yourself.

Software scatters encryption keys among temporary BitTorrent nodes

(NEWSER) - Email is inherently insecure, because it has a long shelf-life—even deleted messages can be stored infinitely on the email service of the sender or recipient. Now a team of scientists is poised to unveil software later this month to make them disappear for keeps, reports the Economist. “Vanish” uses the ephemeral nature of P2P networks to render messages unreadable after a set amount of time. Essentially, they self-destruct. More»

Twitter break-in shows how vulnerable weak passwords are, writes blogger for Slate

(NEWSER) - The recent hacking debacle at Twitter proved how vulnerable the company was, writes Farhad Manjoo for Slate. All of its internal communication was held in email accounts protected only by insecure passwords. And chances are your password security is also terrible—a familiar word, like your favorite album, with a 1 or ! at the end or beginning as a requisite symbol or numeral. More»

(NEWSER) - Major defense contractors are already staffed with "hacker soldiers" who can help them earn billions of dollars in Washington's new cyberwar, the New York Times reports. Cranking rock tunes and piling up pop cans, engineers hack away at companies like Raytheon, working for the Pentagon or protecting internal documents. Now, with President Obama seeking a new cyberwar command, the rush for government contracts is on. More»