Stories by: Carl Jongsma

What if I was to tell you that I have a secret that could end the Internet as you know it? What if I was only going to tell you at a fee-based conference once speculation had gone on for a month or more? How would you respond to that?

Something that might have gone unnoticed from Google this week is the patching of a serious vulnerability that previously allowed an attacker to exploit a weakness in Google's Single Sign-On service used with Google Apps to take over a victim's Google account.

Reports of data losses and system breaches are almost becoming passe but from time to time events happen that take on a life of their own and have effects far beyond what the initial breach would normally represent.

Unless you're a dyed in the wool cryptographic geek you probably didn't know that there was a Crypto conference, or even a chain of worldwide crypto conferences that take place each year. Fortunately, for the most of us that aren't crypto geeks there are a handful of very highly skilled people who are; they can take the highly theoretical and complex mathematical proofs and arguments that make up most of modern cryptographic and cryptanalytic research and put it into plain language.

For a technology that has been in stable release since May 22, 2000, PHP 4 has finally reached the end of its official life. With the release of PHP 4.4.9, official support has ended and the final security patch for the platform issued.

Hurricane Katrina proved a fertile ground for fraudsters to scam money off those willing to help the needy. Now the China earthquake has bred a new variant of the morally reprehensible, with donated funds being siphoned off one charity site.

If you are running a Debian-based Linux system and haven't already caught up with the announcement [1] that there was a major flaw with the generation of SSH, OpenVPN, DNSSEC, SSL/TLS session keys and X.509 certificate key material, you might want to update your system to address the problem.