Security

Internet security gurus and leading vendors are urging the US federal government to rapidly deploy security and authentication mechanisms at the top level of the DNS hierarchy, which is known as the root zone.

The Internet engineering community is grappling with what to do about a serious flaw in the DNS discovered mid-year, and the ongoing debate brings to mind a famous quotation from Voltaire: "The perfect is the enemy of the good."

Mozilla on Wednesday patched 11 vulnerabilities in Firefox 3.0 -- and 12 bugs in the older Firefox 2.0 -- that could be used to compromise computers and steal information.

Despite industry efforts to lock down DNS servers, one in four remain vulnerable to cache poisoning due to the well-documented Kaminsky flaw identified earlier this year and another 40 percent could be considered a danger to themselves and others, recent research shows.

Looming attacks will soon pop the security bubble enjoyed by Linux and Macintosh users, according to Russian security expert Eugene Kaspersky.

CAPTCHA used to be an easy and useful way for Web administrators to authenticate users. Now it's an easy and useful way for malware authors and spammers to do their dirty work.

Fedora 9, released last month, included the first release of FreeIPA, a new free/open source project that comes out of Red Hat with the goal of becoming a complete and integrated security information management solution. In this article we take a look at exactly what FreeIPA is, both what it can do now and what its developers hope it will be capable of in the future. It seems destined to become a key feature of Red Hat Enterprise Linux 6, and with Fedora 9 released and FreeIPA tightly integrated, now seems to be the perfect time to explore this new technology.

SQL injection experiences.

This slideshow complements the interview with James Fallows, who has experienced "The Great Firewall of China" firsthand. What follows is a list of the differences between the Internet, as seen in the US vs. China.

Ah, youth. Ready to take on the world, today's generation of dynamic, tech-immersed youngsters have grown up alongside the Internet. Firsthand, and sometimes single-handedly, they have advanced some of today's hottest technology trends, from peer-to-peer networking, to massively multiplayer online games, to social networks and instant messaging. And along the way, a small, sociopathic number of them have behaved very, very badly.

VeriSign is in many ways synonymous with managing the Web, thanks to its handling of key DNS root servers and of name resolution for .com, .net, and other domains. In recent years, it's had both strong ups and strong downs.

James Fallows, national correspondent for US publication The Atlantic Monthly, has experienced "The Great Firewall of China" firsthand, an experience people from around the world will share this summer when the Olympics comes to that country. Based in Beijing, Fallows has researched the underlying technology that the Chinese use for Internet censorship, and he explained it in a recent article titled "The Connection Has Been Reset." We e-mailed Fallows questions about how the Chinese government controls Internet content available to its citizens, and here's what he had to say (Check out our slideshow on the 10 ways the Chinese Internet is different from yours).

Ever more computers are carrying ever more confidential data -- trade secrets, personal information of clients and constituents, and national security information. Encrypted hard disks requiring hardware keys or passwords are supposedly the way to keep that information safe.

Jonathan Oxer is technical director of a Web application development company called Internet Vision Technologies and for the past couple of years has been president of the Linux Australia community group. At January's Linux.conf.au in Melbourne he presented a tutorial entitled Hardware / Software Hacking: Joining Second Life to the Real World. Computerworld recently spoke to Oxer about how he is knocking down the boundaries between the real and virtual world. Oxer also sheds light on his how his lifetime obsession with electronics has transformed his home-life into a software controlled environment.

Window Snyder has the somewhat offbeat title of "chief security something-or-other" at Mozilla, where she is responsible for overseeing efforts to boost the security of the company's open-source offerings, including the Firefox browser.

What if I was to tell you that I have a secret that could end the Internet as you know it? What if I was only going to tell you at a fee-based conference once speculation had gone on for a month or more? How would you respond to that?

Reports of data losses and system breaches are almost becoming passe but from time to time events happen that take on a life of their own and have effects far beyond what the initial breach would normally represent.

Version 3.0 of BackTrack has been released. BackTrack is a Linux-based distribution dedicated to penetration testing or hacking (depending on how you look at it). It contains more than 300 of the world's most popular open source or freely distributable hacking tools.

If you are running a Debian-based Linux system and haven't already caught up with the announcement [1] that there was a major flaw with the generation of SSH, OpenVPN, DNSSEC, SSL/TLS session keys and X.509 certificate key material, you might want to update your system to address the problem.

I have this nosy but absent-minded Uncle. He likes to paw through my emails, peruse my web history, and tap my phones. But when it comes to protecting his own, more important secrets, he's mostly clueless.