Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] ATMs Infected by Microsoft Windows, Pwn2Own OWNZ Non-Free Software

Hash: SHA1

Windows Trojan on Diebold ATMs

,----[ Quote ]
| Vanja Svacjer, a virus expert for Sophos, has reported his latest find in a 
| blog entry: a Trojan that spies on PINs. The difference is that this example 
| specialises in cash dispensers made by Diebold, which run Windows.  


Pwn2Own 2009: Safari, IE 8 and Firefox exploited

,----[ Quote ]
| Safari was the first to fall this week at the Pwn2Own 2009 security 
| competition held at the CanSecWest conference in Vancouver, Canada. The 
| competition, sponsored by TippingPoint Technologies, awards a prize for each 
| vulnerability found on various mobile phone platforms and internet browsers. 
| Participants were invited to attack Internet Explorer 8, Firefox and Google 
| Chrome on Windows 7 and Safari and Firefox on Mac OS X, each of which was 
| fully patched.      


Nothing on GNU/Linux. Blobs. Mostly blobs on other blobs.


PINs stolen from Citibank ATMs

,----[ Quote ]
| The alleged thieves made off with about $2 million between October 2007 until
| March of this year. Officials believe they remotely broke into the back-end
| computers that approve cash withdrawals and grabbed the PINs as they were
| being transmitted from the ATMs to the transaction processing computers,
| which increasingly use Windows, the report says.


Study Says Linux More Secure

,----[ Quote ]
| More than 70 percent people surveyed said they found Red Hat Linux less
| vulnerable to security issues than Microsoft's operating system.


Study: 70 percent say Red Hat more secure than Windows


Open source, proprietary codes include similar mistakes

,----[ Quote ]
| The company said its initial two-year DHS contract is ending, and Coverity
| will continue to operate the Scan site because of the favorable response the
| project has received from software developers and others in the open-source
| community.


Coverity's open source code audit efforts are funded by the US government

,----[ Quote ]
| Coverity famously helps open source projects audit their code and eliminate
| security holes and other bugs, and earns its corporate income by selling
| software that does the same thing to proprietary software companies. Few seem
| to realize, though, that Coverity started doing free open source code audits
| because it got a grant from the US Department of Homeland Security.
| Coverity's David Maxwell explains.


Coverity to Regularly Scan Security and Quality of 250 Open Source Projects

,----[ Quote ]
| This is the first time that Coverity is focusing on improving the
| quality of end-user professional applications such as the open
| source Blender 3d suite used to create computer animation in
| movies. Other projects to be analyzed include the GNU Image
| Manipulation Program (GIMP), an open source photo retouching
| package, and Inkscape, a vector graphics program. The new
| expansion is in response to the spread of open source software
| into all areas of the world economy, including the multi-billion
| dollar industry around professional graphics software.


Most open source software is better

,----[ Quote ]
| The story is that Coverity ran 50 open source projects through
| its bug-checking system, as well as products from 100 proprietary
| makers.
| "On average, open-source software is of higher quality than
| proprietary software," Chelf wrote. But 11 of the 15 top-rated
| programs were proprietary.
| Sounds fair enough. Most open source projects are newer than the
| proprietary products they seek to displace. Chelf said one unnamed
| proprietary product in aerospace had one-fifth the number of bugs as
| any open source product out there.
| But here's the thing. He can't say which one. The data is proprietary.
| So, in fact, is the data on all proprietary products. There is just now
| ay to know how buggy (or non-buggy) proprietary products might be. But
| you can know how buggy the open source projects are, because Coverity
| published those results on the Web.
| So which side should you trust? Should you trust code that might
| really be best in class, or might be garbage? Or should you trust
| code that you can see, and whose performance in bug tests you
| can measure?
| Your choice.


Bots rule in cyberspace

,----[ Quote ]
| USA TODAY REPORTS that on an average day, 40 per cent of the 800 million
| computers connected to the Internet are bots used to send out spam, viruses
| and to mine for sensitive personal data.  

Version: GnuPG v1.4.9 (GNU/Linux)


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index