SecurityRatty: tag: scheme

Eleven charged in massive ID theft scheme

2008-08-05 00:00:00 by Grant Gross in Network World on Security

Eleven people have been charged or indicted in a massive identity theft and computer fraud scheme involving some of the largest data breaches in recent U.S. history, the U.S. Department of Justice announced Tuesday

Tags: computer fraud scheme, massive identity theft, data breaches, department, history, tuesday, people, justice, recent

Hardened stateless session cookies

2008-05-16 12:40:30 by Steven J. Murdoch in Light Blue Touchpaper

...scheme. This is generally a bad idea, since its hard even for experts to get these right. Instead, whenever possible, a well-studied proposal should be chosen. It is for this reason that I suggested the phpass library for password hashing, and the Fu et al. stateless session cookie proposal These choices would be a substantial improvement on...

Tags: scheme, cookie generation scheme, cookie, cookie authentication schemes, cookies, stateless session cookies, fake cookie, cookie authentication key, authentication database

Missing memory stick turns up five months later

2008-01-23 16:44:36 by Evan Francen in The Breach Blog

...scheme providing eye tests for more than 10,000 people across Greater Manchester The data stick contains encryption software but this had not been activated, meaning anyone could access the information It is understood that the information on the memory stick relates to patients of Specsavers at 17 The Birtles in Wythenshawe Health bosses...

Tags: information security, information, information security assessments, memory stick, security, specsaver diabetic patients, patients, computer memory stick, manchester patients

Some Massachusetts seniors are at risk

2007-12-04 16:17:26 by Evan Francen in The Breach Blog

...scheme. It is not yet clear how the thief obtained the information Reference URL PC World Story Information World Story The Boston Herald Story Report Credit Associated Press via The Boston Herald Response From the sources cited above Thousands of senior citizens are being warned about a computer security breach involving the states...

Tags: breach, computer security breach, breach description, prescription advantage, security breach, prescription advantage program, data-breach laws, lone identity thief, thief

Yahoos Browser-Based Authentication service

2006-09-29 20:52:58 by Liudvikas Bukys in Liudvikas Bukys

Yahoos release of open access to its BBAuth authentication service (see also here and here ) is a big step forward. Its just the thing for many simple applications. Its not as good as a user-controlled cross-provider identity scheme, but the emergence of a few real high-volume competing web services will help drive us there

Tags: cross-provider identity scheme, bbauth authentication service, real high-volume, step forward, yahoos release, simple applications, web services, emergence, access

Protect your data: everything else is just plumbing

2007-07-02 20:46:32 by Steve Riley in Steve Riley on Security

...scheme I discovered recently. Its simple and elegantwhich means its something you can actually use First, think about confidentiality classifications. These are important because they help guide your response in case of a breach. Four classifications should be sufficient: public, internal, confidential, and private Next, consider retention...

Tags: data security, comrms data security, data, security, confidential information, information, information security, temporary data, data vanishes

What Does SHA1 is Broken Mean?

2007-12-12 07:35:00 by Eric Marvets in The Security Samurai

...scheme, instead of storing a users password (x) we instead store a hash of the password (f(x)). Later when the user wants to login, he again supplies a password which we hash and compare against our stored value Its also useful for ensuring the integrity of data. When a message is sent over an unsecured channel, a hash of the message can...

Tags: sha1, choose sha1, sha1 protects, hash data, data, sha1 drops, hash function, hash, function

Network Solutions Frontrunning And Tasting, Version 1.1

2008-01-09 22:21:14 by Editor in Cheap Hack

...scheme . Under this new feature, about which I wrote extensively earlier today, they registered any available domain name you search for using their facilities. They did this purportedly to protect you from frontrunners and domain tasters, but of course the practice is, itself, a form of frontrunning and domain tasting. A statement was sent...

Tags: network solutions, domain names resolve, names, network solutions grab, protection, customer protection measure, resolve, domain, home page

Open source security bugs uncovered

2008-01-09 00:00:00 by HASH0x8470c4c in Network World on Security

A U.S. Department of Homeland Security (DHS) bug-fixing scheme has uncovered an average of one security glitch per 1,000 lines of code in 180 widely used open source software projects

Tags: source software projects, homeland security, security glitch, department, widely, lines, scheme, average, dhs

Colombian man pleads guilty to computer fraud

2008-01-10 00:00:00 by Grant Gross in Network World on Security

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo