Robert Lemos

…articles and musings of a technology and science journalist

Robert Lemos header image 4

Entries from April 2006

Ethics and the Eric McCarty case

April 26th, 2006 · No Comments

I have written an article that appears on SecurityFocus today. Because both I and SecurityFocus have been mentioned in the FBI’s affidavit outlining the charge of computer intrusion against Eric McCarty, further publishing articles on the topic poses legal and ethical questions.

[Read more →]

Tags: Blog · Security

Breach case could curtail Web flaw finders

April 26th, 2006 · No Comments

Security researchers and legal experts voice concern over the prosecution of an information-technology professional for computer intrusion after he allegedly breached a university’s online application system while researching a flaw without the school’s permission.
SecurityFocus

[Read more →]

Tags: Cybercrime · Research · Security · SecurityFocus

Man charged with accessing USC student data

April 21st, 2006 · No Comments

Federal prosecutors charged a San Diego-based computer expert on Thursday with breaching the security of a database server at the University of Southern California last June and accessing confidential student data.

A statement from the U.S. Attorney for the Central District of California names 25-year-old Eric McCarty as the person who contacted SecurityFocus last June with news of a flaw in the Web server and database system used to accept online applications from prospective students. SecurityFocus notified the University of Southern California of the vulnerability and worked with the university to close the flaw before publishing an article about the issue.

[Read more →]

Tags: Cybercrime · Research · Security · SecurityFocus

E-mail authentication gaining steam

April 20th, 2006 · No Comments

A host of software companies, security firms and Internet service providers meet in Chicago to urge corporations and bulk e-mail senders to adopt authentication technologies.
SecurityFocus

[Read more →]

Tags: Consumer Tech · Critical infrastructure · Research · Security · SecurityFocus

COLUMN: Password Policies

April 19th, 2006 · No Comments

Passwords are quickly becoming passé. For years, security experts have warned that our reliance on passwords leaves valuable data unprotected. … But switching to a more secure way of doing business will require time, and until then, users are left with password security.
PC Magazine

[Read more →]

Tags: Column · Consumer Tech · PC Magazine · Privacy · Security

Browsers feel the fuzz

April 12th, 2006 · No Comments

Security researchers are starting to aim network fuzzers away from servers and toward browsers, finding that dozens of flaws have been missed.
SecurityFocus

[Read more →]

Tags: Consumer Tech · Open Source · Research · Security · SecurityFocus

COLUMN: This Man Has a Virus

April 5th, 2006 · No Comments

If a respectable-looking person handing out sample CDs on the street offered you one, would you take it home and run it? If he handed it to you on your commute to the office, would you run it at work? If someone called and said she was with IT and needed your computer’s password, would [...]

[Read more →]

Tags: Column · Consumer Tech · PC Magazine · Security · Viruses and worms

Groups argue over merits of flaw bounties

April 5th, 2006 · No Comments

Vulnerability researchers like getting paid for their research, but software companies criticize the programs. Do vulnerability-purchasing initiatives make sense?
SecurityFocus

[Read more →]

Tags: Open Source · Research · Security · SecurityFocus