A working group of security researchers, digital-rights activists and government prosecutors discuss whether bug hunters can find vulnerabilities in Web sites without violating laws.
SecurityFocus
Entries Tagged as 'Research'
Group: Anti-hacking laws can hobble Net security
June 15th, 2007 · No Comments
Tags: Cybercrime · Flaws and vulnerabilities · Research · SecurityFocus · Software
Zero-day sales not “fair” — to researchers
June 1st, 2007 · No Comments
A security analyst tries his hand at selling two vulnerabilities and finds that economics and time are against him.
SecurityFocus
Tags: Flaws and vulnerabilities · Government · Research · Security · SecurityFocus
Insecure plug-ins pose danger to Firefox users
May 30th, 2007 · No Comments
A security researcher warns that an insecure update mechanism for some of the open-source browser’s third-party add-ons could allow an attacker the ability to install malicious code.
SecurityFocus
Tags: Flaws and vulnerabilities · Open Source · Research · Security · SecurityFocus
Experts scramble to quash IPv6 flaw
May 9th, 2007 · No Comments
Only a few weeks after researchers raised the design issue in the next-generation Internet protocol, two drafts to the Internet Engineering Task Force propose different fixes.
SecurityFocus
Tags: Critical infrastructure · Flaws and vulnerabilities · Research · Security · SecurityFocus
A Mac gets whacked, a second survives
April 21st, 2007 · No Comments
Researchers use a previously unknown flaw in Apple’s Safari browser to compromise a MacBook Pro and win the PWN to Own contest, but does the hack actually prove anything?
SecurityFocus
UPDATE: More on the vulnerability, which is a Java flaw in QuickTime.
Tags: Consumer Tech · Flaws and vulnerabilities · Research · Security · SecurityFocus · Software
MacBooks withstand mild attacks on patch day
April 19th, 2007 · No Comments
On the same day that Apple releases an update for its Mac OS X, security professionals at a conference in Canada show little initial interest in attempting to crack the security of two MacBook Pros.
SecurityFocus
Tags: Flaws and vulnerabilities · Research · Security · SecurityFocus · Software
Attackers improve on JavaScript trickery
April 18th, 2007 · No Comments
Latest malicious software throws in more obfuscation and works harder to foil defenders’ attempts at reverse engineering.
SecurityFocus
Tags: Consumer Tech · Flaws and vulnerabilities · Research · Security · SecurityFocus
Developers warned to secure AJAX design
April 4th, 2007 · No Comments
A flaw in the way many asynchronous JavaScript and XML (AJAX) frameworks use the scripting to communicate data between a server and client allows malicious sites to hijack the conversation.
SecurityFocus
Tags: Flaws and vulnerabilities · Research · Security · SecurityFocus
Tor hack proposed to catch criminals
March 8th, 2007 · No Comments
A security researcher unveils a project that aims to identify sources on the pro-privacy network, but does the initiative help track down criminals or just hurt legitimate users?
SecurityFocus
Tags: Flaws and vulnerabilities · Privacy · Research · Security · SecurityFocus
Stormy weather for malware defenses
March 5th, 2007 · No Comments
The misnamed Storm Worm, actually a Trojan horse, underscores the difficulties that evolving tactics pose for defenders. The second article in a two-part series.
SecurityFocus
Tags: Consumer Tech · Research · Security · SecurityFocus · Viruses and worms