Larry Loeb

As was to be expected once the software got out of the lab, OS X for Intel has been hacked to make it run on generic Intel platforms, not just the Apple-approved Developer Transition Kit machines. This is, at this stage, less of an event than it appears at first blush. Getting around the TPM […]

I guess we should be careful what we wish for. After musing yesterday how close Zotob was to a ZeroDay event (in the wild with no patch available), it seems we have a real ZD exploit out today. It needs Microsoft Internet Explorer and MSDDS.DLL (a component installed by Visual Studio .net and other apps) […]

It may be just schadenfreude, but nothing makes me chuckle more than seeing media outlets get nailed by Windows malware. The sense of barely suppressed outrage that CNN talent exhibited on air over the fact that their systems were attacked by Zotob (and the variants) was a hoot. (ABC and The New York Times were […]

Power to the People The energy bill signed into law last week by President Bush has some large security implications for power companies. The feds will be able, according to the law, to enforce some new (and more stringent) security standards developed by NERC (the North American Electric Reliability Council) based in Princeton, N.J. NERC […]

Cisco, those folks that make professional-style routers so beloved by Internet types, beat up a fellow trying to share some research (done while he was employed by Internet Security Systems) at the recent Black Hat security conference in Las Vegas. Cisco filed a request on July 27 for a temporary restraining order in the U.S. […]

How a computer interfaces with the outside world is always a defining characteristic. One of the main differences between early PCs and early Macs was that the PC had two serial ports called COM1 and COM2 and a parallel port for the printer, while the Mac had a 9pin serial port for the printer and […]

Winamp Bug Could Bring Buffer Overflow In a grim reminder of force of the Pod, Winamp was found this week to have a problem handling IDv2 MP3 tags. It seems that if an overlong string was inserted into the album name, for example, a buffer overflow could occur that would allow the execution of the […]

Poor old CardSystems Solutions got thwacked in the head with a major trout this week by Visa and American Express. Both companies said that they would no longer do business with the ACH (automated clearing house). MasterCard has given CSS until the end of August to demonstrate compliance with MCs standards or face the same […]

If the latest boatload of patches from Redmond and San Jose werent enough for you (as well as anything important that had to run no matter what, patches be damned) this week, there was enough other stuff happening for other vendors to make things interesting. If you have Ciscos CallManager, ONS 15216 OADM and Security […]

You almost have to pity Microsoft sometimes. While it sells the most popular computer OS, it is also one of the worst designed ones. Moreover, they have made the business decision to keep the very features that make it a security nightmare in the name of backward compatibility. As a result, they have to keep […]