ENISA examines ways to improve internet security - Telecom Paper (subscription)
Oracle WebLogic Server Apache Connector Remote Code Execution
Oracle WebLogic Server (formerly known as BEA WebLogic Server) is vulnerable to a buffer overflow, which would cause a denial of service and potentially remote code execution.
Linkification v3
Here we go again:iPhone / Apple:
Orange says Polish iPhone 3G customers weren't paid actors
Apple acknowledges iPhone passcode flaw, promises fix next month
Top 5 iPhone buzzkills
Apple's Next iPhone Killer App: Interactive Albums With Lyrics, Photos
Mobile / Gadgets:
Google talks Android Market app store
3 Mobile Web Apps that keep old Pocket PCs relevant
Presenting the winners of the Android developer challenge
How to Set Up a Laptop Security System
24 Killer Portable Apps For Your USB Flash Drive
Live Mesh Windows Mobile client teased
General:
Mythbusters RFID hacking episode canned by credit card company lawyers - watch the video.
Adam Savage's RFID implant activates, orders him to change his story - saw that coming.
Ginormous robot spider invades Liverpool, England
Japanese firms to partially propel cargo ship via solar panels
Microsoft to launch “Skymarket” applications marketplace for Windows Mobile 7 - anyone else see a pattern emerging here?
Desktop Wallpaper Calendar: September 2008
88% of IT Admins Would Steal Passwords If Laid Off
Google Analytics Advanced Tips and Tricks
5 Apps For Painless Windows Reformats
Getting Wireless To Work On A Laptop Running Windows Server 2008 As Its Operating System
Fix for Windows Vista forgetting folder view settings - Freakin' yes!
Keep Vista from Changing Folder View
NASA Preparing to Service Hubble for the Last Time, In Glorious Pictures
Stunning Desert Canyon Flight Scares the Underpants Off Me
More mobile - Xero adds support for Blackberry and Windows Mobile.
Stephen Fry wishes GNU a happy birthday - he also has a great podcast (or Pod-gram as he calls them).
The Deadly Aftermath of a Rocket Explosion Seconds After Launch - incredible video of what happens when launching a satelite goes wrong.
Coding / Development:
Hug a developer today - great video.
20 Websites To Help You Learn and Master CSS
Protecting Your Cookies: HttpOnly
Free New Zealand web cartography tools for educational and non-commercial purposes
Roll your own 404s with Error Page Generator
NZ Teched 2008:
Microsoft Tech Ed New Zealand 2008 keynote now available in video streaming
TechEd 2008 Summary
Darryl Burling's TechEd 2008 Summary
The unofficial TechEd blog
FAIL:
This weeks FAIL comes via a Twitter from @freitasm this morning. Parking Lot FAIL.
Is Fleet Management an invasion of employee privacy?
An interesting story originating from the Sydney Morning Herald last week, and doing the rounds in New Zealand, says that ‘Privacy Experts’ and Unions are saying that vehicle tracking systems used by companies are an invasion of staff privacy.
It goes on to talk about a former Telstra employee who committed suicide shortly after having a vehicle tracking system attached to his company vehicle. The employee was being treated for depression and the story infers that his suicide was in part a consequence of Fleet Management equipment being installed in his vehicle.
Over the last decade I have been in various ways involved with Vehicle and Personal Tracking technology and only once have I come accross a company that wanted it to be able to check up on the honesty of their staff.
There is no question that some companies have found a sudden increase in profitability and decrease in vehicle costs since they put FM systems in place, but monitoring staff integrity was not the reason the system went in. This particular company wanted to know which vehicles were close to clients that needed urgent service so that they could allocate the nearest vehicle to provide a quality reponsive service.
A few years ago I met the CEO of a rapid response plumbing firm. They guaranteed a minimum response time for people who needed a plumber in an emergancy. He was able to manage this as a consequence of using Navman Wireless technology to locate the nearest vehicle to the job.
They also wanted to compare time based service contracts to the actual time the vehicle was parked at the client site. They wanted to know if they had under or overquoted because there was sometimes a gap between the sales person’s enthusiasm to win a contract and the reality of the job being done.
What did happen was that a number of staff people whom they had suspected of taking liberties with the vehicle on the job and after hours, left the company within a month or so of their own volition. They were under no pressure, in fact their employer said to them "We don't care what happened in the past, this is not a big brother situation, however we do expect a fair day's work for a fair day's pay". In fact the CIO of this company absolutely hates and deplores the concept of big brother and would fight tooth and nail to stop the system being used to monitor the staff to see if they were skyving off. It was never about that. They did know that a couple of the people were abusing their employer's trust, but nothing was ever said to them about it and basically what happened was that those people knew they couldn't continue in the way they were used to and resigned.
I am against (and it may well be illegal) tracking people and their vehicles without their knowledge. The only people able to do that should be the Police and even then, only with a legal warrant produced through the courts.
On the other hand there are many potential benefits. In the courier and freight industry, Fleet Management means that people can easily apply track and trace to good being picked up and delivered without needing additional staff to place calls to drivers.
In the security industry it means that security guards on patrol can confirm the safety and location of their staff and also provide clear evidence to clients that their premises have been visited when they said they were. It can also mean that these people can be backed up in an emergancy. This technology is used internationally to track and protect the safety of VIP’s such as politicians in government vehicles.
Another area that is becoming popular is using this technology to keep track of a personal vehicle’s location. For example, when Dad lends the car to his son or daughter who is just popping down to the shops or a mate’s place, who could be boy racers. There have been a number of occassions where a stolen vehicle has been recovered with the thief still inside, such as the case earlier this year. Sometimes a car is irreplacable such as a classic, or sports car. Insurance money can’t always allow someone to recover the time spent in restoring or bulding a vehicle. This technology can also be used to secure trailer water craft and motorcycles which are often easy targets for criminals.
Another area which is becoming very popular and which I have written about a number of times before is tracking elderly people. With the Baby Boomers living longer and being more mobile, there is a growing population of elderly people, some of whom are sprightly of mind, but less of body and at risk of breaking hips or other body parts, while others are sound in body but suffering onset of Alzheimers Disease or other forms of dementia and likely to wander off and not remember where they live. Whether it is the Retirement Village or Rest Home, or their children, this common problem becomes much easier to manage if you can send a text message to the device they are carrying and receive one back with the nearest street address to their current location.
TelstraClear + DMZGlobal + "AKILL" = this?
Strange things happen when security is concerned, and this I think is some strange way to market some DMZGlobal security and management products:
I think it just publicises this (and him) more - he got enough attention in the media a few months ago!
SQL DB? No firewall? Weak admin password? That is a trojan coming your way alright
According to the Symantec Security Response Blog, a new trojan called Trojan.Eskiuel is going around infiltrating SQL servers and causing havoc:
This time we have found a new SQL threat: Trojan.Eskiuel. The main functionality of this threat is to scan the Internet to find machines with poorly configured SQL servers (i.e. with weak or non-existing passwords), gain access to them, and use their stored procedures in order to download new malware from a remote host.
Check your servers...
A new push for desktop Linux
The GNU/Linux desktop can deliver a very mixed experience to the user: On one hand, you have very functional desktop environments, such as GNOME or KDE, with state-of-the-art features, capabilities, graphical effects, eye-candy and wizbang-ery (Compi... (more in the full post)
The ACTA submissions to the New Zealand MED
The Ministry of Economic Development has made public the submissions received in response to the ACTA.
You find the submissions in HTML here or PDF here.
Which groups submitted comments?
NZFACT: New Zealand Federation Against Copyright Theft, Distilled Spirits Association of New Zealand (DSANZ), New Zealand Retailers Association, InternetNZ, Google Australia Pty Ltd, New Zealand Institute of Patent Attorneys Inc., Trade Me, Cosmetic Toiletry and Fragrance Association of New Zealand Inc. (CTFA), Recording Industry Association of New Zealand (RIANZ), and New Zealand Open Source Society.
Worth a read.
Symantec and Lenovo to Offer Norton Internet Security to IdeaPad ... - PR-USA.net (press release)
No comments:
Post a Comment