Hacking and Anonymous surfing

A European proposal to introduce mandatory blocking of child abuse websites poses a threat to the openness of the Internet, according to Ed Black, president of the Computer & Communications Industry Association (CCIA).

Black is so far the only person from the IT industry willing to speak out on the issue. Companies including Google, Microsoft, Yahoo and the Spanish telecommunications operator Telefónica, as well as other trade groups representing the interests of the IT industry, either declined to comment, failed to respond to questions or said they are still analyzing the draft law.

Meanwhile, the European Commission which drafted the proposal is paying a group of child protection groups from around Europe €300,000 to lobby in favor of the proposed law. And key politicians in the European Parliament are already lined up firmly in favor of the plan.

Financially troubled Novell, which recently rejected a $2 billion takeover bid by a New York-based hedge fund but apparently is still listening to buyout offers at the right stock price, had some better news April 29.

The IT networking and middleware provider has struck a deal with telecom giant Verizon to provide on-demand cloud-based secure-access services for its upcoming SaaS [software as a service] application offerings.

Verizon is jumping headlong into the cloud services business. On March 31, the company introduced a new cloud service and software offering in a partnership with IBM that will make existing “industrial-strength” Verizon data storage services more accessible for data centers.

The jury deciding the fate of the man accused of breaching Sarah Palin’s Yahoo Mail account has reached a verdict on three of the charges filed against him but can’t come to a decision about the fourth, according to news reports.

In a note to US District Judge Thomas W. Phillips, jurors wrote: “Some of us feel not all jurors are following the jury instruction,” according to The Knoxville News. They also said they were deadlocked on the charge of identity theft.

The communication came of the third day of deliberations in the trial of David C. Kernell, who was charged with four felonies for using publicly available information to access Palin’s email without permission. During closing arguments in the case, Kernell’s attorney said there was no criminal intent in the act. Prosecutors argue the 2008 breach was part of a plot to disrupt Palin’s campaign to become the next vice president of the United States.

Web application security is an area of IT security that deals primarily with the security of applications – are we vulnerable to SQL injection, cross-site scripting, XSRF, session fixation and a smorgasbord of other nasty Open Web Application Security Project (OWASP) stuff that can be unleashed over port 80 or 443, writes Mike Wiltshire (CISSP), head of services and application security at SureCloud.

Also, is the web server properly secured, and are there any other services on that host that could compromise our application? Finally, a good application security test should also validate that business logic cannot be circumvented by an attacker. We are told most internet-based attacks now occur via these two ports at the application layer.

Something that often gets overlooked when discussing application security is the information security element: What data are we exposing to the internet, and why? Can anyone infer our internal values and processes from what we reveal through a particular business application? Does this application actually fulfil some business requirement and does it really need to live on the internet, or could it be moved to a trusted network such as the LAN?

The person who found and sold an Apple iPhone prototype says he regrets not doing more to return the device to its owner, according to a statement provided by his attorney Thursday in response to queries from Wired.com.

Brian J. Hogan, a 21-year-old resident of Redwood City, California, says although he was paid by tech site Gizmodo, he believed the payment was for allowing the site exclusive access to review the phone. Gizmodo emphasized to him “that there was nothing wrong in sharing the phone with the tech press,” according to his attorney Jeffrey Bornstein.

Wired.com identified Hogan as the finder of the prototype by following clues on social network sites, and then confirmed his identity with a source involved in the iPhone find.

It’s no secret that Google has, on a very steady basis, dominated its competition and managed to return big profits. And Carol Bartz may be in no position to question the company’s methods. But Yahoo’s CEO nonetheless chose to point out a potential weakness today, and she may be on the right track.

Bartz told Jonathan Fildes, “Google is going to have a problem because Google is only known for search. It is only half our business; it’s 99.9% of their business. They’ve got to find other things to do.” Also, in terms of how Google will be judged as it attempts to find those other things, Bartz observed, “Google has to grow a company the size of Yahoo every year to be interesting.”

Responding to a public letter issued Thursday by Apple Chief Executive Steve Jobs, Adobe CEO Shantanu Narayen said he believes that any crashes of Flash in Mac OS X are not related to his software, but instead are the fault of “the Apple operating system.”

Narayen spoke exclusively with The Wall Street Journal Thursday afternoon after Jobs’ letter, entitled “Thoughts on Flash,” was posted on Apple’s website. The Adobe CEO said he believes that multi-platform options like Flash will “eventually prevail,” because they allow developers to write software that can be used on a number of devices, rather than being tied to Apple’s iPhone OS ecosystem through the App Store.

Microsoft has finally confirmed that it has been working on a tablet concept known as “Courier,” but the company has also announced that it has “no plans to build such a device at this time.”

In 2008, Microsoft floated a mobile collaboration app for Windows Mobile under the name Courier. Nobody seemed to notice, given the overshadowing presence of iPhone 2.0 over the mobile software market.

The following year, Courier tablet concept photos were leaked by Gizmodo. It presented rendered depictions of dual-screen notebook supporting both touch and stylus input. The leak occurred just in time to suggest that Microsoft had big plans in place to rival the iPhone in the mobile arena, much like the introduction of the quickly forgotten Surface in 2007 had served as a temporary distraction from the original iPhone launch.

Google has restored its “personalized” search suggestions after purging the tool of a critical vulnerability that allowed attackers to steal a user’s web history.

Personalized search suggestions were disabled on March 1, and they didn’t return until April 20. Ordinarily, Google adds these personalized keyword suggestions to its generic suggestion list if you’ve turned on Google Web History, a service that stores your searches and page visits. The personalized suggestions are based on data from Web History.

Giving a computer to somebody else? Maybe you’re putting it out on Craigslist to sell to a stranger—either way, you’ll want to make sure that your drive is completely wiped, scrubbed, and clean of any personal data. Here’s the easy way to do it.

If you only have access to an Ubuntu Live CD or thumb drive, you can actually use that instead if you prefer, and we’ve got you covered with a full guide to securely wiping your PC’s hard drive. Otherwise, keep reading.

Darik’s Boot and Nuke CD is the easiest way to permanently and totally destroy every bit of personal information on that drive—nobody is going to recover a thing once this is done.