The "do-it-yourself" protocol was a red carpet for "inside jobs"... under the guise of being SAML

Well, when you switch off all security mechanism then, yes, there are security flaws...

A tutorial on configuring your computer so it can be taken over by students from Ruhr Universitat

Student researchers have NOT demonstrated the simultaneous compromise of the systems necessary for the attack to succeed.

The Economist points out that E-government looks like a potential crock of gold for fraudsters, with huge databases, often lightly and "incompetently" protected...

Reasearchers can capture your PIN with just a paper clip and needle.

I mentioned in a previous post that I had to solve a little issue with the wonderful WMCMD.VBS script that Alex Zambelli maintains. Because of some occasional nastyness, when the script is done--successful or not-- it tries to kill it's own process, in case any of the WM Encoder objects gets hung up. The original script uses WMI to look on the machine for the cscript process for the currently running script: function TerminateEncoderProcess () dim objWMIService dim objProcess On Error Resume Next

The powerful chip at the heart of Sony's PlayStation gaming console has been used to crack passwords faster than ever before

Light Blue Touchpaper is a blog run by leading international security researchers at the Computer Laboratory, University of Cambridge. In recent posts, researcher Steven Murdoch writes that Touchpaper, which is based on the same WordPress blogging software I use, was breached around the same time as Identityblog (described here). Steven explains that the attack was the result of several problems in Wordpress - a SQL [...]

There's a lot of ideology to get past in teaching people about security