John Lister

Microsoft has faced the first major test of its policy to phase out support for some versions of Windows XP. A major security patch last week was only available to users who had upgraded to the third and final Service Pack (SP3). As previously ... reported, Microsoft issued an out-of-cycle update (known more casually as an emergency pack) to patch a Windows shortcut flaw. The issue was particularly serious because it meant machines could be hacked if a user opened a folder containing the infected shortcut file, even if they didn't click on the shortcut itself. The shortcut flaw was such a clear ... (view more)

Microsoft has changed the its guidelines for reporting security flaws. It's a move that could bring Adobe into an industry-wide collaboration to share information about security risks. From now on, Microsoft will no longer urge security researchers ... to follow a "responsible disclosure" policy, in which it asked those who discovered flaws to keep them completely under wraps until a full fix had been found, tested and readied for distribution. Many security experts have claimed such a policy delayed Microsoft's response to security threats. They also felt not being able to talk about bugs made ... (view more)

Microsoft has confirmed the beta edition of Internet Explorer 9 (IE9) will be available in September. The announcement comes alongside leaked screenshots of the new browser. Rumors have pegged the beta release for IE9 in September 2, 2010. Kevin ... Turner, who is in charge of Microsoft's day-to-day operations, wasn't that specific in describing the new Internet Explorer, but it's the first time Microsoft has publicly named the month. The revelation came during a meeting with financial analysts , and there's some speculation Turner used it as an opportunity to hype Microsoft's future outlook. ... (view more)

Business users may love their BlackBerry smartphones, but governments in the Middle East are not so keen. Three countries have issued different degrees of bans on the devices' functions. The biggest conflict comes in the United Arab Emirates (UAE), ... where officials there accuse the device of breaching local laws on data security. The problem is that messages sent on a BlackBerry are encrypted and immediately sent to servers in Canada for processing and storage. BlackBerry maker Research in Motion is based in Waterloo, Ontario, Canada. The UAE frowns upon such activity because it demands the ... (view more)

A white hat hacker has demonstrated an ingenious way of intercepting cellphone calls. The homemade do-it-yourself (DIY) kit uses $1,500 worth of equipment to help impersonate a cellphone relay tower. Chris Paget demonstrated the technique on phones ... belonging to audience members at the DEF CON security conference in Las Vegas. He said it involved a flaw in the GSM cellphone technology used by AT ... (view more)

A change to copyright laws mean cellphone owners can now legally "jailbreak" their phones. Jailbreaking, as it is often referred to, is the practice which involves modifying a device (such as an iPhone) to run any software, regardless of ... manufacturer restrictions. The decision affects the Digital Millennium Copyright Act (DMCA), a legislation that has made it illegal to bypass any electronic restrictions designed to protect copyright. The act was most prominently cited in a case involving software which allowed users to copy digitally protected DVDs. The Electronic Frontier Foundation, or EFF ... (view more)

Dell has agreed to replace computer equipment that shipped with a data-stealing virus. The company is hoping to deal with the issue before any users suffer at the hand of criminals. Unlike most hacking attempts, which rely on accessing a victim's ... machine through an Internet connection, this incident brought up the possibility of whether or not malicious software was in fact being physically installed on machines at the factory. The issue only involves replacement parts for servers, however. These replacement parts are for computers that are primarily used to host websites and, in business ... (view more)

Microsoft has unveiled an updated edition of its free security software, dubbed Microsoft Security Essentials. The new edition of Security Essentials is currently in beta edition and offers several new features. Debuting in September 2009, Microsoft ... Security Essentials replaces Windows Live OneCare which was based on a paid subscription model. At the time, OneCare was seen as a potential threat to the commercial cyber security market. (Source: pcworld.com ) Although there's no evidence yet of a significant effect on sales of premium security products, most reviews of Microsoft Security ... (view more)

Two security researchers say they've managed to prove a long-standing theory about how hackers breach online security. It involves taking advantage of a split-second quirk in the verification of online processing. The exploit could affect millions ... of online users, as it involves two login schemes which have been widely adopted by large corporate sites. (Source: computerworld.com ) Timing Attack is Key to Exploit The technique in question is known as a timing attack. It works on the basis that some password-protected systems will automatically reject an incorrect password as soon as it finds a ... (view more)

After a lengthy dispute, Facebook has agreed to include a "panic button" for children to report threatening behavior. However, critics suggest that the voluntary scheme doesn't go far enough for child safety campaigners. Demands for the button came ... from the Child Exploitation and Online Protection Centre (CEOP) in the United Kingdom. The group has produced a clickable button which can be added to Internet Explorer: clicking the button takes the user straight to a page where they can report unsuitable material or inappropriate behavior CEOP estimates an average of four youngsters who click the ... (view more)