The American Civil Liberties Union (ACLU) obtained DHS's December 2011 Civil Rights/Civil Liberties Impact Assessment through a Freedom of Information Act (FOIA) request.......

Schneider Electric has released patches for vulnerabilities in its Quantum Ethernet Module.......

A federal judge in Wisconsin has stayed a magistrate's order that would have forced Jeffrey Feldman to decrypt 16 devices which authorities believe contain child pornography.......

Apple has issued an update for OS X that addresses 31 security issues.......

Google and other technology companies told a panel of US lawmakers that providing emergency information in open formats will help drive it to top search results where people who need it will be most likely to find it.......

Malware known as NetTraveler has infiltrated more than 350 companies in 40 countries over the past eight years, according to researchers at Kaspersky Lab.......

A squid comic about the importance of precise language in security warnings. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

In this podcast interview, I talk about security, power, and the various things I have been thinking about recently....

Ars Technica gave three experts a 16,000-entry encrypted password file, and asked them to break them. The winner got 90% of them, the loser 62% -- in a few hours. The list of "plains," as many crackers refer to deciphered hashes, contains the usual list of commonly used passcodes that are found in virtually every breach involving consumer websites. "123456,"...

LinuxSecurity.com: At the same time, it reports the number of demands for "business records" in such cases, issued under Section 215 of the USA Patriot Act. And while the number of such orders has generally grown over the years, it has always managed to stay relatively low. In 2011, it was 205. There were 96 orders in 2010, and only 21 in 2009.

LinuxSecurity.com: Pirate Bay co-founder Gottfrid Svartholm Warg has been named as a suspect in the hacking of a European database containing data about wanted criminal suspects and missing people.

LinuxSecurity.com: The Obama administration calls the NSA's practice of gathering phone records "a critical tool in protecting the nation from terrorist threats," reports the AP and Reuters.

This study claims "terrorism has cost Pakistan around 33.02% of its real national income" between the years 1973 and 2008, or about 1% per year. The St. Louis Fed puts the real gross national income of the U.S. at about $13 trillion total, hand-waving an average over the past few years. The best estimate I've seen for the increased cost...

LinuxSecurity.com: Cyber attacks around the world are becoming more frequent, alarming and complex. Our interconnected societies depend on new technologies, which are constantly being probed for vulnerabilities to exploit. NATO calls on the skills of cyber-security experts to assess its computer networks and takes measures to avert and defend against cyber attacks.

LinuxSecurity.com: Sophisticated hackers now use "social engineering" - exploiting the psychological vulnerabilities of human users - rather than technological weaknesses in security systems, famous former hacker Kevin Mitnick told a cyber security conference in Dubai.

LinuxSecurity.com: When it comes to threats to mobile devices, most people don't think of chargers as a likely point of attack. But plugging in an iPhone - or any smartphone or tablet - could come at a price.

LinuxSecurity.com: The hacker who alerted federal authorities to the alleged leak of classified documents by Pfc. Bradley E. Manning testified Tuesday that the young Army analyst never indicated any desire to help U.S. adversaries by releasing the material.

LinuxSecurity.com: Jim Stickley is a professional hacker. Companies hire him to attempt to hack into their financial information, and identify weaknesses in their security practices.

Excellent interview....

LinuxSecurity.com: Several security issues were fixed in libxxf86dga.