Motorola Mobility has demonstrated two authentication technologies that remove the need for people to carry around devices for two-factor authentication.......

The High Court of New Zealand has ruled that the warrants used to seize evidence, including computers, hard drives, and documents, in a January 2012 raid on the home of Megaupload founder Kim Dotcom were illegal and that New Zealand police must provide Dotcom with copies of all relevant evidence in their possession.......

UK telecommunications company BT has dropped Yahoo as its email provider following a growing number of customer complaints that their accounts were hijacked and used to send spam.......

The court-martial of Army Pfc.......

A man whose laptop was seized by the US Department of Homeland Security (DHS) has dropped his lawsuit challenging the seizure.......

The FBI wants a new law that will make it easier to wiretap the Internet. Although its claim is that the new law will only maintain the status quo, it's really much worse than that. This law will result in less-secure Internet products and create a foreign industry in more-secure alternatives. It will impose costly burdens on affected companies. It...

Someday I need to write an essay on the security risks of secret algorithms that become part of our infrastructure. This paper gives one example of that. Could Google tip an election by manipulating what comes up from search results on the candidates? The study’s participants, selected to resemble the US voting population, viewed the results for two candidates on...

LinuxSecurity.com: The python client library for Keystone did not properly verify expired PKItokens.

LinuxSecurity.com: Maksim Otstavnov discovered that the Wocky submodule used by telepathy-gabble, the Jabber/XMPP connection manager for the Telepathy framework, does not respect the tls-required flag on legacy Jabber servers. A network intermediary could use this vulnerability to bypass [More...]

LinuxSecurity.com: Updated qemu-kvm packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]

LinuxSecurity.com: Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate [More...]

LinuxSecurity.com: Updated mesa packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]

New paper from the Harvard Law Review by Daniel Solove: "Privacy Self-Management and the Consent Dilemma": Privacy self-management takes refuge in consent. It attempts to be neutral about substance -- whether certain forms of collecting, using, or disclosing personal data are good or bad -- and instead focuses on whether people consent to various privacy practices. Consent legitimizes nearly any...

LinuxSecurity.com: Remote backup is an increasingly popular way to protect your files, and Duplicity makes it easy to implement a secure yet flexible backup system

LinuxSecurity.com: Google's dramatic shift to a seven-day grace period before disclosing actively exploited zero-day vulnerabilities in software has drawn both praise and derision from security experts.

LinuxSecurity.com: It was discovered that the kpasswd service running on UDP port 464 could respond to response packets, creating a packet loop and a denial of service condition. [More...]

LinuxSecurity.com: Multiple vulnerabilities were discovered in the dissectors for GTPv2, ASN.1 BER, PPP CCP, DCP ETSI, MPEG DSM-CC and Websocket, which could result in denial of service or the execution of arbitrary code. [More...]

LinuxSecurity.com: Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, missing input sanitising vulnerabilities, use-after-free vulnerabilities, buffer overflows and other programming errors may lead to the execution [More...]

John Pescatore compares Idaho State University's (ISU) projected cost of settling HIPAA violations with the US Department of Health and Human Services (HHS) to what it would have cost the university to implement security controls that could have (helped) protect its systems from breaches.......

US Magistrate William Callahan Jr.......