Bundle Security blogs

Concurso Periodismo en Seguridad Informática. Iniciativa desarrollada por ESET Latinoamérica

Security blogs - Mié, 06/12/2013 - 11:09
El Concurso Periodismo en Seguridad Informática es una iniciativa desarrollada por ESET Latinoamérica única en la región, que tiene como objetivo distinguir la labor de profesionales dedicados al periodismo en tecnología. En su 6ta edición y como ya es habitual, premiará con un viaje a la CeBIT 2014 a realizarse en Hannover, Alemania, al autor del mejor trabajo periodístico noreply@blogger.com (Seguridad de la Información)
Categorías: Bundle Security blogs

Cisco’s onePK Part 1: Introduction

Security blogs - Mié, 06/12/2013 - 10:00
Exordium Cisco’s  One Platform Kit (onePK)  is a fantastic toolkit for building custom applications that interact with your Cisco routers and switches. Using onePK, [...]Mike Schiffman
Categorías: Bundle Security blogs

La criptografía cuántica blinda más que nunca la información secreta

Security blogs - Mié, 06/12/2013 - 09:58
Resuelve el problema de la transmisión de claves, que pueden ser interceptadas con recursos computacionales superiores   Por Patricia Pérez. Las técnicas de encriptación clásicas descansan en su supuesta complejidad computacional, aunque no se sabe a ciencia cierta cuando puede aparecer un algoritmo que las supere. Por el contrario, la criptografía cuántica evita esos problemas, pues la clave noreply@blogger.com (Seguridad de la Información)
Categorías: Bundle Security blogs

Prosecuting Snowden

Security blogs - Mié, 06/12/2013 - 09:16

Edward Snowden broke the law by releasing classified information. This isn't under debate; it's something everyone with a security clearance knows. It's written in plain English on the documents you have to sign when you get a security clearance, and it's part of the culture. The law is there for a good reason, and secrecy has an important role in military defense.

But before the Justice Department prosecutes Snowden, there are some other investigations that ought to happen.

We need to determine whether these National Security Agency programs are themselves legal. The administration has successfully barred anyone from bringing a lawsuit challenging these laws, on the grounds of national secrecy. Now that we know those arguments are without merit, it's time for those court challenges.

It's clear that some of the NSA programs exposed by Snowden violate the Constitution and others violate existing laws. Other people have an opposite view. The courts need to decide.

We need to determine whether classifying these programs is legal. Keeping things secret from the people is a very dangerous practice in a democracy, and the government is permitted to do so only under very specific circumstances. Reading the documents leaked so far, I don't see anything that needs to be kept secret. The argument that exposing these documents helps the terrorists doesn't even pass the laugh test; there's nothing here that changes anything any potential terrorist would do or not do. But in any case, now that the documents are public, the courts need to rule on the legality of their secrecy.

And we need to determine how we treat whistle-blowers in this country. We have whistle-blower protection laws that apply in some cases, particularly when exposing fraud, and other illegal behavior. NSA officials have repeatedly lied about the existence, and details, of these programs to Congress.

Only after all of these legal issues have been resolved should any prosecution of Snowden move forward. Because only then will we know the full extent of what he did, and how much of it is justified.

I believe that history will hail Snowden as a hero -- his whistle-blowing exposed a surveillance state and a secrecy machine run amok. I'm less optimistic of how the present day will treat him, and hope that the debate right now is less about the man and more about the government he exposed.

This essay was originally published on the New York Times Room for Debate blog, as part of a series of essays on the topic.

schneier
Categorías: Bundle Security blogs

Officials wait to judge iOS 7 security feature aimed at thwarting thieves

Security blogs - Mar, 06/11/2013 - 23:19

The top prosecutors in San Francisco and New York, seeking ways to curb thefts of mobile devices, said Monday they will reserve judgment of Apple's new security feature designed to make it harder to reactivate a stolen iPhone.

San Francisco District Attorney George Gascon and New York Attorney General Eric Schneiderman have been asking the leading wireless device makers to create a "kill switch" that would render stolen phones useless. The prosecutors said they aren't judging Apple's new activation lock feature until they can fully determine its effectiveness.

Tags: AppleiOSSecurityl33tdawg
Categorías: Bundle Security blogs

CISOs must shape up or ship out, says Forrester

Security blogs - Mar, 06/11/2013 - 23:16

Chief information security officers will have evolve into corporate information risk managers if they are to survive in the future, says Andrew Rose, principal analyst at Forrester Research.

“CISOs can’t afford to remain where they are; they need to decide whether they want to move up or down,” he told Forrester’s forum for risk and security professionals in London.

Tags: Industry Newsl33tdawg
Categorías: Bundle Security blogs

Technology outpaces law in world of security

Security blogs - Mar, 06/11/2013 - 23:14

The lines are already being drawn over whether to view Edward Snowden, the National Security Agency leaker, as a hero who blew the whistle on a dangerous government intrusion into privacy or a villain who criminally endangered our national security. But the debate over government surveillance should start with a different name: Gordon E. Moore.

Tags: SecurityTechnologyl33tdawg
Categorías: Bundle Security blogs

The case for regulating metadata collection

Security blogs - Mar, 06/11/2013 - 22:41

If reports are to be believed, the US National Security Agency (NSA) has had “direct access” to systems run by Google, Facebook, Yahoo and Apple. While all the companies named have used similar words to deny those claims, the alleged scale of the surveillance, its sophistication and the lack of independent oversight are still very alarming.

All of the above points to a worrying breakdown in procedures that have been around for decades – for good reason – in the area of lawful interception.

Tags: SecurityPrivacyl33tdawg
Categorías: Bundle Security blogs

Security experts weigh in on Patch Tuesday priorities

Security blogs - Mar, 06/11/2013 - 22:38

It’s Patch Tuesday—the sixth one of 2013. As far as Patch Tuesdays go, June is relatively light—with a mere five security bulletins, and only one rated as Critical—but that’s no reason to let your guard down.

Tags: MicrosoftSecurityl33tdawg
Categorías: Bundle Security blogs

This is the PlayStation 4

Security blogs - Mar, 06/11/2013 - 22:13

At Sony's E3 2013 press conference, the company has finally unveiled the hardware for the PlayStation 4, after not revealing the design at the original launch event for the PlayStation 4 in February.

This is what the console will look like when it hits stores later this year. Essentially a big black box that is similar in design to Microsoft's Xbox One, departing from the PlayStation 3's curved design and returning to the hard edges similar to the PlayStation 2.

Tags: SonyPS4Hardwarel33tdawg
Categorías: Bundle Security blogs

iOS 7 beta: Hotspot 2.0 support will lead to hassle-free Wi-Fi access

Security blogs - Mar, 06/11/2013 - 22:08

While not mentioned during Apple's WWDC keynote, iOS 7 will support Hotspot 2.0, a relatively new Wi-Fi technology that allows compatible devices to seamlessly connect to compatible hotspots without user interaction.

The new feature is based on the Wi-Fi Alliance's Passpoint project, which looks to automate connections to certified hotspots quickly and securely. This means iOS device users will one day no longer have to search for, select, and manually connect to certain access points.

Tags: AppleiOS7Wirelessl33tdawg
Categorías: Bundle Security blogs

From Fake Leather to the Great Flattening: The Evolution of iOS

Security blogs - Mar, 06/11/2013 - 22:06

Happy Nerd Christmas! Apple CEO Tim Cook got you a new operating system for the iPhone and iPad. It looks different. It works differently. It has a host of new features and design elements–from full multitasking to the Pandora-like iTunes Radio. It organizes your pictures, has remarkable new AirDrop sharing features, automatically updates your apps, and overall lets you do just about everything more quickly and efficiently.

Tags: AppleiOSl33tdawg
Categorías: Bundle Security blogs

Google asking the U.S. government to allow it to publish more national security request data

Security blogs - Mar, 06/11/2013 - 22:04

This morning Google sent the following letter to the offices of the Attorney General and the Federal Bureau of Investigation.

Dear Attorney General Holder and Director Mueller

Google has worked tremendously hard over the past fifteen years to earn our users’ trust. For example, we offer encryption across our services; we have hired some of the best security engineers in the world; and we have consistently pushed back on overly broad government requests for our users’ data.

Tags: GooglePrivacyUSIndustry Newsl33tdawg
Categorías: Bundle Security blogs

Un genio de la informática desilusionado con su gobierno

Security blogs - Mar, 06/11/2013 - 15:30
El ex informático de la CIA Edward Snowden, el hombre que filtró información confidencial sobre los programas de vigilancia de Estados Unidos, tiene 29 años y vivía con su novia en Hawai antes de viajar a Hong Kong, donde se ha refugiado en un hotel a la espera de lo que sucederá con él tras las revelaciones. Los periodistas de The Guardian que lo entrevistaron los describen como una noreply@blogger.com (Seguridad de la Información)
Categorías: Bundle Security blogs

SQLmap, herramienta imprescindible en tu arsenal

Security blogs - Mar, 06/11/2013 - 15:26
La Comunidad DragonJAR publico una serie de tres post realcioandos con la tools SQLmap la cual es resumida por sus autores como "automatic SQL injection and database takeover tool". Los link a cad pos son lso siguientes:  SQLmap, herramienta imprescindible en tu arsenal SQLmap, herramienta imprescindible en tu arsenal II SQLmap, herramienta imprescindible en tu arsenal III noreply@blogger.com (Seguridad de la Información)
Categorías: Bundle Security blogs

En debate: quién es el responsable de lo que se sube a la web [Argentina]

Security blogs - Mar, 06/11/2013 - 15:15
Mendoza -Aregrina El lunes 10 de junio, en horas de la tarde, con la autoría del Dr. Eduardo Molina Quiroga y el Dr. Daniel Altmark se presentó un Tratado de Derecho Informático en el aula magna de la Facultad de Ciencias Jurídicas y Sociales de la Universidad de Mendoza. Al acto, que contó con la presencia del decano de la casa de Estudios –Dr. Emilio Vázquez Viera- y la ex ministra de noreply@blogger.com (Seguridad de la Información)
Categorías: Bundle Security blogs

Grandes proyectos en derecho informático, nula voluntad política [Mexico]

Security blogs - Mar, 06/11/2013 - 15:14
Existen excelentes legislaciones en el tema de derecho informático en México, que poco a poco comenzarán a rendir fruto, como lo son la Ley de Amparo y el tema de firma electrónica, la Ley Federal de Protección de Datos Personales en Posesión de Particulares, la tan esperada reforma en telecomunicaciones; además de otros proyectos que caminan o no se han concretizado correctamente como el noreply@blogger.com (Seguridad de la Información)
Categorías: Bundle Security blogs

Wontok Introduces SafeCentral For Android At Gartner Security Summit

Security blogs - Mar, 06/11/2013 - 14:05
Company to introduce mobile security solution that protects personal and corporate data on Android devices(author unknown)
Categorías: Bundle Security blogs

DigitalPersona Announces U.are.U Software Development Kit (SDK) For Android Applications

Security blogs - Mar, 06/11/2013 - 14:02
DigitalPersona U.are.U SDK for Android uses uniform APIs allowing for easy cross-platform development(author unknown)
Categorías: Bundle Security blogs