Ad: Manage updates with the Download App
ie8 fix

Security & Privacy

IE 8 beta gives other browsers a run for their money

Don't count Internet Explorer out just yet.

On Wednesday, Microsoft released the second public beta for Internet Explorer 8. If anything, this release brings IE up to par with alternative browsers such as Opera, Apple's Safari, and Mozilla's Firefox in terms of security and features. It also pushes Microsoft a little ahead of the competition.

The user interface hasn't changed much since Internet Explorer 8 Beta 1, except to add a Security pull-down menu between Page and Tools on the main toolbar. In addition to blocking phishing sites, IE 8 now highlights the main domain of … Read more

Space: The final frontier for computer viruses

The first ever reported computer virus has infected at least two laptops onboard the International Space Station more than 200 miles above Earth.

The worm, believed to be W32.Gammima.AG, steals personal information used to play online games from infected computers and then attempts to send the information back to a remote computer, according to SpaceRef.com, which broke the news on Monday.

The virus was not the first to hit a space station last month, just the first one that was reported, NASA spokesman Kelly Humphries told Wired News. He described it as a "nuisance" that … Read more

Firefox extension protects against man-in-the-middle attacks

Researchers at Carnegie Mellon University have released an extension for Firefox 3 that can protect wireless network users from so-called "man-in-the-middle" attacks.

The software, dubbed "Perspectives," is available for download for free.

Perspectives also protects against attacks that exploit a recently exposed flaw in the DNS system, which translates Web addresses into numerical IP addresses, said Dave Andersen, a computer science professor at Carnegie Mellon who was an adviser on the Perspectives project.

In an attack on the DNS system, someone typing in a legitimate Web address could be redirected to a malicious site without knowing … Read more

Amex, Royal Bank of Scotland, NatWest customer details sold on eBay

Over 1 million American Express, Royal Bank of Scotland, and NatWest customers' details have been sold on eBay.

The details were stored on a server, bought for just over 35 British pounds ($64) by Andrew Chapman, an IT manager from Oxford, England, last week. Chapman told CNET News sister site ZDNet UK on Tuesday that the server, a network attached storage (NAS) box, contained unencrypted backups of CDs.

"A professional organization holding this kind of data should have tested the disks to make sure (the information) was destroyed," said Chapman.

The computer had been used by data-archiving firm Graphic Data to store the details on behalf of RBS, of which NatWest is a subsidiary. Details included names, addresses, bank account numbers, telephone numbers and customer signatures.

RBS said on Tuesday that it was in the process of investigating the incident. … Read more

Ubuntu issues security patch for kernel flaw

Ubuntu on Tuesday became the latest Linux vendor to patch a vulnerability in the open-source operating system's kernel that could have left the door open for hackers to find their way into users' machines.

In an e-mail sent overnight, the Linux vendor warned users to update all machines running recent versions of Ubuntu, ranging from 6.06, which was released back in mid-2006, to version 8.04, which came out earlier this year. The problem also applied to other versions of Ubuntu such as Kubuntu, Edubuntu, and Xubuntu.

"It was discovered that there were multiple NULL-pointed function de-references … Read more

IE 8 to include private browsing feature

As CNET News first reported last week, Internet Explorer 8 will include a way to surf somewhat anonymously, allowing the user to suspend browsing history, cookies, and other identifying information. Mozilla had considered such a feature for its Firefox 3 release, but dropped it for technical reasons. Apple Safari also includes a similar feature.

Known as InPrivate, Microsoft is touting the feature as one of several security enhancements within its next major browser release. The scenarios for using InPrivate include when you're using someone else's computer, when you need to buy a gift for a loved one without … Read more

Data on 84,000 U.K. prisoners is lost

Unencrypted data on all 84,000 prisoners in England and Wales has gone missing after a Home Office contractor lost a USB stick on which it had been stored.

Contractor PA Consulting alerted the Home Office to the loss last Monday evening--and by midday Tuesday, the contractor confirmed "rigorous" searches had failed to uncover the whereabouts of the memory stick and its cachet of sensitive information.

According to a Home Office statement, the missing USB stick contains:

Data relating to all prisoners in England and Wales, including names, birth dates, and, in some cases, expected prison release data … Read more

Google making SSL changes, other sites quiet

A security researcher has been in discussions with Google on an exploit he plans to release that would allow a hacker to easily intercept someone's communications with supposedly secure Web sites over an unsecured Wi-Fi network, but other sites, like Facebook, Yahoo Mail, and Hotmail, remain vulnerable.

Mike Perry, a reverse engineer and developer at Riverbed Technology, says he announced on the BugTraq e-mail list a year ago a common flaw with the way Web sites implement the SSL (Secure Sockets Layer) protocol that is designed to protect people's data when they surf the Web. Typically, they only … Read more

Red Hat, Fedora servers compromised

Red Hat warned on Friday that a network attack compromised some servers last week that are involved with both its commercially supported and free versions of Linux.

The breaches involved Red Hat Linux Enterprise servers and those from its community-supported Fedora project that it sponsors.

Red Hat said in a security advisory that it is confident the intrusion did not compromise the Red Hat Network, which is the chief mechanism used to distribute changes to its Red Hat Enterprise Linux product, or updates sent over the network. Therefore customers are not at risk, the company said.

The open-source vendor also … Read more

Phreaker calls buddies overseas on U.S. government dime

Someone broke into a U.S. Homeland Security Department phone system and made 400 calls to the Middle East and Asia, racking up $12,000 in long-distance charges, The Associated Press reported.

The phone phreaker got into the voice mail system of the Federal Emergency Management Agency last weekend and had free calling to places like Afghanistan, Saudi Arabia, and Yemen for at least two days before someone at Sprint noticed, according to FEMA spokesman Tom Olshanski.

It appears that a hole was left open by a contractor during an upgrade of the voice mail system, but further details were … Read more

ie8 fix