Michael Gracie

According to Jeremy Kirk, spam fighters are losing ground. Part of the problem is the negative reinforcement mindset - you don’t get a pat on the back for blocking a billion emails, but you get your ass kicked in the alley for each spam that does get though.

Maybe someone should form a spam fighter’s union, accidentally break the filters, then go on strike?

Three security flaws now officially affect Apple Airport wireless enabled computers. According to the report, which rears its pretty little head not long after the Blackhat exploit (or non-exploit, depending on who you believe), the flaw may cause abitrary code execution, although no known vulnerabilities existed to date.

Apple’s PR crew is really managing the vulnerability announcements well. They release the news, on the same day us lucky folks get this:

I wonder how long the vulnerability really existed.

They just didn’t know it.

More than 1,100 laptops have gone missing from the governmental body that keeps our economy humming. Inventory gone with the wind dates back to 2001, including a whole bunch of machines from the Census Bureau (containing names and social security numbers too).

Nice.

There hasn’t been a lot thought given to potential flaws in RSS, and/or how the XML format might be used to spread bugs - one brief report out of Blackhat is all I’ve heard.

But, now that Microsoft Internet Explorer 7 and the Vista OS are on the way, Jim Rapoza of eWeek is giving it a lot. Surely Jim doesn’t think Microsoft would release something that might spread a vulnerability?

UK officials figure if they already have cameras everywhere, why not add loudspeakers to them so they can shout at folks engaged in suspicious activities.

I wonder what Houston’s police chief thinks about that idea?

Yep, it is going to be a regular Thurday column from here on out (or at least until next Wednesday) - The Google Security Scramble!

Todays highlights:

- Google figuring out how to monetize email

- Google Public Service search makes for easy phishing

- Everyone’s cookies are edible, except for Google’s

See you next week (not).

The 2000 voting debacle in Florida led to a rush for e-voting machines. Those machines, made primarily by Diebold, have been under fire for some time. Diebold refuses to release the source code for scrutiny, citing the propriety of the software. But nobody will have a problem peeking inside the boxes, as you can open them up with a hotel minibar key.

The Governor of Maryland wants to scrap the machines entirely, risking “the hanging chad” in the upcoming elections. And, as Techdirt points out, it isn’t due to some right-wing conspiracy. Governor Robert Ehrlich is a Republican. And the legislature trying to stop him from turning Maryland into the sunshine state? Uh, Democrats.

They all suck, and your vote means nothing. Ha!

***UPDATE***

Many are pondering whether the 2004 election was stolen, and of course they are still pissing about the 2000 one.

I say the first week in November is going to be one to remember (even if it is a midterm).

Homeland Security has been searching far and wide for a chief of cybersecurity. Yes, while virtually every US Government department is getting piss poor grades for computer security (including Homeland Security), the bureacrats have been sitting on the fence (then again, what’s new there).

Now they’ve found their man. It’s Greg Garcia, former VP of the Information Technology Association of America.

Now, what’s their grade in human resources acquisition?

Choicepoint was forced to pay the FTC $15 million, including $5 million for a victim’s assistance fund, after coughing up a bunch of personal data to a pack of scammers. Now it seems the FTC is in the best of health, as they have yet to “cough up” any of that dough.

They must be living off the interest.

A security hole in Microsoft Publisher - how critical is that?