Stories by Carl Jongsma

USAF Cyber Command on Ice

It was only a month and a half ago that the US Air Force's Cyber Command faced competition from a sister service with the announcement of the US Army's Network Warfare Battalion. Now the USAF appears to have had their efforts to stand up the Cyber Command placed on ice.

Conference papers - academic vs. commercial

Information Security is an odd environment in that most of the leading edge research takes place away from academic and designated research institutions, out in the industry. As a result there is a curious approach to publishing new information that doesn't really exist anywhere else.

Egyptian Internet cafe policy - censorship in disguise?

Late last week it was reported that a number of Egyptian Internet cafes had been directed by the Egyptian government to collect personal information from prospective Internet users before they would be entitled to access the Internet at the cafe. This information included names, email addresses and phone numbers. Following submission of this information, an access code would be sent to the supplied mobile number then allowing them access to the Internet.

Online vandalism does not equal cyberwar

Without getting into the argument of who is right in a five-sided conflict (South Ossetia, Georgia, Russia, Abkhazia, and the various external groups and individuals who are motivated enough to be involved), interesting conclusions can be drawn from what is happening online and also how those events are being reported upon.

PHP 4 is dead, long live PHP 4

For a technology that has been in stable release since May 22, 2000, PHP 4 has finally reached the end of its official life. With the release of PHP 4.4.9, official support has ended and the final security patch for the platform issued.

VX Groups a dying breed, but they wont be missed

Microsoft's Malware Protection Center has picked up on some positive news that comes at a time when online threats are apparently increasing without limit. According to the MMPC's blog, there have been two VX (Virus writing and sharing) groups to have shut down in a very short period of time, seemingly without any external pressure. According to the post, there is really only one active group remaining, something which would have seemed far fetched not even a decade ago.

Microsoft to share vulnerability data. Will you be rocked?

Microsoft's impending announcement at Black Hat on the 7th of this month, titled "Secure the Planet! New Strategic Initiatives from Microsoft to Rock Your World", being delivered by some of the best security names inside Microsoft, has already gained the attention of many in the wider community.

In-car GPS makes you more likely to drive poorly

Satellite navigation devices, the ubiquitous GPS interfaces that many have in their cars, are, it seems, the cause for more than their fair share of accidents and risky driving practices in the UK.

Korean Govt experiences first-hand the fickleness of online media

In South Korea, the world's most online country (by percentage), the Internet has become a tool of politics as much as it has a tool for the everyday Web surfer. When a former CEO took the reins of the country earlier this year, it was effective use of the Internet which contributed to his rise to power. According to Reuters, the power that helped the new president Lee Myung-bak take power is now threatening the ongoing survival of his government.

Yahoo's Yang, board supported by shareholders

The ongoing battle for control over Yahoo seems to have reached a temporary truce. Corporate raider, Carl Icahn, successfully managed to gain some traction on the company's board, however the company's existing leadership received strong support from the remaining shareholders.

DNS flaw felt Down Under - here's what to do

Dan Kaminsky's disclosed DNS flaw seems to be causing more and more problems for Internet users as time goes on. With detailed exploit code readily available from any number of sources, and with talented researchers creating their own highly tuned versions of the exploit, things are beginning to look perilous for a large portion of the Internet's userbase, including Australian ISPs.

An interesting changing of the guard at Microsoft

It normally isn't news when IT people move from company to company, but there are times and circumstances when personnel movements do attract attention. Microsoft's announcement that Kevin Johnson is leaving for a position with Juniper Networks is noteworthy.

Think twice before you blog or email

Once information has been released it is almost impossible to recover what has been published. The more sensitive or 'interesting' the information then the more likely it is that it will eventually reach widespread dissemination. Efforts to suppress distribution can and often do backfire (Streissand effect) and this is the lesson that Matasano Chargen has experienced first hand with their accidental release of the technical details behind Dan Kaminsky's DNS discovery.

Are we about to witness a real OS X virus?

Mac antivirus maker, Intego, have published an interesting alert about a potential OS X virus that an enterprising individual is trying to sell through auction. With absolutely no technical information to go on, the antivirus maker is treating the announcement with caution.

Lessons learned from the Kaminsky DNS vulnerability

There has been a lot of speculation devoted to the impending release of information about a DNS vulnerability discovered and initially announced by Dan Kaminsky almost two weeks ago. A lot of the coverage has been back and forth arguing about whether what has been discovered is relevant or not but the best thing to have done in the intervening period is to have sat on your hands and waited.