Wired reports that the method Nicolas Jacobsen used to gain access to T-Mobile accounts was through a known hole in their WebLogic server - for which BEA had a patch available.
This however didn’t make Jacobsen a ’script kiddie’ - he ended up writing his own custom interface to their customer database.
Another good example of the [...]
Firefox has released version 1.0.1, which fixes the IDN spoofing issue, as well as about a dozen other security issues, and added some performance enhancements.
Right now it’s a manual install, and sounds fairly tricky. You may want to stick with the fix I posted earlier for working around this problem until Firefox releases [...]
It caught my eye that there were two different articles about major IT companies aiming to bring girls into IT this week.
eSchool News reports on Cisco’s efforts to make IT, and in particular, their Tech Academy more appealing to girls. One of the interesting points of the article is that research shows girls are more [...]
There must be something in the water cooler over at Information Week, because I think this week’s Secret CIO column is right on the money, and I usually disagree with him, or skip the column because it’s just whining about corporate politics.
He talks about the commons sense that short password expiration times, combined with prohibiting [...]
Bob Evans from Information Week has the most sane reporing I’ve read to date on RFID. I’m not sure why most reporters feel the need to create a stir about this technology, but it’s nice to hear a voice of reason.