The United States is capable of wonderful innovation and spectacular achievements, from highway systems to fleets of satellites. But a lack of appetite for maintaining these accomplishments threatens our security and well-being.
Cybereye
A weekly column on all things cyber
Truth in hacking
Antivirus company Avira reports a new wrinkle in malware: A phishing e-mail that contains explicit instructions for infecting your computer. It’s so crazy, it just might work.
Government needs help from IT vendors
Agencies are getting more and better technology, but IT is not providing the productivity and return that it could. Federal customers need to partner with vendors to focus on mission and outcome for IT, not just functionality and affordability.
Giving and taking: DOJ and NIST on opposite sides of cybersecurity
While the Justice Department is trying to get backdoors into mobile consumer devices, NIST is working to improve security and privacy of electronic medical records and devices.
Cybersecurity National Action Plan: Some ideas are bold, some old
Cybersecurity has a high profile in the president’s agenda for his final year. There are some good ideas in his Cybersecurity National Action Plan, but whether they translate into improved security will depend on Congress and the next president.
A step toward better sharing of cyberthreat information?
DHS plans to begin an automated threat information sharing program for the private sector this month. Not everyone is enthusiastic, but some think the department can be a catalyst for improved cybersecurity collaboration.
Proposed updates of Emergency Alert System raises some concerns
The FCC has proposed new rules that could streamline and expand the nation’s Emergency Alert System, but one commissioner calls the proposed changes a power grab to expand the commission’s authority to the Internet.
One-time-password theft highlights challenges for 2-factor authentication
Malware for stealing out-of-band passwords for two-factor authentication demonstrates the need to maintain good security on mobile devices.
A new wrinkle in Search Engine Optimization
A sophisticated campaign using SQL Injection for Search Engine Optimization has been spotted by Akamai’s Threat Research Division, raising some questions about what is legitimate and what is proper.
DeepSpec: A new frontier in software development
A new multi-institutional project funded by NSF aims to bring software development from an art to a science, using formal logic and precise specifications for program behavior to create software that is verifiably reliable.