Software insecurity: Sharing the blame

The reason software so often is not secure is the fault either of developers or of users ? or both.

EarthLink-Google team to build WiFi net for San Francisco

San Francisco has selected a team headed by EarthLink Inc. and Google Inc. to build a citywide WiFi network that is expected to provide free and low-cost Internet access for the city.

How's your backbone?

How cryptic is the mandate for federal agencies to transition their network backbones to Version 6 of the Internet Protocol by 2008? Walt Grabowski thinks it may be more cryptic than first thought.

NIST sets FISMA standards for federal IT systems

The National Institute of Standards and Technology has released the final standard for securing agency computer systems under the Federal Information Security Management Act.

Congress may settle question of how neutral networks should be

Lawmakers are wrestling with the issue of how much control network owners should be able to exert over the content they deliver.

Microsoft to issue software patch to fix WMF vulnerability

The Windows Meta File vulnerability is particularly dangerous because computers can become infected by displaying images containing malicious code on Web sites and in e-mail or other files.

SANS to offer graduate degrees in cybersecurity

The SANS Institute has received approval from the Maryland Higher Education Commission to offer graduate degrees in information security.

Readiness an issue in DOD's transition to IPv6

While Pentagon officials say Internet Protocol version 6 will be essential for net-centric warfare, they are frustrated by the military's inability to use the technology.

Training is the key to improved law enforcement communications

State and local emergency officials are discovering that training is essential in getting police to embrace new communications technologies.

Education is first line of defense against spear phishing

Raising e-mail users' awareness of targeted phishing schemes is the best defense against attacks, say security experts.

Memo to private sector: Strengthen IT information security

A former presidential adviser warns that IT security must improve or the government will step in and set security policies for the private sector.

In-Q-Tel's Louie: IT security policies have become self-defeating

The head of the CIA's venture-capital arm says misguided IT security policies have paralyzed the government's ability to share vital national-security data.

3Com offers reward for access to undisclosed security flaws

The company is willing to pay for exclusive access to data about vulnerabilities before the flaws are publicly disclosed.

Draft guidelines issued for PIV card issuers

The new ID cards will be interoperable smart cards that can be used across agencies, and will incorporate a common set of identity proofing and issuing standards and technologies.

NIST launches accreditation program for e-voting system evaluations

The National Institute of Standards and Technology has begun an accreditation program for laboratories that want to evaluate voting systems.

GAO: Agencies must pay more attention to cybersecurity

Federal cybersecurity programs run the risk of becoming static and unresponsive in the face of emerging threats, according to the findings of a study by the Government Accountability Office.

Martin: FCC must change to confront realities of new technologies

The chairman of the Federal Communications Commission hinted that the agency might have to reorganize to better address the rapidly evolving technological landscape.

New list of critical vulnerabilities released for Q1 2005

The SANS Institute of Bethesda, Md., has begun updating its top 20 list of Internet vulnerabilities on a quarterly basis in an effort to give administrators more timely data to help prioritize patching.

9-11 Commission member urges administration to put teeth in cybersecurity, intel efforts

The nation's top cybersecurity official does not have to have an office in the White House to be effective, said Jamie Gorelick, former Justice Department official and member of the 9-11 Commission.

BlackBerry eases the burden of sending secure messages

Blackberry has integrated a secure messaging server with its BlackBerry Enterprise Server to simplify sending sensitive messages from its handheld devices, a feature driven by its government users.