A Homeland Security Department official this morning defended the administration against criticism that there is now no White House-level office of cybersecurity.
Presidential cybersecurity adviser positions were eliminated last year after the February release of the National Strategy to Secure Cyberspace.
"Our answer to that is, that office produced the strategy," said Lawrence Hale, deputy director of the U.S. Computer Emergency Readiness Team at DHS. "When it comes time to implement the strategy, that is more appropriately done in the departments."
Open source software will have to lift its security game if it is to match that of proprietary software, particularly if its use proliferates, according to representatives from global information security companies.
Asia Pacific vice president of security giant Symantec, Vincent Steckler, said open source is "not the silver bullet".
"The reason viruses are written for Microsoft is because most people use it," Steckler said. "If 90 percent [of software] was open source there would be just as many attacks, only worse. Imagine smart hackers with [access to] source code."
A code audit of the popular protocol analyser, Ethereal, has revealed several stack overflows which can be remotely triggered, according to a posting to the Full-Disclosure vulnerability mailing list.
Stefan Esser of e-matters Security, who discovered the vulnerabilities, described them as critical, and said the developers of the open source package were expected to release an updated version soon.
Ethereal runs on all common platforms, including Unix, Linux and Windows.
A security breach is likely to delay for several days today's scheduled release of the next version of the popular Gnome open source desktop environment, a member of the release team said. Jeff Waugh, the head beekeeper of the Gnome Release Team and the director of the Gnome Foundation Board, has confirmed that a security breach of the Gnome Web server is "likely to delay the release [of Gnome 2.6]…however we have not made that decision officially yet." He told ZDNet Australia the delay was likely to be about a week.
I recently had two eye-opening experiences that made me aware of something that, to my shame, I had forgotten. In the first case, I was helping a friend perform a clean install of Windows 2000 on a used computer that he had bought. We installed Windows 2000 just fine. We then installed all the other software that you have to install along with Windows: anti-virus software, firewall, anti-spyware software, the whole works. We then started to update all of that extra software, and that's where the troubles began.