Source: The Nando Times
The president's computer security adviser asked technology executives Tuesday for a list of changes, including bundled security software for high-speed Internet users and a better method to get software fixes on personal computers.
Richard Clarke told software companies that their responsibility doesn't end when they fix a hole in their products that could let hackers in.
Anti-virus products could detect the FBI's new spyware. But should they? The notion of programming anti-virus software to deliberately ignore a particular program, despite malicious characteristics, is nothing new. Many mainstream AV software packages have a built-in capability to ignore; commonly referred to as "exclusion." Exclusion helps AV software avoid false positives, helps to avoid unnecessarily scanning files that are too small to carry any known virus, helps to ignore files that are marked as "known clean," and has even helped an anti-virus company or two to avoid a lawsuit.
This article in developerWorks tries to tackle the issue of XML Digital Signature Standard and how XML can functionally sign itself over an insecure network like the Internet. It is likely that as Web Services become more popular, this will increasingly become a focal point. Also included is alphaWorks XML Security Suite and an article on enabling XML security.