Thursday, March 1, 2007

PC World - Vista's UAC Warnings Can't Be Trusted, Symantec Says Windows Vista's User Account Control (UAC), a system that Microsoft says makes the new operating system safer from attack, can be spoofed and shouldn't be completely trusted, a Symantec researcher said on Wednesday. Ollie Whitehouse, an architect at Symantec's advanced threats research team, first used a blog entry Tuesday to point out how a hacker could use a file included with Vista to disguise the UAC warning dialog in the color associated with alerts generated by Windows itself. 10:19:06 PM

Windows for Warships nears frontline service | The Register The Type 45 destroyers now being launched will run Windows for Warships: and that's not all. The attack submarine Torbay has been retrofitted with Microsoft-based command systems, and as time goes by the rest of the British submarine fleet will get the same treatment, including the Vanguard class (V class). The V boats carry the UK's nuclear weapons and are armed with Trident ICBMs, tipped with multiple H-bomb warheads. All this raises a number of worrying issues. First up is basic reliability and usability. Most of us have stared in helpless despair at the dreaded blue screen; how much worse would you feel if that wasn't just your desktop gone but your combat display, and it really was the screen of death? 10:07:50 PM

Windows For Warships Nearly Ready. Windows For Warships Nearly Ready. mattaw writes "The Register is carrying the sanest and balanced article on Windows deployment in UK warships that I have read to date in the public domain. As an ex-naval bod myself we have long considered that this is potentially a REAL problem. The main issues are the huge amount of unrelated code that is imported with the kernel and the need for incredibly fast response times." [Slashdot] 9:59:26 PM

T-Mobile Bans Others' Apps On Their Phones. T-Mobile Bans Others' Apps On Their Phones. cshamis writes "T-Mobile has recently changed their policies and now tell their customers with appropriate data plans and with Java-Micro-App-capable T-Mobile phones: no third-party network applications. You can, of course, still use their incredibly clunky and crippled built-in WAP browsers, but GoogleMaps and OperaMini are left high and dry. Would anyone care to speculate if this move is likely to retain or repel customers?" [Slashdot] 9:53:54 PM

You Can Plead Guilty Here. You Can Plead Guilty Here. The RIAA unveils P2PLawsuits.com, a site that allows people turned in by their universities or ISPs for copyright infringement to settle their cases in advance of due process. In Listening Post. [Wired News: Top Stories] 9:36:31 PM

Castrated RFID Talk at Black Hat. Castrated RFID Talk at Black Hat. Following a lawsuit threat, a security researcher goes ahead with a presentation on vulnerabilities in RFID access cards -- but doesn't demonstrate problems with HID Global's system. By Kim Zetter. [Wired News: Top Stories] 9:29:30 PM

Solaris Worm Blasts Way Through Operating System. Solaris Worm Blasts Way Through Operating System. "Hi, I'm Casper, I am a bored Sun developer and I wrote this piece of code." [GT: Security and Privacy] 9:02:48 PM

DOD, Microsoft sign deal to data mine health records The Defense Department has signed an agreement with Microsoft under which the software vendor will help develop tools and methods for analyzing the department's 9.1 million electronic patient records to find better ways to manage the health of DOD beneficiaries. Under the cooperative research and development agreement, Microsoft will work with the Army's Telemedicine and Advanced Technology Research Center to extract, store and analyze data stored in DOD's Armed Forces Health Longitudinal Technology Application (AHLTA) electronic health record system. The AHLTA clinical data repository (CDR) is "an untapped goldmine of health information, and the ability to draw upon and efficiently use this data will allow us to unleash the true power of AHLTA," said Dr. William Winkenwerder Jr., assistant secretary of Defense for health affairs. "This project has the potential to vastly improve our ability to provide both force health protection and population health improvement activities for every soldier, sailor, airman and Marine." Microsoft and the Army center aim to develop a clinical data warehouse (CDW) that provides predefined queries of interest to clinicians and analysts. The warehouse also will support data mining, which uses clustering and pattern recognition techniques to discover previously unknown correlations in the data. Intel and HP are providing support on security, sizing, and scalability testing of the CDW architecture, Microsoft said. Dr. Deborah Peel, chairwoman of the Patient Privacy Rights Foundation, views the patient information not as a goldmine ripe for exploitation but as a collection of personal and sensitive health information that needs to be zealously guarded and only accessed with express consent by the patient. 7:46:58 PM

Dell Censors IdeaStorm Linux Dissent. Dell Censors IdeaStorm Linux Dissent. thefickler writes "It seems pointless to seek ideas and feedback if you're going to ignore and delete the opinions you don't like. That's exactly what Dell is doing with its IdeaStorm website, which the company set up to solicit such ideas and feedback. Dell deleted a post linking to an article that criticizes its handling of the 'pre-installed Linux' issue." [Slashdot: Your Rights Online] 7:39:34 PM

War of Words Erupts Between HP Scandal Players. War of Words Erupts Between HP Scandal Players. The attorney for the ousted HP chairman fired back at public comments made by board rival about the HP pretexting scandal. [PC World: Latest Technology News] 7:20:30 PM

© Copyright 2007 Paul Hardwick. Last update: 3/4/07; 3:02:01 AM.