Al writes "A group from Newcastle University has released work that significantly improves the Draw-A-Secret method of creating passwords. The basic concept behind Draw-a-Secret is that humans excel at image recognition and memory, so 'passwords' should be designed to leverage that ability. The people behind the new work have refined the technique by parsing the shapes with a flexible grid and using existing images as a background to reinforce memory of the password. Imagine having your password be a graffiti-laden alteration of your favorite politicians campaign photo..."Read more of this storyat Slashdot.

  Tech.Luver writes "A man from New Jersey has been sentenced to more than two years in prison for sending more than a million spam messages to AOL users. 'Todd Moeller was sentenced ... after he was caught making a deal with a government informant to send junk e-mails advertising a computer security program in return for 50 percent of the profits ... Moeller told the informant via instant messaging he could conceal the source of the e-mails through his access to 40 different servers and had profited $40,000 a month from other spam e-mail scams that promoted stocks, prosecutors said.'"Read more of this storyat Slashdot.

  mariushm writes "According to the Register, the Chicago-based colocation datacenter C I Host was attacked by armed intruders recently, making it the the fourth time in two years that armed thugs have made off with data. According to a letter C I Host officials sent customers, 'At least two masked intruders entered the suite after cutting into the reinforced walls with a power saw ... During the robbery, C I Host's night manager was repeatedly tazered and struck with a blunt instrument. After violently attacking the manager, the intruders stole equipment belonging to C I Host and its customers.' Aggravating the situation, C I Host representatives took several days to admit the most recent breach, according to several customers who said they lost equipment, all the while reporting the problems as 'router failures'."Read more of this storyat Slashdot.

  An anonymous reader writes "The site 12 Angry Men recently published a discussion of a widely used but little-known online scam called 'cross-selling'. Essentially, after-sale shops cut deals with shady online retailers in an attempt to make a quick buck off of you after you've already bought something. 'What actually happens is that instead of linking to the site as a separate session, they link internally as another page in the same session. Why is this important? When you do a credit card transaction, any reputable company will attempt to protect your credit card data. They do this by establishing an SSL session to encrypt sensitive data on-line.' What makes everything even more interesting is that now the company has responded, with the usual white washing and meaningless statements."Read more of this storyat Slashdot.

  An anonymous reader writes "Peter Dengate-Thrush, a New Zealand lawyer, has been elected unanimously as the new Chairman of the Board of the Internet Corporation for Assigned Names and Numbers. "I am delighted that my colleagues have placed their confidence in me for this challenging and important role," Dengate Thrush said. Peter practices civil litigation, specializing in intellectual property, competition, and Internet law. He has been involved in ICANN since its inception. As a member of the Boston Working Group, he provided comment in 1998 on the early drafts of the ICANN bylaws, and he co-chaired one of the pre-formation meetings of the Intellectual Property Constituency in Wellington, New Zealand."Read more of this storyat Slashdot.

  narramissic writes "In his keynote speech at the Communist Party Congress in October China's president Hu Jintao was specific in his references to one area of IT: defense. 'We must build strong armed forces through science and technology. To attain the strategic objective of building computerized armed forces and winning IT-based warfare, we will accelerate composite development of mechanization and computerization, carry out military training under IT-based conditions, modernize every aspect of logistics, intensify our efforts to train a new type of high-caliber military personnel in large numbers and change the mode of generating combat capabilities.'"Read more of this storyat Slashdot.

  jfruhlinger writes "JavaScript has become a crucial part of Websites built on AJAX underpinnings, which makes the upcoming revision to the ECMAScript standard crucial for the future of the Web. But in today's browser environment, no one vendor can impose an update path — which may set things up for a nasty conflict. A fight is being fought on blogs between Mozilla Chief Technology Officer (and creator of JavaScript) Brendan Eich, who wants to the new ECMAScript standard to be a radical upgrade, and Chris Wilson, architect of MS's IE team, who would rather keep JavaScript as is and put new functionality into a brand-new language."Read more of this storyat Slashdot.

  Hugh Pickens writes "People possess a remarkable ability for recalling pictures and researchers at Newcastle University are exploiting this characteristic to create graphical passwords that they say are a thousand times more secure than ordinary textual passwords. With Draw a Secret (DAS) technology, users draw an image over a background, which is then encoded as an ordered sequence of cells. The software recalls the strokes, along with the number of times the pen is lifted. If a person chooses a flower background and then draws a butterfly as their secret password image onto it, they have to remember where they began on the grid and the order of their pen strokes. The "passpicture" is recognized as identical if the encoding is the same, not the drawing itself, which allows for some margin of error as the drawing does not have to be re-created exactly. The software has been initially designed for handheld devices such as iPhones, Blackberry and Smartphone, but could soon be expanded to other areas. "The most exciting feature is that a simple enhancement simultaneously provides significantly enhanced usability and security," says computer scientist Jeff Yan."Read more of this storyat Slashdot.

  Kenny A. writes "Multiple news organisations are reporting on an in-the-wild Mac OS X malware attack that uses porn lures to plant phishing Trojans on Mac machines. The attack site attempts to trick users into download a disk image (.dmg) file disguised as a codec that's required for viewing the video. If the Mac machine's browser is set to to open 'Safe' files after downloading, the .dmg gets mounted and the Installer is launched. The target must click through a series of screens to become infected but once the Trojan is installed, it has full control of the machine."Read more of this storyat Slashdot.

  holy_calamity writes "Swiss researchers have developed java software that has bluetooth-capable camera phones form a distributed camera network. Each phone shares information on visual events with its neighbours and can work out the spatial position of phones around it (pdf). The software will become open source sometime next year, and the creators say it could be used to make a quick and dirty surveillance system. 'The phones currently use the average speed people walk to guess the distances between themselves, based on how long people take to move from one phone's view to another's. In testing, the system determined the distances between each phone with about 95% accuracy. They were placed 4 metres apart, making it accurate to about 20 centimetres. In future, recording the speed at which objects pass by would make more accurate judgments possible.'"Read more of this storyat Slashdot.

  gooman writes "The LA Times reports on a proposal to secretly scan suspects' hard drives which is causing unease in a nation with a history of official surveillance. Along with several other European countries, Germany is seeking authority to plant secret Trojan viruses into the computers of suspects that could scan files, photos, diagrams and voice recordings, record every keystroke typed and possibly even turn on webcams and microphones in an attempt to gain knowledge of attacks before they happen."Read more of this storyat Slashdot.

  BaCa writes with a link indicating that a survey of white collar US workers shows that something like a third of all employees break IT policies. Of those, almost a sixth actually used P2P technologies from their work PCs. Overall, the survey indicates workers aren't overly concerned about any kind of security: "The telephone survey found that 65% of white-collar professionals are either not very concerned or not concerned at all about their privacy when using a workplace computer. A surprising 63% are not very concerned or are not concerned at all about the security of their information while at work. Additionally, most employees have the misconception that these behaviors pose little to no risk to their companies."Read more of this storyat Slashdot.

  Stony Stevenson writes "Google on Tuesday confirmed it is giving Gmail a new look. This blog post has screenshots of a new Gmail interface that has been made available to a limited number of users. They are calling it "Gmail 2.0" even if Google isn't. Google confirmed the update is underway at its new San Francisco office, just prior to a briefing on an unrelated upcoming Google announcement. A Google spokesperson said that the new look has been made available to about one percent of all Gmail users and is being rolled out the rest on an ongoing basis."Read more of this storyat Slashdot.

  Google85 writes in with a brief Enquirer piece reporting on an announcement on a German site that SlySoft claims to have cracked BD+, the extra copy-protection layer in Blu-ray. Here is the German original.Read more of this storyat Slashdot.