An anonymous reader writes "Salesforce.com has finally acknowledged what security experts have suspected for weeks: that a Salesforce.com employee had his company credentials stolen in a phishing scam, and criminals have been using names and e-mail addresses from Salesforce's customer list to conduct other highly targeted phishing attacks, including the recent round of fake e-mails apparently from the Federal Trade Commission." In such hightly targeted attacks, the AV companies are at a loss — they have little chance of quickly developing signatures for threats that only reach a few thousand victims.Read more of this storyat Slashdot.

  miller60 writes "Microsoft is planning a huge new data center in the Chicago area, as it continues to expand its Internet infrastructure in an effort to keep pace with Google in web-based services. The new facility in Northlake, Ill. may cost more than $500 million and is expected to span 440,000 square feet. Microsoft opened a 470,000 square foot data center in Quincy, Washington earlier this year, and is building a similar facility in San Antonio. Microsoft has also submitted plans for a $500 million data center campus in Dublin, Ireland."Read more of this storyat Slashdot.

  narramissic writes "Red Hat has signed on to Sun's OpenJDK project and agreed to coordinate its own Java development efforts for Linux with the project. Red Hat will align the work it has done on IcedTea (its own implementation of some parts of the Java SE JDK) with OpenJDK. As part of its participation in OpenJDK, Red Hat will eventually create a compatible OpenJDK implementation for its Enterprise Linux distribution and will also use OpenJDK to create a runtime for its JBoss Enterprise Middleware that is optimized for a Linux environment."Read more of this storyat Slashdot.

  os2man writes "Qmail is one of the most widely used MTAs on the Net and has a solid reputation for its level of security. In 'Some thoughts on security after ten years of qmail 1.0' (PDF), Daniel J. Bernstein, reviews the history and security-relevant architecture of qmail; articulates partitioning standards that qmail fails to meet; analyzes the engineering that has allowed qmail to survive this failure; and draws various conclusions regarding the future of secure programming. A good read for anyone involved in secure development."Read more of this storyat Slashdot.

  An anonymous reader writes "Leopard's Finder has a glaring bug in its directory-moving code, leading to horrendous data loss if a destination volume disappears while a move operation is in progress. This author first came across it when Samba crashed while he was moving a directory from his desktop over to a Samba mount on his FreeBSD server."Read more of this storyat Slashdot.

  CorinneI writes "Your business's private information may not be as safe as you think — especially when you take into account how many people pass through your office's revolving door on a daily basis. That's why many companies hire TraceSecurity employees to test the security of their systems — operations that usually involve TraceSecurity personnel talking their way into offices in order to gain access to server rooms and sensitive customer information. PC Magazine was invited along to cover a recent TraceSecurity operation."Read more of this storyat Slashdot.

  sea_stuart writes "Like your ADSL connection to go 100 times faster? Despite the grim state of Australian mathematics and science, there is still exciting original work being done Down Under. John Papandriopoulos, a Research Fellow with the ARC Special Research Centre for Ultra-Broadband Information Networks (CUBIN) has developed a method to reduce crosstalk interference in ADSL technologies to bring speeds up the theoretical maxima possible. With an Australian Federal election due in a few weeks, and both parties promising improved broadband speeds and access, this is a welcome development, hopefully enabling higher speeds without huge expenses."Read more of this storyat Slashdot.

  Al writes "A group from Newcastle University has released work that significantly improves the Draw-A-Secret method of creating passwords. The basic concept behind Draw-a-Secret is that humans excel at image recognition and memory, so 'passwords' should be designed to leverage that ability. The people behind the new work have refined the technique by parsing the shapes with a flexible grid and using existing images as a background to reinforce memory of the password. Imagine having your password be a graffiti-laden alteration of your favorite politicians campaign photo..."Read more of this storyat Slashdot.

  Tech.Luver writes "A man from New Jersey has been sentenced to more than two years in prison for sending more than a million spam messages to AOL users. 'Todd Moeller was sentenced ... after he was caught making a deal with a government informant to send junk e-mails advertising a computer security program in return for 50 percent of the profits ... Moeller told the informant via instant messaging he could conceal the source of the e-mails through his access to 40 different servers and had profited $40,000 a month from other spam e-mail scams that promoted stocks, prosecutors said.'"Read more of this storyat Slashdot.

  mariushm writes "According to the Register, the Chicago-based colocation datacenter C I Host was attacked by armed intruders recently, making it the the fourth time in two years that armed thugs have made off with data. According to a letter C I Host officials sent customers, 'At least two masked intruders entered the suite after cutting into the reinforced walls with a power saw ... During the robbery, C I Host's night manager was repeatedly tazered and struck with a blunt instrument. After violently attacking the manager, the intruders stole equipment belonging to C I Host and its customers.' Aggravating the situation, C I Host representatives took several days to admit the most recent breach, according to several customers who said they lost equipment, all the while reporting the problems as 'router failures'."Read more of this storyat Slashdot.

  An anonymous reader writes "The site 12 Angry Men recently published a discussion of a widely used but little-known online scam called 'cross-selling'. Essentially, after-sale shops cut deals with shady online retailers in an attempt to make a quick buck off of you after you've already bought something. 'What actually happens is that instead of linking to the site as a separate session, they link internally as another page in the same session. Why is this important? When you do a credit card transaction, any reputable company will attempt to protect your credit card data. They do this by establishing an SSL session to encrypt sensitive data on-line.' What makes everything even more interesting is that now the company has responded, with the usual white washing and meaningless statements."Read more of this storyat Slashdot.

  An anonymous reader writes "Peter Dengate-Thrush, a New Zealand lawyer, has been elected unanimously as the new Chairman of the Board of the Internet Corporation for Assigned Names and Numbers. "I am delighted that my colleagues have placed their confidence in me for this challenging and important role," Dengate Thrush said. Peter practices civil litigation, specializing in intellectual property, competition, and Internet law. He has been involved in ICANN since its inception. As a member of the Boston Working Group, he provided comment in 1998 on the early drafts of the ICANN bylaws, and he co-chaired one of the pre-formation meetings of the Intellectual Property Constituency in Wellington, New Zealand."Read more of this storyat Slashdot.

  narramissic writes "In his keynote speech at the Communist Party Congress in October China's president Hu Jintao was specific in his references to one area of IT: defense. 'We must build strong armed forces through science and technology. To attain the strategic objective of building computerized armed forces and winning IT-based warfare, we will accelerate composite development of mechanization and computerization, carry out military training under IT-based conditions, modernize every aspect of logistics, intensify our efforts to train a new type of high-caliber military personnel in large numbers and change the mode of generating combat capabilities.'"Read more of this storyat Slashdot.

  jfruhlinger writes "JavaScript has become a crucial part of Websites built on AJAX underpinnings, which makes the upcoming revision to the ECMAScript standard crucial for the future of the Web. But in today's browser environment, no one vendor can impose an update path — which may set things up for a nasty conflict. A fight is being fought on blogs between Mozilla Chief Technology Officer (and creator of JavaScript) Brendan Eich, who wants to the new ECMAScript standard to be a radical upgrade, and Chris Wilson, architect of MS's IE team, who would rather keep JavaScript as is and put new functionality into a brand-new language."Read more of this storyat Slashdot.