Government - Page 34

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

Navigating Open-Source Security Risks: The Pursuit of Memory Safety in Open-Source Software

Government agencies are drawing attention to an issue plaguing open-source communities: memory-unsafe languages. A study entitled "Exploring Memory Safety in Critical Open Source Projects," led by prominent cybersecurity bodies, reveals some severe r...
Jun 27, 2024
  0

German State Abandons Microsoft for Linux and LibreOffice

The German state, Schleswig-Holstein, has decided to mo...
Apr 05, 2024
  0
5.ShakingHands Esm H115

White House Warns: Move to Memory-Safe Languages

The Office of the National Cyber Director (ONCD) emphas...
Mar 04, 2024
  0
4.Lock AbstractDigital Esm H115

Discover Government News

GAO: Security Accreditation Program a Tough Sell

GAO: Security Accreditation Program a Tough Sell

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The federal government's program for testing and accrediting the security of commercial technology has not been proven a success, according to a report by the Government Accountability Office. The National Information Assurance Partnership (NIAP), which is sponsored by the National Security Agency and the National Institute of Standards and Technology, was created to make it easier for agencies to find products that meet basic industry standards for security.

CYBEREYE: Security: Lots Of Lessons, Nothing Learned

CYBEREYE: Security: Lots Of Lessons, Nothing Learned

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The issues of personal data security and identity theft broke into the national consciousness a year ago, when Choice-Point reported that thieves had established accounts with the data broker to obtain sensitive information on 145,000 people. Outrage was immediate, but the problem has persisted. Despite congressional hearings, a plethora of federal bills and the passage of laws in at least 22 states, data on more than 53 million people was stolen, lost or exposed in 121 more incidents over the next year, according to the Privacy Rights Clearinghouse. By far the largest exposure was at payment processor CardSystems Solutions Inc., which effectively was put out of business after data on 40 million people was hacked.

US turns to tech to shore up its ports

US turns to tech to shore up its ports

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Airport screeners are using new technology to find explosives instead of hunting for tweezers, Department of Homeland Security secretary Michael Chertoff said on Friday. Locked and armoured cockpit doors and air marshals on planes are part of a switch in main security concern from hijackers to people who might want to blow up airplanes, Chertoff said in a speech at an event in San Francisco hosted by the Commonwealth Club. He said: "The things we're really worried about are explosives." Airport screeners are being retrained "to move them away from looking for things like nail clippers to more sophisticated chemicals and detonating devices".

Security: A Continuing Federal Challenge

Security: A Continuing Federal Challenge

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The latest FISMA scorecards are out, with the grades for different agencies' efforts in the computer security arena. Amazingly, the overall grade--for all 24 major agencies in the federal government--has moved not a notch. Last year's D+ remains intact. For those who may be new to FISMA Fun, it works more or less like this: the General Accounting Office (GAO) and the Office of Management and Budget (OMB) ask each major agency's Inspector General (IG) to submit an independent report about computer security based on numerous guidelines and scoring criteria.

NIST sets FISMA Standards For Federal IT Systems

NIST sets FISMA Standards For Federal IT Systems

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The National Institute of Standards and Technology has released the final standard for securing agency computer systems under the Federal Information Security Management Act. Federal Information Processing Standard 200 [1] sets minimum security requirements for federal systems in 17 security areas. It is the third of three publications required from NIST under FISMA, which requires executive branch agencies to establish consistent, manageable IT security programs for non-national security systems. The intent of FISMA is to implement risk-based processes for selecting and implementing security controls.

How To Legislate Against Hackers

How To Legislate Against Hackers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Everyone is in favour of sending hackers to prison for longer, but technology commentator Bill Thompson wonders if our MPs are competent to make good cyber-laws. If all goes to plan and the fuss over ID cards and school governance does not derail the parliamentary timetable, then we will soon have a new Police and Justice Act.

Federal Budget For 2007 To Boost Cybersecurity

Federal Budget For 2007 To Boost Cybersecurity

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Although President Bush's proposed budget for fiscal 2007 (starting Oct. 1, 2006) increases spending for key cybersecurity programs, it is not clear how that money would be spent, raising concerns in the information security industry. One of the biggest security-related boosts would be a $35 million infusion to the "critical infrastructure outreach and partnerships" initiative within the Department of Homeland Security. The goal of that effort is to increase cooperation and information sharing among DHS, state and local governments and infrastructure providers. Thirty million dollars of that allocation would go toward implementing partnership plans for private industry verticals like information technology, finance and electrical utilities.

Computer Ills Hinder NSA

Computer Ills Hinder NSA

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Two technology programs at the heart of the National Security Agency's drive to combat 21st-century threats are stumbling badly, hampering the agency's ability to fight terrorism and other emerging threats, current and former government officials say. One is Cryptologic Mission Management, a computer software program with an estimated cost of $300 million that was designed to help the NSA track the implementation of new projects but is so flawed that the agency is trying to pull the plug. The other, code-named Groundbreaker, is a multibillion-dollar computer systems upgrade that frequently gets its wires crossed.

IRS Needs To Tighten Security Settings: TIGTA

IRS Needs To Tighten Security Settings: TIGTA

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The IRS has not consistently maintained the security settings it established and deployed under a common operating environment (COE), resulting in a high risk of exploitation for some of its computers, according to the Treasury Department’s inspector general for tax administration.

State Launches e-Passports, Rejects Security Concerns

State Launches e-Passports, Rejects Security Concerns

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The State Department started pilot production of electronic passports earlier this month and plans to roll out e-passports for the general public this summer, officials said. The senior official in charge of the project also said that technical issues raised recently about e-passport security would not prevent the general distribution of the documents.

Federated Identity Can Transform e-Government

Federated Identity 'Can Transform e-Government'

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Leading public sector IT bosses have told silicon.com they would welcome moves by the UK government to adopt federated identity in order to provide the public with faster, more efficient access to online services. But one expert believes the government has been too preoccupied with the controversial ID cards project to consider such as solution.

Secure Or Not, RFID Tag Adoption Is In The Cards

Secure Or Not, RFID Tag Adoption Is In The Cards

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

You manage a heterogeneous network and want to provide different Quality of Service agreements and network restrictions based on the client operating system. With pf and altq, you can now limit the amount of bandwidth available to users of different operating systems, or force outbound web traffic through a transparent filtering proxy. This article describes how to install pf, altq, and Squid on your FreeBSD router and web proxy to achieve these goals.

Locking down Americas Net defenses

Locking down America's Net defenses

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

We'll soon find out, says Andy Purdy, acting director of the National Cyber Security Division of the Department of Homeland Security. Last week, Purdy oversaw the first large-scale mock cyberattack, aimed at gauging the nation's readiness to handle computer-based threats to critical infrastructure. The weeklong exercise, dubbed "Cyber Storm," came three years after the Bush administration signed off on the National Strategy to Secure Cyberspace. Results of the exercise will be made public this summer.

U.S. Government to Survey Businesses on Cyber-Crime

U.S. Government to Survey Businesses on Cyber-Crime

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The U.S. government said Feb. 9 it will launch its first national survey to estimate how much cyber-crime is costing American businesses. The Justice Department and the Department of Homeland Security will try to measure the number of cyber-attacks, frauds and thefts of information and the resulting losses during 2005, officials said in a statement. The survey, to be completed by year-end, will collect information about the nature and extent of computer security violations, the monetary costs, types of offenders and computer security measures now used by companies.

Members of secretive group indicted in piracy plot

Members of secretive group indicted in piracy plot

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A group of cyber-pirates stole copyrighted software, games and movies in what law enforcement authorities on Wednesday termed a "massive" theft for their own pleasure, not profit. The indictments were announced by U.S. Attorney Patrick Fitzgerald in Chicago against 19 members of the underground piracy group known as "RISCISO," led by Sean O'Toole, 26, of Perth, Australia. Another member of the group implicated in the FBI's investigation, dubbed "Operation Jolly Roger," was Linda Waldron, 57, of Barbados. Extradition will be sought for both.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved