Government - Page 39 - Results from #760

Discover Government News

India to conduct IT security audit

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

India's IT industry body, the National Association of Software and Services Companies (Nasscom), is preparing a security audit of its 860 member companies to ensure that the flow of outsourcing work from the UK and US isn't halted by fears over privacy and data protection. The news follows an announcement that India's software industry is now the country's single biggest source of export revenue, accounting for revenues of nearly $13bn (£7bn). . . .

Anthony Pell
Aug 25, 2004

E-Vote Machine Certification Criticized

The three companies that certify the nation's voting technologies operate in secrecy, and refuse to discuss flaws in the ATM-like machines to be used by nearly one in three voters in November. Despite concerns over whether the so-called touchscreen machines can be trusted, the testing companies won't say publicly if they have encountered shoddy workmanship. . . .

Anthony Pell
Aug 24, 2004

NIST makes lists

A program that experts have said is the missing piece in federal efforts to promote secure computing will be ready later this year. Officials at the National Institute of Standards and Technology announced that a security configuration checklists program for information technology products, including a logo that vendors can put on their wares, is on track for completion before the end of 2004. . . .

Anthony Pell
Aug 20, 2004

Innovation Center Nurtures Newborn Security Companies

Sitting in a glass-walled conference room first thing Monday morning, executives from a dozen start-up companies were given the local tech equivalent of a buried treasure map: a detailed presentation by the Department of Homeland Security on how to win grants and sell it products. Later the fortunate entrepreneurs took turns making individual pitches to the agency's representatives. . . .

Anthony Pell
Aug 19, 2004

Identity, Identifiers and Identity Fraud

Recently the press and the public policy makers have begun to speak of "Identity Theft" as though it was a novel concept requiring severe new legislation. These laws are likely to put significant new burdens on business. While most identity theft problems originate via plain old "snail mail", the discussion these days is all about the Internet. The sponsors of the legislation point to exponential growth in the problem as justification for these laws. . . .

Anthony Pell
Aug 18, 2004

US Emergency Alert System open to hack attack

The US Emergency Alert System (EAS) that lets officials instantly interrupt radio and TV broadcasts to provide emergency information in a crisis suffers from security holes that leave it vulnerable to denial of service attacks, and could even permit hackers to issue their own false regional alerts, federal regulators acknowledged Thursday. . . .

Anthony Pell
Aug 13, 2004

IT departments must cope with Patriot Act, university CIO says

IT groups can minimize the potential disruptions of Patriot Act investigations by taking the lead on campus to pull together legal counsel, administration, and faculty to craft a clear process for handling investigations that will become more common, says Peter Siegel, CIO at University of Illinois at Urbana Champaign. . . .

Anthony Pell
Aug 04, 2004

Are P2P networks leaking military secrets?

A new Web log is posting what it purports are pictures, documents and letters from U.S. soldiers and military bases in Iraq and elsewhere--all of which the site's operator claims to have downloaded from peer-to-peer networks such as Gnutella. . . .

Anthony Pell
Jul 30, 2004

Report: Private Sector Too Wary Of Sharing Security Information

The Department of Homeland Security and private industry aren't doing enough to exchange information related to threats to critical infrastructure such as IT and telecom networks, the banking system, or the food supply, a report issued Tuesday finds. . . .

Anthony Pell
Jul 28, 2004

Energy halts use of classified discs, drives

LS: Would it be inappropriate to look at this as a perfect example of the dangers inherent in the lack of risk-based security analysis? If Sandy Berger visited the DoE, they'd probably have to shut down for a year. This overreaction (hard disks with classified info cannot be used?) is an invitation to DoS the DoE by simply 'misplacing' something. It is also dangerous: a positive incentive for employees to not report theft of classified information. Simply put, if the data is that valuble, it should be encrypted and impossible to read without passing some strong authentication, including some sort of challenge-response. If it -is- that encrypted, the thief might as well format the Zip disks and use them for data storage for all the good it would do. This response demonstrates eloquently that the DoE's take on data security is, at best, reactive. . . .

Anthony Pell
Jul 27, 2004

Cybersecurity experts wanted

New worries about national cybersecurity are prompting government officials to press colleges for rigorous curricula that train future cyberprotectors. More educational programs, and up-to-date classes that adapt quickly to new needs in cybersecurity, were among suggestions at a hearing in the House Science Committee Wednesday. Sherwood Boehlert (R-New York) chaired the discussion just before release of the 9/11 Commission's report. . . .

Anthony Pell
Jul 26, 2004

E-mail security problems reported at Los Alamos National Lab

Security troubles continue at the Los Alamos National Laboratory, where officials have confirmed that workers recently sent out an undisclosed number of classified e-mails over a nonsecure e-mail system. The new disclosure comes less than two weeks after the New Mexico-based lab announced that two removable computer disks containing classified nuclear weapons data were missing. . . .

Anthony Pell
Jul 22, 2004

Bookies extortion gang caught

Members of a Russian criminal gang which tried to blackmail British bookmakers by disabling their websites have been arrested. Three men were seized in Russia after a police operation involving specialist crime units from Britain, Russia and four other countries. . . .

Anthony Pell
Jul 21, 2004

The outsourcing hole

The problem they face is that the vendors on which the military has become dependent are sending much of their software development work overseas to cut costs. Offshoring may make economic sense for the companies, but the security ramifications are starting to raise red flags for Congress, the Pentagon and some vendors. . . .

Anthony Pell
Jul 20, 2004

IRS admits security flaw

Private contractors revamping IRS computers committed security violations that significantly increased the possibility that private taxpayer information might be disclosed, Treasury Department inspectors say. An investigation by the department's inspector general for tax administration found that employees working for contractors or an experienced hacker could use the contractors' computers to gain access to taxpayer data . . .

Anthony Pell
Jul 20, 2004

GCHQ code challenge cracked by internet chatterers

The Government's intelligence communications headquarters, GCHQ, is being foiled by a silent enemy in its attempt to attract potential recruits. GCHQ, which employs more than 4,000 of Britain's brightest minds, set a fiendishly difficult cryptic challenge on its recruitment website, testing mathematical prowess and intelligence. However, the spooks have been beaten by the power of the internet. . . .

Anthony Pell
Jul 14, 2004

NIST helps on security budgets

Agency officials struggling to include information-security outlays in their budget requests may find help in a publication released today by the National Institute of Standards and Technology. The draft document, NIST Special Publication 800-65, presents seven steps to ensure that information technology budget requests meet the requirements of the Federal Information Security Management Act of 2002. . . .

Anthony Pell
Jul 12, 2004

E-voting security: looking good on paper?

The voter's paper receipt has become the security idée fixe of DRE skeptics, and a shibboleth identifying those who are on the 'right' side of the debate. This is because the paper trail is a concept easily understood and conveniently communicated. It also likely derives much appeal from the fact that it involves an object that one can hold in one's hand and examine, unlike the results of a strictly electronic process. But it's far more security blanket than security measure. At the moment, there is so much wrong with DRE security that the paper record has become a harmful distraction. . . .

Anthony Pell
Jul 07, 2004

Homeland Security Rapped On Wireless Security

LS: While Federally mandated security practices are probably unavoidable in the future, they have not lived up to their own ideals:The Department of Homeland Security's Office of Inspector General contends the department has failed to establish adequate security controls over its wireless network. . . .

Anthony Pell
Jul 02, 2004

Campaign Sites Lack Security

George W. Bush and John Kerry may be tied in the polls, but Bush appears to be well ahead of Kerry in the number of security holes on his official campaign website. . . .

Anthony Pell
Jun 30, 2004

Government - Page 39

Navigating Open-Source Security Risks: The Pursuit of Memory Safety in Open-Source Software

German State Abandons Microsoft for Linux and LibreOffice

White House Warns: Move to Memory-Safe Languages