Slashdot

alphadogg writes "Cisco has finally publicly acknowledged it won't add support for new third-party devices to its security information and event monitoring appliance, ending months of speculation about the future of its Monitoring, Analysis and Response System. Some claim it's the beginning of the end for MARS as a multi-vendor SIEM device. 'MARS customers can expect non-Cisco network device data and signature updates to continue for currently supported third-party systems, but no new third-party devices will be added,' Cisco declared in a statement, noting that 'Cisco MARS continues to focus on supporting Cisco devices for threat identification and mitigation.' Cisco's SIEM competitors this week have eagerly grabbed at the topic of Cisco MARS freezing third-party support because of a Gartner research memo published Oct. 29 in which analyst Mark Nicolett stated, 'Cisco has quietly begun informing its customers of a decision to freeze support for most non-Cisco event sources with its [MARS].'"

Trailrunner7 writes "Two separate bills that would require organizations to notify consumers when their personal information has been compromised have made their way out of committee in the Senate, a critical step toward the creation of a national data-breach notification bill. But the Data Breach Notification Act, S.139, exempts federal agencies and other organizations subject to the bill from disclosing a breach if the data involved in the breach was encrypted. This is a clause that has caused some controversy, as some experts say that simply encrypting data does not render it useless. Also, S.139 would grant an exemption for data that 'was rendered indecipherable through the use of best practices or methods, such as redaction, access controls, or other such mechanisms, that are widely accepted as an effective industry practice, or an effective industry standard.' That is a very broad exemption that could become a sticking point as the bill moves along. The terms 'access controls' and 'other such mechanisms' encompass a huge number of technologies."

Hugh Pickens writes "Evidence that the smell of fear is real was uncovered by US scientists last year who studied the underarm secretions of 20 terrified novice skydivers and found that people appear to respond unconsciously to the sweat smell of a frightened person. Now the Telegraph reports that researchers hope a 'fear detector' will make it possible to identify individuals at check points who are up to no good. 'The challenge lies in the characterization and identification of the specific chemical that gives away the signature of human fear, especially the fear in relation to criminal acts,' says Professor Tong Tun at City University London, who leads the team developing security sensor systems that can detect the human fear pheromone. The project will look at potential obstacles to the device, such as the effects of perfume and the variances in pheromone production and if the initial 18-month feasibility study is successful, the first detectors could be developed in the next two to three years. 'I do not see any particular reason why similar sensor techniques cannot be expanded to identify human smells by race, age or gender to build a profile of a criminal during or after an incident,' Tong added."

Trinity writes "Researchers from VUPEN have discovered critical vulnerabilities in Adobe Shockwave, a technology installed on over 450 million Internet-enabled desktops. The vulnerabilities could allow remote code execution by tricking a user into visiting a web page using Internet Explorer or even Mozilla Firefox. Version 11.5.1.601 as well as earlier ones are affected. The vendor recommends upgrading to version 11.5.1.602." Especially sobering when you consider Adobe's current push to be essentially required as an intermediary player for anyone who wants to see certain government data.

jamie writes with news of a Facebook app developer who found a significant security hole while he was trying to get around function limitations for his application. Quoting: "Luckily — just with browser AJAX requests — a flash application hosted on domain X is unable to open a file on domain Y. If this would be possible, domain X [would be] able to access content on domain Y, and when the user is logged in on domain Y retrieve and post back any personal data. In certain cases this could limit a Flash application's capabilities. ... To resolve such issues, Adobe (Flash's developers) introduced a 'crossdomain.xml' file which could allow certain domains to access another domain, leading to cross-domain access by certain or all domains. While indeed Facebook locked the front door from any non-Facebook domain access via Flash, a simple subdomain change allowed any flash application (domain="*") to access its domain data." He found a similar problem in MySpace's crossdomain.xml. Both sites were notified, and they have implemented fixes.

imbaczek writes "The SSL 3.0+ and TLS 1.0+ protocols are vulnerable to a set of related attacks which allow a man-in-the-middle (MITM) operating at or below the TCP layer to inject a chosen plaintext prefix into the encrypted data stream, often without detection by either end of the connection. This is possible because an 'authentication gap' exists during the renegotiation process, at which the MitM may splice together disparate TLS connections in a completely standards-compliant way. This represents a serious security defect for many or all protocols which run on top of TLS, including HTTPS."

ceswiedler writes "In Tuesday's election voters in Takoma Park, MD used a new cryptographic voting system designed by David Chaum with researchers from several universities including MIT and the University of Maryland. Voters use a special ink to mark their ballots, which reveals three-digit codes which they can later check against a website to verify their vote was tallied. Additionally, anyone can download election data from a Subversion repository and verify the overall accuracy of the results without seeing the actual choices of any individual voter."

remolacha writes "I've been given the task of tech chief for a biggish art museum (1,300 m^2, or about 13,000 sq ft) in Spain. The museum's designers want 20 'terminals' that will offer on-demand video and interactive content. The terminals' content will change with the exhibits; many will have touchscreens. More interesting forms of input are planned as well (floor sensors, big buttons). It's all on one floor, and the floors are raised, so I can run cabling and set up floor ethernet jacks. Max cable run is 60m / 190ft. The museum may expand to 4 times its projected size once open, by comandeering other floors in the building. To give an idea of where the designers heads are, they were talking about a massive DVD changer in a closet somewhere. I am thinking an intranet running a web server with a CMS and Flash media server, terminals running Firefox in kiosk mode. I'd love to do everything on Linux. Does anyone have experience with a setup like this, better ideas, or advice?"

m2pc writes "PayPal has just announced the availability of their Open API under the 'PayPal X Program.' This enables developers to integrate PayPal payment processing services without forcing users to redirect to PayPal's website to enter payment information. This new initiative is designed to allow the company to better compete with the likes of Google and Amazon, which offer similar services. I wonder how much they paid for their domain: x.com?"

clang_jangle writes with this excerpt from The Inquirer outlining Comcast's new traffic-throttling scheme, based on information from Comcast's latest FCC filing. "Its network throttling implements a two-tier packet queueing system at the routers, driven by two trigger conditions. Comcast's first traffic throttling trigger is tripped by using more than 70 per cent of your maximum downstream or upstream bandwidth for more than 15 minutes. Its second traffic throttling trigger is tripped when the Cable Modem Termination System you're hooked-up to – along with up to 15,000 other Comcast subscribers – gets congested, and your traffic is somehow identified as being responsible. Tripping either of Comcast's high bandwidth usage rate triggers results in throttling for at least 15 minutes, or until your average bandwidth utilisation rate drops below 50 per cent for 15 minutes."