The Register Columnists

Dan Goodin

Contact Mail Follow RSS feed
The Register breaking news

Security mandates aim to shore up shattered SSL system

A consortium of companies has published a set of security practices they want all web authentication authorities to follow for their secure sockets layer certificates to be trusted by browsers and other software. The baseline requirements (PDF), published this week by the Certification Authority/Browser Forum, are designed to …
Dan Goodin, 17 Dec 2011
The Register breaking news

Adobe kills two actively exploited bugs in Reader

Adobe has released updates for its Reader and Acrobat applications that fix two vulnerabilities that attackers were exploiting to seize control of Windows-based machines. Version 9.4.7 of the programs fix two memory-corruption bugs that Adobe says are “being actively exploited in limited, targeted attacks in the wild” against …
Dan Goodin, 17 Dec 2011
The Register breaking news

Judge dismisses charges against accused Twitter stalker

A federal judge has dismissed a criminal case against a man charged with stalking a religious leader on Twitter on the grounds that the more than 8,000 messages he posted, some predicting her violent death, were protected by the US constitution. Thursday's ruling by US District Judge Roger W. Titus of Maryland was among the …
Dan Goodin, 16 Dec 2011
The Register breaking news

US spy drone hijacked with GPS spoof hack, report says

The US stealth drone broadcast last week on Iranian state television was captured by spoofing its GPS coordinates, a hack that tricked the bird into landing in Iranian territory instead of where it was programmed to touch down, The Christian Science Monitor reported. The 1700-word article cited an unnamed Iranian engineer who …
Dan Goodin, 15 Dec 2011
The Register breaking news

Visa probes reported security breach of card processor

Credit card issuer company Visa is investigating the possible breach of a payment processor in Europe that may have compromised more than 10,000 cards in Eastern Europe. In a statement issued on Thursday, according to IDG News, the issuer said: “Visa Europe has been informed of a potential data security breach at a European …
Dan Goodin, 15 Dec 2011
The Register breaking news

Feds charge eight former Siemens officials with bribery

US officials have charged more than a dozen former executives and contractors of Siemens of conspiring to spend $100 million in bribes to secure a $1 billion contract to produce national identity cards for Argentine citizens. A criminal indictment filed on Tuesday against eight former officials of the German industrial giant …
Dan Goodin, 15 Dec 2011
The Register breaking news

Newfangled graphics engine for browsers fosters data theft

Software developers at Google, Apple, Adobe, and elsewhere are grappling with the security risks posed by an emerging graphics technology, which in its current form could expose millions of web users' sensitive data to attackers. The technology, known as CSS shaders is designed to render a variety of distortion effects, such as …
Dan Goodin, 14 Dec 2011

SCADA vuln imperils critical infrastructure, feds warn

An electronic device used to control machinery in water plants and other industrial facilities contains serious weaknesses that allow attackers to take it over remotely, the US agency that safeguards the nation's critical infrastructure has warned. Some models of the Modicon Quantum PLC used in industrial control systems …
Dan Goodin, 14 Dec 2011
The Register breaking news

Espionage hack attack preys on chemical firms

More than two months after the discovery of an organized malware campaign targeting dozens of companies in the defense and chemical industries, the espionage hack attack shows no signs of letting up. According to a blog post published on Monday, the same group that targeted at least 38 companies between July and September is …
Dan Goodin, 12 Dec 2011
The Register breaking news

Malicious apps infiltrate Google's Android Market

Google security crews have tossed at least a dozen smartphone games out of the Android Market after discovering they contained secret code that caused owners to accrue expensive charges for text messages sent to premium numbers. The malicious apps, uploaded to the Google-hosted service by a developer named Logastrod, …
Dan Goodin, 12 Dec 2011
The Register breaking news

Windows Defender Offline: For PCs too hosed to go online

Microsoft has released a beta version of its Windows Defender antivirus tool that works even when computers are so badly infected that they are unable to fully access the internet. The program allows users to boot their sick machines from a CD, DVD or USB flash drive and use the most up-to-date definitions to fight the …
Dan Goodin, 09 Dec 2011
The Register breaking news

Four Romanians charged with hacking 150 Subway shops

Four Romanian nationals were charged with pocketing millions of dollars by hacking into the credit card processing systems of more than 200 businesses. The men remotely accessed point-of-sale systems of 150 Subway sandwich shops and 50 unnamed retailers and stealing credit card data for more than 80,000 customers, according to a …
Dan Goodin, 09 Dec 2011
The Register breaking news

Chrome is the most secured browser - new study

Google Chrome offers more protection against online attacks than any other mainstream browser, according to an evaluation that compares exploit mitigations, malicious link detection, and other safety features offered in Chrome, Internet Explorer, and Firefox. The 102-page report, prepared by researchers from security firm …
Dan Goodin, 09 Dec 2011
The Register breaking news

Digital certificate authority suspends ops following breach

Websites belonging to a Netherlands-based issuer of digital certificates were unavailable following reports hackers penetrated their security and accessed databases that should have been off limits. Dutch telecommunications giant KPN issued a statement (translation here) that said it temporarily shut the website of it's Gemnet …
Dan Goodin, 08 Dec 2011
The Register breaking news

Man fights felony hacking charge for accessing wife's email

A Michigan appeals court is trying to decide whether the state's anti hacking law should be invoked against a man who broke into his wife's Gmail account to see if she was having an affair. Leon Walker, 34, faces a maximum of five years in prison for using a shared family computer to read his wife's personal email after she …
Dan Goodin, 07 Dec 2011
The Register breaking news

Military contractor warns of new Adobe Reader exploit

Attackers are exploiting a vulnerability in the latest versions of Adobe Reader and Acrobat applications to hijack computers running Microsoft Windows, Adobe warned on Tuesday. The vulnerability, which corrupts memory involved with the U3D, or Universal 3D, file format, was reported by members of Lockheed Martin's computer …
Dan Goodin, 06 Dec 2011
The Register breaking news

Facebook security hole exposes Zuckerberg's privates

A security hole on Facebook has been exposing private pictures of countless users, including the Social Network's founder and CEO Mark Zuckerberg. A photo pilfering exploit posted to a bodybuilding.com forum on Monday included step-by-step instructions for viewing pictures designated as private by the Facebook users who posted …
Dan Goodin, 06 Dec 2011
The Register breaking news

Navy training mine washes ashore on Miami Beach

A portion of Miami Beach was evacuated on Monday following the discovery of a red and white cylinder that turned out to be a training mine belonging to the US Navy. Police cordoned off the area surrounding the 6-foot by 2-foot mine, which a Miami Fire Rescue spokesman said appeared to be live but not as explosive as a regular …
Dan Goodin, 06 Dec 2011
The Register breaking news

It's ba-ack. Exploit revives slain browser history bug

A Google researcher has resurrected an attack that allows website operators to steal the browsing history of visitors almost a year after all major browser makers introduced changes to close the gaping privacy hole. Proof-of-concept code recently posted by Google security researcher Michal Zalewski works against the majority of …
Dan Goodin, 05 Dec 2011
The Register breaking news

Carrier IQ VP: App on millions of phones not a privacy risk

More than 48 hours after a software developer posted evidence Carrier IQ monitored the key taps on more than 141 million smartphones, a company official has come forward to rebut the disturbing allegations. And he's provided enough technical detail to convince The Register the diagnostics software doesn't represent a privacy …
Dan Goodin, 02 Dec 2011
The Register breaking news

Does your smartphone run Carrier IQ? Find out here

The roster of confirmed smartphone manufacturers and network providers using the controversial Carrier IQ tracking software has grown to include Apple, AT&T, Sprint, HTC, and Samsung. Verizon, Nokia, and Research in Motion, meanwhile, have denied reports saying they employ it. In a statement that was widely reported on Thursday …
Dan Goodin, 01 Dec 2011
The Register breaking news

US Senator demands answers from Carrier IQ

Senator and former late-night funnyman Al Franken has called on Carrier IQ to explain why its diagnostic software, buried in the bowels of 141 million smartphones, isn't a massive violation of US wiretap laws. In a letter sent to Larry Lenhart, CEO and president of the Mountain View, California-based software maker, Franken …
Dan Goodin, 01 Dec 2011
The Register breaking news

Duqu attackers: master coders, Linux rookies

The Duqu malware that targeted industrial manufacturers around the world may have been spawned by a well-funded team of competent coders, but their command of Linux led to some highly amateur mistakes. According to a report published on Wednesday by researchers from Kaspersky Lab, the unknown attackers attempted a global …
Dan Goodin, 01 Dec 2011
The Register breaking news

Android glitch allows hackers to bug phone calls

Computer scientists have discovered a weakness in smartphones running Google's Android operating system that allows attackers to secretly record phone conversations, monitor geographic location data, and access other sensitive resources without permission. Handsets sold by HTC, Samsung, Motorola, and Google contain code that …
Dan Goodin, 30 Nov 2011
The Register breaking news

BUSTED! Secret app on millions of phones logs key taps

An Android app developer has published what he says is conclusive proof that millions of smartphones are secretly monitoring the key presses, geographic locations, and received messages of its users. In a YouTube video posted on Monday, Trevor Eckhart showed how software from a Silicon Valley company known as Carrier IQ …
Dan Goodin, 30 Nov 2011