Feeds

Articles about Audit

TrueCrypt

TrueCrypt audit: Probe's nearly all the way in ... no backdoor hit yet

The first phase of crowd-funded audit of TrueCrypt has turned up several vulnerabilities, but nothing particularly amiss and certainly nothing that looks like a backdoor. iSEC Partners, which was contracted to carry out the audit by the Open Crypto Audit Project (OCAP), ‪found‬ 11 vulnerabilities in the full disk and file …
John Leyden, 15 Apr 2014
TrueCrypt

TrueCrypt audit project founder: 'We've set our sights high'

A TrueCrypt audit project has uncovered a well of technical support with its plans to publicly audit the widely used disk and file encryption utility for the first time. TrueCrypt is a widely used utility that encrypts and decrypts entire drives, partitions or files within a virtual disk. The tool can also hide volumes of data …
John Leyden, 18 Nov 2013
TrueCrypt

Crowdfunded audit of 'NSA-proof' encryption suite TrueCrypt is GO

A fundraising effort to pay for an independent, professional security audit of TrueCrypt, the popular disk encryption utility, has raised enough money to pay for an arguably long overdue audit of the security software. TrueCrypt is a widely used utility that encrypts and decrypts entire drives, partitions or files within a …
John Leyden, 06 Nov 2013
francis_maude_flames_evil

National Audit Office tears government's savings claims in HALF

The National Audit Office has questioned the Cabinet Office's weighty ICT savings claims and revealed it still does not know how many small biz suppliers are winning public sector contracts. Minister Francis Maude's merry band claims it saved taxpayers £702m on tech and comms spending in fiscal 2012 ended March - £354m through …
Paul Kunert, 23 Jan 2013
The Register breaking news

Security audit finds dev OUTSOURCED his JOB to China to goof off at work

A security audit of a US critical infrastructure company last year revealed that its star developer had outsourced his own job to a Chinese subcontractor and was spending all his work time playing around on the internet. The firm's telecommunications supplier Verizon was called in after the company set up a basic VPN system with …
Iain Thomson, 16 Jan 2013
fingers pointing at man

Child labour, lost wages uncloaked by Apple factories audit

Apple has for the first time released a complete list of its suppliers [PDF], publishing the names of 156 companies who make the parts for everything from Macbook screens to iPad covers. The list includes well-publicised contracts, such as Apple's mega deals with Samsung and LG, as well as more obscure deals with smaller …
Anna Leach, 16 Jan 2012
The Register breaking news

Facebook spurns privacy probe as 'routine audit'

Facebook's international headquarters are in Dublin, Ireland, where the company just so happens to face a regulatory probe into the handling of personal data on the social network. According to the RTE, the Irish data protection commissioner will carry out a privacy audit of the site in November. That's potentially a big deal, …
Kelly Fiveash, 30 Sep 2011

Labour vows: We'll pause one-dole-to-rule-them-all for drastic fix-up if elected in 2015

The Labour Party has promised to put the brakes on the deeply troubled Universal Credit system for three months if it gets into government next year. During that time, shadow work and pensions minister Rachel Reeves said that Labour would urge the National Audit Office to conduct a review of the lumpen welfare reform programme. …
Kelly Fiveash, 24 Jun 2014

US Social Security 'wasted $300 million on an IT BOONDOGGLE'

Members of the US Congress are demanding answers from the Social Security Administration (SSA) over an ongoing IT project that has racked up a $288m bill without deploying a field-ready product. A trio of representatives from the House Oversight Committee said in a letter to the SSA that they had "serious problems" with the way …
Shaun Nichols, 24 Jul 2014
LIFE_SUPPORT_HEART_AND_LUNG_MACHINE

TrueCrypt hooked to life support in Switzerland: 'It must not die' say pair

Two programmers hope to resurrect development of disk-encryption tool TrueCrypt after its original developers quit the project. The official TrueCrypt.org website abruptly shut up shop last week ostensibly because its secretive maintainers felt they could no longer keep the software secure. They blamed the Microsoft's …
John Leyden, 04 Jun 2014

SHOCK HORROR: Oz's biggest govt agencies to miss infosec deadline

Australia's largest government agencies will miss a July deadline to implement even basic information security controls. The Australian National Audit Office's (ANAO's) annual report says that the country's biggest government agencies won't deploy Defence-issued controls to implement fast patching and organisation-wide …
Darren Pauli, 25 Jun 2014
For Sale sign detail

Acer writes off $150m as audit finds 'abnormalities'

Acer CEO and Chairman JT Wang has relinquished his remuneration package including bonuses from 2010 after the firm unearthed "abnormalities" in channel inventory across EMEA that will cost it US $150m (£91m) to write off. The Taiwanese giant will also cut board directors' pay packages by 50 per cent, ask staff to take a 40 per …
Paul Kunert, 01 Jun 2011
The Register breaking news

Wales Audit Office boss sacked amidst laptop smut claims

Jeremy Colman, Auditor General for Wales has resigned from his £170,000 a year post after porn material was allegedly found on his laptop. In fact, the post is in the gift of the Queen, so his resignation has been forwarded on to her. The National Assembly is now looking for an interim successor. His laptop was seized, The …
John Oates, 04 Feb 2010
Child labourers

Another Samsung supplier fingered in new 'child labor' probe

Samsung is once again under fire from a watchdog that claims the South Korean leviathan sources components from suppliers that employ child laborers. China Labor Watch (CLW) on Thursday identified a factory called Shinyang Electronics, located in Dongguan, China, that it alleges hires children to work long hours for little pay …
Neil McAllister, 10 Jul 2014
London BMW 5-Series police car

Auditors blast Blighty cops over binned multi-million pound IT project

A new report has been highly critical of a failed £15m IT project for Surrey Police that was eventually binned by the cops. Auditors Grant Thornton published the report today on behalf of the government's Audit Commission, which said the Surrey Integrated Reporting Enterprise Network (SIREN) project had been “poorly managed”, “ …

Seven Apple Store staff cuffed in alleged $500k stolen iPhone scam bust

Seven Apple store employees, and a worker at Best Buy, have been arrested and charged in Florida for allegedly selling stolen iPhones. The seven Cook & Co staffers worked at the Apple Store in Fort Lauderdale, and are accused of working with phone thieves to exchange 600 stolen mobes for legitimate handsets. Police estimate the …
Iain Thomson, 15 Aug 2014
Oculus Rift being tested by the Norwegian army

Linux Foundation flings two full-time developers at OpenSSL

The Linux Foundation's new elite tech repair team has named its initial areas of focus as it works to find and seal holes in widely-used open source software. The Linux Foundation announced on Thursday that members of the "Core Infrastructure Initiative" (CII) will dedicate resources to working on the Network Time Protocol, …
Jack Clark, 29 May 2014

Care Bears... share: NHS England promises to heal careless data-sharing plans

NHS England is still reeling from accusations that the health service – among other things – allowed a consultancy outfit to pump sensitive patient data onto Google servers. Critics have argued that the apparently carefree and careless approach to sharing hospital records with private companies simply highlighted that a cautious …
Kelly Fiveash, 06 Mar 2014

Apple finance overlord Oppenheimer: I love Apple, but I gotta get this pilot licence. See ya

Apple's chief bean counter Peter Oppenheimer – the man who has been a constant during Apple's dark pre-iPod days and amid the meteoric rise since – is to call it a day at the end of September. The Cupertino finance lord manages all the grey aspects of the colourful tech vendor's biz including treasury, information systems, …
Paul Kunert, 04 Mar 2014
The Register breaking news

Burned by DigiNotar, Mozilla tells cert cops to audit security

Mozilla has directed all web authentication authorities trusted by its software to conduct security audits to ensure they aren't being abused to issue counterfeit secure sockets layer certificates. Thursday's note from Kathleen Wilson, who oversees the certificate authorities included in the Firefox browser and Thunderbird …
Dan Goodin, 08 Sep 2011

Did HP just tip its hand on Autonomy? Spoiler: It was a busted flush

Autonomy has come under fire for a software deal between itself, reseller MicroTechnologies, and the Vatican – but all is not as it seems. A report published by Reuters on Friday attempted to shed light on HP-owned Autonomy's strange deal to sell technology worth $11.55m to MicroTechnologies, which was bidding on a contract to …
Jack Clark, 18 Jul 2014
balaclava_thief_burglar

Did you swipe your card through one of these UPS Store tills? You may have been pwned

UPS has discovered an outbreak of debit and credit-card-reading malware in 51 of its branches in the US. Exactly which strain of malware was involved is not known; a spokesperson told The Register today: "We're still investigating the infection." It's hoped the identity of the malware will be revealed once that probe is complete …
BBC logo 2012

‘Scapegoated’ BBC tech boss calls foul, kicks off unfair sacking tribunal

The BBC’s former technology chief John Linwood claims he was made a scapegoat for the collapse of the Digital Media Initiative – the corporation’s £125m media sharing and archiving project that was axed a year ago with nothing to show for it. Linwood was placed on gardening leave (on full £287,000 pa pay) as the project was put …
Andrew Orlowski, 07 May 2014
orange hacked.jpg

TrueCrypt considered HARMFUL – downloads, website meddled to warn: 'It's not secure'

The website of popular drive-encryption software TrueCrypt has been ripped up and replaced with a stark warning to not use the crypto-tool. It's also distributing a new version of the software, 7.2, which appears to have been compromised. It's feared the project, run by a highly secretive team of anonymous developers, has been …
Neil McAllister, 28 May 2014

Lovers of Tor can now sprinkle Bitcoins on its developers as thanks

The folks behind web privacy tool Tor will now accept donations in Bitcoins. The project, which attempts to anonymize connections across the internet, will team up with payment biz Bitpay to allow users to donate using the crypto-currency; BTC contributions will be ultimately converted into dollars for the developers' coffers …
Shaun Nichols, 18 Dec 2013

Storage, chip slingers pledge allegiance to Linux, open source

As LinuxCon 2014 kicks off this week in Chicago, the Linux Foundation has announced that it has won new support from across the technology industry, including several hardware companies. The nonprofit organization said on Wednesday that SanDisk, Seagate, and Western Digital have become Linux Foundation members, all three of …
Neil McAllister, 21 Aug 2014

Tech Data: UK accounting errors cost us $27m

Tech Data (TD) has turned to "external experts" to beef up fraud detection measures after it emerged that righting accounting wrongs at its UK sub had wiped $27m (£16.55m) off net profits for the last three years. The restatement equates to three per cent of income made during fiscal '11, '12 and '13, the periods that forensic …
Paul Kunert, 05 Feb 2014
Broke - empty pockets

Microsoft compliance police to NHS: We want your money

Microsoft is playing hardball with the NHS, threatening trusts and authorities with drastically increased software payments over claimed licence violations. The tough talking comes more than a year after an organisational shift began across the NHS (April '13) saw some Primary Care Trusts and strategic health authorities …
Paul Kunert, 27 Jun 2014
Electronic waste dump in China

Home Office threw £347m in the bin on failed asylum processing IT project

The Home Office frittered away hundreds of millions of taxpayer pounds on a botched tech project designed to manage immigration and asylum applications, a National Audit Office report has revealed. The "flagship" IT programme, the Immigration Case Work computer system, was launched in 2010 to replace fragmented systems and pull …
Paul Kunert, 22 Jul 2014
The Register breaking news

Police get ready for body parts audit

UK police forces are steeling themselves for an audit of body parts. The grim task will enable forces to take stock of the parts collected as evidence over the years and release to relatives those parts no longer needed for legal purposes. The need arises first and foremost because body parts form are also evidence at a crime …
Jane Fae Ozimek, 08 Nov 2010

HP 'KNEW' about Autonomy's hardware sales BEFORE the whistle blew: report

HP knew about Autonomy's hardware and reseller sales long before a whistleblower pointed them out and the company wrote down its acquisition by $8.8bn, the Financial Times has claimed (paywall), citing emails and Deloitte audit reports. HP has accused Autonomy of "accounting improprieties, misrepresentations and disclosure …
Prison window

UK fraud squad bends over Serco, G4S for 'phantom crims' probe

The UK's Serious Fraud Office (SFO) has launched a criminal investigation into contractors Serco and G4S after an audit allegedly suggested the companies were massively overcharging for the electronic tagging of offenders. Sources in government told The Guardian that the two firms billed Blighty for monitoring at least 18,000 …
Iain Thomson, 05 Nov 2013
francis_maude_flames_evil

NAO slaps down Cabinet Office gov-IT savings claims AGAIN

There are lies, damned lies and Cabinet Office statistics which give the impression that the Efficiency and Reform Group are achieving much more dramatic ICT savings than they actually are. Or so says a National Audit Office report, which again criticised the processes used to calculate how much money Government Digital Services …
Paul Kunert, 17 Jul 2014
The Register breaking news

Police National Database will have audit trail

A code of practice for the forthcoming Police National Database says that an audit trail will be created to tackle abuse. Chief police officers will be responsible for auditing the activity of their own officers and no user should audit their own activities, says the document, presented to Parliament on 17 March 2010 by the …
Kable, 18 Mar 2010
Bruce Schneier

TrueCrypt turmoil latest: Bruce Schneier reveals what he'll use instead

The TrueCrypt project abruptly imploded on Wednesday – leaving folks in the infosec world scratching heads and scrambling to recommend alternatives. In the past hour, crypto-guru Bruce Schneier has told us he's switched back to Symantec's PGPDisk to encrypt his data. "I have no idea what's going on with TrueCrypt," he added on …
John Leyden, 29 May 2014

NHS slammed for MAJOR data blunders as scale of patient info sell-off is revealed

The NHS struck four "data-sharing" deals with three re-insurance companies that allowed them access to patient information under agreements that don't expire until 2015 and 2016. That's among the shocking findings of a review of data released by the NHS Information Centre - the predecessor to the Health and Social Care …
Kelly Fiveash, 17 Jun 2014

El Reg is looking for a new London sub-editor

The Register is looking for a new sub-editor to work in our London newsroom. The Register is the world's first technology tabloid and has been published exclusively online since before that was technically even possible. Our latest ABCe audit confirmed more than 9 million monthly unique browsers worldwide, including just about …
Lewis Page, 03 Jul 2014

Reading this headline? You and 9.47 million others

It's January again: and that means it's time for our annual letter from the Audit Bureau of Circulation, telling us Vultures how we did in our regular November audit of site traffic last year. Without further ado, the scores on the doors: 9,470,181 unique users paid a visit that month, up from 7,326,907 in 2012. That's a climb …
Team Register, 22 Jan 2014
nuts

From production to development databases (and back again)

In many organisations, it isn't just the production database that database administrators (DBAs) have to look after. There are several non-production versions, as well. Project teams may need one to develop on, so that they can work in isolation without affecting production. A QA team may need its own version for testing patches …
Robin Birtstone, 28 May 2014
BBC logo 2012

BBC man Linwood 'was unfairly sacked' over £100 MILLION DMI omnifail

A BBC technology chief who took the fall for the Corporation's failed £100m Digital Media Initiative was unfairly dismissed, an employment tribunal has ruled.. The tribunal that found that the BBC broke the law in suspending its chief technology officer, John Linwood. The tribunal found Linwood was unfairly dismissed under the …
Gavin Clarke, 07 Aug 2014

Auditor rains on Bureau of Met's data warehousing parade

An ambitious project to create a single national water database is going to need a complete reboot, with the Australian National Audit Office saying complexity, non-standard approaches and supplier capture caused a multi-million-dollar blowout in the system. The Bureau of Meteorology was given the task of creating the database …

Mozilla CTO Eich: If your browser isn't open source (ahem, ahem, IE, Chrome, Safari), DON'T TRUST IT

Mozilla CTO Brendan Eich has cautioned netizens not to blindly trust software vendors, arguing that only open-source software can be assured to be free from government-mandated surveillance code. "Every major browser today is distributed by an organization within reach of surveillance laws," Eich wrote in a joint blog post with …
Neil McAllister, 14 Jan 2014
Windows 8.1 update 1 power search

Microsoft: We plan to CLEAN UP this here Windows Store town

Microsoft has promised to crack down on rogue apps in its Windows Store following criticisms that the marketplace is littered with "scam" software. Windows Store – which debuted with Windows 8 – is littered with misleading apps. Typical problems include knock-off "unofficial" packages of free apps such as the VLC media player. …
John Leyden, 21 Aug 2014
Good riddance to bad Java

Now even Internet Explorer will throw lousy old Java into the abyss

Internet Explorer will soon join its rival browsers by automatically blocking old, insecure add-ons – and it's got its eye set squarely on Java. Microsoft said on Wednesday that starting on August 12, Internet Explorer will begin alerting users when web pages try to launch ActiveX controls that are considered out-of-date and …
Neil McAllister, 07 Aug 2014
LibreSSL

LibreSSL crypto library leaps from OpenBSD to Linux, OS X, more

The OpenBSD project has released the first portable version of LibreSSL, the team's OpenSSL fork – meaning it can be built for operating systems other than OpenBSD. The LibreSSL project, which aims to clean up the buggy and inscrutable OpenSSL code, was founded about two months ago by a group of OpenBSD developers, so it only …
Neil McAllister, 12 Jul 2014

HP: Autonomy overstated 2010 profits, cuts them by 81 PER CENT

HP has filed at the UK's Companies House the results of an audit of the 2010 financial results of two of Autonomy's eight divisions, which says that the UK software firm's revenues were actually just 54 per cent of its initially stated figure, and that their profit figure for the year needs to be cut by a whopping 81 per cent. " …
Iain Thomson, 04 Feb 2014
A proposed LOHAN mission patch

That stirring LOHAN motto: Anyone know a native Latin speaker?

We asked for it, and we got: in spades. In response to our call for a stirring motto for the proposed Low Orbit Helium Assisted Navigator (LOHAN) embroidered mission patch, we were buried under suggestions from all corners of Regosphere diaspora. A proposed LOHAN mission patch Indeed, so great was the response that it's …
Lester Haines, 18 Jul 2014
channel

National Audit Office: Open data the key to 'big society'

Parliament's finance watchdog has said that stronger information strategies and more transparent government data will be key to the 'big society' agenda. The delivery of public services by charities, voluntary groups and social enterprises will require a "step change" from earlier attempts to open up government, such as the …
blackphone

Blackphone rooted at BlackHat

A security researcher at BlackHat has sparked a “did-he-didn't-he” Tweet-storm over the extent of an alleged “hack” of the “secure by design” Blackphone. The Twitter argument continues, with @TeamAndIRC first announcing that it only took five minutes to root the Blackphone* (see Bootnote); then backtracking on one claim because …
SEO

Flaws open gates to WordPress en-masse SEO beat-down

Wordpress sites running the popular All in One SEO Pack plugin could have search rankings beaten down by readers and malicious code injected into pages due to dangerous vulnerabilities patched yesterday. The flaws allowed hackers to launch privilege escalation and cross site scripting attacks against vulnerable sites running old …
Darren Pauli, 02 Jun 2014