Feeds

Articles about Audit

TrueCrypt

TrueCrypt audit: Probe's nearly all the way in ... no backdoor hit yet

The first phase of crowd-funded audit of TrueCrypt has turned up several vulnerabilities, but nothing particularly amiss and certainly nothing that looks like a backdoor. iSEC Partners, which was contracted to carry out the audit by the Open Crypto Audit Project (OCAP), ‪found‬ 11 vulnerabilities in the full disk and file …
John Leyden, 15 Apr 2014
TrueCrypt

TrueCrypt audit project founder: 'We've set our sights high'

A TrueCrypt audit project has uncovered a well of technical support with its plans to publicly audit the widely used disk and file encryption utility for the first time. TrueCrypt is a widely used utility that encrypts and decrypts entire drives, partitions or files within a virtual disk. The tool can also hide volumes of data …
John Leyden, 18 Nov 2013
TrueCrypt

Crowdfunded audit of 'NSA-proof' encryption suite TrueCrypt is GO

A fundraising effort to pay for an independent, professional security audit of TrueCrypt, the popular disk encryption utility, has raised enough money to pay for an arguably long overdue audit of the security software. TrueCrypt is a widely used utility that encrypts and decrypts entire drives, partitions or files within a …
John Leyden, 06 Nov 2013
francis_maude_flames_evil

National Audit Office tears government's savings claims in HALF

The National Audit Office has questioned the Cabinet Office's weighty ICT savings claims and revealed it still does not know how many small biz suppliers are winning public sector contracts. Minister Francis Maude's merry band claims it saved taxpayers £702m on tech and comms spending in fiscal 2012 ended March - £354m through …
Paul Kunert, 23 Jan 2013
The Register breaking news

Security audit finds dev OUTSOURCED his JOB to China to goof off at work

A security audit of a US critical infrastructure company last year revealed that its star developer had outsourced his own job to a Chinese subcontractor and was spending all his work time playing around on the internet. The firm's telecommunications supplier Verizon was called in after the company set up a basic VPN system with …
Iain Thomson, 16 Jan 2013
fingers pointing at man

Child labour, lost wages uncloaked by Apple factories audit

Apple has for the first time released a complete list of its suppliers [PDF], publishing the names of 156 companies who make the parts for everything from Macbook screens to iPad covers. The list includes well-publicised contracts, such as Apple's mega deals with Samsung and LG, as well as more obscure deals with smaller …
Anna Leach, 16 Jan 2012
The Register breaking news

Facebook spurns privacy probe as 'routine audit'

Facebook's international headquarters are in Dublin, Ireland, where the company just so happens to face a regulatory probe into the handling of personal data on the social network. According to the RTE, the Irish data protection commissioner will carry out a privacy audit of the site in November. That's potentially a big deal, …
Kelly Fiveash, 30 Sep 2011

Labour vows: We'll pause one-dole-to-rule-them-all for drastic fix-up if elected in 2015

The Labour Party has promised to put the brakes on the deeply troubled Universal Credit system for three months if it gets into government next year. During that time, shadow work and pensions minister Rachel Reeves said that Labour would urge the National Audit Office to conduct a review of the lumpen welfare reform programme. …
Kelly Fiveash, 24 Jun 2014

US Social Security 'wasted $300 million on an IT BOONDOGGLE'

Members of the US Congress are demanding answers from the Social Security Administration (SSA) over an ongoing IT project that has racked up a $288m bill without deploying a field-ready product. A trio of representatives from the House Oversight Committee said in a letter to the SSA that they had "serious problems" with the way …
Shaun Nichols, 24 Jul 2014
LIFE_SUPPORT_HEART_AND_LUNG_MACHINE

TrueCrypt hooked to life support in Switzerland: 'It must not die' say pair

Two programmers hope to resurrect development of disk-encryption tool TrueCrypt after its original developers quit the project. The official TrueCrypt.org website abruptly shut up shop last week ostensibly because its secretive maintainers felt they could no longer keep the software secure. They blamed the Microsoft's …
John Leyden, 04 Jun 2014

SHOCK HORROR: Oz's biggest govt agencies to miss infosec deadline

Australia's largest government agencies will miss a July deadline to implement even basic information security controls. The Australian National Audit Office's (ANAO's) annual report says that the country's biggest government agencies won't deploy Defence-issued controls to implement fast patching and organisation-wide …
Darren Pauli, 25 Jun 2014
For Sale sign detail

Acer writes off $150m as audit finds 'abnormalities'

Acer CEO and Chairman JT Wang has relinquished his remuneration package including bonuses from 2010 after the firm unearthed "abnormalities" in channel inventory across EMEA that will cost it US $150m (£91m) to write off. The Taiwanese giant will also cut board directors' pay packages by 50 per cent, ask staff to take a 40 per …
Paul Kunert, 01 Jun 2011
Child labourers

Another Samsung supplier fingered in new 'child labor' probe

Samsung is once again under fire from a watchdog that claims the South Korean leviathan sources components from suppliers that employ child laborers. China Labor Watch (CLW) on Thursday identified a factory called Shinyang Electronics, located in Dongguan, China, that it alleges hires children to work long hours for little pay …
Neil McAllister, 10 Jul 2014
London BMW 5-Series police car

Auditors blast Blighty cops over binned multi-million pound IT project

A new report has been highly critical of a failed £15m IT project for Surrey Police that was eventually binned by the cops. Auditors Grant Thornton published the report today on behalf of the government's Audit Commission, which said the Surrey Integrated Reporting Enterprise Network (SIREN) project had been “poorly managed”, “ …
The Register breaking news

Wales Audit Office boss sacked amidst laptop smut claims

Jeremy Colman, Auditor General for Wales has resigned from his £170,000 a year post after porn material was allegedly found on his laptop. In fact, the post is in the gift of the Queen, so his resignation has been forwarded on to her. The National Assembly is now looking for an interim successor. His laptop was seized, The …
John Oates, 04 Feb 2010
Oculus Rift being tested by the Norwegian army

Linux Foundation flings two full-time developers at OpenSSL

The Linux Foundation's new elite tech repair team has named its initial areas of focus as it works to find and seal holes in widely-used open source software. The Linux Foundation announced on Thursday that members of the "Core Infrastructure Initiative" (CII) will dedicate resources to working on the Network Time Protocol, …
Jack Clark, 29 May 2014

Care Bears... share: NHS England promises to heal careless data-sharing plans

NHS England is still reeling from accusations that the health service – among other things – allowed a consultancy outfit to pump sensitive patient data onto Google servers. Critics have argued that the apparently carefree and careless approach to sharing hospital records with private companies simply highlighted that a cautious …
Kelly Fiveash, 06 Mar 2014

Apple finance overlord Oppenheimer: I love Apple, but I gotta get this pilot licence. See ya

Apple's chief bean counter Peter Oppenheimer – the man who has been a constant during Apple's dark pre-iPod days and amid the meteoric rise since – is to call it a day at the end of September. The Cupertino finance lord manages all the grey aspects of the colourful tech vendor's biz including treasury, information systems, …
Paul Kunert, 04 Mar 2014

Did HP just tip its hand on Autonomy? Spoiler: It was a busted flush

Autonomy has come under fire for a software deal between itself, reseller MicroTechnologies, and the Vatican – but all is not as it seems. A report published by Reuters on Friday attempted to shed light on HP-owned Autonomy's strange deal to sell technology worth $11.55m to MicroTechnologies, which was bidding on a contract to …
Jack Clark, 18 Jul 2014
The Register breaking news

Burned by DigiNotar, Mozilla tells cert cops to audit security

Mozilla has directed all web authentication authorities trusted by its software to conduct security audits to ensure they aren't being abused to issue counterfeit secure sockets layer certificates. Thursday's note from Kathleen Wilson, who oversees the certificate authorities included in the Firefox browser and Thunderbird …
Dan Goodin, 08 Sep 2011
BBC logo 2012

‘Scapegoated’ BBC tech boss calls foul, kicks off unfair sacking tribunal

The BBC’s former technology chief John Linwood claims he was made a scapegoat for the collapse of the Digital Media Initiative – the corporation’s £125m media sharing and archiving project that was axed a year ago with nothing to show for it. Linwood was placed on gardening leave (on full £287,000 pa pay) as the project was put …
Andrew Orlowski, 07 May 2014
orange hacked.jpg

TrueCrypt considered HARMFUL – downloads, website meddled to warn: 'It's not secure'

The website of popular drive-encryption software TrueCrypt has been ripped up and replaced with a stark warning to not use the crypto-tool. It's also distributing a new version of the software, 7.2, which appears to have been compromised. It's feared the project, run by a highly secretive team of anonymous developers, has been …
Neil McAllister, 28 May 2014

Lovers of Tor can now sprinkle Bitcoins on its developers as thanks

The folks behind web privacy tool Tor will now accept donations in Bitcoins. The project, which attempts to anonymize connections across the internet, will team up with payment biz Bitpay to allow users to donate using the crypto-currency; BTC contributions will be ultimately converted into dollars for the developers' coffers …
Shaun Nichols, 18 Dec 2013

Tech Data: UK accounting errors cost us $27m

Tech Data (TD) has turned to "external experts" to beef up fraud detection measures after it emerged that righting accounting wrongs at its UK sub had wiped $27m (£16.55m) off net profits for the last three years. The restatement equates to three per cent of income made during fiscal '11, '12 and '13, the periods that forensic …
Paul Kunert, 05 Feb 2014
Broke - empty pockets

Microsoft compliance police to NHS: We want your money

Microsoft is playing hardball with the NHS, threatening trusts and authorities with drastically increased software payments over claimed licence violations. The tough talking comes more than a year after an organisational shift began across the NHS (April '13) saw some Primary Care Trusts and strategic health authorities …
Paul Kunert, 27 Jun 2014
Electronic waste dump in China

Home Office threw £347m in the bin on failed asylum processing IT project

The Home Office frittered away hundreds of millions of taxpayer pounds on a botched tech project designed to manage immigration and asylum applications, a National Audit Office report has revealed. The "flagship" IT programme, the Immigration Case Work computer system, was launched in 2010 to replace fragmented systems and pull …
Paul Kunert, 22 Jul 2014
The Register breaking news

Police get ready for body parts audit

UK police forces are steeling themselves for an audit of body parts. The grim task will enable forces to take stock of the parts collected as evidence over the years and release to relatives those parts no longer needed for legal purposes. The need arises first and foremost because body parts form are also evidence at a crime …
Jane Fae Ozimek, 08 Nov 2010

HP 'KNEW' about Autonomy's hardware sales BEFORE the whistle blew: report

HP knew about Autonomy's hardware and reseller sales long before a whistleblower pointed them out and the company wrote down its acquisition by $8.8bn, the Financial Times has claimed (paywall), citing emails and Deloitte audit reports. HP has accused Autonomy of "accounting improprieties, misrepresentations and disclosure …
francis_maude_flames_evil

NAO slaps down Cabinet Office gov-IT savings claims AGAIN

There are lies, damned lies and Cabinet Office statistics which give the impression that the Efficiency and Reform Group are achieving much more dramatic ICT savings than they actually are. Or so says a National Audit Office report, which again criticised the processes used to calculate how much money Government Digital Services …
Paul Kunert, 17 Jul 2014
Bruce Schneier

TrueCrypt turmoil latest: Bruce Schneier reveals what he'll use instead

The TrueCrypt project abruptly imploded on Wednesday – leaving folks in the infosec world scratching heads and scrambling to recommend alternatives. In the past hour, crypto-guru Bruce Schneier has told us he's switched back to Symantec's PGPDisk to encrypt his data. "I have no idea what's going on with TrueCrypt," he added on …
John Leyden, 29 May 2014
Prison window

UK fraud squad bends over Serco, G4S for 'phantom crims' probe

The UK's Serious Fraud Office (SFO) has launched a criminal investigation into contractors Serco and G4S after an audit allegedly suggested the companies were massively overcharging for the electronic tagging of offenders. Sources in government told The Guardian that the two firms billed Blighty for monitoring at least 18,000 …
Iain Thomson, 05 Nov 2013

NHS slammed for MAJOR data blunders as scale of patient info sell-off is revealed

The NHS struck four "data-sharing" deals with three re-insurance companies that allowed them access to patient information under agreements that don't expire until 2015 and 2016. That's among the shocking findings of a review of data released by the NHS Information Centre - the predecessor to the Health and Social Care …
Kelly Fiveash, 17 Jun 2014

El Reg is looking for a new London sub-editor

The Register is looking for a new sub-editor to work in our London newsroom. The Register is the world's first technology tabloid and has been published exclusively online since before that was technically even possible. Our latest ABCe audit confirmed more than 9 million monthly unique browsers worldwide, including just about …
Lewis Page, 03 Jul 2014
The Register breaking news

Police National Database will have audit trail

A code of practice for the forthcoming Police National Database says that an audit trail will be created to tackle abuse. Chief police officers will be responsible for auditing the activity of their own officers and no user should audit their own activities, says the document, presented to Parliament on 17 March 2010 by the …
Kable, 18 Mar 2010

Reading this headline? You and 9.47 million others

It's January again: and that means it's time for our annual letter from the Audit Bureau of Circulation, telling us Vultures how we did in our regular November audit of site traffic last year. Without further ado, the scores on the doors: 9,470,181 unique users paid a visit that month, up from 7,326,907 in 2012. That's a climb …
Team Register, 22 Jan 2014
nuts

From production to development databases (and back again)

In many organisations, it isn't just the production database that database administrators (DBAs) have to look after. There are several non-production versions, as well. Project teams may need one to develop on, so that they can work in isolation without affecting production. A QA team may need its own version for testing patches …
Robin Birtstone, 28 May 2014

Auditor rains on Bureau of Met's data warehousing parade

An ambitious project to create a single national water database is going to need a complete reboot, with the Australian National Audit Office saying complexity, non-standard approaches and supplier capture caused a multi-million-dollar blowout in the system. The Bureau of Meteorology was given the task of creating the database …

Mozilla CTO Eich: If your browser isn't open source (ahem, ahem, IE, Chrome, Safari), DON'T TRUST IT

Mozilla CTO Brendan Eich has cautioned netizens not to blindly trust software vendors, arguing that only open-source software can be assured to be free from government-mandated surveillance code. "Every major browser today is distributed by an organization within reach of surveillance laws," Eich wrote in a joint blog post with …
Neil McAllister, 14 Jan 2014
LibreSSL

LibreSSL crypto library leaps from OpenBSD to Linux, OS X, more

The OpenBSD project has released the first portable version of LibreSSL, the team's OpenSSL fork – meaning it can be built for operating systems other than OpenBSD. The LibreSSL project, which aims to clean up the buggy and inscrutable OpenSSL code, was founded about two months ago by a group of OpenBSD developers, so it only …
Neil McAllister, 12 Jul 2014

HP: Autonomy overstated 2010 profits, cuts them by 81 PER CENT

HP has filed at the UK's Companies House the results of an audit of the 2010 financial results of two of Autonomy's eight divisions, which says that the UK software firm's revenues were actually just 54 per cent of its initially stated figure, and that their profit figure for the year needs to be cut by a whopping 81 per cent. " …
Iain Thomson, 04 Feb 2014
A proposed LOHAN mission patch

That stirring LOHAN motto: Anyone know a native Latin speaker?

We asked for it, and we got: in spades. In response to our call for a stirring motto for the proposed Low Orbit Helium Assisted Navigator (LOHAN) embroidered mission patch, we were buried under suggestions from all corners of Regosphere diaspora. A proposed LOHAN mission patch Indeed, so great was the response that it's …
Lester Haines, 18 Jul 2014
SEO

Flaws open gates to WordPress en-masse SEO beat-down

Wordpress sites running the popular All in One SEO Pack plugin could have search rankings beaten down by readers and malicious code injected into pages due to dangerous vulnerabilities patched yesterday. The flaws allowed hackers to launch privilege escalation and cross site scripting attacks against vulnerable sites running old …
Darren Pauli, 02 Jun 2014

Acer parachutes cofounder Huang in as new chairman

The board of directors at troubled device maker Acer have again elected a key figure from the past to help it get "back to success", the company confirmed following today's Annual General Meeting. Co-founder and general secretary of the Transformation Committee George Huang is to replace the firm's other co-founder, Stan Shih, …
Paul Kunert, 18 Jun 2014
channel

National Audit Office: Open data the key to 'big society'

Parliament's finance watchdog has said that stronger information strategies and more transparent government data will be key to the 'big society' agenda. The delivery of public services by charities, voluntary groups and social enterprises will require a "step change" from earlier attempts to open up government, such as the …

Fujitsu and Capgemini's giga-quid HMRC lashup given drubbing by govt auditors

In yet another example of a sprawling government contract gone monumentally wrong – the second of the day – HMRC has splashed £7.9bn on an IT outsourcing deal that is looking very tough to justify. Capgemini and Fujitsu won the ten-year Aspire deal – a merged Inland Revenue and Customs & Excise contract – way back in 2004, and …
Paul Kunert, 22 Jul 2014
Roughly 150kg of gold

Apple: Scrubbing may not yet have cleansed iThings of BLOOD

Apple has admitted that it does not know whether some of the materials used in its products are sourced from conflict zones. In a report filed with the Securities and Exchange Commission, it admitted that four smelters and refineries whose products it uses have not yet definitively proved their materials do not come from war- …
Jasper Hamill, 30 May 2014
Cloud security image

AWS breaks silence over Truecrypt's role in data import/export

Amazon Web Services (AWS) has issued some advice on how it uses the kept mum on whether it will dump the troubled TrueCrypt platform used to encrypt data imported and exported to its Simple Storage Service, Amazon EBS snapshots and Glacier cold storage offerings. . The popular crypto platform recently became a pariah after its …
Darren Pauli, 11 Jun 2014

NHS chiefs' claims exposed: GP-data-grab boss claimed fattest expenses of the lot

An evangelist for the state to extract and share private data made the largest claims of any NHS board member, according to information released under the Freedom of Information Act. "The highest individual bill was for Tim Kelsey, national director for patients and information, who spent £46,000 during the year — including more …
Andrew Orlowski, 13 May 2014
TrueCrypt

Can you trust 'NSA-proof' TrueCrypt? Cough up some dough and find out

Security researchers are raising funds to conduct an independent audit of TrueCrypt, the popular disk encryption utility. TrueCrypt is widely used as a tool to strongly encrypt and decrypt entire drives, partitions or files in a virtual disk. It can also hide volumes of data and said to be easy to use. The source code for the …
John Leyden, 15 Oct 2013
Oracle frankenstein

Put down that Oracle database patch: It could cost $23,000 per CPU

Oracle has released "the most comprehensive patch set" ever for its database software – but its users should be aware of potentially wallet-busting features in the batch. Version 12.1.0.2 of the database came out on Tuesday and brought with it a range of new features, including Oracle's hotly anticipated "in memory" tech. The " …
Jack Clark, 24 Jul 2014