Ny anti-gaylag planeras i Uganda SvD Utrikes(cached at November 8, 2014, 11:33 pm)

Det styrande partiet i Uganda har skrivit ett förslag till en ny anti-gaylag som kan antas av parlamentet redan före årsskiftet, enligt gayrättsaktivister. Förslaget kommer nära ett år efter att en lag som innebar att homosexualitet kunde straffas med livstids fängelse antogs, även om den lagen senare underkändes av landets högsta domstol på grund av en teknikalitet.
Catalonia's quest for statehood AL JAZEERA ENGLISH (AJE)(cached at November 8, 2014, 11:30 pm)

Defiant Catalonians push ahead with symbolic independence referendum, despite Madrid's objections.
Catalonia's quest for statehood AL JAZEERA ENGLISH (AJE)(cached at November 8, 2014, 11:30 pm)

Defiant Catalonians push ahead with symbolic independence referendum, despite Madrid's objections.
Feedback Friday: WireLurker Malware Targets Mac OS X, iOS - Industry Reactions (Secu SANS ISC SecNewsFeed(cached at November 8, 2014, 11:30 pm)

Feedback Friday: WireLurker Malware Targets Mac OS X, iOS - Industry Reactions (Secu SANS ISC SecNewsFeed(cached at November 8, 2014, 11:30 pm)

Bad Assumptions in Security, (Sat, Nov 8th) (InternetStormCenter) SANS ISC SecNewsFeed(cached at November 8, 2014, 11:30 pm)

Bad Assumptions in Security, (Sat, Nov 8th) (InternetStormCenter) SANS ISC SecNewsFeed(cached at November 8, 2014, 11:30 pm)

Murens fall var en seger för friheten SvD Utrikes(cached at November 8, 2014, 11:03 pm)

För 25 år sedan föll Berlinmuren. Tyskland blev kontinentens politiska och ekonomiska maktcentrum. Östeuropa inlemmades i EU och ett förödmjukat Ryssland började ruva på revansch – men bortom geopolitiken var det framför allt en frihetens seger.
Bad Assumptions in Security, (Sat, Nov 8th) SANS Internet Storm Center, InfoCON: green(cached at November 8, 2014, 11:00 pm)

In almost every project I have ever worked the scope is defined as part of the scope/schedule/budget of the project (as it should be), and we have to work within that scope. In most cases that scope is set in advance by management, with little or no input regarding the impact to the systems security. It is almost automatically assumed that if a commercial IT offering exists, and it appears successful, then it must be secure. The thought is if it/they were not secure, how could it/they be in business? I see this in almost every instance when it comes to third party integrations. However it is not always limited to web integrations, and some of the next-gen attacks that are prevalent today. It can be as simple as stealing a password off a keyboard in another business that has access to your system. (We train our employees, but that does not mean everyone does)

Home Depot announced recently a breach that was the result of credentials issued to, and stolen from, a third party vendor. As with any third party integration or vendor support, security must be considered with the same regard as our own internal systems and processes. In this case, it may have been as simple as a fleet vendor who maintains the Home Depot trucks, and needed access for parts and billing. Or maybe it was a third-party vendor stocking the shelves, who needed access to inventory levels. It is mostly irrelevant, as their access needs to be treated with the same accord as if they were setting up a workstation on your network, and quite probably something was overlooked.

I cannot say this loud enough: Do not assume that because a company has been in business for x years, or they are the hottest product on the market, that it is backed by solid security. That is an assumption that can cost. Dearly.

I would like to hear what other bad assumptions that youve encountered. Speak up!

tony d0t carothers --gmail

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Computer Scientists Ask Supreme Court To Rule APIs Can't Be Copyrighted Slashdotby Soulskill on eff at January 1, 1970, 1:00 am (cached at November 8, 2014, 10:33 pm)

An anonymous reader writes: The EFF, representing a coalition of computer scientists, filed an amicus brief with the Supreme Court yesterday hoping for a ruling that APIs can't be copyrighted. The names backing the brief include Bjarne Stroustrup, Ken Thompson, Guido van Rossum, and many other luminaries. "The brief explains that the freedom to re-implement and extend existing APIs has been the key to competition and progress in both hardware and software development. It made possible the emergence and success of many robust industries we now take for granted—for example, mainframes, PCs, and workstations/servers—by ensuring that competitors could challenge established players and advance the state of the art. The litigation began several years ago when Oracle sued Google over its use of Java APIs in the Android OS. Google wrote its own implementation of the Java APIs, but, in order to allow developers to write their own programs for Android, Google's implementation used the same names, organization, and functionality as the Java APIs."

Read more of this story at Slashdot.








Text-Fy-Utils-0.08 search.cpan.orgby Klaus Eichner at January 1, 1970, 1:00 am (cached at November 8, 2014, 10:32 pm)

Some text based utility functions
HTML-Xit-0.03 search.cpan.orgby Ersun Warncke at January 1, 1970, 1:00 am (cached at November 8, 2014, 10:32 pm)

XML/HTML DOM Manipulation with CSS Selectors
Morocco opts against hosting CAF over Ebola AL JAZEERA ENGLISH (AJE)(cached at November 8, 2014, 10:30 pm)

The 16-team Cup for African Football faces cancellation amid lack of alternative venue amid fear of deadly virus.
Morocco opts against hosting CAF over Ebola AL JAZEERA ENGLISH (AJE)(cached at November 8, 2014, 10:30 pm)

The 16-team Cup for African Football faces cancellation amid lack of alternative venue amid fear of deadly virus.
Facebook: Governments Made 34,946 Requests for Data in H1 2014 (SecurityWeek) SANS ISC SecNewsFeed(cached at November 8, 2014, 10:30 pm)