48935857
submission
cycoj writes:
The NSA says that there is no central method to search its own email. When asked in a Freedom of Information Act request for emails with the National Geographic Channel over a specific time period, the agency, which has been collecting and analysing the data of hundreds of millions internet users, says it can only perform person-per-person searches on its own email.
353625
submission
cycoj writes:
German IT magazine Heise takes a look at the new OS X Leopard firewall. They find it flawed. When setting access to specific services and programs for example to only allow SSH access, they found that a manually started service was still accessible. From the article:
"So the first step after starting Leopard should be to activate the firewall. The obvious choice to do so is the option to "Set access to specific services and programs", which promises more control over network traffic. Mac OS X automatically enters all shared resources set up by the user, such as "Remote login" for SSH servers, into the list of accessable resources.
However, initial functional testing quickly dispels any feeling of improved security. A service started for testing purposes was able to be addressed from outside without any difficulty. The firewall records this occurrence."
Even with the firewall set to "Block all incoming connections" ports to netbios, ntp and other services were still open.
"Specifically these results mean that users can't rely on the firewall. Even if users select "Block all incoming connections," potential attackers can continue to communicate with system services such as the time server and possibly with the NetBIOS name server."
