Lost+Found: an embarrasing hoax, Sophos's false alarm and new tools
Too short for news, too good to lose; Lost+Found is a roundup of useful security news. This time: an embarrassing news hoax, a new mobile security project, insights at Sophos and new tools.
- Hakin9 IT Security magazine fell prey to a troll and published an embarrassing hoax: Nmap: The Internet Considered Harmful - DARPA Inference Checking Kludge Scanning (or DICKS, in short). Because of its well-known authors, whose names read like a security who's who, nobody appeared to notice that sentences such as "NMAP requires root access in order to allow B-trees" make no sense whatsoever. Reportedly, Hakin9 has now threatened the Nmap author, Fyodor, with legal consequences if he doesn't remove the article from his server, although he claims that he had been given permission to publish it. Fyodor is contemplating the release of a follow-up article entitled "Continuously Updating Nmap Technology System".
- Apparently, the Open Web Application Security Project (OWASP) plans to focus more on mobile application security, as it has established the OWASP Mobile Security Project. The pages, which are mainly designed for developers and security specialists who want to acquaint themselves with mobile security, are still under development.
- Sophos has investigated the embarrassing false alarm during which its virus monitor identified, and even quarantined, some of its own files. The unsurprising outcome: the problem was caused by human error, and Sophos wants to learn from the mistakes.
- Microsoft has presented its Anti-Cross Site Scripting Library, which prevents attackers from injecting code into ASP.NET applications, as part of its free collection of security tools. The company points out that the library is based on a whitelist, meaning that it only allows listed entries rather than trying to block potentially harmful ones.
- Mark Russinovich has released a new SysInternals toolkit component called PsPing. The description of PsPing, a command-line utility for measuring network performance, reads a little like Hping for beginners.
- The strongSwan 5.01 IPSec implementation now includes support for multiple virtual IP addresses.
- After only two months, security celebrity Barnaby Jack has ended his stint at Intel/McAfee and gone back to IOActive.