Privacy Digest: Privacy News (Civil Rights, Encryption, Free Speech, Cryptography)

PLEASE READ !! - The RSS/XML files have moved because we have a new CMS and

Thu, 22 Mar 2007 04:21:28 GMT

Hello Readers,

I want to you know about a few changes I have made to the site. My old CMS(Content Management Software) was starting to have problems that more serious than I wanted to deal with, so I moved up the implementation of my new CMS system. There were a few bumps in the process, but things are basically in place. Not all the features are in place as of yet and I will be implementing them as time permits.

I will be converting the old entries to be under the new CMS but it will probably be a while before I can do that. Until then I will leave the old pages in place.

There have been a few changes to the sites structure

<ul>
   <li>With the new system, instead of having mini-sites for each sub-issue, each entry will be tagged with the topics it relates to. By clicking on these tags(Under each article or in the tag cloud in the navigation bar) you will be given a list of additional articles that have this tag. There is also a page (currently for registered users) that will list all the tags and tell you how many articles each contains. I have not converted the archive yet(and it will probably be a while) to the new CMS so it will only be counting entries made since the cutover(Sunday March 18th,2007)</li>
   <li>The RSS/XML files have also been relocated. http://www.PrivacyDigest.com/rss.xml is the new global one, and there will be one for each tag so you can follow those specific issues that interest/concern you.</li>
   <li>If you go to the full page view (not the teaser view on the front page) of a post there are now a row of ICONs/titles at the bottom. These ICONs will let you flag / bookmark the page on various services like Google / Yahoo / Reddit / Delicious / Newsvine and search for other people talking about it via Technorati.</li>
   <li>If you go to the Syndidate entry in the Navigation area on the left side. In addition to the RSS feed ICON you will also see a link called more which brings up http://www.privacydigest.com/sitemap This page lists all the various TAGs/categories on the site. Next to each entry is a count showing the number of entries(at the moment just since March 18th, the archives still have to be included) and an RSS ICON which links to that TAGs own RSS feed.</li>
</ul>

These will be many new features coming as I finish the site. I was a bit rushed so not everything is in place yet. You can use the contact form(from the menu at the top right) to let me know what you think or about any problems.

Oh BTW, I currently under DDoS attack by trackback SPAMers. I had the function activated for just 12 hours and killed it 12 hours ago and these guys won't give up. I have blocked over 60 servers so far and they keep coming. So I may be in and out for a bit as I try and fend them off and but in some protections to keep them away. If you have any hints on any automated ways I can block these guys before they get to my CMS I love to here them. Either use the contact form from the menu at the top of the page or send email to

Privacy Digest | News that can impact your privacy.

Sun, 18 Mar 2007 20:50:31 GMT

It seems that my current CMS(Content Management System) for Privacy Digest is getting sick. Since I was already planning to switch to a different CMS to manage the site, its not worth putting a lot of research and effort into cleaning up the new problems (probably a corrupted database) with the old one.

I will probably doing a switch over in the next or so. There will probably be a few hiccups with the RSS/XML feeds and maybe other things. The old pages will stay in place till I can import/convert them to the new system. But since they aren't actually in the CMS they will not be visible in the local search function. I'll look at adding the Google search back for my site since they have will have the old and new content.

Until the switchover goes live, you can check it out at http://www.PrivacyDigest.com/index.php And yes the index.php part is required till the switchover. But it will not be needed afterwards.

Editor.

Microsoft security guru wants Vista bugs rated less serious

Sun, 18 Mar 2007 20:39:51 GMT

Microsoft's own bug hunters should cut Windows Vista some slack and rate its vulnerabilities differently because of the operating system's new, baked-in defenses, according to the developer who is often the public persona of the company's Security Development Lifecycle (SDL) process.

Michael Howard, a senior security program manager in Microsoft's security engineering group, said that the Microsoft Security Response Center (MSRC) is being too conservative in its Vista vulnerability rating plans. Because Vista includes security techniques and technologies that Windows XP lacks, the MSRC should reconsider how it ranks Vista when a vulnerability affects both Microsoft's new operating system and its predecessor, Windows XP, he said.

"The MSRC folks are, understandably, very conservative and would rather err on the side of people deploying updates rather than trying to downgrade bug severity," said Howard on his personal blog last week. "Don't be surprised if you see a bug that's, say, Important on Windows XP and Important on Windows Vista, even if Windows Vista has a few more defenses and mitigations in place."

The operating system, released to consumers in late January, includes a number of new security features that randomize memory, check code for buffer overflows and require user permission for potentially risky operations.

Not surprisingly, the MSRC rejects Howard's argument. "Windows Vista will not be treated any differently, and severity ratings for any issues will be based on vulnerability traits and merits, along with technical mitigating factors," an MSRC spokesperson said. "This process is the same for all Microsoft products."

Although the MSRC's security bulletins may qualify a bug's severity in some specific environments, its rating system is clear-cut. If an Internet worm can spread without user action -- the MSRC's definition of "critical" -- on Vista, the vulnerability will be so tagged, Vista-specific security technologies notwithstanding.

Analysts and outside Microsoft security professionals took the MSRC's side -- and blasted Howard's idea.

Slashdot | MS Security Guy Wants Vista Bugs Rated Down

Sun, 18 Mar 2007 20:31:59 GMT

jcatcw writes "Gregg Keizer reports that Michael Howard, an MS senior security program manager, says that the Microsoft Security Response Center (MSRC) is being too conservative in its Vista vulnerability rating plans. Microsoft's own bug hunters should cut Windows Vista some slack and rate its vulnerabilities differently because of the operating system's new, baked-in defenses."