But such services as YourHackerz.com are still active and plentiful, with clever names like "piratecrackers.com" and "hackmail.net." They boast of having little trouble hacking into such Web-based e-mail systems as AOL, Yahoo, Gmail, Facebook and Hotmail, and they advertise openly.

The hack is not a complete break; it only results in the ability to read and falsify particular short data packets, but cannot retrieve a WPA encryption key. Still, the rapid development of WPA hacks suggests that those paranoid about security ensure that their WiFi networks are using WPA2 with AES encryption rather than WPA with TKIP.

By default, Facebook’s privacy settings let applications access information on your profile even if you have restricted access to a specific network or friend group (as application privacy settings are separate from profile privacy settings). In addition, Facebook’s default settings allow applications run by your friends to pull information from your profile. Surprised? Check out your settings and see for yourself!

The lesson in all of this is that little we do is ephemeral anymore. We leave electronic audit trails everywhere we go, with everything we do. This won't change: We can't turn back technology. But as technology makes our conversations less ephemeral, we need laws to step in and safeguard our privacy. We need comprehensive data privacy laws, protecting our data and communications regardless of where it is stored or how it is processed. We need laws forcing companies to keep it private and delete it as soon as it is no longer needed, and laws giving us the right to delete our data from third-party sites. And we need international cooperation to ensure that companies cannot flaunt data privacy laws simply by moving themselves offshore.

An Australian Federal Police boast, on the ABC's Four Corners program, about officers breaking up an underground hacker forum, has backfired after hackers broke into a federal police computer system.

Security consultants say police appear to have been using the computer as a honeypot to collect information on members of the forum but the scheme came undone after the officers forgot to set a password.

Ksplice Uptrack is a new service that lets you effortlessly keep your systems up to date and secure, without rebooting.

Russia's most powerful business lobby moved to clamp down on Skype and its peers this week, telling lawmakers that the Internet phone services are a threat to Russian businesses and to national security.

...

"Without government restrictions, IP telephony causes certain concerns about security," the lobby's press release said. "Most of the service operators working in Russia, such as Skype and Icq, are foreign. It is therefore necessary to protect the native companies in this sector and so forth."

mod_auth_tkt is a lightweight single-sign-on authentication module for apache, supporting versions 1.3.x, 2.0.x, and 2.2.x. It uses secure cookie-based tickets to implement a single-signon framework that works across multiple apache instances and servers.

mod_auth_tkt itself is completely repository-agnostic, as the actual authentication is done by a user-supplied CGI or script in your language of choice (examples are provided in Perl, with contrib libraries for use with python and PHP). This allows authentication against virtually any kind of user repository you can imagine (password files, ldap directories, databases, etc.)

This is a step-by-step tutorial guide for implementing OpenID consumer-side support with a web site that already has users with accounts. It will explain how to easily let new users sign up for an account on your site using their OpenID URL and how to let existing users attach their OpenID(s) so they can sign in using them.

Darknets, themselves, are nothing new; networks like Tor, FreeNet, and Gnutella are well-established. The HP researchers say Veiled is the same idea, only much simpler: It doesn't require any software to participate, just an HTML 5-based browser. "We've implemented a simple, new darknet in the browser," Wood says. "There are no supporting [software] programs."