Well my wife is heading to New York with work for 3 months so I guess I’ll have lots of time to read and blog. One of the downsides to her leaving for the next 3 months is that I won’t have a chance to head to a major city to sit for my CISSP exam until the fall. Perhaps this is a good thing as now I can enjoy my spring/summer and work on my horrible golf score 🙂

Here’s today’s list:
Vulnerabilities Are Not Marketing Fodder – I don’t agree with TippingPoint holding out but the funding for the prize had to come from somewhere…

I was a huge fan of the hack a mac (pwn to own) contest at CanSecWest last week. But I was only a fan because I, like many of us, wanted to see a point proven to the Apple Macintosh users that they suffer from the same security concerns that the rest of us do. I think that point has been proven.

U.S. Army team wants second chance at hacker contest – We’ll do better this time…..we promise…no foolin’

A team of U.S. Army hackers will attend the Hack In The Box (HITB) Security Conference 2007 in Kuala Lumpur later this year, seeking redemption after falling short at a hacker competition in Dubai earlier this month, the conference organizer said Tuesday.

Techm4sters Releases ProTech Security Distribution – I’ll have to check this out.

– Is this like Nubuntu? It is similar, yes! But we wanted something friendlier to the end-user and so we tried a different approach and tested new tools. You’ll see that there are many differences amongst them. Many ideas have been taken from NUbuntu as well as other security distributions to try to make the most complete, reliable and easiest tool for your use. I hope you can appreciate our work.

XSS Attacks book — Congrats on the book Jeremiah! Hopefully he’ll let me review it 🙂

At long last, we put the finishing touches on our new book (XSS Attacks), the cover art, and sample chapter (including ToC). It’ll be sent to the printers May 5 and shipped a few days after. Woohoo!

Russinovich: Malware will thrive, even with Vista’s UAC – Wait…you mean a shiny new product won’t solve all of my problems?

Despite all the anti-malware roadblocks built into Windows Vista, a senior Microsoft official is lowering the security expectations, warning that viruses, password-stealing Trojans and rootkits will continue to thrive as malware authors adapt to the new operating system.

Follow the Bouncing Malware: Day of the Jackal – Funny story or scary story? You be the judge?

Otte Normalverbraucher leaned back in his chair, stretched and yawned. It was nearing midnight, and now that he stopped to think about it, he realized that he was going to be very tired in when his alarm clock went off in the morning.

SMTP Authentication Update – You can invent all the technologies in the world but unless people use it it’s useless (remember Betamax?)

Opinion: It’s about 2 and a half years since the standards bodies threw up their hands and left SMTP authentication to the industry. Implementation progress has been slow but positive. And there have been some surprises.