Stories by: Carl Jongsma

For the last several months Microsoft has been pushing for their Office Open XML (OOXML) office suite file specification to be accepted as an international standard by ISO, presumably to help them gain traction for future government contracts (look, this file specification is an ISO standard, it must be good).

PHP security guru Stefan Esser recently posted on some of the changes and important security issues that are likely to have significant effects for the everyday PHP coder (and user) with the release of the upcoming PHP 5.3.

Who is the real identity behind that Gmail account? While finding out may not be as easy as knowing who is behind chunkylover53@aol.com (Homer Simpson, for the curious), it apparently isn't much harder.

After being plagued with project overruns and a scaling back of the final system, the US military's next generation satellite communications network is another step closer to reality, with completion of the payload module for the third and final Advanced Extremely High Frequency (EHF) satellite.

If you needed any more reminders about why it isn't a good idea to use external mail services to conduct critical business, the recent break-in to US Republican Vice-Presidential candidate Sarah Palin's gov.palin@yahoo.com Yahoo inbox should be it. Of note is that following the disclosure of the inboxes the compromised address and another address, gov.sarah@yahoo.com, have been suspended.

Last week Microsoft released MS08-055 [1], patching a remote code execution vulnerability affecting the handling of onenote:// URLs in different versions of Office. What was surprising about the patch is that the vulnerability being fixed only bore a passing resemblance to the one that was notified to Microsoft in March of this year.

Reports of data losses and system breaches are almost becoming passe but from time to time events happen that take on a life of their own and have effects far beyond what the initial breach would normally represent.

Microsoft's Security Vulnerability Research & Defense team (SVRD) have recently posted information online about the Cross Site Scripting (XSS) filter to be incorporated into Internet Explorer 8 when it is released.

Unless you're a dyed in the wool cryptographic geek you probably didn't know that there was a Crypto conference, or even a chain of worldwide crypto conferences that take place each year. Fortunately, for the most of us that aren't crypto geeks there are a handful of very highly skilled people who are; they can take the highly theoretical and complex mathematical proofs and arguments that make up most of modern cryptographic and cryptanalytic research and put it into plain language.

Without getting into the argument of who is right in a five-sided conflict (South Ossetia, Georgia, Russia, Abkhazia, and the various external groups and individuals who are motivated enough to be involved), interesting conclusions can be drawn from what is happening online and also how those events are being reported upon.