Two security researchers say they have discovered a technique for taking control of Bluetooth-enabled mobile phones, even when the handsets have security features switched on. The technique is a practical implementation of a technique described by Ollie Whitehouse of security firm @Stake last year, which allows an attacker with specialized equipment to connect to a Bluetooth handset without authorization. Once the connection is established, the attacker could make calls on the target's handset, siphon off data or listen in on data transfers between the device and, for example, a PC.
Netscape has published a security update to its Netscape 8 browser fixing more than 40 security holes, just hours after the browser's official launch. Version 8 of the browser is the first major update to the browser since 2002 and includes a number of new security features designed to protect users from remote attacks and malicious websites. It is based on the increasingly popular open-source Firefox browser, but didn't include any of the security patches released in Firefox 1.0.4.
Birmingham City Council has launched one of the U.K.'s most ambitious open-source trials to date, shifting 1,500 client computers and associated server infrastructure to Linux and other open-source software. The year-long trial is designed to generate objective information on open source's benefits, according to the U.K. city's council. The Office of the Deputy Prime Minister (ODPM) via the e-Innovations program is funding the trial, which is part of a wider project called Open Source Academy.
Firefox has unpatched "extremely critical" security holes and exploit code is already circulating on the Net, security researchers have warned. The two unpatched flaws in the Mozilla browser could allow an attacker to take control of your system. A patch is expected shortly, but in the meantime users can protect themselves by switching off JavaScript.
Microsoft has a new security service that will provide an immediate response when researchers publicize unpatched vulnerabilities. The pilot program run by the Microsoft Security Response Center (MSRC) and called simply Microsoft Security Advisories, complements the monthly scheduled Security Bulletins ordinarily accompanied by patches.
CERN, the European nuclear research lab, has passed a milestone in building its worldwide data grid, sustaining a continuous data flow of an average of 600 megabytes per second (MB/s) for 10 days between eight facilities distributed through Europe and the U.S.
Fujitsu has followed up Intel's launch of its first WiMax chip -- the Pro/Wireless 5116, aka Rosedale -- with an IEEE 802.16-2004 compliant chip of its own. While Fujitsu and Intel are not the first to bring products to market supporting the broadband wireless standard, their entrance is expected to give WiMax an important jump-start. Another important step will be interoperability testing by the WiMax Forum, which was expected to begin in January but has been delayed by six months, meaning it will be the end of this year before certified products are on the market.
European enterprises are adopting open source software on the grounds of quality and flexibility, rather than merely considering it "good enough" because it is inexpensive, according to a new survey from research firm IDC.