A fired Fannie Mae contract employee allegedly placed a virus in the mortgage giant's software that could have shut the company down for at least a week and caused millions of dollars in damage, prosecutors say.

The virus was set to execute at 9 a.m. Jan. 31, first disabling Fannie Mae's computer monitoring system and then cutting all access to the company’s 4,000 servers, Nye wrote. Anyone trying to log in would receive a message saying "Server Graveyard."

From there, the virus would wipe out all Fannie Mae data, replacing it with zeros, Nye wrote. Finally, the virus would shut down the servers.

Considering that it took the original researchers four tries over at least a month to successfully accomplish their attack against the RapidSSL brand, we're fully confident that no malicious organization had the opportunity to use this information against RapidSSL, or any other certificate authority authorized by VeriSign.

As it happens the most expedient and safest method of mitigating the attack was to switch it out for SHA-1. We had been planning this migration to occur on RapidSSL in January 2009 anyway, so we had a high degree of confidence in accelerating that deployment.

Journalspace.com has fallen and can't get up. The post on their site describes how their entire database was overwritten through either some inconceivable OS or application bug, or more likely a malicious act. Regardless of how the data was lost, their undoing appears to have been that they treated drive mirroring as a backup and have now paid the ultimate price for not having point-in-time backups of the data that was their business.

A security research team has used MD5 collision attacks to create a rogue Certificate Authority (CA) certificate. The certificate is trusted by all common web browsers and allows them to impersonate any website on the internet, including HTTPS secured banking and e-commerce sites.

The certificate can also be used to sign other certificates, which could allow attackers to carry out "practically undetectable phishing attacks".

The team found the following CAs still using MD5; RapidSSL, FreeSSL, TC TrustCenter AG, RSA Data Security, Thawte and verisign.co.jp. They collected 30,000 certificates and found 9,000 of them were signed with MD5 and of them, 97 per cent were issued by RapidSSL.

Code-named Amber Road, the rack-mounted 7000 line comes in 2TB, 44TB and 288TB options. All use the open-source ZFS file system and the DTrace system analysis tool and can be up and running in about 5 minutes, Sun claims.

All of the new unified storage systems include comprehensive data services at no extra cost, Fowler said. These include snapshots/cloning, restores, mirroring, optional RAID-5, optional RAID-6, replication, active-active clustering, compression, thin provisioning, CIFS (Common Internet File System), NFS (Network File System), iSCSI, HTTP/FTP and WebDAV (Web-based Distributed Authoring and Versioning).

The idea of the paperless office has been around since the late 1970s but three decades on paper remains hugely popular.

One particular technology proving useful for this is Adobe's Portable Data Format.

About 15 years ago this started life as a simple way to preserve the look and feel of documents as they were passed between different operating systems and computers.

Another way to get rid of paper is to scan the documents and turn them into digital facsimiles. The relentless march of technology means today's scanners, even those found in the home, are more like the very expensive ones big corporations use.

Felten and a group of colleagues have now shown that hard disk encryption is incredibly easy to beat. This should be a huge concern, considering how many people and organizations rely on data encryption to protect important data. In fact, with many of the "lost" hard drive stories over the past few years, many organizations have insisted the risk was minimal, since the data was all encrypted.

As the video notes, this won't work on some systems if the computer is turned completely off and the encryption package opens up before the operating system boots -- but otherwise, most systems are vulnerable.

Sherman's a sharp guy, and he's fully aware that filtering will prompt an encryption arms race that is going to be impossible to win... unless users somehow install the filtering software on their home PCs or equipment.

This means moving the filter out of the network and onto the edges (local machines), since it's at the edges that decryption and playback occurs.

Sherman knows it's a tough sell. "Why would somebody put that on their machine?" he asked rhetorically. "They wouldn't likely want to do that."

The only way to make it work is to mandate the filters or have ISPs mandate that users install them to get on the Internet. The consumer backlash from such a plan would be like the force of a thousand supernovas, and it's hard to visualize this happening.

According to to the U.S. Federal Aviation Administration, the new Boeing 787 Dreamliner aeroplane may have a serious security vulnerability in its on-board computer networks that could allow passengers to access the plane's control systems.

The computer network for the Dreamliner's passengers, designed to give passengers in-flight internet access and entertainment, is connected to the plane's control, navigation and communication systems, the FAA report reveals.

More worryingly, there seems to be some confusion at Boeing as to what exactly the situation is, as Boeing spokeswoman Lori Gunter said the wording of the FAA document is misleading, and that the plane's networks don't completely connect. Why are you testing a new solution then?

The U.S. Coalition Provisional Authority, which formerly governed Iraq, accidentally published Microsoft Word documents containing information never meant for the public, according to an article in Salon. By viewing the documents using the Track Changes feature in Word (.doc), the author has been able to reconstruct internal discussions from 2004 which reflect the optimism, isolation and incompetence of the American occupation.

The editors kept pulling text from a document titled "Why Are the Attacks Down in Al-Anbar Province -- Several Theories."