Brett Glass

About

Brett Glass has more than 20 years of experience designing, building,writing about, and crash-testing computer hardware and software. (A born'power user,' he often stresses products beyond their limits simply bytrying to use them.) A consultant, author, and programmer based inLaramie, Wyoming, Brett obtained his Bachelor of Science degree inElectrical Engineering from the Case Institute of Technology and his MSEEfrom Stanford. He plans networks, builds and configures servers, outlinestechnical strategies, designs embedded systems, hacks UNIX, and writeshighly optimized assembly language.During his rather eclectic career, Brett has written portions of the codeand/or documentation for such widely varied products as Borland's Pascal'toolboxes' and compilers, Living Videotext's ThinkTank, Cisco Systemsrouters and terminal servers, Earthstation diskless workstations, andTexas Instruments' TMS380 Token Ring networking chipset. His articleshave appeared in nearly every major computer industry publication.When he's not writing, consulting, speaking, or cruising the Web insearch of adventure, he may be playing the Ashbory bass, teachingInternet courses for LARIAT (Laramie's community network and Internetusers' group), cooking up a storm, or enjoying 'extreme'-ly spicy ethnicfood.To mail Brett, visit his Web form.

Biometric Security – 2

One of the most common causes of network security breaches is easily guessable or insecure passwords. Many users choose common names or words that are in any dictionary; others use the same passwords everywhere or write them down where they can be discovered. Wouldnt it be great if you never had to remember another password? […]

IM Security: Dont Get Fooled

Using an instant messenger (IM) program seems like a harmless way to have a conversation. Unfortunately, IM can be exploited to damage, commandeer, or infect your machine. Attacks on IM programs (such as MSN Messenger, AIM, ICQ, and so on) fall into the same categories as other network attacks. Some attacks take advantage of bugs […]

Batten Down Those Ports

With worms such as Blaster prowling the Net, every user ought to know the ways a computer may be exposing itself to attacks. One of the simplest but most vital tests you can do to determine potential vulnerabilities is to find out which ports your PC has open to the outside world. ZIFFPAGE TITLEWhats a […]

Hackers Claim to have Infiltrated AOL

According to Wired News, teenage hackers claim to have used “social engineering” — i.e. fast talk and subterfuge — to compromise security at America Online. The Wired article says that the youths have discovered ruses that allow them to convince AOLs support staff to reset passwords on accounts. The crackers also claim to have gained […]

Windows XP Passwords Rendered Useless

Windows guru Brian Livingston reports that inserting a Windows 2000 CD into an XP system allows one to bypass all password protection and manipulate any part of the machine at will. “Anyone with a Windows 2000 CD can boot up a Windows XP box and start the Windows 2000 Recovery Console,” says Livingston. The intruder […]

JunkBuster Proxy May Relay Spam

Older versions of the Internet JunkBuster Web proxy — which blocks Web banner ads — are reportedly being used to relay spam. Early versions of the product, though not the most recent, may be subject to attack if the administrator does not take precautions to block unauthorized access. In particular, version 2.0-1 of the product, […]

Be Careful Using Public Kiosks

A recent incident at Boston College demonstrates why its a bad idea to use public Internet kiosks, or browsers at cybercafes, for anything but general Web browsing. According to this article, a student at the school was arrested for planting snoopware on computers in public areas. He then used passwords gathered from the machines to […]

Online Gaming Systems Vulnerable

According to an advisory and press release from security firm PivX Labs, online gaming systems created by Epic Games are vulnerable to “a laundry list” of dangerous exploits. According to the researchers, the vulnerabilities in Epics Unreal Gaming Engine include “local and remote DoS, DDoS, bounce attacks with spoofed UDP packets, fake players, execution of […]

Opera Fixes Browser Holes

This week, GreyMagic Software reported several serious security holes in the Opera 7.0 browser. Opera — unlike other companies with seemingly endless turnaround times on bug reports — fixed the vulnerabilities in only 5 days, releasing Opera 7.01. Another bug related to Opera has only been partially fixed, but Opera Software can hardly be blamed […]

Turbo Tax: Sector 33 Naughtiness

In Part 1, we laid out some of the reasons why we suspected problems with Intuits implementation of digital rights management with its Turbo Tax problem, and explored some of the issues that surfaced during installation. Now lets look closely at what happens when you actually try to use the product. After installing TurboTax, we […]