Not too late to correct. Obama will appoint Cyber Czar to coordinate efforts to secure government networks and U.S. critical infrastructures. The czar will be responsible for orchestrating and integrating all cyber security policies for the government, working with the Office of Management and Budget to ensure that agencies have money allocated for cyber security priorities, and coordinating the government’s response to a major cyber incident or attack.

“As president, I’ll make cyber security the top priority that it should be in the 21st century,” Obama said in a in a speech at Purdue University. “Our pursuit of cyber security will not include — I repeat, will not include — monitoring private sector networks or internet traffic,” Obama said. “We will preserve and protect the personal privacy and civil liberties that we cherish as Americans. Indeed, I remain firmly committed to net neutrality so we can keep the internet as it should be, open and free.”

Question remains;  should the head of cyber security in the new administration come from private industry, government or the military?

The group cites various security breaches involving Google products including the one happened few weeks back which shared Google hosted documents to other users without permission. It also cites security breaches in Gmail and Google desktop dating back to 2005. The complaint also cites marketing tactics used by Google which offers complete security of customer’s data and TOS which doesn’t guarantee any.

Previous EPIC complaints have led the Commission to order Microsoft to revise the security standards for Passport and to require Choicepoint to change its business practices and pay $15 m in fines.

Find the complaint here

http://epic.org/privacy/cloudcomputing/google/ftc031709.pdf

Check this link

http://www.endpointprotector.com/en/index.php/resources/comics

Here is the note send by Google to the affected users.

Dear Google Docs user,

We wanted to let you know about a recent issue with your Google Docs account. We’ve identified and fixed a bug which may have caused you to share some of your documents without your knowledge. This inadvertent sharing was limited to people with whom you, or a collaborator with sharing rights, had previously shared a document. The issue only occurred if you, or a collaborator with sharing rights, selected multiple documents and presentations from the documents list and changed the sharing permissions. This issue affected documents and presentations, but not spreadsheets.

To help remedy this issue, we have used an automated process to remove collaborators and viewers from the documents that we identified as being affected. Since the impacted documents are now accessible only to you, you will need to re-share the documents manually. For your reference, we’ve listed below the documents identified as being affected.

We apologize for the inconvenience that this issue may have caused. We want to assure you that we are treating this issue with the highest priority.

The Google Docs Team

Nothing official from Google at the moment but it seems that the problem is widespread as more and more people tweet the same in twitter.

http://search.twitter.com/search?q=gmail

Last month they declared all websites are infected with malware … now its Gmail.

Earlier, we were all apprehensive in making an online payment because we all knew that there are people who call themselves “hackers” who like to live with our money. Then came in a period where in which the whole Internet community constituting all the good people researched on numerous ways to keep those “hackers” at bay. After a lot of painstaking and less fruitful attempts by Netscape as well as a handful of consortiums came the Secure Sockets Layer in the January of 1999.

SSL is a data security protocol and is implemented on websites dealing with sensitive information like an online bank account or an online payment system. The protocol helps millions of users of Internet each day send sensitive information safe and secure from the hands of those prying hackers who hack your bank account number or credit card information and their respective passwords or PINs.

SSL uses certificate authorities to send information over the Internet. When a user requests for a secure website, the browser requests for the secure page and adds the “s” onto the “http”. After that, the browser sends the public key and the certificate checking the following:

1. Whether the certificate is from a trusted party.
2. Whether the certificate is valid.
3. Whether the certificate is related with the site from which it comes.

The browser then uses the public key to encrypt a randomly selected symmetric key. Most systems use a combination of public-key and symmetric key encryption. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The two computers can then communicate using symmetric-key encryption. Once the session is finished, each computer discards the symmetric key used for that session. Any additional sessions require that a new symmetric key be created, and the process is repeated.

All that technical, yet useful process that the SSL cryptographic protocol does helps us a lot in keeping us safe over the Internet. Now, with the SSL implementation, web browsing, e-mail, online payment, online data transfer and even online banking can happen with the safety from those above said hackers.

This does not spread on it own, the attacker must distribute the link manually. The malware detected by panda security and more details are available at their site

http://www.pandasecurity.com/homeusers/security-info/about-malware/encyclopedia/overview.aspx?lst=det&idvirus=199609&sitepanda=particulares

Internet was designed to be decentralized self governance network using its vast network of machines and root servers. No one controls the system and no one decides where to start looking for a particular domain name. All the IP address to readable domain name information was stored in root servers situated around the globe. Each root server keep the replica of the latest mapping information and serves as needed.

One single human error triggered from the network solutions Inc brought the whole internet to its heels during an early July 17th morning. Database corruption occurred at the network solutions server was ignored by one of its employee causing the corrupted database to get updated in other root servers situated around the world. As a result even though all servers were up and running and none of the domain names were resolved. No one could reach the websites intended.

Soon the backup of the database was restored bring back the system alive after much chaos.