Welcome to www.globaltravelreservations.com !!!





Links


HostelTraveler.com
EuroHostelTraveler.com
BedBreakfastTraveler.com
InstantWorldBooking.com
Hostway


Search Google




Domain Search
www.    
Powered by Hostway


About www.globaltravelreservations.com
InstantWorldBooking.com offers secure confirmed reservations at world heritage and tourist destinations around the globe. Book instantly online at thousands of hostels, hotels, bed and breakfasts, and cheap lodging.

Contact Information
www.instantworldbooking.com -- Instant World Booking, 223 Wall Street - Suite 370, Huntington, NY 11743 USA

Syndicated Content
Top News

Their 'offense'? Shopping while black
Leah Wells and two girlfriends decided to ditch the gym during an office lunch break and do some power-shopping instead. The three young women, all in their 20s and all black, ended up wrongly detained for shoplifting. Their offense, as Wells sees it, was being black in America. It's a common refrain from black people in the U.S., says CNN's Soledad O'Brien.



Dolly weakens, carries rains inland
Hurricane Dolly was downgraded to a Category 1 hurricane today after it made landfall on South Padre Island, Texas, the National Hurricane Center said. But Dolly's sustained winds were still about 95 miles an hour. The storm is expected to produce from 8 to 12 inches of rain, with up to 20 inches in isolated spots, and widespread flooding is likely.



Dad angered by 'monster' molester's freedom
Jurors convicted the art teacher of forcing a boy to have sex with him repeatedly in a classroom supply closet. A judge sentenced him to 43 years. But Aaron Mohanlal has yet to spend a day in prison, and he lives 15 miles from his victim. "The idea of that monster being that close to my family again is outrageous," the boy's father told CNN for an exclusive report.



Strong quake injures 92 in Japan
A magnitude 6.8 earthquake rattled north-central Japan early Thursday, according to the U.S. Geological Survey.



House weighs overturning 'don't ask, don't tell'
A House panel weighed overturning the military's "don't ask, don't tell" policy Wednesday, the first time Congress has considered the rule since it was implemented 15 years ago.



World News

Pakistan warns of nuclear arms race
Read full story for latest details.



Stolen baby traced to Guatemala adoption
Read full story for latest details.



U.S. Air Force: Entire crew killed in Guam crash
All six airmen aboard the B-52 bomber that crashed Monday off Guam's northwest coast were killed, Air Force officials confirmed Wednesday.



N. Korea pressed to verify end of nuke program
U.S. Secretary of State Condoleezza Rice pressed her North Korean counterpart Wednesday to agree a plan for verifying its nuclear activity.



Sudan leader contemptuous of genocide charge
Read full story for latest details.



Technology News

Cancer Center Warns of Kids' Cellphone Risks
The director of the University of Pittsburgh Cancer Institute issues an unprecedented warning to faculty and staff Wednesday: Limit cell phone use because of the possible risk of cancer, especially for children. The advice is contrary to many studies, but Dr. Ronald B. Herberman says he's basing his alarm on early, unpublished data.
Add to Facebook Add to Reddit Add to digg Add to Google



Intel CEO Calls for 10 Million Plug-In Conversions Within Four Years
Andy Grove's called for 10 million vehicles to be converted to plug-in hybrids within four years and laid out some ideas to help get us there.
Add to Facebook Add to Reddit Add to digg Add to Google



Security Matters: Lesson From the DNS Bug: Patching Isn't Enough

Despite the best efforts of the security community, the details of a critical internet vulnerability discovered by Dan Kaminsky about six months ago have leaked. Hackers are racing to produce exploit code, and network operators who haven't already patched the hole are scrambling to catch up. The whole mess is a good illustration of the problems with researching and disclosing flaws like this.

The details of the vulnerability aren't important, but basically it's a form of DNS cache poisoning. The DNS system is what translates domain names people understand, like www.schneier.com, to IP addresses computers understand: 204.11.246.1. There is a whole family of vulnerabilities where the DNS system on your computer is fooled into thinking that the IP address for www.badsite.com is really the IP address for www.goodsite.com -- there's no way for you to tell the difference -- and that allows the criminals at www.badsite.com to trick you into doing all sorts of things, like giving up your bank account details. Kaminsky discovered a particularly nasty variant of this cache-poisoning attack.

Here's the way the timeline was supposed to work: Kaminsky discovered the vulnerability about six months ago, and quietly worked with vendors to patch it. (There's a fairly straightforward fix, although the implementation nuances are complicated.) Of course, this meant describing the vulnerability to them; why would companies like Microsoft and Cisco believe him otherwise? On July 8, he held a press conference to announce the vulnerability -- but not the details -- and reveal that a patch was available from a long list of vendors. We would all have a month to patch, and Kaminsky would release details of the vulnerability at the BlackHat conference early next month.

Of course, the details leaked. How isn't important; it could have leaked a zillion different ways. Too many people knew about it for it to remain secret. Others who knew the general idea were too smart not to speculate on the details. I'm kind of amazed the details remained secret for this long; undoubtedly it had leaked into the underground community before the public leak two days ago. So now everyone who back-burnered the problem is rushing to patch, while the hacker community is racing to produce working exploits.

What's the moral here? It's easy to condemn Kaminsky: If he had shut up about the problem, we wouldn't be in this mess. But that's just wrong. Kaminsky found the vulnerability by accident. There's no reason to believe he was the first one to find it, and it's ridiculous to believe he would be the last. Don't shoot the messenger. The problem is with the DNS protocol; it's insecure.

The real lesson is that the patch treadmill doesn't work, and it hasn't for years. This cycle of finding security holes and rushing to patch them before the bad guys exploit those vulnerabilities is expensive, inefficient and incomplete. We need to design security into our systems right from the beginning. We need assurance. We need security engineers involved in system design. This process won't prevent every vulnerability, but it's much more secure -- and cheaper -- than the patch treadmill we're all on now.

What a security engineer brings to the problem is a particular mindset. He thinks about systems from a security perspective. It's not that he discovers all possible attacks before the bad guys do; it's more that he anticipates potential types of attacks, and defends against them even if he doesn't know their details. I see this all the time in good cryptographic designs. It's over-engineering based on intuition, but if the security engineer has good intuition, it generally works.

Kaminsky's vulnerability is a perfect example of this. Years ago, cryptographer Daniel J. Bernstein looked at DNS security and decided that Source Port Randomization was a smart design choice. That's exactly the work-around being rolled out now following Kaminsky's discovery. Bernstein didn't discover Kaminsky's attack; instead, he saw a general class of attacks and realized that this enhancement could protect against them. Consequently, the DNS program he wrote in 2000, djbdns, doesn't need to be patched; it's already immune to Kaminsky's attack.

That's what a good design looks like. It's not just secure against known attacks; it's also secure against unknown attacks. We need more of this, not just on the internet but in voting machines, ID cards, transportation payment cards ... everywhere. Stop assuming that systems are secure unless demonstrated insecure; start assuming that systems are insecure unless designed securely.

---

Bruce Schneier is chief security technology officer of BT, and author of Beyond Fear: Thinking Sensibly About Security in an Uncertain World.


Add to Facebook Add to Reddit Add to digg Add to Google



IPhone 3G Users Complain About Network Issues
Complaints are mounting among iPhone users about the quality and consistency of AT&T's third-generation (3-G) data network. In Gadget Lab.
Add to Facebook Add to Reddit Add to digg Add to Google



The Broadband Boom May Be Over
AT&T reports a measly 46,000 broadband subscribers added during the second quarter, down from nearly half a million in the first quarter. The numbers imply that broadband growth has come to a screeching, painful halt. The news doesn't bode well for other broadband providers.
Add to Facebook Add to Reddit Add to digg Add to Google



Entertaiment News

'I hate having the spotlight on me'
Read full story for latest details.



'The Olympics That Changed the World'
The 1960 Rome Olympics are little remembered today, but the Games produced some major athletic figures, including Wilma Rudolph and Rafer Johnson. The Olympics also had some deeper meanings, notes author David Maraniss.



Whatever happened to the family comedy?
Read full story for latest details.



Can you believe those new 'Gossip Girl' ads?
Read full story for latest details.



Omarosa: Wendy Williams is 'fake,' 'phony'
Read full story for latest details.





Calendar

Weather


Information Not Available

This page has been viewed

1181
times