A man who chose “Lloyds is pants” as his telephone banking password said he found it had been changed by a member of staff to “no it’s not”. He said he was then banned from changing it back or to another password of “Barclays is better”.

The demonstration of a vulnerability in the Border Gateway Protocol is only the latest attack to highlight fundamental security weaknesses in some of the internet’s core protocols. Those protocols were largely developed in the 1970s with the assumption that every node on the then-nascent network would be trustworthy.

Servers for both Red Hat Enterprise Linux and Fedora Linux were compromised in recent weeks by some kind of illegal access. Neither project however is currently admitting than any of their software or users were in any way directly affected by the illegal access.

Adi Shamir, who is the S in RSA, has presented material at the Crypto 2008 conference that has promised a new form of mathematical attack against a broad range of cryptographic ciphers, including hash functions (such as MD5, SHA-256), stream ciphers (such as RC4), and block ciphers (such as DES, Triple-DES, AES).

By a slim margin, the majority of nearly 300 readers who responded to the poll said they had never logged into someone else’s email or social networking account without their knowledge. But that still leaves a whopping 42 percent who readily admit to it — and this is coming from an educated tech-readership, not a band of merry thieves (or so we thought…).

Historical works that are most in need of preservation are likely to already be damaged or distorted, making the use of automated scanning and text processing less likely to succeed. So researchers are now turning them into CAPTCHAs, and getting people to do the analysis in place of machines.

Even with the attacks described in the paper, Windows Vista has many worthwhile security improvements compared to Windows XP. Stories suggesting that Vista’s security is now irredeemably broken are far off the mark; the truth is merely that some of its automatic security protection is less effective than it was before.

The attacks take advantage of the way Microsoft chose to guard Vista’s fundamental architecture. The new techniques are being seen as an advance that many in the security community say will have far-reaching implications not only for Microsoft, but also on how the entire technology industry thinks about attacks.

Dan Kaminsky of Seattle-based security consultant IOActive exposed a giant vulnerability in the internet’s design that, in one case, allowed hackers to reroute computer a fake Google.com site loaded with automated advertisement-clicking programs, a scam to generate profits for the hackers from those clicks.

People who approved the download of the bogus flash.exe file received a Trojan horse — identified by multiple names, including Cbeplay.a — that in turn “phones home” to a malicious server to grab and install additional malware, said Danchev.