The GSA's url-shortening system's vulnerabilities leave the US Government "with egg on its face" as hackers continue to spoof .gov domains. Smartphone privacy apps can also be used for cyber eavesdropping. Attack trend studies report more mobile malware, more drive-by attacks, and more email malware vectors.
Sophos gives Hotmail poor security marks (Gmail and Yahoo fare better). Three offerings hit the hackers' black (or at least very dark grey) market: HackRF Jawbreaker promises low-cost wireless intercept and reverse engineering tools; an online service sells access to compromised corporate machines; another outfit rents hacked PCs.
Polish security firm and Oracle gadfly Security Explorations offers a Java patch it claims is too important to wait for Oracle's promised February fix.
Journalists explore the mobile payment market and return mixed findings: the developing world seems to want it more than consumers in the developed world do. US Immigration & Customs Enforcement announces it will adopt the iPhone as its standard mobile device—a security vote of confidence for iOS. Booz Allan announces plans to replace its BlackBerrys with either iPhones or Android devices. Bill Gates says Windows 8 is the future of the PC, but Wired thinks few businesses will bother with it.
A survey finds that successful defense against insider threats is "more psychology than technology." The US Government moves closer to a continuous monitoring IT security policy. The Dutch government expands authorization of legal intercept to foreign systems. US users of Huawei gear defend their vendor against Congressional accusations of espionage.