Stories by: Andrew Brandt

What do you get when you add the human propensity to screw stuff up to the building of large-scale IT systems? What the military calls the force-multiplier effect -- and the need for a cadre of top-notch QA engineers.

June 25, 1998, and June 30, 2008, marked two important milestones in Microsoft's evolution of the Windows OS -- the passing of the torch from Windows 95 to Windows 98, and the less seemly transition from XP to Vista.

For those of us who make our living behind a keyboard in IT, it's hard to imagine a more time-tested vulnerability than the end-user. Armed with network access, these IT viruses wreak havoc nearly everywhere you look -- havoc borne of tech idiocy.

Ah, youth. Ready to take on the world, today's generation of dynamic, tech-immersed youngsters have grown up alongside the Internet. Firsthand, and sometimes single-handedly, they have advanced some of today's hottest technology trends, from peer-to-peer networking, to massively multiplayer online games, to social networks and instant messaging. And along the way, a small, sociopathic number of them have behaved very, very badly.

When federal agents announced on November 29 that they'd indicted or convicted eight individuals accused of using botnets (networks of computers infected with Trojan horse applications) to engage in criminal activity, the press release barely explained the nature and extent of the men's crimes -- or the investigations that led to arrests in an operation the FBI and other law enforcement agencies have termed Bot Roast II.

Con job, pretexting, social engineering -- the art and science of manipulating human beings for nefarious ends -- goes back as far as the origin of the species. The techniques have been practiced and perfected by a rogue's gallery of flimflam artists, from legendary carnival operator P. T. Barnum to infamous FBI mole Robert Hanssen.

You may not always be able to protect your laptop from a thief, but you can keep the data it contains safe. Two new products--PGP Whole Disk Encryption 9.5 and DriveCrypt Plus Pack 3.5--promise to protect your data, so that even if your computer falls into the wrong hands, its contents will remain unreadable. Both applications are easy to use and offer an impressive suite of tools, but most users will appreciate the more practical features and lower price tag of PGP's product.

You've heard so many warnings about phishing that you've become wary of any e-mail message purporting to come from your bank or favorite Web store. But if the link in it uses a legitimate Web domain and your phishing filter doesn't complain, the message must be okay, right?

Much has been made of recent patent applications--such as one involving emoticons on cell phones--that seem a far cry from real breakthroughs like the lightbulb. And while many of the weakest patent applications are eventually rejected, some experts believe that an overworked and underfunded U.S. Patent and Trademark Office is issuing more and more patents that never should have passed their first review.

News that a nine-year-old encryption method -- one that underlies the protection of virtually all secure online communications -- appears to have been cracked by a team of three Chinese researchers has spurred encryption experts around the world to issue a call to action.

Viruses that target handhelds can be even more dangerous than their cousins that attack PCs, spawning self-replicating programs that hide easily, a security researcher told an audience of security professionals at the Black Hat Briefings conference in Las Vegas last week.