Author: Dave Lewis January 31, 2007 at 10:51 am · Filed under News
Morning folks. Hello to this mornings readers from Sweden, Malaysia, UK, USA, South Africa, Hong Kong and Canada. If you haven’t already signed up, please take a moment to subscribe to RSS or email using the options on the right hand side of the page.
Author: Dave Lewis January 31, 2007 at 10:09 am · Filed under OS Security
Well, that certainly didn’t take long. Security folks are taking aim at Bill Gates’ claim that Vista is more secure than other operating systems. Whether or not that proves to be true, the mere assertion is silly. This smacks of Ellison’s claim that Oracle was unbreakable. Thats right…just hold the red cape in front the bull.
No matter how you may slice it Microsoft can’t win here. There are the legions of hackers out there that would like nothing more than to see the company fall on its face. Or even simpler have their 5 minutes of fame for breaking off a piece of Vista. On the other side of the equation there are the competitors that will no doubt say “see, told you they weren’t secure”. It’s a no win.
Microsoft has spent more than five years developing Vista and some of the delays to its launch have occurred as developers struggle to make it more secure.
Malicious hackers are already known to be targeting Vista and carrying out research to expose its weaknesses.
“For sure, people are hammering away on it,” Jeff Moss, the organiser of the Defcon hacking convention, told Reuters.
“If you are a bad guy and you find a problem, you have a way to spread your malware and spyware,” he said.
And that will only be a matter of time. The evangelical operating system holier-than-though nonsense has got to come to an end. Every OS has it’s particular bent and brings with it their own myriad of difficulties. Vista will enjoy a honeymoon period and, like all software, will have its dark days.
Author: Dave Lewis January 31, 2007 at 9:50 am · Filed under Data Security
Playing nice with others…
Eight leading data security companies have joined forces to create an organization to educate the business community on the value of global security standards that protect credit and debit card numbers.
The newly formed Payment Card Industry Security Vendor Alliance will assist the PCI Security Standards Council—an organization composed of merchants, banks and point-of-sale vendors—in educating the business community on the requirements and business value of the Payment Card Industry Data Security Standard.
Author: Dave Lewis January 30, 2007 at 11:05 am · Filed under Privacy
MSNBC is running an article about a computer that was hacked exposing the personal information of roughly 70,000 residents of the state of Vermont. The breach occurred sometime in December 2006. The state is planning to send a letter to the affected persons.
The Human Services computer was used as a tool to track non-custodial parents who owe back child support. The state and a number of banks exchanged financial information on the computer, which was taken out of service in early December after technicians discovered what they thought was a computer virus.
It remains offline, officials said.
About 12,000 of the affected individuals owed back child support. The rest of the names _ about 58,800 people — were supplied to the state by the New England Federal Credit Union, which shared customer information with the understanding that only the data on child support debtors would be used.
If you live in Vermont (and are a deadbeat Mom or Dad) be sure to check your credit information.
Author: Dave Lewis January 30, 2007 at 8:52 am · Filed under Humour, News
It’s go time for Vista. Starting today home users can purchase an upgrade or full version of the software.
Microsoft Corp. rolled out Windows Vista at retailers in 70 countries Tuesday, delivering a new computer operating system that aims to better manage the explosion of digital media and protect users from the dangers of the Internet.
The world’s biggest software maker marked the launch of its first all-new Windows operating system in five years with a marketing blitz, including commercials featuring basketball star Lebron James and appearances by Microsoft (Charts) co-founder Bill Gates on morning and late-night chat shows.
Now, there has been a great deal of talk about whether or not you will need to buy new hardware to run Vista. In fact this OS will run on older hardware in most cases. However, you will not be able to leverage some of the glossy features. In a nut shell, if you have the means then a hardware upgrade may be to your benefit. I have been running Vista (business) in a virtual machine off and on for a couple months now…and I still can’t get into it. I’m a Mac fan. To each their own.
Another notable is this article that I found over on Boing Boing. It turns out (just in time for the rollout) that Vista’s DRM may have been cracked.
Alex Ionesco, a security researcher in Montreal, has released technical details of a hack he’s developed for Windows Vista. The hack lets him subvert Windows’ anti-copying technology and get force a full-resolution, unencrypted high-def video stream. He has not released source code, however, because he claims to be nervous of violating US law — I think that this is misplaced. Canada hasn’t passed Bill C-60 yet (and with any luck, it never will), so he should be all right in Canada.
The best part of the Vista launch was the uneasy interview that Bill Gates had on the Daily Show. Kudos to Bill for having the stones to do the show. I was laughing. Bill even managed to take a swipe or two at Jon Stewart.
The world’s richest man sat down with the world’s most famous fake news anchor Monday, and everything went pretty much perfectly for everyone involved. Until Bill Gates bolted from the set.
To be clear, the interview was over, and Gates and “Daily Show” host Jon Stewart had shaken hands and said thanks. But the Microsoft Corp. chairman’s speedy departure came with the show still rolling, when guest and host usually engage in polite on-camera banter unheard by the audience at home.
Author: Dave Lewis January 29, 2007 at 8:04 am · Filed under News
Symantec has been getting it head smacked about in the press of late. But, I have to admit that they have some good news to report. Altiris announced today that they are being purchased by Symantec. Here is the text of the email that was sent out.
Today marks a significant milestone for Altiris with the announcement that Symantec will acquire Altiris. This is a great opportunity for two leading companies to join together and innovate in market segments as they converge—security, storage and systems management.
Today Symantec announced a definitive agreement to acquire Altiris for $33.00 per share in cash. The parties intend to complete the transaction as soon as practicable and currently anticipate the closing to occur in the second quarter of 2007. This is an exciting development for both Symantec and Altiris, and we believe a very positive development for Altiris customers as well.
Altiris will operate as a separate business unit within Symantec with the existing management team. We believe that being part of Symantec, a $5 billion company, will give Altiris immediate opportunities to address our customers’ evolving needs that would have taken us years to accomplish on our own.
With the convergence of IT operations and security management, we believe that the combined company will create a powerful software platform to address this growing market trend. In addition, we believe the combined companies will further help you to cut the cost and complexity of IT and security management and speed the delivery of new services.
The proposed transaction will bring together the strength of the fully integrated Altiris service oriented management platform with Symantec’s global leadership in infrastructure software protection that addresses risks to security, availability, compliance and performance. This will allow you to purchase—from a single vendor—market leading products in systems management and security that will be integrated into one complete solution.
You are the reason for our success to this point and we appreciate your support. As this exciting time unfolds, you have my personal commitment that Altiris’ support of you, our customers, will never waiver. I know this transaction will raise many questions with regard to how you will do business with Altiris in the future. We will work hard to get all your questions answered as soon as possible. Please realize that many of these details will not be available until after the transaction is closed.
As we continue to deliver on our business commitments to you, do not hesitate to contact your Altiris representative with any questions or concerns.
Author: Dave Lewis January 26, 2007 at 10:24 am · Filed under Vulnerability
This got tiresome a long long time ago. But, that being said we have yet another Word vulnerability. This is apparently quite bad.
From Secunia:
Description:
A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to an unspecified error when parsing Word documents and can be exploited to execute arbitrary code on the user’s system.
NOTE: The vulnerability is currently being actively exploited.
The vulnerability is reported in Microsoft Word 2000. Other versions may also be affected.
Solution:
Do not open untrusted Office documents. (not much of a fix, I know)
Explore
Security Bloggers Network
