Privacy, Security Archive

Security for Internet Users Deemed Weak

Home internet users are suffering from a variety of worms, viruses, and spyware on their machines, and though they are often aware that their computers are acting funny, they often don't have any idea why. Typical home users are not taking the necessary steps to protect themselves from these online threats. These are the findings of a recent study on internet security.

Automated Penetration Testing – False Sense of Security

The security industry has matured quickly over the past few years with penetration testing becoming one of the norms for organisations adopting best-practice processes. Loosely defined as the process of actively assessing an organisations security measures and completely reliant on consultancy services, security manufacturers have been eager to bridge the gap between product and service and more importantly to reap the benefits of additional profits. Story is here.

AdAxis Promises Network Control Over Spyware

While spyware protection on single home machines is quite easy using today's removal tools like AdAware or Spybot Search & Destroy, deploying and managing such tools in corporate networks is still a problem. AdAxis promises to ease both deployment and managability of AdAware in such environments. It provides a facility for pushing reference file updates to corporate network workstations, executing AdAware on workstations remotely without user interaction and monitor the spyware contamination degree of machines.

Data Integrity – The Unknown Threat

Much of the attention commanded by computer security issues focuses on threats from external sources. Firewalls and perimeter defense tools are deployed to deny unauthorised entry to the network. Experts look for vulnerabilities and ways to ensure that the perimeter cannot be breached. Administrators monitor network traffic for unusual activities and anomalies, and it is common for users to be warned against suspicious email attachments. Read more.

Web Security Threat Classification

This paper compiles and distills the known unique classes of attack, which have presented a threat to web sites in the past. Each class of attack will be given a standard name and explained with thorough documentation discussing the key points. The formation of a Web Security Threat Classification will be of exceptional value to application developers, security professionals, software vendors or anyone else with an interest in web security.

Back Up Linux

The loss of critical data can prove devastating. Still, millions of professionals ignore backing up their data. While individual reasons vary, one of the most common explanations is that performing routine backups can be a real chore. Because machines excel at mundane and repetitive tasks, the key to reducing the inherent drudgery and the natural human tendency for procrastination, is to automate the backup process.

Bill Gates: More Firewalls, Faster Fixes, Auto Update

Speaking in Australia, Microsoft Chairman Bill Gates stressed that more widespread use of firewalls would solve some of the Internet's security problems. He also stressed that his company needs to reduce the frequency with which major security updates are released. He also noted that while most OSes can turn around a security fix in 60-90 days, "we have it down to less than 48 hours." He stressed the importance of using the Window auto-update feature and noted that SP2 defaults the auto-update and firewall to on.

Mac OS X Security Myth Exposed — According to Stats

"Windows is more secure than you think, and Mac OS X is worse than you ever imagined". That is according to statistics published for the first time this week by Danish security firm Secunia. The stats, based on a database of security advisories for more than 3,500 products during 2003 and 2004 sheds light on the real security of enterprise applications and operating systems, according to the firm.

Microsoft: Full Steam Ahead for Palladium

Microsoft officials poured cold water on a published report that said its Next-Generation Secure Computing Base (NGSCB, code-named Palladium) project is being canned. "The project is continuing full steam ahead. It's alive and kicking and we're very excited about it. The vision has been refined over the last year but it's absolutely not true that it's being killed," MS product manager Mario Juarez said.