Month: January 2004

Organizations ranging from the U.S. Marine Corps to CSX, one of the larger transportation companies in the world, found themselves temporarily out of business. At CSX, the Nachi worm took out the sprawling railroad’s signaling systems, stranding train traffic for nearly two days.

You need to stay on your toes and keep up with new techniques for dealing with these worms as they are developed. The best worm defense means doing what you’ve always done — keep your anti-virus software up to date, and patch, patch, patch — and backing it up with cultural changes that emphasize the value of security.

Worms do their damage quickly, and they’re getting faster. Worse, there is evidence reported by Symantec’s Deep Sight (currently being tested in InfoWorld’s labs) that penetration attempts are on the increase. Hameroff notes that “the time between disclosure of a vulnerability by a vendor and the malware that exploits it is getting shorter,” which is further evidence that worm creators are getting faster and better.

The best defense is to do as you’ve always done — but with increased vigilance. And while you’re at it, check for new security tools. This patching “consumes a lot of people resources,” says Ken Tyminski, chief information security officer at Prudential Financial, who notes that the company has been “very, very aggressive with patching.”

More info: [url=http://www.infoworld.com/article/04/01/09/02FEworms_1.html]http://www.infoworld.com/article/04/01/09/02FEworms_1.html[/url]

In electronic commerce and communication you can’t see the person you are speaking with, you can’t see the documents that prove one’s identity, and you can’t even know if the web site you are connected to belongs to the society it says.

What will happen if I have problems with the contract and I must take it to a court of law?

To answer these juridical necessities the European Union adopted a community framework for electronic signatures some time ago (directive 1999/93/EC of the European Parliament and the council of December 13, 1999, on a community framework for electronic signatures) that has been implemented in various European countries.

A digital signature, also called an electronic signature, means data in electronic form that is used for security and trust in electronic business and communications.

Imagine the door of a house with a two key deadbolt: the key you use to enter (public key) is not the same one required to exit (private key) so if a thief gets in the house he won’t be able to exit.

The electronic signature working principle is this: you create some text, the text is encrypted by your private key using a mathematical relationship, you send the encrypted text, the reader who receives the text uses your publicly available key (connected to the private key) to open it, and she is then sure the text is original and it is written by you.

It is used for authentication, to be sure the person who sent the text is the electronic signature’s holder, however you can’t be sure she is also the key owner.

More info: [url=http://www.securityfocus.com/infocus/1756]http://www.securityfocus.com/infocus/1756[/url]