admini – Page 216 – CyberSecurity Institute

Trusted computing a shield against worst attacks?

Posted on September 1, 2006December 30, 2021 by admini

“We didn’t know what we were going to get back–what we wanted was to objectively look at the losses caused by attacks,” said Dirck Schou, senior director of security solutions for Phoenix Technologies.

Device identification–or attestation–is a central capability of the hardware component of the trusted computing model, known as the Trusted Platform Module (TPM). Phoenix Technologies, which makes one version of the basic input/output system (BIOS) that allows operating systems to control a computer’s hardware, has created products that work with the TPM to identify the computer systems on a corporate network, but has also created products that can also work without the specialized hardware, Schou said.

Yet, more and more personal computers and laptop systems are shipped with the technology already on board. About 20 million computers, most of them laptops, shipped with the Trusted Platform Module in 2005, according to the Trusted Computing Group, the industry association that has created the hardware specification.

“For example, IP addresses could be used to authenticate some machines–and are probably sufficient under some threat models and policies to make the distinction between ‘sanctioned’ and ‘unsanctioned’ machines.”

The study found that the industries hardest hit by attacks were government, retail and high-tech, and that 78 percent of attackers used a home computer to do the deed, but that leaves a lot of questions unanswered, Schoen said.

Companies should ask whether they can reliably distinguish between sanctioned and unsanctioned computers on the network, whether employees working from home on unsanctioned computers would be allowed to access the network, and whether the technology could be deployed pervasively enough to matter. “We would need to know that the unsanctioned computers were actually necessary to the commission of these crimes, and that the crimes could not have been committed without using the unsanctioned computers,” Schoen stated in the e-mail interview.

http://www.securityfocus.com/news/11410

The Current State of: Windows Mobile 5.0 Security Tools

Posted on August 31, 2006December 30, 2021 by admini

I started the search for a set of security tools about two months ago and I have been avidly watching a couple of vendors to see when they are going to do. There are the normal big players like Symantec, Trend and Mcafee but there are also some niche players like AirScanner (http://www.airescanner.com) and Bluefire (http://www/bluefire.com). The problem is that none of them are perfect or complete.

What is my wish list of security components?
– A firewall. This device can connect to networks easily, and I would like to limit the amount of access both incoming and outgoing. Stateful inspection would be really nice.
– Virus Protection. Maybe even spam control for incoming and outgoing email and IMs.
– IDS. A bit of an advanced idea but I would like to at least make it a hassle for someone to try and crack my device remotely.
– Encryption. This is a big one for me since nowadays we store our personal information, business emails and contacts and loads of sensitive notes.

So what appears to be the state of play when it comes to the vendors:

Mcafee – Hey guys, where is that solution you announced in February(http://www.informationweek.com/hardware/showArticle.jhtml?articleID=180200580&subSection). I can only seem to find references to a new beta program that you launched in June (http://beta.mcafeemobile.com/).

Trend – They have a virus protection solution and they will be launching a beta next Monday that adds a firewall. I signed up for the beta and I will let you know how it goes.

Symantec – Virus protect yes. Anything else… Couldn’t find it.

CA – They have an antivirus solution.

So moving to the niche players, thinks look promising, but that’s the problem, we are dealing with a vision, not actual product.

AirScanner’s suite looks great. I don’t know where they get their virus from but I hope it regularly updates itself. And the encryption solution, looks great. I will probably try it out. But, and a big but for me, the firewall doesn’t work with WM 5 and they have a message saying that they are working with Microsoft on resolving that problem but there is no ETA and you would think with the exploding market of WM5, they would want to get that out quickly. They also have WiFi Scanner but I am not really interested in that and it seems to be very sensitive about the hardware (i.e. there is a list of not supported/never will be supported phones) so be careful before you buy the s/w.

Bluefire – Looks like a very nice product but I haven’t had a chance to play with it since it is only available for enterprise sized organizations. They are promising a SMB version but there is no ETA.

So where does that leave us. There is no single solution to protect your Windows Mobile 5.0 phone.

I will probably end up with Airscanner’s encryption and Trends firewall and virus protection. Bluefire looks very interesting but you it looks like you need to have an infrastructure to manage it, so individual users will luck out here. Perhaps I can convince them to let me resell their product to users.

If you have comments, don’t hesitate to send to me or if you’re a member, add your comments.
Have fun, keep safe.

Paul

Track Hurricanes From Mobile Handsets

Posted on August 29, 2006December 30, 2021 by admini

According to Digital Cyclone Chairman Paul Douglas, “With the new Hurricane Tracker feature, My-Cast users get that extra margin of safety, the critical hurricane information they need delivered directly to their mobile phone, to get a head-start and take appropriate action.”

Also included are StormWatch plots and warnings for affected counties, lightning tracking and alerts from the National Weather Service given virtually as they are issued.

My-Cast features radar images that show the speed and direction of approaching weather, visible and infrared satellite imagery, plus hourly and extended forecasts for up to 7 days, the company says. With GPS-enabled phones, location-aware My-Cast delivers data for the precise current location of the user automatically.

http://www.pocketpccity.com/articles/2006/8/2006-8-29-Track-Hurricanes-From.html

Tipping Point to publish flaws of many popular business solutions

Posted on August 28, 2006December 30, 2021 by admini

We’re simply naming the vendor, the date the issue was reported and the severity of the vulnerability,” Endler said in an interview with eWEEK. In the first year since ZDI started shopping for flaws, Endler said the company has fielded submissions from hundreds of hackers, culminating in 30 published post-patch bulletins.

Some, like Microsoft, are very diligent about responding, but there are others that take six months or more to get a fix ready.

According to VeriSign’s iDefense, which also buys data on flaws and exploits from external hackers, it has no plans to preannounce its purchases.

Payne suggested that TippingPoint’s move could point malicious hackers in a certain direction and put certain vulnerable applications at risk. We’ve seen this in the past with the WMF [Windows Metafile] issue and the recent problems with Microsoft Office,” Payne said in an interview with eWEEK.

Earlier in August, iDefense trained its sights on serious holes in Web browsers, offering a new $10,000 prize to any hacker who can find a remotely exploitable code execution hole in Microsoft Internet Explorer or Mozilla’s Firefox.

http://www.eweek.com/article2/0,1895,2008577,00.asp?kc=EWSTEEMNL082906EOAD

IT execs feel the heat as security woes multiply

Posted on August 28, 2006December 30, 2021 by admini

Security accountability is long overdue, says John Pescatore. When a series of worms hit in 2001 and paralyzed businesses, IT staff threw up their hands and blamed vendors. “Five years ago, nobody was responsible and nobody had authority,” Pescatore says. “The business side of the organization has learned to live with accountability and is able to talk about revenues and returns,” Pescatore says. IT managers and security managers aren’t the ones setting corporate policies, yet they’re responsible for enforcing the policies and ensuring security, he says. All in a day’s work IT executives say their jobs are now on the line if an IT event compromises security or impedes business performance.

Greater accountability is a natural consequence of IT becoming more central to business operations, says Chris Majauckas, computer technology manager for Metrocorp Publications in Boston. “Upper management is aware that it is impossible to foresee every possible negative event, but they do expect those events to be handled promptly and properly,” he says. “The days of upper executives that aren’t IT-aware are gone,” adds Bruce Meyer, senior network engineer at ProMedica Health System in Toledo, Ohio. The negative publicity surrounding the recent breaches has forced all IT departments “to examine how the events happened and discuss with the executive level what our exposure to the same incident would be,” says Cory Elliott, IT director at Basic Energy Services in Midland, Texas.

The Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act (SOX) were designed to protect patient privacy and improve financial reporting, respectively. The burden of providing that falls to IT – which can become a scapegoat if efforts come up short. “Oversights, either deliberate or inadvertent, now become part of reports to audit committees and boards, who have obligations to show due diligence in responding to compromised situations,” he says. “This may produce more pressure and require dismissals that would not necessarily occur in private companies.” Dismissing or shuffling IT staff is often a signal to the public that punitive and preventive measures have been taken, Donnelly says.

The company’s IT department is spending more time and money on security investments such as intrusion-prevention systems, firewall, security appliances and antivirus software. “If you have a regulatory stick, use it,” Pescatore says. While greater IT accountability is a good thing, it has to come with authority, Pescatore says.

Ground your assertions in reason: “It has to be about more than just fear.”

http://www.networkworld.com/news/2006/082806-security-risk.html?WT.svl=bestoftheweb1

Website is going to evolve

Posted on August 25, 2006December 30, 2021 by admini

Well the time has come for this web site to evolve to the next level. Extra value is you join. If it will give access to the commenting system and also a newsletter quickly summarizes the news just for you.