Category: Product

Microsoft released a beta version of the new browser, also known as IE7, this week to a select group of testers. The company plans to release a second beta version for the general public to test before shipping the final version.

WholeSecurity, which is privately held, is helping Microsoft assemble and maintain a list of verified phishing sites, also known as a blacklist. When people try to visit a Web site on the list, IE7 automatically warns them via a dialog box that the site is fraudulent and suggests they “not continue to this Web site.” At that point, people can close the Web page, or continue on if they choose.

WholeSecurity, via a project called the Phish Report Network, has thousands of Web sites in its blacklist and adds more all the time from the hundreds of new sites that contributors flag daily, said John Ball, senior product manager at WholeSecurity. Microsoft helped the company launch the Phish Report Network in February, along with Visa, eBay and eBay’s PayPal unit, which all help to build and maintain the list.

Microsoft isn’t the first company to build antiphishing features into a Web browser, nor is it the first to tap an outside security company for help with the task. America Online’s Netscape unit introduced a new version of the Netscape browser in May with a similar feature. The company has compiled its own blacklist with the input of parent AOL, nonprofit privacy group Truste, VeriSign and security software company Paretologic.

A U.K.-based browser company called Deepnet Technologies claims to have been the first to incorporate antiphishing mechanisms into a browser when it released Deepnet Explorer in December.

But with close to 90 percent market share in the United States, Microsoft is certainly the biggest browser company to attack phishing. Yet, the company doesn’t expect its latest efforts to bring an end to these scams. “Does having a police force wipe out crime?” said Gary Schare, Microsoft’s director of IE product management. “It’s a tall order to say this will wipe out phishing.”

Other browser companies applauded Microsoft’s antiphishing moves and agreed that it’s a hard problem to tackle. The Mozilla Foundation has decided not to incorporate antiphishing technology into its increasingly popular Firefox browser, opting instead to focus on the e-mail side of the problem. An upcoming version of Mozilla’s Thunderbird e-mail program is designed to alert users to messages containing links to phishing sites, said Chris Hofmann, director of engineering at the Mozilla Foundation. E-mail is the way most phishers lure people to their sites.

Microsoft is doing something similar with its Hotmail service. If a suspicious e-mail arrives, the test version of Hotmail does not display the e-mail but rather warns users that the e-mail appears to be potentially fraudulent and asks if they want to block or allow e-mails from the sender of the message.

The Thunderbird program will rely on a tool that automatically analyzes the attributes of links, rather than on a blacklist, Hofmann added. “The large volume of content, and the dynamic nature of the Web, make managing a list of potential phishing sites an incredibly hard job,” he said.

That challenge is one reason Microsoft has signed up with WholeSecurity to manage the blacklist for IE7, Schare said. It will also encourage browser customers to report suspicious sites directly to Microsoft via a button in the new browser. The company has the ability to update the list every 20 minutes, he added. That’s critical, because phishing attacks often come and go within a matter of hours.

Microsoft is assembling a “whitelist” of legitimate sites, too, that the browser won’t bother sniffing out on a regular basis, which should save on network cycles. But phishers are already learning how to work around some of the simpler methods being used to thwart them, said Deepnet Chief Executive Yurong Lin. For instance, more phishers are registering domain names for their sites rather than using numeric Web addresses, he said. Lin believes it’s a response to the fact that Deepnet’s browser has been warning people that sites lacking domain names are suspicious. “The phishers will find some other way,” Lin said. “There are antispam programs, and spam still exists. We have anti-spyware, and spyware still exists.”

http://news.com.com/Microsoft+enlists+security+partner+in+IE+update/2100-1029_3-5809417.html?part=rss&tag=5809417&subj=news

Newbury said it believes it is the first company to use “precise location technology to deliver intrusion prevention, rogue containment, client protection and intrusion detection with a full set of location-specific security alerts, security-related compliance reports and enhanced graphical views for IT/Security personnel to identify and pinpoint security threats.”In an interview, Newbury Networks’ director of product management Brian Wangerien said Wi-Fi wireless networks are growing so rapidly that many organizations institute a “no Wi-Fi policy,” because they can’t control security on wireless networks.

“Many companies aren’t ready to deploy Wi-Fi,” he said. “Access points can be all over the place. So some start with ‘no Wi-Fi’ but then they gradually build out.” He added that Wi-Fi Watchdog 5.0 enables IT managers to gradually build out their wireless networks.

A network of sensors constantly monitors all access points on networks, establishing RF fingerprinting or RF pattern matching solutions. “Each physical location has a different pattern and (network operators) are able to track them very accurately,”When an unauthorized person attempts to enter the network he or she is blocked and users who wander off from the network are likewise “sniped” from the network.Wangerien said the Watchdog product has been successfully used by early adopters including the U.S. Air Force and Boston-based MFS, an investment banking firm.

In the Air Force application network operators have tight security over wireless access points ranging from commanders’ offices to fighter planes.

In the MFS application, control easily moves from different floors, even when non-MFS floors interspersed between MFS offices different floors.The server-based software Wi-Fi Watchdog 5.0 can stop threats that aren’t addressed by authentication and encryption technologies.

Wi-Fi Watchdog has long been able to classify the nature of attacks, but by identifying the physical location of attacks, the measure can eliminate false positives in most attacks, the firm noted.”IT and security personnel can visualize where the threats and attacks are originating in an easy-to-use graphical viewer,” Newbury stated.

http://informationweek.com/story/showArticle.jhtml?articleID=164903156

Because Oracle plans to combine the BPEL (Business Process Execution Language) tool with its Oracle Web Services Manager product, software developers will no longer have to spend as much time explicitly writing out security policies while using the BPEL Process Manager, said Prakash Ramamurthy, vice president of server technologies with Oracle.

Instead of purchasing a separate Web services orchestration engine and security tool, customers will now be able to purchase a combined product, Ramamurthy said.

Developed by the Oasis Consortium, it expected to play an increasingly important role in online commerce.

Ramamurthy did not say when the combined product would be available or what it would cost.

http://www.networkworld.com/news/2005/071305-oracle-web-services.html

San Diego-based NetSift, a privately held, 15-employee company founded in June 2004, would add technology for deep packet processing.

On its Web site, venture capital firm Enterprise Partners Venture Capital lists NetSift on its software portfolio and describes the company as a developer of systems to protect enterprises from large-scale worm and virus attacks.

Cisco said the deal is slated to close in its fiscal fourth quarter ending July 30.

http://www.crn.com/showArticle.jhtml;jsessionid=C1DOYN21IMR3AQSNDBNCKH0CJUMEKJVN?articleID=164902960

Six-year-old, privately held Tiny had a staff of less than 20, all of whom have joined Islandia, New York-based CA, said Sam Curry, CA’s vice president of eTrust security management.

The acquisition closed in late May, and CA is continuing to sell Tiny’s software as stand-alone products.

Tiny also had an OEM (original equipment manufacturer) relationship with licensee customers, including Microsoft and Unisys (Profile, Products, Articles).

CA plans to incorporate Tiny’s firewall technology into its Integrated Threat Management platform, an under-development product CA plans to launch later this year. The idea is to bundle various desktop protection technologies into one system with a common interface. The platform will launch with CA’s antivirus and antispyware technology, and a later version will add Tiny’s firewall software, Curry said.

For now, Tiny Firewall is priced at US$50 per user for the desktop version and $200 for a server license, Curry said. Pricing may change when the software is added to CA’s Integrated Threat Management product, but CA also expects to continue offering the software as a stand-alone product, he said.

http://www.infoworld.com/article/05/06/27/HNcabuysfirewall_1.html

On the day the software giant completed its purchase of Sybari Software Inc., a deal first announced in February, Microsoft Corp. announced it would immediately discontinue new sales of Sybari’s flagship Antigen suite for the Unix and Linux platforms.

The move means that Sybari Antigen 6.0 for Lotus Domino servers running IBM’s AIX Unix operating system will be dropped from the product line. Amy Roberts, director of product management in Microsoft’s security business and technology unit, said the company will continue to market Antigen for Domino on Windows NT.

In an interview with Ziff Davis Internet News, Roberts said Sybari customers on the Unix and Linux platforms will continue to receive anti-virus updates through the life of the existing contract.

http://www.eweek.com/article2/0,1759,1830182,00.asp?kc=EWRSS03119TX1K0000594