CyberSecurity Institute

On Monday, Microsoft posted a new note to its Microsoft Developer Network (MSDN) community site, stating that the company is now planning to ax certain products from all Microsoft sales channels starting December 23.

MSDN Subscriber Downloads program manager Andy Boyd had posted a note on December 4 stating that Microsoft intended to remove Windows 98, SQL Server 7 and a number of versions of Office 2000 from MSDN downloads and all other Microsoft sales channels.

The December 8 note explains that Microsoft intends to ax the NT 4.0 Terminal Server and Option Pack releases only.

More info: [url=http://www.microsoft-watch.com/article2/0,4248,1407759,00.asp]http://www.microsoft-watch.com/article2/0,4248,1407759,00.asp[/url]

Congress on Monday approved the first national effort to stem a flood of unwanted E-mail pitches offering prescription drugs, cheap loans, and other come-ons.

The House voted without dissent to approve slight changes Senate lawmakers made to the “can spam” legislation, which would outlaw the shadiest techniques used by the Internet’s most prolific E-mailers, who send tens of millions of messages each day. The last such major legislation was a 1998 law banning Web sites from collecting personal information from children under 13.

The anti-spam bill encourages the Federal Trade Commission to create a do-not-spam list of E-mail addresses and includes penalties for spammers of up to five years in prison in rare circumstances.

More info: [url=http://www.informationweek.com/story/showArticle.jhtml?articleID=16600425]http://www.informationweek.com/story/showArticle.jhtml?articleID=16600425[/url]

The working groups have pledged to release white papers by 1 March, 2004, that outline their recommendations for securing businesses and consumers and creating more secure software.

Critics have snubbed the United States’ cybersecurity policy — the National Strategy to Secure Cyberspace — as largely voluntary and lacking regulatory prescriptions.

The four organisations that sponsored the Summit were the Business Software Alliance, the Information Technology Association of America, the TechNet lobbying group and the US Chamber of Commerce.

Security experts formed five groups to focus on specific problem areas: creating awareness in home computer users and small businesses; establishing a cybersecurity early warning system; making information security part of corporate governance; advocating technical best practices for security; and pushing security improvements into the software development process.

Despite the pressure to deliver, reigning in the groups to focus on concrete ideas that could be implemented quickly was a task, Oracle’s Davidson said.

More info: [url=http://news.zdnet.co.uk/business/0,39020645,39118329,00.htm]http://news.zdnet.co.uk/business/0,39020645,39118329,00.htm[/url]

“Without a new killer app in Office, the upgrade cycle looks to be gradual until new XML-based technologies take hold of the broader market,” said the report. Professor Neil Barratt, technical director at security consultant Information Risk Management, said: “My reading of this is that it’s a shot across the bows.

“The main beef most CIOs have is patching; the perception is that the Microsoft patching system needs a lot more work.

More info: [url=http://www.vnunet.com/News/1151313]http://www.vnunet.com/News/1151313[/url]