Thursday, March 23, 2006
Watch what you say in your blog
Source Taken from itvibe
If you think you can start your own blog and begin slandering and bladdering nosense you might end up in a law suit.
A blogger to pay £10,000 in compensation after she accused a Parliamentary candidate of being a 'racist bigot' and 'sex offender' in a landmark case.
Tracy Williams, from Oldham, Lancashire (North-West England), used an alias identity on her blog and also a chatroom. The decision was made earlier after the comments were made around April 2004 about a former Conservative Party member who last year fought a UK Independence Party seat. Michael Keith-Smith said Williams proverbially attacked him in an internet chatroom over a debate in which the rights and wrongs of the war on terror in Iraq were discussed.
It was a claim that Judge Alistair McDuff agreed with and ordered Williams to pay Keith-Smith £10,000 in damages over the 'unfounded' defamatory remarks which also included accusations of sexual harassment.
It's a ruling that will be of interest to the thousands of bloggers in the UK at least who should be extra cautious of what they write and who they write about, since it is understood that Ms Williams' details were divulged to police after a subpoena to the ISP hosting the blog.
If you think you can start your own blog and begin slandering and bladdering nosense you might end up in a law suit.
A blogger to pay £10,000 in compensation after she accused a Parliamentary candidate of being a 'racist bigot' and 'sex offender' in a landmark case.
Tracy Williams, from Oldham, Lancashire (North-West England), used an alias identity on her blog and also a chatroom. The decision was made earlier after the comments were made around April 2004 about a former Conservative Party member who last year fought a UK Independence Party seat. Michael Keith-Smith said Williams proverbially attacked him in an internet chatroom over a debate in which the rights and wrongs of the war on terror in Iraq were discussed.
It was a claim that Judge Alistair McDuff agreed with and ordered Williams to pay Keith-Smith £10,000 in damages over the 'unfounded' defamatory remarks which also included accusations of sexual harassment.
It's a ruling that will be of interest to the thousands of bloggers in the UK at least who should be extra cautious of what they write and who they write about, since it is understood that Ms Williams' details were divulged to police after a subpoena to the ISP hosting the blog.
Friday, March 17, 2006
Selling Pirated Software Online: Think again!!!
Technology Updates
In an effort to cut down on pirated software being sold online, Microsoft has filed eight lawsuits against eBay auction sellers who allegedly have sold counterfeit applications. The sellers were located in eight different states, including Arizona, Washington, and Hawaii.
Microsoft traced most of the pirates through its online validation program, Windows Genuine Advantage (WGA). Some of the defendants were reported to the company's antipiracy hotline.
The company's action has been praised by eBay, which frequently assists Microsoft in its anticounterfeiting efforts. Last year, eBay took down about 50,000 listings at Microsoft's request.
The lawsuits come just after Microsoft issued warnings about spyware or other bugs being found in pirated software, and noted that it would target sellers of such applications.
Going, Going, Gone
Online auctions, thanks both to their popularity and to their anonymity, have become an easy way for people worldwide to sell goods.
Microsoft praises the convenience and global reach of the virtual marketplace, noted one of the company's attorneys, Matt Lundy, but at the same time is critical of sellers that undermine the system by selling illegal products.
The company feels that by paying greater attention to what is being hawked on auction sites, it will protect Microsoft customers and technology partners. Of course, some might say, cracking down on piracy does help the Redmond software giant as well.
In the future, it is likely that Microsoft will continue investigating auctions of its software and pursuing enforcement with the aim of increasing user education, Lundy said. "By filing these lawsuits," he explained, "we hope that auction purchasers will understand that software offers are not always what they appear to be."
Ahoy, Matey
Efforts to battle piracy have been both aggressive and extensive at Microsoft. Because the company's products are used by so much of the world, it makes Microsoft software among the most pirated applications on the planet.
The company has tried to fight the problem with several initiatives, such as slashing prices in developing countries, getting government agencies at home and abroad involved, and beefing up its WGA program.
Microsoft even has tested an amnesty program when it gave Indonesia a free pass on illegal software used on government computers in exchange for a promise that legitimate software would be purchased in the future.
Going forward, the company will continue its antipiracy campaigns, Lundy added, noting that consumers deserve to know they are buying legal software.
Source: http://www.cio-today.com/story.xhtml?story_id=42144
In an effort to cut down on pirated software being sold online, Microsoft has filed eight lawsuits against eBay auction sellers who allegedly have sold counterfeit applications. The sellers were located in eight different states, including Arizona, Washington, and Hawaii.
Microsoft traced most of the pirates through its online validation program, Windows Genuine Advantage (WGA). Some of the defendants were reported to the company's antipiracy hotline.
The company's action has been praised by eBay, which frequently assists Microsoft in its anticounterfeiting efforts. Last year, eBay took down about 50,000 listings at Microsoft's request.
The lawsuits come just after Microsoft issued warnings about spyware or other bugs being found in pirated software, and noted that it would target sellers of such applications.
Going, Going, Gone
Online auctions, thanks both to their popularity and to their anonymity, have become an easy way for people worldwide to sell goods.
Microsoft praises the convenience and global reach of the virtual marketplace, noted one of the company's attorneys, Matt Lundy, but at the same time is critical of sellers that undermine the system by selling illegal products.
The company feels that by paying greater attention to what is being hawked on auction sites, it will protect Microsoft customers and technology partners. Of course, some might say, cracking down on piracy does help the Redmond software giant as well.
In the future, it is likely that Microsoft will continue investigating auctions of its software and pursuing enforcement with the aim of increasing user education, Lundy said. "By filing these lawsuits," he explained, "we hope that auction purchasers will understand that software offers are not always what they appear to be."
Ahoy, Matey
Efforts to battle piracy have been both aggressive and extensive at Microsoft. Because the company's products are used by so much of the world, it makes Microsoft software among the most pirated applications on the planet.
The company has tried to fight the problem with several initiatives, such as slashing prices in developing countries, getting government agencies at home and abroad involved, and beefing up its WGA program.
Microsoft even has tested an amnesty program when it gave Indonesia a free pass on illegal software used on government computers in exchange for a promise that legitimate software would be purchased in the future.
Going forward, the company will continue its antipiracy campaigns, Lundy added, noting that consumers deserve to know they are buying legal software.
Source: http://www.cio-today.com/story.xhtml?story_id=42144
Thursday, March 16, 2006
Outsourcing is it save? Security Issues Arises
Technology Updates
The debate continues as to the impact outsourcing has on our economy. With thousands of IT jobs moving offshore, a new frontier is approaching: the outsourcing of your security.
Yes, I said it and I am concerned about it. Do you feel safe turning over the keys to your front door? I certainly do not.
There are reasons why it may appear to make sense to turn to an outside vendor to secure your network. Examples include having a MVP staff of security specialists at your fingertips 24 hours a day, 7 days a week. This all-star squad comes cheaper than keeping a security specialist on staff which could require you to pay a salary of $110,000 plus. "So what," you wonder, "are the drawbacks?"
Well, if you decide to outsource security, a typical network configuration allows the security firm VPN access to your network. From this point, they can monitor the security of all of your systems from their operations center.
But do you know who is monitoring your systems? Have you done your due diligence?
If you choose to outsource your security, how sure can you be that the people monitoring the security of your infrastructure have the proper credentials and are trustworthy? There are far too many risks involved in my opinion to take this chance.
As an IT decision maker, I would rest easier at night knowing I personally hired my security staff, and they are in-house and trained to the specifications of my company (not a security company in India or China).
I want to be able to call Bob at 11:30 p.m. without the concern of time zones or talking to someone I have never had a face-to-face with. Face-time is important when it comes to the security of your network.
Interestingly, though, we are beginning to see that the outsourcing of jobs to India was just a starting point. Now that IT workers in India are getting more established, there has been a 15-to-18 percent jump in the salary of the average IT employee in India. I even heard in recent news that Indian employers are organizing against employees to keep costs down, and some Indian software companies have even chosen to outsource their jobs to China. They are doing this because it is one of the strings they can pull in a global economy.
Case in point: Imagine you hire a security firm to monitor your firewalls, put in place intrusion detections systems, and the whole nine yards; and you come to find out months later that the company you hired really isn’t doing the work. They have outsourced it to another country or firm.
This could get ugly. But more importantly, it could get to the point where you really don’t know who has access to your data. Is that risk worth it?
Your network security and your data are the most important assets your company owns. You can outsource support all day long but I would never outsource the security of my network nor my database administrator (DBA). Keep these people in house. Pay them well and rest easy.
Source:http://www.cioupdate.com/budgets/article.php/3588756
The debate continues as to the impact outsourcing has on our economy. With thousands of IT jobs moving offshore, a new frontier is approaching: the outsourcing of your security.
Yes, I said it and I am concerned about it. Do you feel safe turning over the keys to your front door? I certainly do not.
There are reasons why it may appear to make sense to turn to an outside vendor to secure your network. Examples include having a MVP staff of security specialists at your fingertips 24 hours a day, 7 days a week. This all-star squad comes cheaper than keeping a security specialist on staff which could require you to pay a salary of $110,000 plus. "So what," you wonder, "are the drawbacks?"
Well, if you decide to outsource security, a typical network configuration allows the security firm VPN access to your network. From this point, they can monitor the security of all of your systems from their operations center.
But do you know who is monitoring your systems? Have you done your due diligence?
If you choose to outsource your security, how sure can you be that the people monitoring the security of your infrastructure have the proper credentials and are trustworthy? There are far too many risks involved in my opinion to take this chance.
As an IT decision maker, I would rest easier at night knowing I personally hired my security staff, and they are in-house and trained to the specifications of my company (not a security company in India or China).
I want to be able to call Bob at 11:30 p.m. without the concern of time zones or talking to someone I have never had a face-to-face with. Face-time is important when it comes to the security of your network.
Interestingly, though, we are beginning to see that the outsourcing of jobs to India was just a starting point. Now that IT workers in India are getting more established, there has been a 15-to-18 percent jump in the salary of the average IT employee in India. I even heard in recent news that Indian employers are organizing against employees to keep costs down, and some Indian software companies have even chosen to outsource their jobs to China. They are doing this because it is one of the strings they can pull in a global economy.
Case in point: Imagine you hire a security firm to monitor your firewalls, put in place intrusion detections systems, and the whole nine yards; and you come to find out months later that the company you hired really isn’t doing the work. They have outsourced it to another country or firm.
This could get ugly. But more importantly, it could get to the point where you really don’t know who has access to your data. Is that risk worth it?
Your network security and your data are the most important assets your company owns. You can outsource support all day long but I would never outsource the security of my network nor my database administrator (DBA). Keep these people in house. Pay them well and rest easy.
Source:http://www.cioupdate.com/budgets/article.php/3588756
Black Berry Total Shutdown?
Technology Updates
Research in Motion facing legal issue with NTP which might cause the entire black berry market to collaspe.
Gartner Recommends Companies Delay BlackBerry Deployments in the U.S.
Mobile e-mail, a convergence application because it involves the carriage of data on cellular networks, is dominated by Research in Motion's BlackBerry device. However, RIM is on thin ice due to patent litigation it has been fighting with a company called NTP. Two weeks ago, a judge issued a ruling that could mean RIM would have to stop sales and shut down BlackBerry service in the United States. Gartner is advocating that prospective BlackBerry customers "stop or delay" mission-critical deployments until the legal situation is clarified. RIM has said that it has a work-around that would enable it to keep operating, but hasn't released it. The Gartner brief counseled customers to pressure RIM to provide details of the plan. Companies also should consider switching to non-RIM mobile e-mail systems.
Source: http://www.itbusinessedge.com/item/?ci=13501&nr=1
Research in Motion facing legal issue with NTP which might cause the entire black berry market to collaspe.
Gartner Recommends Companies Delay BlackBerry Deployments in the U.S.
Mobile e-mail, a convergence application because it involves the carriage of data on cellular networks, is dominated by Research in Motion's BlackBerry device. However, RIM is on thin ice due to patent litigation it has been fighting with a company called NTP. Two weeks ago, a judge issued a ruling that could mean RIM would have to stop sales and shut down BlackBerry service in the United States. Gartner is advocating that prospective BlackBerry customers "stop or delay" mission-critical deployments until the legal situation is clarified. RIM has said that it has a work-around that would enable it to keep operating, but hasn't released it. The Gartner brief counseled customers to pressure RIM to provide details of the plan. Companies also should consider switching to non-RIM mobile e-mail systems.
Source: http://www.itbusinessedge.com/item/?ci=13501&nr=1
Wednesday, March 08, 2006
CyberCrime - Switching Tactics
Technology Updates
New Internet Security Threat Report shows Cybercrime, Zombie PCs and Phishing threats on the rise
Tuesday, March 07, 2006 at 21:30 by Rich Kavanagh
Symantec today released its ninth volume of the Internet Security Threat Report, one of the most comprehensive sources of Internet threat data in the world. The semi-annual report, covering the six-month period from July 1, 2005 to Dec. 31, 2005, marks an increase in threats designed to facilitate cybercrime.
While past attacks were designed to destroy data, today's attacks are increasingly designed to silently steal data for profit without doing noticeable damage that would alert a user to its presence. In the previous Internet Security Threat Report, Symantec cautioned that malicious code for profit was on the rise, and this trend continued during the second half of 2005. Malicious code threats that could reveal confidential information rose from 74% of the top 50 malicious code samples last period to 80% this period.
Arthur Wong, vice president, Symantec Security Response and Managed Security Services, said,
"Cybercrime represents today's greatest threat to consumers' digital lifestyle and to online businesses in general. The unparalleled insight this report provides into how cybercrime is happening and how it can be prevented enables Symantec to help protect the widest variety of customers in the world."
The report also details the growing trend of attackers using bot networks, targeted attacks on Web applications and Web browsers, and modular malicious code. Based on this and data from previous reporting periods, Symantec expects to see more diverse and sophisticated threats used for cybercrime as well as an increase in the theft of confidential, financial, and personal information for financial gain.
China experienced the largest increase of bot-infected computers, with 37% growth - 24 percentage points above the average increase - putting China behind only the U.S. in this category. The increase is likely related to China's rapid growth in broadband Internet connections. China also saw the largest overall increase in originating attacks; such attacks increased by 153% over the last period, marking 72 percentage points above the average increase. Bots may be an increasing source of this activity.
Phishing threats, which are attempts to deceive users into revealing confidential information, continued to increase during the last half of 2005 while focusing on smaller, regional targets. During the last half of 2005, 7.92 million daily phishing attempts were identified, an increase over the 5.70 million attempts per day in the previous reporting period. Symantec expects to see an increase in the number of phishing messages and malicious code distributed through instant messaging services in the future.
Symantec documented 1,895 new software vulnerabilities, the largest total recorded number of vulnerabilities since 1998. Of these, 97% were considered moderately or highly severe and 79% were considered easy to exploit.
Source taken from: http://itvibe.com/news/3978/
New Internet Security Threat Report shows Cybercrime, Zombie PCs and Phishing threats on the rise
Tuesday, March 07, 2006 at 21:30 by Rich Kavanagh
Symantec today released its ninth volume of the Internet Security Threat Report, one of the most comprehensive sources of Internet threat data in the world. The semi-annual report, covering the six-month period from July 1, 2005 to Dec. 31, 2005, marks an increase in threats designed to facilitate cybercrime.
While past attacks were designed to destroy data, today's attacks are increasingly designed to silently steal data for profit without doing noticeable damage that would alert a user to its presence. In the previous Internet Security Threat Report, Symantec cautioned that malicious code for profit was on the rise, and this trend continued during the second half of 2005. Malicious code threats that could reveal confidential information rose from 74% of the top 50 malicious code samples last period to 80% this period.
Arthur Wong, vice president, Symantec Security Response and Managed Security Services, said,
"Cybercrime represents today's greatest threat to consumers' digital lifestyle and to online businesses in general. The unparalleled insight this report provides into how cybercrime is happening and how it can be prevented enables Symantec to help protect the widest variety of customers in the world."
The report also details the growing trend of attackers using bot networks, targeted attacks on Web applications and Web browsers, and modular malicious code. Based on this and data from previous reporting periods, Symantec expects to see more diverse and sophisticated threats used for cybercrime as well as an increase in the theft of confidential, financial, and personal information for financial gain.
China experienced the largest increase of bot-infected computers, with 37% growth - 24 percentage points above the average increase - putting China behind only the U.S. in this category. The increase is likely related to China's rapid growth in broadband Internet connections. China also saw the largest overall increase in originating attacks; such attacks increased by 153% over the last period, marking 72 percentage points above the average increase. Bots may be an increasing source of this activity.
Phishing threats, which are attempts to deceive users into revealing confidential information, continued to increase during the last half of 2005 while focusing on smaller, regional targets. During the last half of 2005, 7.92 million daily phishing attempts were identified, an increase over the 5.70 million attempts per day in the previous reporting period. Symantec expects to see an increase in the number of phishing messages and malicious code distributed through instant messaging services in the future.
Symantec documented 1,895 new software vulnerabilities, the largest total recorded number of vulnerabilities since 1998. Of these, 97% were considered moderately or highly severe and 79% were considered easy to exploit.
Source taken from: http://itvibe.com/news/3978/
Tuesday, March 07, 2006
Importance of Data Protection from Virus
Technology Updates
Police secrets leaked by computer virus
Monday, March 06, 2006 at 20:35 by Rich Kavanagh
Experts at Sophos have reminded Internet users of the importance of computer security after media reports revealed that sensitive police information has been leaked onto the Internet from a virus-infected computer.
According to the Japanese press, information about 1,500 individuals, related to police investigations over a three years, was leaked from a virus-infected computer belonging to an Okayama Police investigator. The data is said to have been distributed to users of the Winny peer-to-peer file-sharing system. Winny is the most popular file-sharing network in Japan, with over a quarter of a million users.
According to the report, the leak occurred because the policeman was storing data about investigations on his personal computer. The PC was infected with an unnamed computer virus which is said to have enabled Winny users across Japan to access the sensitive information. The exposed data included the names of sex crime victims.
Graham Cluley, senior technology consultant at Sophos, said,
"It's bad enough when an individual has data stolen from them by a virus, but a police force being the victim is a real cause for concern. This incident acts as a timely reminder that all organizations need to take computer security seriously. If you allow your employees to put sensitive company data onto their own home computers, you are running the risk that they will not be as well defended as the PCs within your business."
Source from: http://itvibe.com/news/3973/
Police secrets leaked by computer virus
Monday, March 06, 2006 at 20:35 by Rich Kavanagh
Experts at Sophos have reminded Internet users of the importance of computer security after media reports revealed that sensitive police information has been leaked onto the Internet from a virus-infected computer.
According to the Japanese press, information about 1,500 individuals, related to police investigations over a three years, was leaked from a virus-infected computer belonging to an Okayama Police investigator. The data is said to have been distributed to users of the Winny peer-to-peer file-sharing system. Winny is the most popular file-sharing network in Japan, with over a quarter of a million users.
According to the report, the leak occurred because the policeman was storing data about investigations on his personal computer. The PC was infected with an unnamed computer virus which is said to have enabled Winny users across Japan to access the sensitive information. The exposed data included the names of sex crime victims.
Graham Cluley, senior technology consultant at Sophos, said,
"It's bad enough when an individual has data stolen from them by a virus, but a police force being the victim is a real cause for concern. This incident acts as a timely reminder that all organizations need to take computer security seriously. If you allow your employees to put sensitive company data onto their own home computers, you are running the risk that they will not be as well defended as the PCs within your business."
Source from: http://itvibe.com/news/3973/
