Right before Christmas, the White House tapped Microsoft’s long-ago chief security officer, the CEO of the non-profit Information Security Forum Howard Schmidt as head of US cyber security. Despite the national priority, between pressure from US companies and reported infighting am...
Dec. 28, 2009 11:30 AM EST Reads: 8,123
Depending on how IT executives handle the situation, reactions to data loss reports can range from indignation to outrage, with personal consequences for the decision-makers. IT executives at ChoicePoint, Inc., looked like heroes when they reacted swiftly to a potential data breach in ...
Dec. 20, 2009 02:00 AM EST Reads: 8,609
For many years now, we’ve been warned that it is risky to click on embedded links in a suspicious email or dangerous to click through the certificate warnings from your browser and hopefully many people have changed their behavior. That’s within our control. But when a researcher fin...
Dec. 15, 2009 06:45 PM EST Reads: 5,720
Lately there has been a barrage of articles with regards to cloud security, and some very public demonstrations of outages with Facebook and Twitter. Its been a field day for many who oppose the cloud computing model. Let me get this out of the way so that there is no misunderstandin...
Oct. 20, 2009 09:00 AM EDT Reads: 25,009
The data leak at the EU/US summit which has just taken place in the Czech Republic - and which has reportedly resulted in Finland's Prime Minister changing his passport - should not have happened, says Credant Technologies, the military grade encryption specialist.
Apr. 23, 2009 05:18 AM EDT Reads: 3,963
I ran across this today, and thought it was just too valuable to not make mention of. The EFF has a “Coder’s Rights Project” that includes FAQs and guides related to the legalities of security disclosure, reverse engineering, and ethical hacking/testing for security vulnerabilities. ...
Apr. 20, 2009 12:18 PM EDT Reads: 4,614
CohesiveFT ( http://www.cohesiveft.com ), the leader in onboarding solutions for virtual and cloud computing infrastructures, today announced the... Read more at ...
Apr. 17, 2009 07:55 PM EDT Reads: 3,809
Throughout the last decade, society has witnessed an explosion of network connectivity among PCs and mobile devices as well as a vast proliferation of networked applications, ranging from Web-based email to online banking. The end result of this is that network connectivity has become ...
Mar. 7, 2008 11:00 AM EST Reads: 9,514
Data corruption is an insidious problem in storage. While there are many forms of corruption, there are also many ways to prevent them. For example, enterprise class servers use error checking and correcting caches and memory to protect against single and double bit errors. System buse...
Jan. 3, 2008 02:00 PM EST Reads: 22,376
Trend Micro, a provider of network antivirus and Internet content security software and services, has announced a solution, the Trend Micro ServerProtect for Linux, that provides highly scalable and real-time protection for internal and external endpoints.
Jun. 1, 2006 10:00 PM EDT Reads: 11,925
BitDefender has announced the public availability of its new Enterprise Security Suite for Mail and File Servers running on Samba or FreeBSD. The powerful, new Linux-based security suite - including BitDefender Mail Protection for Enterprises, BitDefender Mail Protection for SMB, and B...
May. 30, 2006 08:00 PM EDT Reads: 15,253
Novell announced that Finland's Ministry of Defence has selected Novell SUSE Linux Enterprise Server as its platform for critical process management and documentation applications, messaging services, and Intranet portal. The Ministry tapped Novell's Linux platform for its proven relia...
Mar. 27, 2006 04:30 PM EST Reads: 13,513 Replies: 1
The Linux community - nearly 29 million platform users - has been plagued for years by spam which, according to industry statistics, is dramatically on the rise. Despite relentless efforts to stop it (including billions of dollars spent to develop anti-spam solutions), spam continues t...
Feb. 28, 2006 12:00 PM EST Reads: 12,533
Jan. 24, 2006 07:45 AM EST Reads: 16,001
C/C++ language variadic functions are functions that accept a variable number of arguments. Variadic functions are implemented using either the ANSI C stdarg approach or, historically, the UNIX System V vararg approach. Both approaches require that the contract between the developer an...
Dec. 6, 2005 03:15 PM EST Reads: 26,010 Replies: 1
Information security is a top priority for many companies. Protecting information from external threats such as hackers, viruses, and spam, as well as governmental regulation requirements (SOX, HIPAA, NISPOM, etc.), are driving IT purchases beyond ROI as C-level executives seek to assu...
Nov. 10, 2005 12:00 PM EST Reads: 24,373 Replies: 5
The brouhaha over a presentation given last week by Michael Lynn has taken on a life of its own on the worldwide web. No surprise here. Lynn's presentation can be found easily, as can many other interesting related items. SYS-CON Media herewith presents a few things we've found.
Aug. 4, 2005 01:45 PM EDT Reads: 32,644 Replies: 5
The purpose of this article is to show how basic security principles can help you develop programs that are harder for the bad guys to break. We'll examine a simple function that executes a command as though it were typed at the keyboard, exactly what the library function system does. ...
May. 30, 2005 12:15 PM EDT Reads: 18,926
Security giant Symantec, The New York Times is reporting this morning, is 'close to acquiring' Veritas for more than $13 billion, trumping yesterday's $10.3 billion acquisition of PeopleSoft by Oracle, and dwarfing Honeywell's $1.5 billion bid this week for Novar. Only the possible $35...
Dec. 14, 2004 12:00 AM EST Reads: 27,512 Replies: 5
In an era where everybody is connected to a potentially harmful Internet with an increasing number of complex and distributed applications, controlling what the computers do has become significantly harder. At the core, simple actions (executing software, e-commerce, etc.) rely on trus...
Dec. 13, 2004 12:00 AM EST Reads: 21,002
Speedy disk backups are gaining in popularity as networking demands increase, but the traditional tape data protection won't disappear overnight. Maybe it's time to think about the best of both worlds.
Aug. 31, 2004 12:00 AM EDT Reads: 16,427
Users of the popular Mplayer media device are being urged to upgrade to the latest version, due to a bug.
Aug. 4, 2004 12:00 AM EDT Reads: 18,042
It's no secret to technical developers that security issues need to be taken into consideration when developing policies. However, the extent of those security issues can easily be overlooked by many organizations.
Jul. 27, 2004 12:00 AM EDT Reads: 17,221
Does the open source community provide world-class security technology? Can organizations stop dealing with commercial vendors for security software? To avoid any undue suspense, the answers are: 'Emphatically yes' and 'Maybe, but you probably need to make an investment of some kind.'
Jul. 27, 2004 12:00 AM EDT Reads: 30,824
Seemingly everyone has insight into the open source versus closed source security debate. Each side provides plausible arguments for the benefits of their own model and points out drawbacks of the other. The proponents of open source argue that the source code is open and available for...
Apr. 19, 2004 12:00 AM EDT Reads: 18,201
As the state of the art in operating systems (OS) continues to advance, an unnerving trend has emerged: vulnerabilities in tightly integrated operating systems. How do you address this? With an effective combination of educated staff, proper procedures, and technology.
Apr. 19, 2004 12:00 AM EDT Reads: 15,522
As a decision maker in your IT organization, you're aware that your Linux systems share is growing (if your enterprise follows today's business trend). Linux installations are now available on every major hardware platform. New projects in development include Linux systems in an increa...
Apr. 19, 2004 12:00 AM EDT Reads: 22,574 Replies: 2
Symantec's CTO talks about comprehensive security and how today's IT organizations must address it.
Mar. 6, 2004 12:00 AM EST Reads: 38,722
This article presents a Linux kernel module capable of verifying digital signatures of ELF binaries before running them. This kernel module is available under the GPL license and has been successfully tested for kernel 2.5.66 and above
Dec. 22, 2003 12:00 AM EST Reads: 25,866 Replies: 1
Enterprises worried about cybersecurity should pay more attention to their own employees than to the as-of-yet unrealized threat of cyberterrorism, two cybersecurity experts warned a group of IT professionals. (800 words)
Jun. 3, 2003 12:00 AM EDT Reads: 24,842
As with its last software update, the Apache Software Foundation said that 2.0.46 was the 'best version of Apache available' and recommended that users of prior Apache versions upgrade.
May. 28, 2003 12:00 AM EDT Reads: 27,173
Our Hero uncovers Microsoft's ingenious, covert marketing efforts to promote Linux and open source via its own products' security vulnerabilities. This column is intended for mature audiences with a keen eye for sarcasm. (1,600 words)
Feb. 12, 2003 12:00 AM EST Reads: 35,155 Replies: 6
The list is misleading in that many readers and editors would have seen this as an FBI certification of the relative equality of security problems between systems running Microsoft Windows and those running Unix.
Nov. 11, 2002 12:00 AM EST Reads: 23,244
PureSecure is much more polished, more complete, and more fully featured than its free software counterpart ACID. It's not free for commercial use, however. (1,200 words)
Apr. 30, 2002 12:00 AM EDT Reads: 22,509
All it takes is time and free software to set up a powerful intrusion detection system for your Unix system. Follow along as Joe Barr installs ACID on his system and discovers a big security hole. (1,450 words)
Apr. 10, 2002 12:00 AM EDT Reads: 24,560 Replies: 2
All vendors have made mistakes at some time, and no vendor seems to be any better or worse than the other. Fortunately, these mistakes do not appear to be malicious -- just the result of a game of Chinese Whispers. (1,200 words)
Jan. 21, 2002 12:00 AM EST Reads: 10,117
If you want to do two-way synchronization with rsync, you'll need to run it twice. unison does two-way synchronization by default and well, thank you. How to make unison work for you.
Jan. 11, 2002 12:00 AM EST Reads: 22,903
Our hero ponders Windows XP's fast user switching, which leads him to Microsoft's approach to adding features to its operating systems, which leads him to the beautiful simplicity of the Unix philosophy of each tool doing one thing well, which leads him to rsync. Read on, it all makes ...
Jan. 8, 2002 12:00 AM EST Reads: 47,138 Replies: 1
From denial, to diagnosis, to rebuilding and hardening the system, Joe walks us through the life cycle of a hack. (1,700 words)
Apr. 4, 2001 12:00 AM EDT Reads: 19,316
This week Joe Barr presents the first of two columns about stealth scans, and NMAP, a port scanner used by attackers and system administrators alike. (1,400 words)
Mar. 21, 2001 12:00 AM EST Reads: 16,741 Replies: 2