Last time around
CardSystems gets away lightly
Choicepoint doesn't- it pays dearly for breach
Are cellphones a liability?
US Congress fixated on IT security
Recent caselaw- should remote workers use encryption at home?
French bank customers lose to Russian cyber-criminals
Brazilian teen hackers steal USD$ 4.7million from bank accounts
Wiretapping your adversaries- the 'new, new thing'?
Bye Bye Scott McNealy
The Oscar Wilde of the computer industry has resigned as CEO of Sun Microsystems, the company he started many moons ago. Whatever else you thought about McNealy, at least he had a tongue in his head, and a wickedly sharp one at that.
I saw him speak at RSA in an alarming red sweater, the subject of my latest Globe column (the event, not McNealy's sweater). What struck me about his message, delivered with dollops of his usual delightful venom, was how right he was about most things wrong with the industry, and how he might be dead in the water nonetheless. Right is unlikely to prevail over might in the cutthroat IT sector.
However, all is not lost, as McNealy has not gone too far: he will be around for a while as Chairman of Sun, leaving a rather dapper, ponytailed person running the show. However, the fact that his successor appears to find McNealy's witticisms as amusing as I do, does not necessarily auger well for a true changing of the guard. Assuming Sun needs one, as the market seems to suggest.
But maybe a McNealy clone isn't such a bad thing.
He did not, or so they say, rush to fire vast hordes of Sun employees every chance he got, just to save a pittance. Many of his contemporaries have no such compunction. It is always an easy, but hugely short sighted fix, to fire your main assets and hope the shell- shocked remainder will soldier gamely on. And create anything of enduring value. Sun employees will hope against hope that McNealy 2.0 is similarly disposed.
We at Headfy wish McNealy all the best.
When he gets tired of talking Sun, he should move to Ireland and run for Taoiseach. They have excellent golf courses there too.
Read his priceless' It's mankind against Microsoft' interview with BusinessWeek magazine.
Phishers up their game
Slowly but surely, people are getting wise to phishing emails. By now, practically everyone online has received one- the message from Chase Bank that has an embedded link that directs you to a fake, but authentic looking, website that records and steals any data you type in, such as banking login passwords.
So the criminals have to evolve and get more creative.
Phishing 2.0, as spotted recently in Australia involves them providing a genuine toll free number in the ‘phish’ email that is manned by a machine that prompts you to enter credit card details and social security numbers.
Needless to say, real bank employees are not at the receiving end of that call. The ploy is cute as genuine email from banks, to the extent that anyone actually trusts them anymore (as people simply can’t distinguish the good from the supremely ugly), often do encourage customers to ‘pick up the phone’.
What is a person to do? After quieting the urge to hurl the computer against the wall, it is best, so the banks say, to ignore all these emails. However, we are aware of cases where call centres and bank employees from marketing departments break their own rules and confuse the living daylights out of the phish terrorized masses.
There are efforts underway to ‘authenticate’ email- a fancy way of saying that the IT folk are trying to figure out how to differentiate mail from the mob from mail from grandma. But it turns out that because of the way the Net was engineered, it is a tall order- in fact, it’s what they euphemistically call ‘a hard problem’.
So until there is a technological miracle- probably never- you are left to your own devices to try to figure it out. One thing sure, the bad guys will continue to tweak their techniques and get more and more devious.
If you are really concerned, especially about ebanking, read the fine print of the terms and conditions for your online service and if you don’t like what you read, change banks. Some of them would like to put all the risk and liability onto you rather than assume responsibility for such a ‘hard problem’.
UK cabby 'outs' Clash fan
The Al Qaeda desperados have much to answer for, not least, of course being the wholescale massacre of thousands of innocents. So it is understandable that the police want to take every precaution to hunt them down. However, the devil is in the details and as we all know, 'profiling' is a tricky business and invariably gives rise to dodgy mischaracterisations of people, cultures and places.
But in a horrible new twist, it seems no-one is safe. Especially in the UK, where your every nose hair is luminous on CCTV cameras manned by god knows who.
A phone salesman who asked a cabbie (it is always a bad idea to actually speak to them) while enroute to a UK airport, to play his punk heroes over the car stereo, missed his flight when the cabbie turned him in.
It seems that the 'London Calling' lyrics raised a red flag for the terrified cabbie, who bravely alerted authorities to this great threat to the nation. UK police duly arrested the hapless Clashie onboard his flight and sweated him until the penny dropped that listening to the Clash is not nearly as subversive an activity as non- punks might imagine. At which point his flight had departed.
This is not the first time that Clash lyrics have got punters into trouble with UK police: some years ago, a guy was sweated for sending Tommy Gun (The Clash again) lyrics out in an SMS message.
So next time you are heading to the UK on business, or for pleasure, be sure to delete all punk bands from the iPod. If the Clash alarms MI5, imagine what kind of a reaction 'Anarchy in the UK', or 'God Save the Queen' might elicit?
Take no chances. Britney rules.
Workers expose company data on infected home PCs
At Headfry, we have often written about the threat posed to businesses by remote workers who transpose confidential company data to infected home PCs.
In a fine example of the scenario, a Trend Micro (the anti-virus company) employee exposed secret company reports to the masses when he used a popular P2P network- Winny- on a virus infected home PC, presumably to share videos or music.
It seems that virus infected 'Winny' enabled machines in Japan have contributed to several recent incidents where nuclear plant secrets and the names of sex crime victims have leaked onto the Net.
According to some reports, the Japanese government was so upset by these incidents that it released a desperate plea to the Japanese people to abandon all P2P services. Of course, they will immediately comply and the problem will disappear.
And pigs in skirts will fly too.
If companies allow home workers to use any machine for company business that isn't automatically checked for viruses, this type of incident will happen again and again.
We strongly suspect that many of these incidents go unreported because, a) the errant workers do not tell the company what happened, b) the company never finds out- due to a) and being generally gormless, and c)- the most likely scenario- neither party has the faintest idea that corporate secrets are out in cyberspace for all to see.
|
