Monday, July 31, 2006

The Borg Were Not Secure

In Star Trek the Borg flew through space in this big cube. Its defenses were adaptable to any form of attack. Their defensive force field would change frequency so an attacker could not get to them. However, members of the Enterprise could beam inside the cube. The Borg would act as if they were not there.

In the past week I learned something form a customer. He was recommended from a customer support personal an anti-spyware program. I never heard of it before. In fact I had trouble pronouncing it. It did the job. After some testing on my own, I found that it was a very good program.

When it comes to computer security and personal identity, it is dangerous to stick with brand of software. Hackers and spyware writers are always changing their techniques. This year we have successfully holes punched in a brand of anti-virus software.

As the type of attacks change so must we change my protection according to offset the attack. The Borg was constantly changing the frequency of their shields to prevent penetration their shields by the Enterprise.

The Borg had the external defenses down, but when an attack from within they could not recognize it. News reports have been filled with loss of personal data all most daily. Security breaches come from within the company or government agency. Internal security must be a duty of everyone within the organization. All it takes one person to raise the flag and say, “This does not look right!”

If the Borg did see the crew of the Enterprise when they beamed on the Borg cube, well the Borg would of have defeated the crew of the Enterprise. They kept running the same old software, and never thought there could be something better.

Wednesday, July 26, 2006

Multi-Tasking is a Mistake

At one time multi-tasking was the way to get ahead in life. Doing more in less time is a great business model for making more money. A very few companies have succeeded at accomplishing this. The average individual is headed for failure by to much multi-tasking. Multi-tasking learning has been proven lower retention and application.

Business can multi-task to gain and maintain the market share, but it take a high level of displine along with well define rolls. Nestle SA dominance in the food industry has succeeded. However, Microsoft maybe is trying to do too much in a very complex industry.

Think about it. Operating systems are very complex piece of software. Making it user friendly is a tall task. Making business software that is flexible enough to adapt to most every business need takes super human ability. Granted Microsoft has done this control the market.

Now security and training must meet the end users needs. In the past few years Microsoft has added training for their users. Security, the most difficult task in all of the computer industry can not be done by subjective executives.

Security, no matter what field you are trying to keep secure needs to be done from object firm. Why do you think a security audit is most effective from someone who has no stake in the business they are auditing? They will be less likely to over look little loop holes. An objective auditor will always point out things that a subjective auditor will overlook.


This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. -->

Monday, July 17, 2006

Why Do We Work Against Computer Security?

We are still doing the same-old, same-old. On one level security has not changed much. The main issues continue raise their ugly head over and over again. Companies and individuals may be spending good money, but they still have not solved the problem. Many of them need to have a catastrophic data loss or leakage before securing their systems. Security procedures and habits are only followed when the fear of public embarrassment raises its head. We move ahead in the jungle of insecurity hoping not to be eaten alive.

Users keep doing stupid things, too. Laptops are lost so regularly that they should be replaced by a desktop. When was the last time you heard of a desktop being lost or stolen? We should keep our data on computers large enough to deter theft.

I get tired of seeing surveys and reports of computer users who do not use or change their passwords on a regular basis. I will not mention the weak passwords that are easy to guess. Passwords contain wife's name, cat's name or favorite aunt are just to easy.

This is not just an issue with Windows users. Linux and Apple have fallen prey to security threats. In their smug little room they have challenged the hackers of the world to come after them. In 2006, finding a hole in Windows has got to be no big challenge for the hacker world. The serious black hat hackers have set their eye on Apple and Linux.

Law enforcement has taken an increasingly harder view of cyber crimes. Jail time has become the norm for cyber crimials. Congress has jumped on the bandwagon with passing tougher laws. Then why do we still see little change in the number of attacks each week?

Copyright © 2006 by E.F. Cussins

Monday, July 10, 2006

Nigerian Connection

There are people on the internet that is out to take your money from your pocket and put into theirs. A lot of it is not by fair or honest means. When the same people and scams keep rising up their ugly head and people are still falling for these scams. I listed two of the common ones below.

The first one I every heard of was about five years ago. A business person in the United States was has cashier check from a Nigerian businessman. As a token of good faith the business person in the United States was to keep half of the value of the cashier check and send other half back to Nigeria. The unsuspecting individual that kept half for helping out a businessman in Nigeria got a call from his bank saying the cashier check is a fake. This person was left minus a large some of money.

The new one I saw, more recently, was done through Craigslist.org. An email would be sent to the seller from someone supposedly that was at the other end of the United States. For their trouble of packaging and shipping the item being sold would be paid an extra $50.00, for their trouble. An email would come that was from Money Gram or USPS saying, “When we receive shipping confirmation, they will a money order for the full amount. They would also send a FedEx shipping label. Of course the money order would never arrive.

A bright red flag needs to be raised about what is going on. People who surf the World Wide Web must be made aware the dangers from different types of phishing emails. Violence has occurred among family members because of falling for these scams. We need to put them to a stop by not falling for them.

Sunday, July 02, 2006

Web Economics

Free programs that we all download from Major Geeks, Softpedia, to Cnet.com are great. Free web forums like Lockergrome, Leoville to PC Magazine help us find answers to our computer problems. However, who is paying the bills for electricity to power the servers that provide these services? What about technical people who do the programming and monitoring? How do they put the food on the tables for their families? Where does all the money come from that pay for these very useful services?

I dislike banner ads and pop ups as much as the next person. Nevertheless, this is the how the free web services are supported. The free services from particular websites I use make it my obligation to click on their ads and buy what I need through them.

The websites I visit on a regularly basis have companies that advertise on that site. I figure they must be a web stores that can be trusted. If it is not the case then that website webmaster must be informed that an advertiser of their’s is has less than honest business dealing.