TechEye |  |
- Security industry runs aground
- IBM Lenovo sale at risk
- New Italian job stole half a million euro
- Intel buys software for sports
- Supremes insist on warrants to search phones
| Security industry runs aground Posted: 26 Jun 2014 01:52 AM PDT The IT security industry is unable to cope with cybercrime and needs to come up with a better way of protecting customers. Eugene Spafford, a computer security expert and professor of computer science at Purdue University, said that the security industry is just adding layers of defensive technologies to protect systems. However it can't deal with the most substantial, underlying problems that sustain a sprawling cybercrime syndicate. Talking at the FIRST security conference in Boston, Spafford said that software makers continue to churn out products riddled with vulnerabilities, creating an incessant patching cycle for IT administrators that siphons resources from more critical areas. He said that the problem was so bad that today businesses are rushing to invest in many of the latest security technologies designed to detect infections without any ability to efficiently fix them. Instead of building secure systems, they are getting further and further away from solid construction by putting layer upon layer on top of these systems. Spafford said things had moved to vendors pushing things out rather than get things right the first time. Poorly coded software combined with growing network complexity has increased the attack surface at many organisations and it is taking its toll financially, said Spafford. Spafford who is famous for analysing the Morris worm, one of the earliest threats to the internet, said that there are 220 million known malware families or instances of known malware and it is increasing by 52 million a month. Threat detection hasn't improved much and malware remains on systems for months and often isn't uncovered until after criminals pilfer systems containing intellectual property and other sensitive data. Security vendors produce inadequate security platforms designed to protect software riddled with holes, Spafford said. Coppers were inadequately equipped and stymied by criminal gangs in countries where bribery earns them protection from the government, Spafford said. He called for an investment in computer programming education and a move by software manufacturers to embed software security concepts early into the development process. |
| Posted: 26 Jun 2014 01:51 AM PDT It seems that US paranoia over Chinese spying is set to derail the proposed $2.3 billion sale of IBM's low end server business. Approval of the deal was expected to be automatic; after all, Lenovo has been selling old IBM PCs to US government for ages with no problems. However the US government has put the deal in limbo while its spooks apparently investigate "national security issues". Apparently US security officials and members of the Committee on Foreign Investment in the United States (CFIUS) are worried that IBM's x86 servers used in communications networks and in data centres supporting the Pentagon's networks could be accessed remotely by Chinese spies or compromised, the newspaper reported. Lenovo bought IBM's money-losing ThinkPad business for $1.75 billion, which had faced scrutiny, but was approved with no real debate. But it is clear that this time government officials are trying to derail the deal. They are uneasy about the potential sale of servers that may be clustered together to perform like a powerful computer. IBM and Lenovo are trying to address CFIUS concerns about server maintenance and have said that IBM will provide maintenance on Lenovo's behalf "for an extended period" after the sale. Meanwhile IBM and Lenovo have refiled their application for approval of the deal to buy more time. If the deal falls through then IBM could be in trouble. The division has not made money for a while now and Big Blue was keen to lose it. There is no buyer on the horizon either. Did we mention it was a loss maker? But equally pressure on Lenovo is unfair and seems to be geared to sending a message to Beijing that the US Empire is the only one which is allowed to spy on anyone. |
| New Italian job stole half a million euro Posted: 26 Jun 2014 01:49 AM PDT Kaspersky Lab has found proof of a targeted attack against the clients of a large European bank which has needed the robbers half a million euro in a week. The campaign started on 20 January this year when a command and control server was detected on the net. The server's control panel indicated evidence of a Trojan program used to steal money from clients' bank accounts. More than 190 victims could be identified, most of them located in Italy and Turkey. The sums stolen from each bank account, according to the logs, ranged between 1,700 to 39,000 euro. Two days after Kaspersky Lab discovered the C&C server, the criminals removed every shred of evidence that might be used to trace them. Vicente Diaz, Principal Security Researcher at Kaspersky Lab, said that the Bank had been notified and the coppers. It is believed that key financial data was intercepted automatically and fraudulent transactions were carried out as soon as the victim logged onto their online bank accounts. It is not clear what malware software was used in this campaign. However, many existing Zeus variations could do it. The stolen money was passed on to the crooks' accounts and participants in the scam receive some of the stolen money in specially created bank accounts and cash out via ATMs. It is expected that the scam will re-appear somewhere else in the future. |
| Intel buys software for sports Posted: 26 Jun 2014 01:48 AM PDT There were more signs that the fashion bag maker Intel is pressing ahead with its internet of fangs project. According to Reuters, Intel has written a cheque to a New Zealand company producing software for use in sports and exercise sectors. The investment comes from Chipzilla's investment arm, Intel Capital, which has bought into the privately owned Performance Lab. The Kiwi firm writes software for real-time exercise management and virtual coaching. It fits in nicely to Intel's plans to stick its chips into sports clothing and other exercise gear. Sudheer Kuppam, Intel Capital Asia Pacific managing director said that the sports, fitness, health and wellness sectors are fuelling strong global demand for smart gadgets. Performance Lab's products gather and analyse data from a person playing sport or exercising, and send the results to coaches or participants through mobile devices for management of training programmes. |
| Supremes insist on warrants to search phones Posted: 26 Jun 2014 01:46 AM PDT The US Supreme Court unanimously ruled that the police need warrants to search the mobile phones of people they arrest. The decision will offer protection to the people arrested every year, many for minor crimes who have found coppers searching through their phones looking for something more serious to arrest them on The ruling applies to searches of tablet and laptop computers and it also might apply to searches of homes and businesses and of information held by third parties like phone companies. Chief Justice John Roberts writing for the court, was keenly alert to the central role that mobile phones play in contemporary life. They are, he said, "such a pervasive and insistent part of daily life that the proverbial visitor from Mars might conclude they were an important feature of human anatomy". The defence of the smartphone was based legally on a part of the constitution which was designed to stop the government interfering with the revolutionaries smuggling business. Chief Justice Roberts wrote that there was a revulsion against "general warrants," which "allowed British officers to rummage through homes in an unrestrained search for evidence of criminal activity. "The fact that technology now allows an individual to carry such information in his hand," the chief justice also wrote, "does not make the information any less worthy of the protection for which the founders fought." The Government is not having a good time with its introduction of Big Brother technology and has lost every time it got to the supreme courts. The courts have long allowed warrantless searches in connection with arrests, saying they are justified by the need to protect police officers and to prevent the destruction of evidence. Chief Justice Roberts said while the police may examine a mobile to see if it contains, say, a razor blade, he wrote, "once an officer has secured a phone and eliminated any potential physical threats, however, data on the phone can endanger no one". Police may turn off a phone, remove its battery or place it in a bag made of aluminium foil to stop it being remotely wiped. Chief Justice Roberts acknowledged that the decision would make law enforcement more difficult but added that "privacy comes at a cost". |
| You are subscribed to email updates from TechEye - Latest technology headlines To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google Inc., 20 West Kinzie, Chicago IL USA 60610 | |
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.