Tuesday, June 24, 2008
Friday, June 20, 2008
Hackers get Shot in China
If you thought Bush's Patriot Act was bad news, count your lucky stars that you're not a hacker in the People's Republic of China.
The PRC has an interesting history regarding hackers. If they catch them they shoot them. In the late 1990s some employee at the Bank of China hacked into accounts and embezzled a large chunk of change. The hacker apparently experienced remorse and turned himself in. Bad call. He was summarily tried, found guilty, and shot. Then the hacker's family was sent a bill for the bullets expended.
Source: LiquidMatrix
Wednesday, June 18, 2008
Beware The Rise of e-Crime
The UK's Serious Organised Crime Agency [1] (Soca) has issued a warning about the increasing number of international online gangs stealing and trading personal details of web users.
A report issued by the agency says that groups of criminals - often comprising of an average of 30 specialists focused on areas ranging from phishing to data trading - are part of a market evolution geared at trading and exploiting data.
Information is often stolen through techniques such as phishing and key logging using malware sent via email. The stolen data is then used by the thieves for fraudulent purposes or sold to other cyber criminals over the web.
"As web-based technologies become increasingly diverse, e-criminals will use these services to access and exploit victims and conceal their activities," says the Soca report.
"Each group will typically have an inner circle of more technically advanced and/or experienced members who control access to the attack tools and are responsible for dividing up the work."
The tactics used by the criminals are constantly updated to keep ahead of protection offered by software vendors, according to Soca.
Last month, Soca completed the first phase of a five-year IT overhaul [2] to help in the battle against organised crime.
But the agency has admitted that it faced challenges in training staff to a level where the improvement will have a material effect on tackling criminals.
Soca's annual reports said the "challenges involved in increasing knowledge to a level that would facilitate a transformation of the impact on organised crime still remained significant."
So far the programme has given overseas staff secure access to IT systems, improved the internal management of information and upgraded software to improve the collection of Suspicious Activity Reports a mechanism allowing the public to electronically report financial crime.
- Angelica Mari
Source:Computing
A report issued by the agency says that groups of criminals - often comprising of an average of 30 specialists focused on areas ranging from phishing to data trading - are part of a market evolution geared at trading and exploiting data.
Information is often stolen through techniques such as phishing and key logging using malware sent via email. The stolen data is then used by the thieves for fraudulent purposes or sold to other cyber criminals over the web.
"As web-based technologies become increasingly diverse, e-criminals will use these services to access and exploit victims and conceal their activities," says the Soca report.
"Each group will typically have an inner circle of more technically advanced and/or experienced members who control access to the attack tools and are responsible for dividing up the work."
The tactics used by the criminals are constantly updated to keep ahead of protection offered by software vendors, according to Soca.
Last month, Soca completed the first phase of a five-year IT overhaul [2] to help in the battle against organised crime.
But the agency has admitted that it faced challenges in training staff to a level where the improvement will have a material effect on tackling criminals.
Soca's annual reports said the "challenges involved in increasing knowledge to a level that would facilitate a transformation of the impact on organised crime still remained significant."
So far the programme has given overseas staff secure access to IT systems, improved the internal management of information and upgraded software to improve the collection of Suspicious Activity Reports a mechanism allowing the public to electronically report financial crime.
- Angelica Mari
Source:Computing
Wednesday, June 11, 2008
Protect your identity online
The best ways to protect your identity online
Rosemary Haworth
June 09, 2008 (PC Advisor) With identity theft on the rise and personal information at a premium, it's never been more important to be cautious about what you reveal online.
Social networking sites such as Facebook have largely usurped chatrooms and forums -- at least in the grown-up world -- as fun places to hang around online and engage in harmless distractions. Unfortunately, they've also replaced chatrooms in the tabloid consciousness as the place where pedophiles go to pick up victims.
But while we conscientiously monitor our kids' Internet use and apply restrictions to the sites they can visit and the times they're allowed to go online, we may be putting ourselves in other sorts of danger.
Practice what you preach
Having taught your kids to chat only to people they know and to limit the amount of personal information they give out, consider whether you practice what you preach.
Announcing to the world (via your Facebook profile) that you're bungee-jumping at Victoria Falls tells us you're still game for a laugh. If your profile also states your birth date, hometown, address and phone number, along with a reference to your current and past employers, you've left yourself wide open to someone becoming the new you.
In the past, a tell-tale answering machine message stating that you're on vacation would have been brilliant news for an opportunist thief. The equivalent these days is the careless status update or unprotected online profile that enables a cybercrook to see your personal details.
Limit your exposure
Privacy options at such sites aren't always enabled by default, although Facebook has taken steps to make users' current security settings far more transparent. Even so, you should check who can see what. The Privacy option at the top right of Facebook's home page lets you dictate who can see details about you and who can search for you.
In February, Facebook made a deal to make postings and profiles searchable via search engines. Fraudsters don't even have to be Facebook members to track you down and find out information about you.
Although there was plenty of outcry, the fact remains that Facebook's sign-up terms allow it to do this. Your profile may be all about you and acts as your online identity, but Facebook owns it. The point here is to ensure you read the terms and conditions before signing up.
Allowing friends to see your e-mail address, photo, status and musical tastes is fine, but we suggest you disable the search part. Also, if you allow friends of friends and "anyone in my networks" to see every online move you make, you've opened yourself up to an audience of thousands, if not millions. Anyone in your network could use what they can glean from your profile against you.
Be wary of seemingly "mutual" friends attempting to add you to their friends list. They may simply want to outdo their friends in how many online friends they have. Or they may want to be your friend to acquire further personal details via your profile.
Although this may sound far-fetched, there are plenty of reported instances of publicly and semipublicly posted personal information being exploited in this way.
Knowing me, knowing you
Similarly, assuming someone is trustworthy because they appear to know one of your friends can be a mistake. Last year, three teenage girls ended up being "groomed" and then stalked in person by a middle-aged man they met on the Bebo message boards. Each had trusted him because of his apparent online friendship with the others.
As one of the girls said after his arrest, the fact that he continued to be friendly to one of her friends led her to overlook his odd behavior -- including his comments on their shopping trips and other events that they had discussed together online.
The cyberstalker was eventually caught when he showed up at the Tate Modern gallery in London. He'd learned the girls were going there for a school trip and was recognized while covertly photographing one of the girls he'd met online. They were able to alert security and the police before he escaped.
Although this was a particularly nasty and dramatic case, it demonstrates another point. Reputation and the trust implicit in the apparent approval of someone by your peers is a powerful element of both our face-to-face and online interpersonal relations. It's also something that business networks such as LinkedIn and Plaxo trade on.
At LinkedIn, reputation ranking and feedback have now overtaken in importance the original goal of such sites: to build a circle of business associates and stay in touch with them as they flit from employer to employer. Be sure you keep tabs on who's saying what about you.
And reputation is all-important when convincing someone to buy goods from you online. Our own PC Advisor forums show that it's now de rigueur to find out what customers think of a company before buying from it online -- and it's even more important for small retailers.
Visit Broadband Advisor for the latest news and reviews about the Internet and Internet tools.
Romantic interludes
Let's return to our original warning about giving away your personal information freely, and the Internet acquaintances who have more than friendship in mind. This is something adults need to worry about just as much as kids and teenagers.
Internet dating is notorious as a means of disguising your true age, occupation, weight, gender and intentions -- that's why it's so popular. If you want to use the Web to meet people, then do so safely. Use a legitimate agency that's regulated and recognized, research what others who have used the service have to say about it and find out how the agency checks people before taking them on.
Expect some in-depth personal questions and to be asked for proof that you are who you say you are. A passport, driver's license, proof of address, and birth and divorce certificates were routinely asked for at the bricks-and-mortar dating agency where we used to help out.
Online agencies of good repute should insist on similar assurances. If they don't check you out thoroughly, what's to say they're checking up on your next date?
Acting on impulse and simply taking information supplied by potential dates at face value is more than foolish. It's dangerous in every sense.
Source: Computer World
Rosemary Haworth
June 09, 2008 (PC Advisor) With identity theft on the rise and personal information at a premium, it's never been more important to be cautious about what you reveal online.
Social networking sites such as Facebook have largely usurped chatrooms and forums -- at least in the grown-up world -- as fun places to hang around online and engage in harmless distractions. Unfortunately, they've also replaced chatrooms in the tabloid consciousness as the place where pedophiles go to pick up victims.
But while we conscientiously monitor our kids' Internet use and apply restrictions to the sites they can visit and the times they're allowed to go online, we may be putting ourselves in other sorts of danger.
Practice what you preach
Having taught your kids to chat only to people they know and to limit the amount of personal information they give out, consider whether you practice what you preach.
Announcing to the world (via your Facebook profile) that you're bungee-jumping at Victoria Falls tells us you're still game for a laugh. If your profile also states your birth date, hometown, address and phone number, along with a reference to your current and past employers, you've left yourself wide open to someone becoming the new you.
In the past, a tell-tale answering machine message stating that you're on vacation would have been brilliant news for an opportunist thief. The equivalent these days is the careless status update or unprotected online profile that enables a cybercrook to see your personal details.
Limit your exposure
Privacy options at such sites aren't always enabled by default, although Facebook has taken steps to make users' current security settings far more transparent. Even so, you should check who can see what. The Privacy option at the top right of Facebook's home page lets you dictate who can see details about you and who can search for you.
In February, Facebook made a deal to make postings and profiles searchable via search engines. Fraudsters don't even have to be Facebook members to track you down and find out information about you.
Although there was plenty of outcry, the fact remains that Facebook's sign-up terms allow it to do this. Your profile may be all about you and acts as your online identity, but Facebook owns it. The point here is to ensure you read the terms and conditions before signing up.
Allowing friends to see your e-mail address, photo, status and musical tastes is fine, but we suggest you disable the search part. Also, if you allow friends of friends and "anyone in my networks" to see every online move you make, you've opened yourself up to an audience of thousands, if not millions. Anyone in your network could use what they can glean from your profile against you.
Be wary of seemingly "mutual" friends attempting to add you to their friends list. They may simply want to outdo their friends in how many online friends they have. Or they may want to be your friend to acquire further personal details via your profile.
Although this may sound far-fetched, there are plenty of reported instances of publicly and semipublicly posted personal information being exploited in this way.
Knowing me, knowing you
Similarly, assuming someone is trustworthy because they appear to know one of your friends can be a mistake. Last year, three teenage girls ended up being "groomed" and then stalked in person by a middle-aged man they met on the Bebo message boards. Each had trusted him because of his apparent online friendship with the others.
As one of the girls said after his arrest, the fact that he continued to be friendly to one of her friends led her to overlook his odd behavior -- including his comments on their shopping trips and other events that they had discussed together online.
The cyberstalker was eventually caught when he showed up at the Tate Modern gallery in London. He'd learned the girls were going there for a school trip and was recognized while covertly photographing one of the girls he'd met online. They were able to alert security and the police before he escaped.
Although this was a particularly nasty and dramatic case, it demonstrates another point. Reputation and the trust implicit in the apparent approval of someone by your peers is a powerful element of both our face-to-face and online interpersonal relations. It's also something that business networks such as LinkedIn and Plaxo trade on.
At LinkedIn, reputation ranking and feedback have now overtaken in importance the original goal of such sites: to build a circle of business associates and stay in touch with them as they flit from employer to employer. Be sure you keep tabs on who's saying what about you.
And reputation is all-important when convincing someone to buy goods from you online. Our own PC Advisor forums show that it's now de rigueur to find out what customers think of a company before buying from it online -- and it's even more important for small retailers.
Visit Broadband Advisor for the latest news and reviews about the Internet and Internet tools.
Romantic interludes
Let's return to our original warning about giving away your personal information freely, and the Internet acquaintances who have more than friendship in mind. This is something adults need to worry about just as much as kids and teenagers.
Internet dating is notorious as a means of disguising your true age, occupation, weight, gender and intentions -- that's why it's so popular. If you want to use the Web to meet people, then do so safely. Use a legitimate agency that's regulated and recognized, research what others who have used the service have to say about it and find out how the agency checks people before taking them on.
Expect some in-depth personal questions and to be asked for proof that you are who you say you are. A passport, driver's license, proof of address, and birth and divorce certificates were routinely asked for at the bricks-and-mortar dating agency where we used to help out.
Online agencies of good repute should insist on similar assurances. If they don't check you out thoroughly, what's to say they're checking up on your next date?
Acting on impulse and simply taking information supplied by potential dates at face value is more than foolish. It's dangerous in every sense.
Source: Computer World
Tuesday, June 10, 2008
Superfast mini tape from Tandberg
Tandberg touts superfast mini tape library
Bryan Betts
June 09, 2008 (Techworld.com) Tandberg Data is claiming to have the fastest 2U tape library on the market after upgrading its StorageLibrary line with the latest half-height LTO-4 drives.
Tandberg says the upgraded StorageLibrary product now provides up to 123TB of compressed storage — although the 2U model has 12 tape slots for a compressed total of perhaps 20TB.
The Norwegian storage vendor has also updated its eight-slot StorageLoader — a smaller tape autoloader — with half-height (HH) LTO-4.
The compact tape drives have been available for only a few weeks, and provide a high capacity — 800GB of uncompressed data per cartridge. They allow Tandberg to fit two drives into a 2U library, so the library is about double the speed of one with a single drive, at up to 1.7TB/hour. Tandberg's larger libraries with more drives are even faster, of course.
Compared with LTO-3, the LTO-4 HH has double the storage capacity, runs 50% faster and includes 256-bit AES encryption in hardware, said Bharat Kumar, vice president of marketing and development at Tandberg. It supports nonerasable WORM tapes for long-term archiving, he added.
Meanwhile, rival tape library developer Overland Storage has poured cold water on Tandberg's speed claims.
"Performance is a bit of an odd thing to talk about, because the LTO-4 won't be the limiting factor - the bottleneck will be elsewhere in the system," said Chris James, Overland's European marketing director. He argued that the only real way to improve performance is to put a disk-based VTL (virtual tape library) in front of the tape library.
Not so, countered Simon Anderson, Tandberg's tape product manager. He pointed to LTO-4's ability to adjust its streaming speed so it can work efficiently even when its host server can't feed it at its rated 120MB/sec.
Half-height drives are the future, he said. "If you look at the LTO road map, there is no full-height LTO-5 — it will be half-height only, planned for 2010."
James agreed that the introduction of LTO-4 HH is significant — not just because it allows a library to host twice as many LTO-4 drives, but also because it can store twice as much data.
"20TB in 2U is pretty chunky," he said. "Given that a tape library generates 2% of the heat and consumes 5% of the power of the equivalent in disk storage, there's significant space and cost advantages to be had from migrating data to tape as soon as possible."
Tandberg said that a 24-slot StorageLibrary with a single IBM LTO-4 HH drive and a SCSI interface (Fibre Channel and SAS versions are also available) would sell for under $6,300. The smaller StorageLoader, with one LTO-4 HH and two magazines, each holding four tape cartridges, will sell for around $4,500, the company added.
Source: Computer World
Bryan Betts
June 09, 2008 (Techworld.com) Tandberg Data is claiming to have the fastest 2U tape library on the market after upgrading its StorageLibrary line with the latest half-height LTO-4 drives.
Tandberg says the upgraded StorageLibrary product now provides up to 123TB of compressed storage — although the 2U model has 12 tape slots for a compressed total of perhaps 20TB.
The Norwegian storage vendor has also updated its eight-slot StorageLoader — a smaller tape autoloader — with half-height (HH) LTO-4.
The compact tape drives have been available for only a few weeks, and provide a high capacity — 800GB of uncompressed data per cartridge. They allow Tandberg to fit two drives into a 2U library, so the library is about double the speed of one with a single drive, at up to 1.7TB/hour. Tandberg's larger libraries with more drives are even faster, of course.
Compared with LTO-3, the LTO-4 HH has double the storage capacity, runs 50% faster and includes 256-bit AES encryption in hardware, said Bharat Kumar, vice president of marketing and development at Tandberg. It supports nonerasable WORM tapes for long-term archiving, he added.
Meanwhile, rival tape library developer Overland Storage has poured cold water on Tandberg's speed claims.
"Performance is a bit of an odd thing to talk about, because the LTO-4 won't be the limiting factor - the bottleneck will be elsewhere in the system," said Chris James, Overland's European marketing director. He argued that the only real way to improve performance is to put a disk-based VTL (virtual tape library) in front of the tape library.
Not so, countered Simon Anderson, Tandberg's tape product manager. He pointed to LTO-4's ability to adjust its streaming speed so it can work efficiently even when its host server can't feed it at its rated 120MB/sec.
Half-height drives are the future, he said. "If you look at the LTO road map, there is no full-height LTO-5 — it will be half-height only, planned for 2010."
James agreed that the introduction of LTO-4 HH is significant — not just because it allows a library to host twice as many LTO-4 drives, but also because it can store twice as much data.
"20TB in 2U is pretty chunky," he said. "Given that a tape library generates 2% of the heat and consumes 5% of the power of the equivalent in disk storage, there's significant space and cost advantages to be had from migrating data to tape as soon as possible."
Tandberg said that a 24-slot StorageLibrary with a single IBM LTO-4 HH drive and a SCSI interface (Fibre Channel and SAS versions are also available) would sell for under $6,300. The smaller StorageLoader, with one LTO-4 HH and two magazines, each holding four tape cartridges, will sell for around $4,500, the company added.
Source: Computer World
Thursday, June 5, 2008
New McAfee Research Names Hong Kong as Most Dangerous Country Domain; Finland is Safest
SANTA CLARA, Calif., June 4 /PRNewswire-FirstCall/ - Hong Kong (.hk) domain has jumped 28 places as the most dangerous place to surf and search on the web according to a new McAfee Inc. (NYSE: MFE) report called "Mapping the Mal Web Revisited" which is released today. Hong Kong takes the mantle from Tokelau, a tiny island of 1,500 inhabitants in the South Pacific.
"Just like the real world, the virtual threats and risks are constantly changing. As our research shows, Web sites that are safe today can be dangerous tomorrow. Surfing the Web based on conventional wisdom is not enough to avoid risk online," said Jeff Green, Senior Vice President of Product Development & Avert Labs.
The second annual McAfee "Mapping the Mal Web" report into the riskiest and safest places on the Web reveals that 19.2% of all Web sites ending in the ".hk" domain pose a security threat1 to Web users. China (.cn) is second this year with over 11%. By contrast, Finland (.fi) remains the safest online destination for the second year with 0.05%, followed by Japan (.jp).
The most risky generic domain from 2007's report became more dangerous with 11.8% of all sites ending in .info posing a security threat and is the third most dangerous domain overall while government websites (.gov) remained the safest generic domain. The most popular domain, .com, is the ninth riskiest overall. The full McAfee "Mapping the Mal Web Revisited" report is available for download at www.mcafee.com/advice
Using the award-winning McAfee® SiteAdvisor® technology, McAfee analyzed 9.9 million heavily trafficked Web sites found in 265 different country (those ending in country letters e.g. Brazil .br) and generic (those ending in .net or .info for example) domains.
More here: McAfee
"Just like the real world, the virtual threats and risks are constantly changing. As our research shows, Web sites that are safe today can be dangerous tomorrow. Surfing the Web based on conventional wisdom is not enough to avoid risk online," said Jeff Green, Senior Vice President of Product Development & Avert Labs.
The second annual McAfee "Mapping the Mal Web" report into the riskiest and safest places on the Web reveals that 19.2% of all Web sites ending in the ".hk" domain pose a security threat1 to Web users. China (.cn) is second this year with over 11%. By contrast, Finland (.fi) remains the safest online destination for the second year with 0.05%, followed by Japan (.jp).
The most risky generic domain from 2007's report became more dangerous with 11.8% of all sites ending in .info posing a security threat and is the third most dangerous domain overall while government websites (.gov) remained the safest generic domain. The most popular domain, .com, is the ninth riskiest overall. The full McAfee "Mapping the Mal Web Revisited" report is available for download at www.mcafee.com/advice
Using the award-winning McAfee® SiteAdvisor® technology, McAfee analyzed 9.9 million heavily trafficked Web sites found in 265 different country (those ending in country letters e.g. Brazil .br) and generic (those ending in .net or .info for example) domains.
More here: McAfee
Subscribe to:
Posts (Atom)
