Wired is running a story on how the tough economy has affected security consultants and hackers. Nothing surprising here - it really extends to most specialties. A large chunk of the article deals with the story of Max Vision from whitehats.com.
Fascinating article at ZDNet on the challenges facing network architects attempting to secure and rebuild NYC's network. This is a process I appreciate much more in light of a recent contract. It's exremely difficult to design a redundant, secure network which can thwart both crackers and physical disasters. Check out the work around used below.
Wired reports on a court case with some serious ramifications. Evidently Ziff-Davis, of computer magazine fame, has agreed to pay customers who were affected by a crack $500 dollars apiece. This will definitely be something lawyers point to in future court cases. If your systems aren't secure now, they could become a legal liability later.
"It used to be enough just to patch security problems, apologize and get on with business. But this case shows that (regulators) are now watching, and if you get burned, you may have a lawsuit on your hands," said Greg Shipley, chief technology officer of Neohapsis, a Chicago-based information security company that assisted the New York authorities on the case.
The Recording Industry Association of America was the victim of a hack Wednesday, forcing network administrators to shut down the site and look for the hole in its Web server.
Actually, I'm surprised they aren't the target of constant attacks. They probably get hit hard every day.
MS and HIPAA
Interesting thread at Slashdot - is Win2k HIPAA compliant? A must read for those in the IT department of any type of health care company.
Probably not a bad idea
I'm surprised this hasn't been discussed earlier.
In an effort to secure one of its most widely used Internet networks, the Defense Department is considering constructing something more akin to an intranet.
SecurityFocus reports on Adrian Lamo, hacker nomad, getting bumped from an NBC report because he cracked a machine during the interview.
The vagabond hacker known for his drifter lifestyle and his public forays into large and poorly-secured corporate intranets sat down at a Washington D.C. Kinko's laptop station earlier this month with a freelance NBC news producer to show-off his particular style of hacking -- the 21-year-old typically uses little more than an ordinary browser, possessing an eerie knack for finding undocumented Web servers and open proxies at large organizations.
Sounds like a super sniffer.
DragNet is still being tested, but its biggest plus, according to England, is its ability to keep up with an enormous volume of network traffic. The product is designed to stream data to storage at gigabit speeds, but Network Associates didn't reveal how different-sized networks might affect speeds during operation.
A very busy day so far, but I did get a chance to read this piece from Cnet. It's part of a series dealing with security concerns. This particular article deals with the politics of privacy, worth a look.
"People pretty readily let go of privacy concerns as soon as security is involved," said Jonathan Zittrain, co-director of Harvard University Law School's Berkman Center for Internet and Society. "To the extent that the concern about privacy is a concern about abuse of information by the government...what is the greater threat, terrorism or a government run amok? People are generally going to say terrorism."
Business Week is running an interesting corporate espionage story. Nothing too high tech - stolen passwords were all they needed to get in.
OPEN, SESAME. Struck by the coincidence, Leggett says, he dug into Niku's Web access logs the next morning and discovered that someone using Internet addresses owned by Business Engine had used Niku passwords to sneak into Niku's network more than 6,000 times, downloading some 1,000 documents--including one that Leggett wrote about the planned demo for Berlin.
Hope to increase the posting this week now that I'm back in the office. I don't see too much this morning though.