- +
Adobe launches hosted services, adds Flash to Acrobat 03 June, 2008 09:02:44
Adobe to launch Web site offering users free hosted services for document creation, sharing and storageAdobe this week is set to unveil the next version of its Adobe Acrobat software, which adds support for the company's Flash multimedia technology. The company also plans to launch a new Web site offering users free hosted services for document creation, sharing and storage.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Newsletter Subscription
Eliminate All Coding Errors Within Two Years
Mary Ann Davidson, CSO of Oracle and champion of the quality coding movement, says she's tired of coders arguing that their jobs are too creative to eliminate errors such as buffer overflows - that coding's an art, not a science. She applauds ethical hacking, where developers attempt to break software before selling it. Davidson says some schools now divide developer classes in two, a green team for writing code and a red team for breaking it. The application's relative security becomes part of its final grade. "Why isn't that standard development process?" she asks.
Davidson knows that, with billions of lines of legacy code and billions more in development, eliminating all coding errors is quite a lofty goal. But, "We need goals, right?" she says. And if doing that means limiting the freedom and creativity of coders, Davidson says, so be it. "We should be marching toward a realm where it's harder for people to create vulnerabilities. We need a revolution," she says.
Pry PCs from Their Cold, Dead Hands
Guns are dangerous; therefore, we license them. We give them unique serial numbers and control their distribution. James Whittaker says programmable PCs are dangerous, so why not treat them like guns?
"Let's make all end-user devices nonprogrammable," he says. "No one can connect to the Internet on a machine that creates code. If you want a computer to do programming, you would have to be licensed. We could license software companies to purchase programmable machines, which would be completely traceable along with the code created on them."
That would blunt the information security problem - suddenly all that intelligence at the edge of the network that Amoroso wants to pull back in isn't just gone; it's physically stripped. On the other side, new levels of accountability and liability are created through licensing developers and eliminating anonymity from coding.
Catch Some Bad Guys
Time and again, security types bemoan the light sentences hackers get. If the penalties were harsher, perhaps people wouldn't be so fast to spread their malicious code.
But penalty is not a deterrent; arrest is. Right now, the bad guys know the risk equation is favourable - that it's extremely unlikely they will be caught. A higher capture rate would dissuade them.
Creating higher capture rates has a lot to do with anonymity on the network - or, more specifically, removing it. Many of the Big Ideas in this space propose less anonymity - licensure, for example. Microsoft's Charney wonders what effect automatic traceback packets - knowing quickly and reliably where data came from - would have. "It's an astounding thought," he says.
And then, he immediately comes up with the problems it presents. Traceback tells you where, not who. And privacy issues get thorny quickly. "Can you use the highway anonymously?" Charney asks. "No. But you also can't be stopped for no reason. More complicated than that, the US Supreme Court has already ruled that you can't force someone to attach their name to political speech if they don't want to. So do you create an anonymous part of the Internet to ensure free speech? And if so, what stops bad guys from just using that?"
Still, if privacy issues could be worked out, and capture rates went up, attempted attacks would go down.
Call the Cybercops
Part of increasing capture rates would have to include better policing. To help this, Bill Boni, CISO of Motorola, has come up with the Big Idea of a cybersecurity version of Interpol. "The problem with existing collaboration on cybercrime is, it's episodic and it ignores the fact that investigation requires the significant participation of the private sector." With a "Cyberpol", you could license private eyes and forensic experts who not only would facilitate the cooperation but also would improve response time, as there already isn't enough law enforcement for cybercrime.
"Every railroad has its own police who don't have to call for backup if you're doing something wrong on their property," Boni says. "In Canada, law enforcement has simply outsourced white-collar crime investigation to licensed private investigators. The Mounties just said: 'We can't deal with it. You investigate, and if we need to be called in, then bring it to us'."
A Cyberpol would facilitate international cooperation on investigations as well. That's key, as many virus writers live and work overseas, under the cover of fuzzy international law and law enforcement agencies with varying appetites for investigating cybercrime.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
Cutting Through the Spin of Recent Vulnerability Disclosures 13 October, 2008 10:53:00
The FUD surrounding the ClickJacking and TCP/IP vulnerabilities has the world seemingly frozen in fear. But once you cut through the spin, the vulnerabilities aren't all that they were made out to be.There are a few highly publicised vulnerabilities at the moment which haven't completely been disclosed and which, it is claimed, could threaten the whole Internet as-we-know-it. Only, when the vulnerabilities are finally disclosed, it seems that the whole incident has been somewhat Chicken Little. - +
PCI app security: Who's guarding the data bank? 13 October, 2008 11:09:00
Compliance strategies for PCI's new application security requirementsWhile Willy Sutton never really said it, the truth is that people rob banks because that is where the money is. Today's criminals don't walk into banks with loaded guns and get-away drivers. Rather they connect from a remote location using a browser and are armed with hacking tools and spyware. - +
Data-center security tools to not overlook 10 October, 2008 11:37:00
With the rise of security suites, it's time to consider some emerging security tools and rethink othersProtecting a corporate data center is like trying to keep an elephant safe from a swarm of flies. Despite your best efforts, bites happen. As the staples of security -- such as firewalls, antivirus software, spam and spyware filters -- come together in suites of products that allow for sophisticated management, there are other security tools either emerging or worth a rethink. - +
IBM, Secret Service, others study identity/cybercrime issues 09 October, 2008 10:09:00
Center for Applied Identity Management Research organization teams experts in criminal justice, financial crime, biometrics, cybercrime and cyberdefense, data protection, homeland security and national defense.IBM, LexisNexis and the Secret Service are among a group of corporations, government agencies and academic institutions that has formed to study and help solve identity management challenges around cybercrime, terrorism and narcotics trafficking. - +
Strange account management at Amazon 09 October, 2008 09:51:00
A careless login led to the discovery of some strange ccount management practices at one of the Internet's largest retailers.Via the RISKS mailing list comes an interesting tale of poor online account management at a major online retailer. According to Graham Bennett, accounts with Amazon display an odd behaviour that doesn't seem to have attracted much attention in the past.
Fujitsu PC targets Today's Young Adults with the release of the L series 14 October, 2008 12:40:00
Sound Alliance Group expands with acquisition of Mess+Noise 14 October, 2008 08:48:00
Sterling Commerce Introduces New Managed File Transfer Capabilities That Cuts Server Change Management Time in Half 14 October, 2008 08:41:00
Doncaster research software company’s global contribution honoured at tonight’s Victorian Export Awards 13 October, 2008 22:30:00
Acronis True Image 2009 makes protecting home computers easier than ever 13 October, 2008 14:10:00
|
||
|
||
|
|
||
|
CRM your salespeople will love
Winning over the sales department and obtaining buy-in at all levels is crucial to the success of any CRM initiative. Discover how you can let salespeople work how they want to and reduce their administrative burden with the latest CRM technology.
Subscribe to CIO
