|
|
|
 Related Articles
|
|
|
|
| |
New owners look to sign commission deals with agents |
| |
|
| |
| |
ABTA Travel Convention special report: Consortium considers position after buy out |
| |
|
| |
| |
Major independent agency consolidation signalled as Stella becomes major UK force |
| |
|
| |
| |
Japanese researchers claim to have found a way to control a computer character by thinking about it. |
| |
|
| |
| |
For all those taking part in the One Laptop Per Child "Give One Get One" program, ever wonder where those donated laptops are going? I wondered the same thing. Here's what I found out. |
| |
|
| |
| |
Critical vulnerabilities in common PC software, including both applications and operating systems, continue to grow in number and stand as the leading cause for concern in the IT security landscape today, according to training experts at the SANS Institute.Holes in so-called client-side applications, including Web browsers, e-mail clients, productivity suites, and media players, have become particularly worrisome over the last year, according to SANS, which highlighted the issue as part of its annual report on the top 20 Internet security risks for 2007.As hackers have shifted their attention further away from operating system flaws and drilled down to applications-layer vulnerabilities they have found a seemingly endless wealth of possibilities for infecting PCs with everything from spyware to botnet programs, SANS researchers contend.Unless something can be done to improve software developers' coding habits or better test popular applications for such issues before they land on end-users' machines, attackers will be able to continue their successful assaults against enterprise networks and devices for the foreseeable future, said Rohit Dhamankar, project manager for the Top 20 report at SANS and a senior manager of security research for TippingPoint.?"There's just been such a dramatic rise in the numbers of vulnerabilities found in applications like Internet Explorer and Microsoft Office and a number of media players that attackers are having their way," said Dhamankar. "Enterprises are bolstering security, but desktop users still pose a massive risk if they can download anything they want from the Web; the attacks are also growing in sophistication to the extent that many can defeat antivirus and other security systems primarily by obfuscating their code."Some of the most powerful tools that hackers have adopted in hunting for potential targets are the same industrial-strength applications fuzzing tools that software vendors themselves are using to search for holes in their products, said the expert.Enterprises could do themselves a favor by enforcing stricter policies that dictate the types of applications that end-users are allowed to put on their work machines and using technical means to ensure that those rules are being followed, Dhamankar said.Other SANS researchers noted that while companies may not want to tell end-users that they cannot utilize media players, messaging clients, and other applications that have moved into the business world from the consumer sector, they could help themselves out by limiting the variety of client-side applications that people may choose from."IT departments can't focus on all the applications of the world, but they can choose several and keep their eye on those while allowing end-users some freedom," said Amol Sarwate, research manager at Qualys who studies vulnerability patterns for SANS. "What companies need to do is enforce standards for applications usage and utilize technical means to block unwanted software, devices, and even wireless access points."While many businesses have already realized that they need to shift more of their efforts toward defending client-side vulnerabilities, most have failed to embrace a proactive approach versus simply keeping track of publicly-reported flaws and patching those issues said Sarwate.Enterprises need to think about future security issues
It will be particularly important for firms to examine the additional security issues that will be introduced in the coming years with broader adoption of technologies including VoIP (Voice over IP), according to the expert."The key is for people to start thinking ahead of these client-side vulnerabilities to understand what the next big thing may be. Things like VoIP need to be examined for their security implications," said Sarwate. "Many companies are already adopting these tools because of all the advantages they offer, but there will be many attacks carried out against these systems as well."Among the advice that SANS is offering organizations hoping to improve their client-side security coverage is to mandate secure configurations at installation time for all applications, to constantly verify patching and upgrading of both applications and system software, to scan for new vulnerabilities frequently, and to keep their security systems up to date.Other leading areas of concern highlighted by SANS in its report included critical vulnerabilities in Web applications that allow for cross-site scripting attacks or for computers to be otherwise compromised simply by pointing their browsers at poisoned URLs."Gullible, busy, accommodating computer users," including executives, IT staff, and others with privileged access also remain a major weak point for enterprise security, according to SANS, as these seemingly more seasoned users of computers and software are still falling for increasingly targeted spear-phishing campaigns in large numbers.One of the best ways to educate users about the problem is for organizations to create fake spear-phishing threats and send them out to internal users to determine which individuals might be most likely to fall for the schemes and follow up with additional training, the group said.Critical vulnerabilities in the software and systems that provide the operating environment and primary services to computer users, or server-side software, remain another area of leading concern, according to SANS.Problems in Microsoft Windows services, Unix and Mac OS services, back-up and AV programs, management servers, database software, and VoIP technologies in particular are proving troublesome, according to the report.Many of those issues can be addressed by following the same advice offered for solving client-side vulnerabilities, SANS said in the research. |
| |
|
| |
| |
Memory maker Micron Technology on Wednesday introduced a line of solid-state drives (SSDs) and said it would plug the technology into portable storage devices by mid- to end 2008.Micron's new RealSSD hard drive, announced at an event in San Francisco, will come in sizes of 1.8 inches and 2.5 inches with storage capacities of 32GB and 64GB. Micron also announced embedded SSD modules for blade servers with storage capacities of 1GB to 8GB.Purported by many to be the future replacement of hard drives, the growth of SSDs has been stymied by high pricing, longevity, and storage issues. However, the power-efficient and ruggedness of SSDs may attract users, said Dean Klein, vice president of memory system development at Micron.RealSSD is 50 percent lighter than standard hard drives, and at under 2 watts of power consumption, the drives will be ideal for laptops, Klein said. The drives also support the SATA II interface, a standard typically used to connect hard drives to computer systems.With no moving parts, RealSSD drives also have a rugged design and store data reliably. They handle vibrations and resist shock better than rotating media, Klein said.Despite multiple advantages, SSDs may not replace hard drives as storage devices in the near future, he said. SSD technology is under development, and some markets are sensitive to price-per-gigabyte of SSDs, Klein said.SSDs currently cost between $7 and $10 per gigabyte, making them much more expensive than hard drives, which cost $0.20 to $0.30 per gigabyte, according to data from research firm iSuppli.Initial consumers for RealSSD could be OEMs or enterprises, which look for reliability and high data throughput, and laptop consumers, which require portability and power efficiency, Klein said.RealSSD drives could reach consumers in the form of portable storage devices or ExpressCards by mid- to end 2008, depending on consumer demand, Mark Adams, Micron's vice president of digital media said in an interview. An ExpressCard fits in a laptop's PCMCIA slot.Sending SSDs to consumers immediately is questionable as the emerging technology hasn't proven itself yet, Adams said. There is a risk in being first-to-market if the product doesn't sell, which will build up unnecessary inventory of SSDs. Instead, Micron will try to get feedback from OEMs that include SSDs in their products and develop devices accordingly, Adams said.Micron sells portable consumer storage devices through Lexar Media, which it acquired last year.There are already a few vendors that include SSDs in their hardware. Aurora, a gaming systems manufacturer, includes them in its Area-51 ALX and Aurora ALX desktop PCs, and Toshiba includes SSDs in its laptops. |
| |
|
| |
| |
IBM is suing Shentech for selling laptop batteries that catch fire and sport allegedly fake IBM logos.The suit, filed Nov. 20 in the U.S. District Court for the Northern District of Ohio, accuses Shentech of trademark infringement, false advertising, unfair competition, and deceptive trade practices.IBM says that a consumer in Ohio bought a battery from Shentech for a ThinkPad laptop. The battery overheated and caught fire, causing damage to the laptop, IBM said. The user reported the problem to Lenovo, which licenses the IBM trademark. After examining the faulty battery, IBM discovered that it was not a genuine IBM battery, the company said in the suit.IBM then ordered 12 batteries from Shentech and found them all to be fakes, IBM said.IBM asks the court to require Shentech to turn over all of the batteries so that IBM can destroy them. IBM also asks for all the profits that Shentech earned from the sale of the batteries. In addition, IBM wants treble damages or $1 million per counterfeit mark per type of item sold.The Shentech.com Web site continues to list ThinkPad batteries for sale as well as a host of other electronic devices and components. Shentech appears to be a Web-only operation with a mailing address in Flushing, New York. It describes its secret to success as its "ability to provide cutting edge computer technology parts at bargain prices."No one from Shentech could be reached immediately for comment. |
| |
|
| |
| |
U.S. employers may have noticed a slight spike in productivity Wednesday as a computer glitch blocked access to online reviews site Yelp.com.The outage lasted from around 9 a.m to 11 a.m. Pacific Time, and blocked visitors from some companies, including Bank Of America, Kaiser Permanente, and Visa, according to posters at Yelp's discussion forums. Access at IDG's West Coast offices was also blocked.Yelp is a popular source of user-generated restaurant, entertainment, and business reviews in the Bay Area, and some companies have blocked access to the site to prevent employees from reading and contributing reviews during office hours.The glitch didn't shut down the Web site, but many visitors to the site were greeted with a "403" error telling users that they did not have permission to access the server. This type of error is returned by Web servers when someone tries to visit a restricted area of the site.Yelp wouldn't explain exactly what went wrong, except to say that it was a glitch caused by an update to the Web site that was pushed out Tuesday night. Most Yelp users had no problem visiting the site Wednesday, said Yelp spokeswoman Stephanie Ichinose. "It was a very narrow isolated incident that's now been rectified."That probably comes as welcome news to some.Yelpers were at first worried that their companies had moved to block access to the popular service. "Seems like a lot of filters at work added yelp to their list of blocked sites now," wrote one poster named Euge l. "I've heard of a handful of daily day time posters in the west coast have been blocked as well as the east coast. Is this the end of day time yelp?" |
| |
|
| |
| |
The European Commission launched an in-depth investigation Wednesday into Dutch satellite navigation device maker TomTom's plans to take over Dutch digital mapmaker Tele Atlas, expressing "serious doubts" about the deal's impact on competition in the booming satellite navigation market.While many companies make portable navigation devices, Tele Atlas is one of only two makers of digital maps that offer complete coverage of Europe. The other is the U.S. firm, Navteq. Because there are only two such companies, "the proposed acquisition raises vertical competition concerns," the Commission said in a statement.The probe will examine whether the deal would push up the price of digital maps for rival portable navigation device makers or limit their access to these maps, the Commission said. It set an April 17 deadline for the probe to end.TomTom and Tele Atlas said in a joint statement they expect to have a clearer idea about whether the deal can go through by early next year. TomTom extended its offer for Tele Atlas shares until March 31, assuming it would know the outcome of the probe by then.The market for satellite navigation devices, which has emerged over the past five years, is undergoing rapid consolidation.One of TomTom's biggest rivals, U.S.-based Garmin, also tried to acquire Tele Atlas but withdrew its offer after being outbid by TomTom last month. Also last month, Finnish mobile phone operator Nokia announced plans to buy Navteq.Garmin, meanwhile, has struck a deal with Navteq, giving the device maker access to Navteq's maps until 2015. |
| |
|
| |
|
|
Related Companies |
| |
|
|
|