Stories by Paul Roberts

Beware the next circle of hell: Unpatchable systems

Insecure by design and trusted by default, embedded systems present security concerns that could prove crippling

Secure your enterprise data

For DuPont, Gary Min may have seemed a model employee. A research chemist at DuPont's research laboratory in Circleville, Ohio, Min was a naturalized U.S. citizen with a doctorate from the University of Pennsylvania who had worked for DuPont for 10 years, even earning a business degree from Ohio State University with help from his employer. But Min's veneer of respectability began to crack on Dec. 12, 2005, when he told his employer he would be leaving his job.

Future growth demands wireless ISPs

Aspiring entrepreneurs can only dream about a track record like Selina Lo's. First there was Centillion, a networking startup that Lo co-founded, and Bay Networks purchased for US$100 million in 1994. Lo's next act was Alteon, a maker of Gigabit Ethernet adapters that Lo joined in 1996 and transformed into Alteon WebSystems, a maker of content-aware switching hardware, before helping to sell Alteon to Nortel at the apex of the dot-com craze in July, 2000, for US$7.8 billion. It was a master stroke of good marketing and good timing that made Lo very wealthy.

Future-proof your IT security

Asymmetric warfare is hell. Sure, you may have night-vision goggles, body armor, and air support, but you're also working for a bureaucratic organization built to fight a war that doesn't look much like the one you're in. Your adversary, on the other hand, is poorly equipped, yet nimble, resourceful, and adept at spotting and exploiting the slightest weakness. So much so, you may not even know you're under attack.

EMC: Vendor cooperation key to data security

The cool reception from Wall Street after EMC's announcement that it would buy RSA Security had EMC executives feeling a bit flummoxed -- like the guy who elopes, only to find out that his friends didn't like his girlfriend to begin with.

Excuses on iPod virus not credible

Security and quality assurance experts reacted negatively to Apple Computer's efforts Tuesday to blame manufacturing problems that resulted in iPod MP3 players shipping with a virus that affects Microsoft's Windows operating system.

Financial services: High pressure, performance

When it comes to sheer IT "bling," financial services is never outshone. High margins, deep pockets, and intense competition in investment, banking, and insurance have pushed these companies to the edge of just about any technology there is. Storage, grid technology, Web services, virtualization, VOIP -- you name it, financial services companies have bought it.

Building smarter authentication

Online scams that lure online banking and e-commerce customers to phony Web sites and trick them into giving up sensitive account information have been a mainstay of online criminals for years. However, the increase in so-called spear-phishing attacks is new, as is the increasing sophistication of the software they use to penetrate enterprise networks.

The mind of HD Moore

HD Moore has a matter-of-fact way of talking that belies his uncanny ability to draw the public eye. In just the past month, the 25-year-old Texan, who started the open source Metasploit Project in 2003, made headlines for promising to release a new bug for the Internet Explorer Web browser each day in July. By the end of July, he was in the news again: releasing a Web-based tool that uses the Google search engine to locate malicious programs.

Framed!

In Part 2 of Calculating IT risk, navigating compliance, Paul Roberts continues his look at the market and hears from insiders that the right framework - both internally and for business partners - adds up to stability

Calculating IT risk, navigating compliance

No one can afford to lock down everything and comply with the letter and spirit of every regulation. So concentrate resources where liability is highest.

Oracle Server flaw sparks warning

A software security expert warned users of Oracle Server that a software flaw could allow any user to read, modify, and delete data used by Oracle applications; he also says that Oracle may have unwittingly shown hackers how to exploit the previously unknown hole.

Salesforce.com takes hit after another outage

On-demand software vendor and Wall Street darling Salesforce.com took a hit on Friday just one day after the company acknowledged yet another service interruption which affected customers in North America.

Antivirus company warns of new Symbian Trojan

Antivirus company F-Secure is warning mobile phone users about a new malicious software program that infects phones that use the Symbian Series 60 operating system, preventing the phones from starting.

Fewer permissions are key to Longhorn security

Software engineers who attend Microsoft's annual Windows Hardware Engineering Conference later this month could get their first taste of a new Windows user permissions model that could change the way thousands of programs are developed and run. But as the company prepares for the final Longhorn development push, questions remain about its plans for a new user privileges model called Least-Privilege User Account, or LUA.