- +
Blog: Regulatory Compliance & the Real Risk of Undetected Malware 01/02/2008 12:35:37
With the emergence of regulatory laws borne out of experience from a variety of embarrassing security breaches, today's corporate leaders face a myriad of repercussions. These range from serious fines to jail time when found not in compliance with regulations such as Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley (GLB), and Payment Card Industry (PCI), etc. - +
How to Be a Supremely Productive Person: A Chat With John Halamka 11/01/2008 10:59:10
John Halamka has two CIO titles, a family, passionate rock-climbing and wine-making interests and a major-league blog habit. We discuss his celebrity turn in a BlackBerry ad, his tips for e-mail triage, how he sleeps three hours a night and why he now understands Britney Spears.John Halamka has two CIO titles, a family, passionate rock-climbing and wine-making interests and a major-league blog habit. We discuss his celebrity turn in a BlackBerry ad, his tips for e-mail triage, how he sleeps three hours a night and why he now understands Britney Spears. - +
Your World. . . Hacked 02/10/2007 10:51:23
As your business becomes more collaborative and global, the risks to your company’s trade secrets rise proportionally. Fortunately, there are new strategies to protect the data that allows you to competeThe call to Bob Bailey, an IT executive with a major US government contractor, came on an otherwise ordinary day in October 2003. "Why are you attacking us?" demanded the caller, an IT leader with a Silicon Valley manufacturer. He wanted to know why Bailey's company had launched a denial-of-service attack against his network - +
P&L Management 101 04/02/2008 13:09:05
Now that you find yourself in charge of a revenue line, it’s time to start thinking about how to manage your new businessCIOs often yearn for new worlds to conquer. For many, the first step on that journey is to earn the right to manage a P&L. In order to achieve that goal, executives listen to their external customers, engage with the business, focus on innovation and look for new revenue opportunities. These CIOs build new business models and sell them to their CEOs. In return, they receive the keys to P&L management - +
Blog: Interview Questions To Avoid 30/11/2007 13:00:49
After reading an article by business performance management consultant and executive coach Dan Coughlin on how to handle difficult corporate situations, it struck me how that same advice does not always apply to interviewing. Coughlin recommends confronting difficult situations head-on, such as when a peer is degrading your efforts around the office. But in job interviews, being direct isn't always the right approach. Some questions and situations surface during job interviews that you simply should not discuss. I've encountered a few recently during my job search. I share them with you here to show why the direct approach didn't work, along with some advice on how to handle these scenarios.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Lessons learned: Russia's a terrible place to base your operations for a criminal enterprise, unless you like taking long vacations in Siberia. Kazakhstan and Latvia seem to be much more agreeable. Also, if someone sends you 40 large, don't wait: Turn off the damn DDoS before MI-5 gets involved.
Punked over a prank
Perp: Shawn Nematbakhsh
Status: Currently employed as a software engineer with a medical data company.
Dossier: One of the hottest technology topics of 2003 was how election systems were vulnerable. With the first presidential election since the Bush v. Gore fiasco coming up the following year, technologists were up in arms about the unreliability and untrustworthiness of electronic balloting systems, and were eager to prove their point.
Enter Shawn Nematbakhsh, computer science undergraduate at the University of California. Was he eager -- perhaps a bit too eager -- to make a point about the electronic balloting system that the university employed to hold student council elections, when he cast 800 votes for a fictitious candidate named American Ninja? Sadly, no.
"I really wasn't making any point at all," Nematbakhsh admits, debunking news reports to the contrary. "It was a senior prank, a silly thing."
The student council elections were held over the Web. Students could log in to a special page and cast their ballots for student council members and student body president. Unfortunately, the election system suffered from a serious internal weakness: "There was some input that was not bounds-checked, so using certain input you could vote as anyone," Nematbakhsh explains. "I wrote a script that would log in, cast a vote, log out, then log in again, cast another vote, and so on."
But seriously, American Ninja? "That year I remember watching that really stupid movie and talking about it with my friends, and it was the first thing that came [to mind]," he said.
Nematbakhsh says the jig was up when campus police called him in to discuss the incident. He'd told some friends about the vulnerability he had discovered in the voting system, and his name had eventually surfaced in the investigation. When asked, Nematbakhsh immediately admitted his involvement in the prank.
"I confessed to doing it, thinking it wasn't such a big deal. I thought they might fine me, or suspend me for a quarter or something," he says. That did happen, but a month later, he also faced criminal charges that could have landed him prison time.
In the end, he arranged a deal to accept a misdemeanor charge. His sentence: "I had to pick up trash on the weekends for three or four months, and pay back the cost of the election -- a couple thousand dollars."
Lessons learned: "Getting caught was kind of a wake-up call, that the Internet was not some kind of playground and I couldn't do what I wanted to all the time. I had to obey the law. The prank was not well received by a lot of people at the school."
Nematbakhsh's advice to potential election pranksters: "Things like that seem funny when you're doing them, but when you get caught, it's not much fun. I'd caution against silly pranks like the one I did."
Computerworld Member Login
Prioritizing Services with IT Service Management (ITSM)
Computerworld Live Webinar
Wednesday 20th, August 2008
11:00am EST (Sydney, Australia)
To be repeated on:
Thursday 4th, September 2008
11:00am EST (Sydney Australia)
Sign up and receive a free copy of The Forrester WaveTM Service Desk Management Tools, Q2 2008 at the conclusion of the Webinar.
Attend and discover:
- How to deliver value to your business through ITSM
- Best practice ITSM implementation
- Why emphasis is changing from optimizing IT management processes to better servicing customers and demonstrating real dollar value
- If service-oriented ITSM is best for your business
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Tumbleweed appoints O2 Networks to its Australian Channel Partner Program 2008-08-29 12:31:00+10
HP ProCurve Brings Big Business Gigabit Switching Features to Small Businesses 2008-08-29 12:00:00+10
Nortel and LG Electronics are First in World to Demonstrate Mobile LTE Handover 2008-08-29 11:30:00+10
GlobalConnect Provides Treatment for Healthcare Provider’s Contact Support Requirements 2008-08-29 09:59:00+10
Sybase and Logica Partner To Mobilise The Supply Chain 2008-08-29 09:47:00+10
Radicati Market Quadrant 2008 on Corporate Web Security
An Analysis of the Market for Corporate Web Security Solutions, revealing Top Players, Mature Players, Specialists and Trail Blazers. Read on to discover who makes the grade.
