Transcript

Sandra: Welcome to Computerworld Live for the week of October 4, 2006. I'm Sandra Rossi.

Michael: And I'm Michael Crawford. This week we cross over to a presentation at the recent Cisco networkers conference by FBI agent and former fraudster Frank Abagnale.

Sandra: We take a look at a simmering dispute between Microsoft and two security vendors, Symantec and McAfee.

Michael: And we cross over to our special tech report from North America, but first a word from our sponsor.

: Insider abuse of internet access, handheld computer theft or virus or worm infection are the top three forms of electronic attack according to the latest [inaudible] Australian computer crime and security survey. MessageLabs' new web security service ensures you are addressing these multi-channel attacks, preventing malicious code, such as spyware or Trojan to be loaded onto your company's PCs. For a full copy of the [inaudible] report, or to find out why organizations including Virgin Blue, Crispy Creme, Colonial First State and New South Wales Health entrust Massage Labs with their virus, span and spyware protection. Call MessageLabs today on 02 8208 7127. That's 02 8208 7127.

Michael: IT managers are divided over a simmering dispute between two major security vendors and Microsoft. The dispute is over Microsoft's patchguard technology, which prevents access to the 64-bit Windows kernel. Security software vendors, Symantec and McAfee, say the patchguard technology prevents the use of certain features in third party tools that would make Windows safer from hackers.

Sandra: And the security vendors aren't mucking around either. McAfee has taken out a full-page advertisement in London's Financial Times newspaper, charging that Microsoft's use of patchguard is anti-competitive behaviour.

Michael: Yeah, and it's a bit of a double-edged sword too. IT managers who have commented on the dispute rightly point out that Microsoft got blamed in the past for not being able to better protect their customers and now that they are moving forward, everyone starts blaming them again for being a monopoly.

Sandra: Yeah, I mean the patchguard technology is already included in 64-bit versions of Windows XP and Windows 2003 and it will be included in the 64-bit version of the next generation Windows Vista operating system, which is due out by early next year.

Michael: Yeah, look, Microsoft has responded to the dispute. Stephen Tulouise, our Senior Product Manager in Microsoft's security technology unit said that in the 32-bit version of Windows, there has always been these undocumented and unsupported ways of modifying the kernel while it is running. He said such access introduced stability problems, performance problems and security problems.

Sandra: But you speak to Symantec and McAfee and they argue that restricting access to Vista's kernel hampers their ability to deliver functions such as behaviour based virus blocking and [inaudible] detection. They also maintain that hackers have already gained access to the kernel of 64-bit Windows systems, that are already shipping. A spokesperson for McAfee suggested that Microsoft at least allow security vendors to access the Vista kernel. She contended that giving security vendors access to 32-bit versions of Windows, has led to the development of sophisticated security technology.

Michael: Yeah, end users who spoke to Computerworld tended to agree with McAfee. CIO Dave Jordan said that as the use of 64-bit Vista spreads, patchguard could limit choices for users. He doesn't believe the genesis of current exploits comes from kernel access and is given to security vendors. Jordan is shocked information is not being shared with the top name security vendors.

Sandra: But then you know, you speak to other users, and they have a totally different view. Lloyd Hessen, Chief Security Officer at BT Radiants said, patchguard appears to be a response to critics calling for these kinds of features in Microsoft operating systems. He delivered a great quote, he said, I don't think you'll find a lot of sympathy for Symantec and McAfee. They made their millions off other people's ill fortune. He predicted that as more security features are bundled into Vista, some of today's stand-alone security products will become irrelevant. And this is his quote, it's a positive for users, he said, but it sucks to be a Symantec.

Michael: And now we cross over to our special broadcast with Frank Abagnale, taken at the Cisco networkers forum last week.

: At 15, I was six foot tall, I've always had a little grey hair since I was about 15. My friends in school used to say that once a week when we wore a suit to school, I looked more like a teacher than a student. So I decided to lie about my age. At the age of 16 in New York, I had a driver's licence. Back then they didn't have pictures on them. It was an ID card, so I altered one digit on my date of birth. I was actually born in April 1948, but I converted the four to a three and that made me ten years older, or 26 years old. I walked around applying for the same type of work, people gave me a little money, a few more hours but even then, that was difficult to make ends meet. One of the few things I had taken when I left home was a chequebook. My father had opened a cheque account for me when I was about 15 at a small community bank. I had a little money in the account so every so often I would write a cheque to supplement my income, $10, $15, funds were there, cheques were good but it was my friends, my peers, who would say to me, you know, you're the only guy who walks into a bank in the middle of Manhattan, you have no account there, you don't know a soul, you go and talk to somebody behind the desk and they okay your cheque. Well when my cheques were good, if I walked in that bank, they wouldn't touch my cheque. You walk in, they don't bat an eye. Years later reporters would write and say that it was my upbringing, mannerisms, dress, appearance, speech. Whatever it was, was very easy to do so consequently when the money ran out, I kept writing those cheques. Of course the cheques started to bounce, the police were looking for me as a runaway, the bad cheques, I thought maybe it was a good time to start thinking about leaving New York City. But I was quite apprehensive about going to Chicago, Miami, wondered if they'd cash a New York cheque on a New York driver's licence in Miami as quickly as they did in Manhattan. I was walking up 42nd Street one afternoon about 17:00 in the evening, 16 years old, pondering all these things, when I started to approach the front door of a big hotel called The Commodore Hotel, now the Grand Hyatt, and just as I was about to get to the front door of the hotel, out stepped an Eastern [inaudible] group onto the sidewalk. I couldn't help but notice the captain, the co-pilot, the flight engineer, about three or four flight attendants dragging their bags to the curb, the loading of the van to take them to the airport. As they loaded the van, I thought to myself, if I could pose as a pilot, I could travel all over the world for free, I could probably get just about anybody, anywhere to cash a cheque for me. So I walked up the street a little further, 42nd and parked. I went to cross over but I heard a huge helicopter so I looked up and there was New York Airways landing on the roof of the Pan Am building. Pan Am, the nations flag carrier, the airline that flew around the world, I thought what a perfect airline to use. So the next day I had placed a phone call to the Executive Corporate Officers of Pan Am. When the switchboard was ringing, I had absolutely no idea what I was going to say when they answered, Pan Am American Airlines, good morning, can I help you? Yes, Ma'am, I'd like to speak to somebody in the purchasing department. Purchasing? One moment and the clerk came on and said [inaudible] my name is John Black, I'm a co-pilot for the company [inaudible] San Francisco, I've been with the company about seven years, never had anything like this happen before. What's the problem? Well we flew [inaudible] yesterday, we're going out today, I sent my uniform out to the hotel yesterday to have it dry-cleaned. Now the hotel and the cleaners say, they can't find it. Here I am with a flight in about four hours, no uniform. Don't you have a spare uniform? Certainly, but I come from San Francisco, I'd never get it here for my flight. Do you understand that this would cost you the price of a uniform, not the company? I understand. Hold on, I'll be right back. And he came back and said, my supervisor says you need to go down to the [inaudible] Uniform Company, around 5th Avenue, there our supplier. I'll call them and let them know you're on the way. That's exactly what I wanted to know so I went down to the [inaudible] Uniform Company, little fellow, Mr Rosen fitted me out in uniform. Back then, they were black [inaudible] with three gold stripes on the arm [inaudible] the co-pilot, the grey hair, I certainly looked old enough to be the pilot. When he was all done, I said, how much do I owe you? Well the uniform's $286. I said, no problem, I'll write you a cheque.

Michael: And now onto our tech report from North America.

: Former Hewlett Packard Chairman, Patricia Dunne, made a brief court appearance Thursday, in California. She and four others face state charges of fraudulent wire communications, wrongful use of computer data, identity theft and conspiracy. The judge scheduled her arraignment for November 17th when she will enter a plea in the case. Also making an initial court appearance earlier in the day was Kevin Honsecker. HPs former ethics council, who surrendered was booked and was scheduled for arraignment December 6th. Three private investigators hired by HP to investigate a suspected leaks to news media by HP directors were also charged Wednesday, but since they are from out of state, their court appearances will likely occur sometime next week. Toshiba plans to put the cell processor sitting at the heart of the Playstation three and to mobile devices and cell phones. A roadmap with the processor on display at this week's C-tech show in Japan, shows a more powerful version of the chip under development for 2007. While details of the chip were not available, a source close to Toshiba said that the new device will be manufactured using more advanced 65-nanometer production technology. The current chips are being made on a 90-nanometer line and the switch will mean lower power consumption and increased performance. Next Tuesday, Microsoft plans to issue ten security updates to stop hackers exploiting unpatched vulnerabilities in Windows and Office. The updates are for critical flaws that could be exploited by attackers with no action on the part of users. Microsoft generally issues its security patches on the second Tuesday of every month, but last week the company was forced to issue a rare out of cycle security patch after criminals began exploiting a flaw in Internet Explorer's vector mark-up language, rendering engine. European and US negotiators have finally agreed on how to share information about airline passengers flying to the US from Europe. The new deal allows many more US government agencies to access the data. The agreement replaces one that was thrown out on a technicality by Europe's top court in May and it comes as a relief to airlines. Without the pass, the airlines would be in legal limbo. They would have faced fines and the possible loss of landing [inaudible] in the US if they didn't provide the information. But they would have faced data protection lawsuits in Europe, if they did make all the US required disclosures.

Sandra: That's it for the show this week.

Michael: Thanks for joining us.

Sandra: And we'll be back again next week.

Michael: Bye.

Sandra: Bye.