If there's a poster child for the challenges facing open source security, it may be Werner Koch, the German developer who wrote and for the last 18 years has toiled to maintain Gnu Privacy Guard (GnuPG), a pillar of the open source software ecosystem.
Stories by Paul Roberts
Insecure by design and trusted by default, embedded systems present security concerns that could prove crippling
For DuPont, Gary Min may have seemed a model employee. A research chemist at DuPont's research laboratory in Circleville, Ohio, Min was a naturalized U.S. citizen with a doctorate from the University of Pennsylvania who had worked for DuPont for 10 years, even earning a business degree from Ohio State University with help from his employer. But Min's veneer of respectability began to crack on Dec. 12, 2005, when he told his employer he would be leaving his job.
Aspiring entrepreneurs can only dream about a track record like Selina Lo's. First there was Centillion, a networking startup that Lo co-founded, and Bay Networks purchased for US$100 million in 1994. Lo's next act was Alteon, a maker of Gigabit Ethernet adapters that Lo joined in 1996 and transformed into Alteon WebSystems, a maker of content-aware switching hardware, before helping to sell Alteon to Nortel at the apex of the dot-com craze in July, 2000, for US$7.8 billion. It was a master stroke of good marketing and good timing that made Lo very wealthy.
Asymmetric warfare is hell. Sure, you may have night-vision goggles, body armor, and air support, but you're also working for a bureaucratic organization built to fight a war that doesn't look much like the one you're in. Your adversary, on the other hand, is poorly equipped, yet nimble, resourceful, and adept at spotting and exploiting the slightest weakness. So much so, you may not even know you're under attack.
The cool reception from Wall Street after EMC's announcement that it would buy RSA Security had EMC executives feeling a bit flummoxed -- like the guy who elopes, only to find out that his friends didn't like his girlfriend to begin with.
Security and quality assurance experts reacted negatively to Apple Computer's efforts Tuesday to blame manufacturing problems that resulted in iPod MP3 players shipping with a virus that affects Microsoft's Windows operating system.
When it comes to sheer IT "bling," financial services is never outshone. High margins, deep pockets, and intense competition in investment, banking, and insurance have pushed these companies to the edge of just about any technology there is. Storage, grid technology, Web services, virtualization, VOIP -- you name it, financial services companies have bought it.
Online scams that lure online banking and e-commerce customers to phony Web sites and trick them into giving up sensitive account information have been a mainstay of online criminals for years. However, the increase in so-called spear-phishing attacks is new, as is the increasing sophistication of the software they use to penetrate enterprise networks.
HD Moore has a matter-of-fact way of talking that belies his uncanny ability to draw the public eye. In just the past month, the 25-year-old Texan, who started the open source Metasploit Project in 2003, made headlines for promising to release a new bug for the Internet Explorer Web browser each day in July. By the end of July, he was in the news again: releasing a Web-based tool that uses the Google search engine to locate malicious programs.
In Part 2 of Calculating IT risk, navigating compliance, Paul Roberts continues his look at the market and hears from insiders that the right framework - both internally and for business partners - adds up to stability
No one can afford to lock down everything and comply with the letter and spirit of every regulation. So concentrate resources where liability is highest.
A software security expert warned users of Oracle Server that a software flaw could allow any user to read, modify, and delete data used by Oracle applications; he also says that Oracle may have unwittingly shown hackers how to exploit the previously unknown hole.
On-demand software vendor and Wall Street darling Salesforce.com took a hit on Friday just one day after the company acknowledged yet another service interruption which affected customers in North America.
Antivirus company F-Secure is warning mobile phone users about a new malicious software program that infects phones that use the Symbian Series 60 operating system, preventing the phones from starting.