Keeping PCs Safe on the Internet

PC Security Journal

Subscribe to PC Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get PC Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Top Stories

First, everyone needs to calm down. Twitter.com itself was not breached. According to Evan Williams as quoted in a TechCrunch article, the attack did not breach Twitter.com or its administrative functions, nor were user accounts affected in any way. So everyone can just stop with the “Twitter needs to revamp its security!” and “Twitter isn’t secure” headlines and articles because it’s not only blatantly wrong, it’s diverting attention that should be devoted to the real problem: e-mail and account self-service. THE E-MAIL FACTOR What was compromised remains somewhat of a mystery. Following through the TechCrunch article to a blog on the same subject reveals some interesting details, however. A screen shot of what appears to be an internal memo to Twitter employees requires a change in passwords (along with instructions on improving the strength of said passwords) b... (more)

Visualizing the Boundaries of Control in the Cloud

Cloud Security Journal on Ulitzer Two weeks ago, I delivered a webinar about new security models in the cloud with Anne Thomas Manes from Burton Group. Anne had one slide in particular, borrowed from her colleague Dan Blum, which I liked so much I actually re-structured my own material around it. Let me share it with you: This graphic does the finest job I have seen of clearly articulating where the boundaries of control lie under the different models of cloud computing. Cloud, after all, is really about surrendering control: we delegate management of infrastructure, applications, and data to realize the benefits of commoditization. But successful transfer of control implies trust–and trust isn’t something we bestow easily onto external providers. We will only build this trust if we change our approach to managing cloud security. Cloud’s biggest problem isn’t securi... (more)

SaberSource Is Now an Authorized Reseller of Google Apps

Google News on Ulitzer SaberSource announced its partnership with Google to resell and support Google Apps. Google’s powerful communication and collaboration tools can make projects faster and easier by allowing customers to collaborate more effectively with shared calendar and documents, as well as the ability to access data from anywhere, even from mobile devices and without the need for additional software or hardware to install and maintain. “We are excited about the prospects of Cloud Computing and the flexibility Google Apps brings to our customers,” said Jeffrey Lipson, SaberSource Founder and Chief Operating Officer. “Telecommuting and mobility have changed the way our customers work. Google Apps is an important way we can meet these challenges. Consumer applications such YouTube, Picasa, Blogger, Facebook and Twitter have changed the way people create, stor... (more)

OSSI Shares Its Open Source Vision Across Government Technology Systems

“Our common interest in open source solutions has enabled OSSI to put together an all-star team of Government, commercial and community partners,” said John Farrell of HP/Fortify, OSSI's volunteer chairman and Chief Information Security Officer, as OSSI named several new members to its Industry Advisory Board. “OSSI was founded in 2001 based on the idea that one day, the technological strength and efficiencies of the open source model would find its ideal fit within Government systems," Farrell continued. For more than a decade, said Farrell, OSSI has been sharing the vision of open source across government technology systems. He added: "I believe that time has come. It is truly exciting to be a part of the open source experience.”  New Board members include: Bill Bacci of HP Federal; Dr. William Grossmann of Global Projects Design; AJ Jaghori , former CTO of L-3 Stra... (more)

Forecasting the Future of IT Is Scary

On December 16, 2013, our friends over at Compare the Cloud wrote a blog called “The Day Computing Changed Forever – and We All Missed it.” The blog centered on what the future of the Cloud could hold for society. Ironically enough, the post was published on the same day that Google (pictured below) announced it’s new line of products – four legged military machines. SkyNet anyone? Anyway, in the post our friends over at Compare the Cloud set the stage for what the future of the Cloud and IT in general could look like. From operating in the world via customized avatars, to fitting an entire data center within the space of a few specs of DNA to human clusters providing science with answers beyond current imagination, our friends at Compare the Cloud lay out a very interesting vision for the future. That said, we are going to use this space to, point-by-point, decon... (more)

Companies Exposed As 5 in 6 AntiVirus Solutions Fail To Identify Threats

Monday 24 March, 2014 London UK, Monday 24th March 2014 – Businesses across the globe are becoming dangerously exposed to increasing cyber threats as almost 85% of the world's leading AntiVirus solutions are constantly failing to identify emerging threats. With an increasing level of technological solutions becoming implemented across the everyday operations of businesses everywhere, cyber-crime is quickly becoming the most prevalent risk to companies, their data, assets and customers. With leading AntiVirus vendors providing an inadequate level of protection for both individuals and businesses alike, the risk to company and client data is being left open to compromise on a daily basis. In addition to more sophisticated IT systems and cloud based computing, the huge increase in personal devices being used in the workplace means the potential for malicious attacks has ... (more)

Comodo Security Freeware Is Editor's Choice

Comodo Security Solutions, Inc., is proud to announce that Comodo Internet Security has won the 2009 Techsupportalert.com "Editor's Choice" award for Free Vista 64-bit Software. "This editor's choice award is only given to the best product in its category, so this is an honor," said Rik Mayell, Category Editor at Gizmo's Techsupportalert Comodo Internet Security protects computers online. Its first line of defense is a firewall with Host Intrusion Prevention System, combined with a constantly-updated antivirus database. Comodo offers this powerful protection to all Internet users free of charge. Techsupportalert is a community-based website which calls itself the Wikipedia® for freeware. Visitors there can find and download free software. Volunteers at the site help the visitors select the software that best meets their needs. "Thanks to the kind people of Techsup... (more)

IBM Smart Business #CloudComputing Press Release (DRAFT)

*** DRAFT - UNDER EMBARGO UNTIL JUNE 16, 2009 at 12:01AM ET Published here after NY Times broke the embargo IBM Readies Cloud for Business New Choices to Automate and Simplify IT for Inefficient Business Tasks ARMONK, NY – JUNE 16, 2009 – IBM today introduced the industry’s first set of “cloud” services and integrated products for the enterprise. This will give clients a reliable way to standardize IT functions that are rapidly becoming too costly or difficult to use. Based on nearly two years of research and hundreds of client engagements, the IBM Smart Business cloud portfolio is meant to help clients take complex business processes and turn them into simple services. To accomplish this, Smart Business brings sophisticated automation technology and self-service to specific digital tasks as diverse as software development and testing; desktop and device management;... (more)

Excuse Me But Is That a Gazebo On Your Site?!

There are few things in reality that can match The Gazebo in its ability to evoke fear and suspicion amongst gamers. The links on your web site may be one of them. In the history of Dungeons and Dragons there exists the urban legend known to all as “The Gazebo.” The Gazebo, over the years, has become a gaming euphemism for a situation in which people over analyze and overestimate the risk involved with interacting with some “thing”. In the case of The Gazebo the “thing” was, as you might guess, a gazebo. Yes, a simple wooden structure placed in gardens where lovers meet under the moon and all that. A player, according to legend, would not believe this simple gazebo was not dangerous. So he attacked it and, failing to elicit a response, eventually decides to run away. The DM (Dungeon Master), having been frustrated by the waste of time that was the encounter, decide... (more)

Creating and Manipulating Your SQL Azure Database

So after the long and torturous wait, you're now in the SQL Azure CTP and you are ready to get the ball rolling with your fabulous, shiny new cloud-based SQL database server. Now what? Well, the first thing you're going to need to do is create a database. To do that, you'll go to sql.azure.com and follow the directions to sign in - if you haven't already supplied the invite key you'll need to supply it after you sign in the first time. Select your project and click on it. At this point you'll see a pretty sparse management screen with two tabs: databases and firewall settings. On the database tab, create a new database (its up to you whether you create a 1GB or a 10GB max database). After you've created it, you'll be able to click the Connection Strings button to get an ADO.NET connection string for the database as well as an ODBC connection string. That's great, bu... (more)

Upgrading WLS Using the Oracle Smart Update Utility

Oracle Journal on Ulitzer Oracle provides the Smart Update utility to upgrade WebLogic Server installations between versions, or to apply specific patches applied by Oracle Support. This post considers upgrading a 10.3.1 server to 10.3.2, not applying patches. As usual your mileage may vary so be diligent in checking these instructions beforehand. The Oracle Smart Update utility is documented here. The general steps to run the Oracle Smart Update utility and upgrade the server are as follows: 1) Ensure your WLS and any managed servers are not running. In turn it would be a good idea to backup your server before running this procedure, in particular if it's a production server. 2) (For whatever reason I couldn't invoke the following utility from Windows Explorer, so I had to invoke it via the command line) 2.1) Under Windows open the command prompt at \utils\bsu... (more)