spyware removal, adware removal, registry cleaner,pc tracker, anti-virus, evidence eliminator,popup eliminator, Popup blocker, pc spy,pc surveillance, computer surveillance software, keylog pro,speedmypc, winbackup, wintasks,pal solutions, li utilities, uniblue COMPUTER SECURITY NEWS




Computer Security Resources
Subscribe
Newly Found Software
Sitemap
Articles
PAL Spyware Remover
NoAdware
AdwareAlert
Spyware Cleaner
Spyware Nuker
Alert Spy
XoftSpy
PAL Popup Eliminator
PAL Emergency Response
MicroAntiVirus
PAL Registry Cleaner
Error Doctor
Error Nuker
PC On Point
Registry Cleaner32
Registry Fix
PAL Evidence Eliminator
PAL Keylog Pro
PAL PC Spy
PAL PC Tracker
OnlyMyEmail
Hard Drive Mechanic
PC Booster
SpeedUpMyPC
WinTasks
WinBackUp
IBackUp
ZoneAlarm
Insider PC Secrets

  
Add this Page to Favorites
 

NEWLY PUBLISHED COMPUTER SECURITY NEWS ARTICLES

 

Below we list recently published Computer Security News Articles.

JULY 2006

GOVERNMENT DATA THEFTS RAISE PRIVACY PROTECTION CONCERNS (BY GREG SIMMONS)

FOX News - USA

Tuesday , July 18, 2006

WASHINGTON - With a rash of massive security breaches resulting from the recent thefts of government laptops, errant information posted on public Web sites and hacks of government computer security systems, some lawmakers have reignited their call for legislation to hike penalties for unauthorized access of personal information.

"Because of this administration's recklessness and incompetence when it comes to data security and its refusal to admit and learn from its mistakes, millions of Americans - including our veterans and our active-duty service members who, at this very moment, are risking their lives in Iraq, Afghanistan and elsewhere - now have to worry about whether their personal information and the personal information of their loved ones is safe in the hands of the Bush-Cheney administration. That is not something they should have to worry about," Sen. Patrick Leahy, D-Vt., said last week.

But when the dust settles on the recent torrent of security breaches, privacy watchdogs say they are just as concerned about what the federal government is doing with the massive amounts of data it collects and uses as they are about how it plans to protect that data from falling into the wrong hands.

"It's been very clear and it's becoming more clear to the public that there are gaps in privacy protection," said Leslie Reis, an adjunct law professor at the John Marshall Law School in Chicago. She runs the Center for Information Technology and Privacy Law housed at the school and also sits on a privacy advisory board that is part of the Commerce Department.

"The law, the framework, has not kept pace with the technology and practice," she said.

The May theft of a Veterans Affairs Department staffers' laptop computer, which was recovered late last month, exposed up to 26.5 million veterans and their family members to the possibility of identity theft and fraud. Officials say no reports of identity theft yet have been traced to the stolen information.

But identity theft is just one hot-button issue that coincides with data privacy, or the lack thereof. Privacy advocates say they fear that government could keep uncomfortably close tabs on its citizens by comparing and contrasting the mountains of data it collects. And with the rapid changes in technology, an infinite number of other possibilities could surface.

"The whole purpose of privacy law is to respect the right of an individual to retain, in effect, autonomy in their lives and their dealings with government, their dealings with companies, to basically retain control of their personal information," said John Sabo, a security and privacy analyst with the company Computer Associates.

Privacy Not Protected Enough

Reis said data technology has moved from punch-card devices and storage buildings the size of football fields to wireless-transfer machines that can store volumes of information in pocket-sized drives. These changes have outpaced the 1974 Privacy Act, the most comprehensive law so far created to protect citizens against government intrusions.

Sabo, who also sits on a Homeland Security Department privacy advisory board, agreed that a host of technological developments have surpassed an array of privacy laws that have been cobbled together over time.

For instance, commercial airline passenger data is now regularly used in the government security sector. In fact, the government frequently relies on third-party data - information collected by businesses or state and local governments - to make decisions.

Additionally, commercial data aggregators glean information from public databases about as many people as possible, making more information than ever available about and to the general public. Sabo warned that no guarantees are made that any of the information collected through third parties is accurate.

Laws now regulate federal government agencies' collection of data, but third-party information is not covered. So while a federal agency in most cases must notify citizens why it's collecting data and how it plans to use it, the outside data collectors have no such obligation.

Another wrinkle exists in some government agencies' use of new radio-identification chips - radio frequency identification, or just RFID - for document tracking, building security and other measures. According to a Government Accountability Office report last year, questions have been posed about whether the chips could cause privacy problems for government employees.

All those applications of technology lead to a greater number of points along the line of transmission where a breach or a hack or a mistaken data release could occur, Sabo said.

"What was a mainframe [computer] closed environment - a mainframe behind a door, lines running from terminals, card readers, right? Essentially like a silo and stovepipe system back in the early '70s, now suddenly what are you doing? Third party cookies. Government systems ...[where a] mainframe interfaces with data to sift, to pull data from various other agency systems, or from non-agency systems, from state systems ... Data is going everywhere," Sabo said.

"Technology and practices have accelerated in the last decade to the point where ... not just security, but privacy obligations have been left behind in the dust," he said.

Where Government Should Go

Analysts say that despite all the problems posed by new technology, government agencies must strive for more efficient systems and balance fears against the risk those systems pose. A threat to a Treasury or Homeland Security Department database, for instance, should be considered more heavily than a threat of a hack to a non-critical Web site.

Top government officials are proposing short-term solutions that are aimed at filling the most prevalent gaps. The White House Office of Management and Budget recently issued a new government-wide directive on laptop security. Veterans Affairs Secretary Jim Nicholson has hired a new information security adviser and has let go a number of employees who were directly involved with his agency's breach.

Other agencies are taking more novel approaches to hammer home the need for data privacy.

Gerald Gates, the chief privacy officer for the U.S. Census Bureau, said his agency continuously struggles to consider privacy concerns in the performance of its functions. With around 10,000 employees nationwide, not including the additional workers the agency takes on for its decennial work, a constant turnover of employees need to be indoctrinated into the culture.

"For Census, privacy is critical. We depend on the public's trust," Gates said.

Since January, the Census Bureau has been running a program designed to raise employees' awareness of citizens' privacy. The agency has designed posters, bookmarks, freestanding cards that sit on cafeteria tables and computer-based Flash-presentations that pepper employees as often as possible with privacy-minded messages.

"Basically, it gives the employees the sort of awareness why ... maintaining the public's trust is so important, [and] what their role is," Gates said.

He said the public often questions how his agency presents data on its Web site, and whether people are identified individually. He said the agency will manipulate data in a way to protect individuals, but not skew aggregated data.

New concerns will need to be addressed before the next census, when the bureau sends out data collectors with wireless devices that will automatically update the bureau's massive database. While the machines will make it much easier to collect data, administrators have to make sure that they can't be hacked or corrupted.

Gates said the machines likely will need fingerprint verification before they can be used, and any data sent from the machines will be encrypted with special codes preventing easy hacking.

The Game of Catch-Up Continues

Reis said that because government has gotten so far behind on the privacy issue, it's time for a more in-depth look at how government handles privacy.

"You can't take a Band-Aid approach to this. There are so many different needs for information," Reis said.

Reis said she is planning a study of the government's privacy approach, and hopes in the coming months to submit recommendations through the Information Security and Privacy Advisory Board, of which she is a member. The group was established by federal law to monitor privacy and report to both the administration and Congress. It is housed in the National Institutes of Standards and Technology, a Commerce Department agency.

She said the basic question is: "Are the laws really doing what they're supposed to be doing?"

Many laws in addition to the 1974 Privacy Act deal with privacy issues - some compete with one another - so it's time to take a comprehensive look and figure out where the gaps are, and where potential gaps could arise, she said.

Sabo said legislators might want to consider stiffer penalties for people whom either negligently or purposefully expose data. He said some good examples of tough provisions can be found in the Health Insurance Portability and Accountability Act and the Sarbanes-Oxley financial reporting bill that arose out of the Enron fiasco. Gates said specific penalties have been created for Census Bureau workers who violate privacy rules.

"If there's no consequences, then the law won't be treated with respect," Sabo said.

Sabo said another question government must continually ask itself is whether the information is necessary to have. It's an important question, he said, because by reducing the amount of information collected, government can reduce the likelihood that useful information can be stolen for malicious purposes.

Peter Swire, an Ohio State University law professor who spoke to the Commerce Department advisory group last month, said that question is being factored into a discussion that the Justice Department is having with Internet companies over data storage. The government is asking companies like Google to maintain search records for up to two years in an effort to combat child pornography and other predatory Internet crimes.

But Swire said that Justice Department officials apparently hadn't considered the fact that search information on their own FBI agents investigating crimes would be logged also, and could possibly put the agents at risk. He said it's an example of the wide implications of data collection.

"It was clear they hadn't thought of that," Swire said.

Daniel Chenok, the chairman of the Commerce Department advisory group and a security analyst for the consulting firm SRA International, said that government's role ultimately is multi-pronged with respect to protecting privacy.

"It's leading by example, and providing notice as to how information is used. [It includes] providing rapid response and notice when there's an incident," Chenok said. He said federal government can have a great impact by using its weight as a purchaser of information systems, and requiring certain security and privacy requirements.

"Before, people stole wallets, and now people steal data streams. It's just a question of adjusting and responding to the new risks," Chenok said.

MCAFEE SECURITY FLAW FIXED BY ACCIDENT (GEEK.COM)

Geek.com - USA

Mon Jul 17 2006

A flaw that was found only this month in one of McAfee's corporate security products was fixed several months ago by McAfee without the company realizing it had fixed the problem. The flaw (see the summary) was found by eEye Digital Security on July 5th in ePolicy Orchestrator (ePO), McAfee's corporate security software management tool. It arises from the fact that McAfee was storing information in files on users' machines and allowed remote execution of code, thus enabling file writing to any part of a remote system. The flaw was fixed as part of an optimization drive in January, when McAfee switched from storing data in files to storing it in memory, therefore removing the threat.

The security problem does not affect any consumer products, and McAfee is now urging any business that has not recently updated its ePO management software to do so to stop the vulnerability.

Read Article Here

COMPUTER SECURITY BASICS, SECOND EDITION (FAQ-MAC.COM, SPAIN)

According to Rick Lehtinen, author of the new edition of "Computer Security Basics" (Lehtinen, Russell, and Gangemi, O'Reilly), computer security has taken on some new meanings in the wake of the terrorist attacks of September 11, 2001. The first of these changes is positive, he says. "As part of a global tightening of belts and rolling up of sleeves, there emerged several outreaches designed to provide security training and certification to folks in all walks of life, from the consumer being alerted about identity theft, to the soldier and sailor and weapons scientist taking greater precautions with items of national security, to the common person on the street gaining a heightened awareness of hackers and crackers and cyber attackers." Lehtinen explains that gradually this new emphasis on computer and network safety has percolated down to the ordinary user's computer in the den or living room. "And because it really is a small Internet," he says, "what affects one usually affects all. The safer individual users are, the safer the Net is for everybody."

To gain a clear understanding of the basics of securing a computer or network, look no further than "Computer Security Basics, Second Edition." The first edition of this book was so popular-and practical-that it remained in print since 1991. This new edition builds on the well-established principles developed in the original and updates that core knowledge thoroughly.

The book describes complicated concepts-such as trusted systems, encryption, and mandatory access control-in simple terms. Ideal for anyone who is involved with computer security, including security administrators, system administrators, developers, and IT managers, it covers the following topics and more:

-Security breaches, such as viruses and other malicious programs
-Cryptography
-Biometrics
-Wireless network security
-Computer security and requirements of the Orange Book
-Government regulations
-OSI Model and TEMPEST

Lehtinen explains the book's focus, "This book is about computer security-what it is, where it came from, where it's going, and why we should care about it. It introduces the many different areas of security in clear and simple terms: access controls, worms and viruses, cryptography, firewalls, network and web security, biometric devices, and more. If you're at all interested in computer security or if computer security is a part of your job (whether you want it to be or not!), you should find this book useful. I've tried to give readers the big picture and quite a few helpful details."

Early praise for "Computer Security Basics, Second Edition":

"'Computer Security Basics' is an excellent treatment of a complex subject. It is a complete introduction to computer security and a valuable resource for both security novices and experts." -Michael McChesney, Chairman and CEO of M1 Global Solutions, Inc.

Additional Resources:

For more information about the book, including author bios, see:
http://www.oreilly.com/catalog/csb2/

For a cover graphic in JPEG format, go to:
ftp://ftp.ora.com/pub/graphics/book_covers/hi-res/0596006691.jpg

Computer Security Basics, Second Edition
Rich Lehtinen, Deborah Russell, and G.T. Gangemi, Sr.
ISBN: 0-596-00669-1, 296 pages, $39.99, £28.50, 36 Euros

CONVENIENCE OF WI-FI NOT WITHOUT RISKS (BY ANDREA ZIMMERMANN)

Springfield State Journal Register - Springfield,IL,USA

Monday, July 17, 2006

Jim Stevens loves his wireless Internet access. He can take his laptop just about anywhere and get an instant connection.

On a recent weekday, Stevens, 58, was using the free wireless Internet connection at Panera Bread Co., 3101 West White Oaks Drive. Before heading to Springfield College to teach his criminal justice class, Stevens was looking at travel Web sites for an upcoming vacation with his 80-year-old father.

But in Sullivan recently, he said, he was planning a high school reunion and used the same laptop to access a neighbor's wireless Internet - without the neighbor's knowledge.

"There was Internet somewhere along the line, and I was able to find old classmates," said Stevens, who worked for the Department of Corrections for 25 years. "Is that illegal?"

It could be, according to Illinois law.

Wireless Internet - often shorthanded as wi-fi - is quickly becoming the preferred method for Web surfers. Many people use it in their homes, businesses often set up wireless networks in offices to avoid tangles of wires, and the city of Springfield is mulling a proposal to set up "hot spots" downtown at various tourist sites.

However, as more people learn how to use wireless Internet, they should be aware of the risks that come with such convenient, cord-free access, said Sviatoslav Braynov, who teaches computer security at the University of Illinois at Springfield.

A brief State Journal-Register search for unsecured wireless networks found at least a dozen in a single residential area on the southwest side of Springfield.

While most signals were fairly weak by the time they traveled to the street, they were still strong enough to create a connection.

That poses two potential risks. Unauthorized people can piggyback on a homeowner's wireless signal, for free. And crucial personal information, such as the homeowner's banking and Social Security numbers, could be at risk.

A number of local businesses, such as Panera, also offer wireless Internet access to their customers, either free or for a fee. One especially "hot spot" in town is near the Capital City Shopping Center on Dirksen Parkway, where a user can typically access three to five signals at once - several of them from nearby motels that use free wireless as a marketing tool for travelers.

Some of business managers in that area said they know non-customers sometimes poach their wireless signals, but said they knew that comes with putting a signal out without requiring user logins and passwords. Others, however, said they weren't aware that anyone was piggybacking on their service.

The concept of scouring neighborhoods for loose wireless signals is called "war driving." Most people who do so are trying to collect information, but not always trying to hack the system.

Braynov said war driving, which is popular mainly on the West Coast, can be done at longer distances when someone uses a small satellite receiver - or even using an antenna fashioned from an aluminum soda can and software available on the Internet.

In March, a northern Illinois man pleaded guilty to accessing an unsecured wireless network without the owner's approval. The case was the first of its kind in Illinois, and one of only a few ever prosecuted across the country.

But Tom Wartowski, Winnebago County assistant state's attorney, said there's no question that tapping into someone else's unlocked Internet is illegal.

Wartowski said a Rockford police officer found David M. Kauchak sitting in his car in the parking lot of a nonprofit agency during the early morning hours in January. Kauchak had accessed the agency's unsecured wireless network to browse the Internet.

Wartowski said he didn't think Kauchak's actions were criminal until he found an Illinois statute banning computer tampering. The crime is a misdemeanor, punishable by up to a year in jail, although Kauchak's lawyers negotiated a plea of a year on probation and a $250 fine.

The simple act of accessing someone else's Internet can be considered virtual trespassing, because it is possible to tap into a variety of sensitive information, Wartowski said. He compared it to physical trespass.

"I can leave my front door open, and you still can't come into my house," he said. "When we allow people to get into our computer systems, we are giving up our privacy."

According to the statute, it's not important whether Kauchak simply had been checking his own e-mail, Wartowski said.

"There doesn't have to be (malicious intent)," Wartowski said. "You just have to do it, and you have broken the law."

There have been no similar cases in the Rockford area since Kauchak's conviction. And Wartowski said he doesn't expect any prosecutions unless citizens file complaints - police in Winnebago County won't be trolling for people illegally accessing the Internet.

Braynov said part of the problem stems from users treating their computers as appliances, rather than machines requiring certain knowledge to operate.

"More and more people will be using wireless Internet because it is very convenient," Braynov said. "Wireless Internet also has a lot of security problems. I know that a lot of people don't have enough knowledge to secure their wireless networks."

For Stevens, using Panera's wi-fi makes searches on the Web much quicker - he no longer has the patience to use the dial-up access at his house, he said. He added that he'd love to see the entire city offer free access.

As to illegally accessing a wireless network, Stevens said, "If I do it again, I will feel more guilty. I really don't want to abuse the law or bend it."

Read Article Here.

IDENTITY STOLEN? TAKE A NUMBER (BY ELLEN ULLMAN)

Amherst Times.com - Amherst,NY,USA

Monday, 17 July 2006

WITHOUT authorization, an employee of the Department of Veterans Affairs took home a laptop computer with the names, birth dates and Social Security numbers of 17.5 million veterans and active-duty military personnel - or was is it 26.5 million? At the time the department was not even clear. In May, the laptop was stolen.

Then, about a month later, Veterans Affairs said it would provide a year of free credit monitoring for the people whose data was involved. Well, thanks a lot. This is the equivalent of your house sitter sending you a postcard saying, "Your front door fell off a few weeks ago, but don't worry: the police said they'd cruise by once a week to make sure everything is okay."

There is a much better way to handle lost or stolen Social Security numbers: issue new ones. When you lose your Visa card, you get a new card with a new number, and any new charges with the old number are blocked. Why can't we do the same with Social Security numbers?

A computer generates a unique number, and it is associated with your name. Then - no matter how stupidly we handle that number, giving it out to scammers, and no matter how shamelessly that number is mismanaged by government agencies - almost no matter what, that number remains with you, even unto death.

There is no good reason for this to be so. From a computing point of view, it is ludicrous. The Social Security number is just a unique number. Computers are very good at generating unique numbers; computers are also very good at associating a name with a number, and then, without a care, associating that name with some other number.

If it seems too daunting to change government computers so they can link old Social Security numbers to replacement numbers, here is a proposal for the federal government: Sponsor a contest among colleges to see which one's technical team can best patch up existing systems to handle reassignment of Social Security numbers (replacing government systems entirely would be an impossible task, a multibillion-dollar sinkhole).

Hire some of the best computer-security experts to see that no one plants viruses or trap doors. Give each member of the winning team a federal-tax-exempt award of $500,000. If that sounds expensive, consider that the Department of Veterans Affairs has already spent $18 million just on warning letters to the people whose data was stolen, letters explaining the credit-monitoring service to them, and a call center to fortify those unfortunates for the nightmare of identify theft that potentially lies ahead.

Within a year of the contest's beginning, I predict, the technical solution for Social Security number reassignment will be found. Should this sound unreasonable, please remember that many thought the world would come to an end in 2000 because of the so-called Millennium Bug. But programmers all around the world rolled up their sleeves, changed systems to handle four instead of two digit years, and Armageddon was delayed.

The technology can be changed. What is missing is the political will. Some valiant member of Congress must stand up and demand a law mandating the cybernetic protection of Social Security records and the reassignment of compromised numbers. If it's true, as the federal government insists, that data-monitoring programs can find terrorists' phone calls somewhere among the billions of connections made by law-abiding Americans, surely it should be no trouble for an Internal Revenue Service computer to flag a situation in which a person who has always worked in Albany and is still working in Albany, for example, is suddenly working simultaneously in Denver.

Credit-card companies catch these sorts of anomalies all the time; it's in their financial interest to do so. But the government has what amounts to a financial disincentive: it collects taxes on all uses of the same Social Security number, valid or not. No one in the government is seriously penalized when Social Security numbers are stolen and misused; only the number-holders suffer.

That is why legislation is needed. I guarantee you that the member of Congress who proposes this legislation will have a solid voter base of at least 17.5 million people.

Ellen Ullman, a former software engineer, is the author, most recently, of "The Bug: A Novel."

RESEARCHERS WORK TO THWART CRAFTY CYBER SCAMMERS (CORILYN SHROPSHIRE (Pittsburgh Post-Gazette))

Rocklin and Roseville Today - Rocklin,CA,USA

Monday, July 17, 2006

The magnitude of menaces lurking on the Web - crooks, thieves, predators, worms, scam artists are increasingly clever and multiplying, duping computer users by cloaking themselves in seemingly benign disguises.

It doesn't help that experts are saying that most security breaches are the result of human failures, not technical ones. These include frequent use of easily breakable passwords, outdated anti-viral software, and sometimes even clueless computer users not knowing what do.

"It's hard for the average computer user to keep track" of all the potential pitfalls, said Lorrie Cranor, director of the Usable Privacy and Security Laboratory at Carnegie Mellon University "It's just hard for people to know out what's out there."

Cranor and about 100 academic and industry computer security wonks spent three days this week hoping to help by swapping ideas on how average computer users can beef up security in their virtual lives at the second annual "usable privacy and security" symposium at CMU's Collaborative Innovation Center.

It's unrealistic to expect people to keep track of dozens of passwords that use both numbers and letters without writing them down, Cranor said. As a result, many people use one alphanumeric password for everything _ from logging on to their computers to doing their online banking _ even though such a practice puts them at increasing risk.

To cut their risk of falling victim to cyber-crimes, consumers can take such simple steps as recording passwords in a computer program that is then secured by one master password, and encrypting information on laptops, Blackberrys and other wireless-enabled devices, Cranor said.

"People often forget when they are sitting in Wi-Fi hot spots" that other nearby users can hack into their computers.

Memory tricks also can help keep precious computer-stored information safe, she said, including creating a mnemonic password by using the first letter of each word of a phrase that the user has made up.

Still, being virtually street smart sometimes isn't enough since hackers, too, are getting smarter.

Unlike the worms and viruses that for years gobbled up private information and crashed hard drives, it's increasingly common for hackers to weasel their way into computers by "exploiting human vulnerabilities," Cranor said.

The number of computer users falling victim to "phishing scams," in which users are lured into giving away important personal information such as credit card numbers, bank account numbers and Social Security numbers to seemingly legitimate e-mail requests, is steadily rising. The number of new phishing Web sites jumped to nearly 8,000 in December from its high of 5,259 less than five months earlier, according to the Anti-Phishing Working Group.

Now the threat has moved beyond computer screens to the telephone, with the latest scams sending Internet-based phone users an e-mail requesting they call a seemingly legitimate phone number to call to update their bank accounts. Tricks such as these, with automated voice system and caller ID that look and sound like the real thing, demonstrate how increasingly sophisticated hackers have become, said Carnegie Mellon University social scientist Julie Downs.

The phone phishing, or "vishing" as its known in the industry, is clever she said, "in part because people think that they can use the phone if they don't trust the e-mail." The vishing scams could be hampered by building a database of known "scam" phone numbers or by creating a software filter that warns consumers of incoming fraudulent calls, she said. "Educating users is great if it works, but it's hard to reach them all and keep current," Downs said.

Downs, who has studied how susceptible people are to phishing attacks, co-authored with Cranor a paper on the subject. The two also are working with other researchers to develop software tools to better detect fraudulent e-mails before they get to users, and are creating games for users to learn about phishing scams.

(E-mail Corilyn Shropshire at cshropshire(at)post-gazette.com.)

(Distributed by Scripps Howard News Service, www.scrippsnews.com.)

GARTNER ADVISES SKEPTICISM WHEN EVALUATING CSI/FBI SECURITY SURVEY (GARTNER, INC)

Tekrati Industry Analyst Reporter - Belmont,CA,USA

Gartner, Inc. - July 17, 2006

Gartner research vice president Rich Mogull takes issue with the 2006 Computer Security Institute/FBI survey. The CSI/FBI survey shows business losses from cybercrime declining -- the average loss per respondent in this year's survey was down nearly 18 percent from last year. Gartner warns IT security administrators that surveys of this type use uncertain methodologies and do not constitute the basis for a sound security strategy. Free reports from CSI/FBI and Gartner.

Excerpting directly from the Mogull's analysis:
"Gartner believes that security administrators should view the findings of all such surveys with extreme skepticism. A recent survey by Deloitte Touche Tomatsu, for example, reported that security breaches at financial institutions had increased significantly over the same time period, which would seem to contradict the CSI findings."

Robert Richardson, CSI's editorial director, comments on the declining numbers reported by the CSI/FBI survey -- and some of the mixed media coverage that took place late last month -- at the CSI website (see: "A comparative look at the CSI/FBI survey loss numbers".

The CSI/FBI survey is available as a free download at the CSI website at gocsi.com/forms/fbi/csi_fbi_survey.jhtml as of July 13, 2006. The survey was conducted by CSI with the participation of the San Francisco Federal Bureau of Investigation's Computer Intrusion Squad. The authors are CSI editorial director, Robert Richardson, and three scholars from the University of Maryland, Lawrence A. Gordon, Martin P. Loeb and William Lucyshyn.

About the Gartner news analysis:
The 1-page Gartner report, "Don't Base Security Decisions on Industry Surveys" (June 21, 2006) by Rich Mogull, is available free of charge in html and PDF at the Gartner website, as of this posting.

WESTCHESTER COUNTY IN PILOT COMPUTER SECURITY PROGRAM (THE JOURNAL NEWS, WESTCHESTER)

The Journal News.com - Westchester,NY,USA

July 15, 2006

Westchester County government employees will hold their fingers on a fingerprint-reading device to gain access to their computer desktops, if a pilot program is successful.

The county struck a deal with CryptoMetrics Inc. of Tuckahoe to have about 15 employees - mostly executives - use the technology known as FingerSure on a temporary basis, said Susan Tolchin, a spokesperson for County Executive Andrew Spano. The county will purchase the technology for other employees, too, if it is satisfied with the security the system offers, she said.

"It's a test. We have to see how it works," she said.

With the technology, those authorized to get access to computer information "enroll" their fingerprint on a portable battery-powered, keychain-sized device known as a "trusted device."

Robert Barra, the co-chief executive of CryptoMetrics, said the technology saves an organization's information technology department from having to manage its members' computer passwords. It also saves employees from having to remember passwords.

"We're user friendly," Barra said. "We identify the user by the touch of a finger. It's fast, an effortless log in."

CryptoMetrics, which was formed in 2000, markets facial-recognition and fingerprint-identification technology to governments, police agencies, the military and private companies.

Barra would not comment on the cost of the technology, saying he does not want competitors to know how much CryptoMetrics charges. Tolchin said the devices cost $125 to $150 each.

Ka-ching!




Power Station Financial Models
power station models box

Oil & Gas Financial Models
oil & gas models box

Corporate Finance Models
Corporate Finance Financial Models

Finance and Investment Books
finance investment books

Pet Owner Info Resources
pet owner info resources

Golf Player Info Resources
golf player info resources




SUBSCRIBE ME!

  
Your Firstname:
Your Lastname:
Your E-Mail:

Go to the Home Page: Computer Security Resources




  



















Home Made Power Plant

power station financial models

oil & gas financial models

corporate finance models



computer security resources | About Us | pal-solutions | Site Map | registry-cleaner | pc-tracker | anti-virus | privacy-tool | popup-eliminator | pc-spy | keylog-pro | liutilities | speedupmypc | winbackup | wintasks | contact | subscribe | evidence | site-map | utility-pack




 

A Million FREE hits EVERY DAY!

No-More-Hits!

Hits-For-Clicks

Register for FantasticHits today and get 500 bonus hits.