You are here: Home / Archives for Tech Bytes

The in-depth guide to data destruction | Security – InfoWorld (Bob Violino)

February 7, 2012 By Leave a Comment

A key part of any information security strategy is disposing of data once it’s no longer needed. Failure to do so can lead to serious breaches of data-protection and privacy policies, compliance problems, and added costs.

When it comes to selecting ways to destroy data, organizations have a short menu. There are basically three options: overwriting, which is covering up old data with information; degaussing, which erases the magnetic field of the storage media; and physical destruction, which employs techniques such as disk shredding. Each of these techniques has benefits and drawbacks, experts say.

Some organizations use more than one method. For example, microprocessor maker Intel uses all three, “depending on what we’re trying to do and for what purpose,” says Malcolm Harkins, CISO and vice president of the IT group.

[Also read Why information must be destroyed by Ben Rothke]

The data destruction market hasn’t changed much in the past few years, says Ben Rothke, an information security professional with extensive experience in data destruction. “If there is any trend, it is that more firms are aware of the importance of data destruction,” Rothke says.

Still, some organizations, particularly smaller ones, need more education about data destruction, according to Jay Heiser, an analyst at research firm Gartner. “We consider this a very important topic, but it is not one that Gartner clients spend a lot of time asking us about,” Heiser says.

via The in-depth guide to data destruction | Security – InfoWorld.

Filed Under: Tech Bytes Tagged With: , , , , , , , ,

Hey, Wolfram|Alpha Isn’t Just for Pros | TIME.com (Harry McCracken)

February 7, 2012 By Leave a Comment

Wolfram|Alpha–the “computational knowledge engine” that lets you pose questions about math, history, and other factual stuff and get reliable responses, often in the form of beautifully-done infographics–is an extraordinary creation. But more than two and a half years after its debut, it’s still not the Google-like breakout hit I keep thinking it should be.

On Wednesday, the site’s creators are launching the most ambitious update its gotten since it launched, a premium version called Wolfram|Alpha Pro that will cost $2.99 a month for students and $4.99 a month for the rest of us. Dieter Bohn of The Verge has a meaty look at what’s new, including the ability to upload your own data sets, fiddle with the visualizations and download the data behind the engine’s answers.

(MORE: Search, Plus Your World: Google’s Risky Gambit)

Data geeks should enjoy these advanced options. Even if I don’t sign up myself, I’m rooting for the Pro version to be a success, since a Wolfram|Alpha that’s a thriving business has the best shot at being around for a very long time to come.

via Hey, Wolfram|Alpha Isn’t Just for Pros | Techland | TIME.com.

Filed Under: Tech Bytes Tagged With: , , , , , , ,

Hackers: $50,000 to keep Symantec source code private – ZDNet (Steven Musil)

February 7, 2012 By Leave a Comment

As part of a sting operation, Symantec told a hacker group that it would pay $50,000 to keep the source code for some of the its flagship security products off the Internet, the company confirmed to CNET this evening.

An e-mail exchange revealing the extortion attempt posted to Pastebin (see below) today shows a purported Symantec employee named Sam Thomas negotiating payment with an individual named “Yamatough” to prevent the release of PCAnywhere and Norton Antivirus code. Yamatough is the Twitter identity of an individual or group that had previously threatened to release the source code for Norton Antivirus.

via Hackers: $50,000 to keep Symantec source code private – ZDNet.

Filed Under: Tech Bytes Tagged With: , , , , , , ,

Cyber Attack Is Top Threat for Olympics: Expert — CNBC (Katy Barnato)

February 6, 2012 By Leave a Comment

Terrorists combining a cyber attack with physical violence are the biggest security threat facing the 2012 Olympics, a digital forensics expert told CNBC.

Paul Gilham / Getty Images

“What we really have to worry about is the blended attack, in other words, someone causing a temporary disruption to the electronic structure, combined with a physical attack,” said Professor Peter Sommer, who acts as a court expert on cyber crime.

“The fact that you have the electronic attack makes it more difficult to deal with the physical attack,” he added.

With this year’s Games (taking place from July to September, including the Paralympics) expected to be the most hi-tech yet, Sommer says the “sheer number” of interlocking electronic systems makes the event vulnerable.

“We have a large numbers of systems, some of them central, some of them less obvious — but which may nevertheless be important — any of which could be attacked by any of a large number of people who have a message to make to the world, because that is what the Olympics gives them a chance to do,” he said.

via Cyber Attack Is Top Threat for Olympics: Expert — EU Business News – CNBC.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

Motorola Tablet Goof: 4 Security Lessons For Users – Informationweek (Eric Zeman)

February 5, 2012 By Leave a Comment

Motorola alerted customers on Friday that it shipped about 100 refurbished Xoom tablets that were not completely cleared of the original owner’s data prior to resale. The tablets were sold between October and December of 2011 through Woot.com. Oops.

According to Motorola, some of the compromised data potentially includes user names and passwords for email and social media accounts, as well as other password-protected sites and applications, and possibly even photographs and documents.

First, Motorola is offering customers who purchased a Motorola Xoom Wi-Fi tablet between March and October 2011–and then returned it–a complimentary two-year membership of Experian’s ProtectMyID Alert to mitigate any risks. Experian provides access to consumer credit data, and can be used as a tool to make sure the accidentally shared data is not put to nefarious use. The Xoom was available from a number of retailers during that period, including Amazon.com, Best Buy, BJ’s Wholesale, eBay, Office Max, Radio Shack, Sam’s Club, Staples, and others. If you bought one from the aforementioned retailers and returned it, best give Motorola (and Experian) a call.

via Motorola Tablet Goof: 4 Security Lessons For Users – Security – Mobile Security – Informationweek.

Filed Under: From The News, Tech Bytes Tagged With: , , , , , , , ,

Concept Searching’s new Smart Content Framework : KMWorld

February 5, 2012 By Leave a Comment

Concept Searching has announced the Smart Content Framework for information governance. The company says the toolset provides an enterprise framework to mitigate risk, automate processes, manage information, protect privacy and address compliance issues.

Concept Searching describes the Smart Content Framework as a multi-disciplinary solution—delivered through its technologies—that encompasses the entire portfolio of information assets. Underlying the Framework are functionalities to transparently tag content, classify it to organizational taxonomies, preserve and protect information through the automatic identification of records and privacy data, and act as a migration tool, Concept Searching says.

via Concept Searching’s new Smart Content Framework : KMWorld.

Filed Under: From The News, Tech Bytes Tagged With: , , , , , , , , ,

Anonymous hacks call between FBI and Scotland Yard about hackers | Digital Trends (Trevor Mogg)

February 5, 2012 By Leave a Comment

A recent trans-Atlantic call between the FBI and the UK’s Scotland Yard in which operatives from the two law enforcement agencies discussed ongoing cases regarding a number of alleged hackers was intercepted and recorded—by hackers.

“Do you want to talk about cheese?” is the conversation opener in a trans-Atlantic phone call intercepted by hacker collective Anonymous between the FBI and the UK’s Metropolitan Police (aka Scotland Yard).

Once the issue of cheese had been dealt with, the participants in the conversation moved on to more pressing matters—such as how to deal with Anonymous. Of course, they had no idea the group was recording their conversation. And once it was over, the hackers uploaded the call to the Web.

Though part of the conversation centered on trivial matters, such as the merits of the British city of Sheffield (“it’s not exactly a jewel in England’s crown”), more important subjects were covered, such as the current situation with Ryan Cleary, a British man arrested last June for his alleged involvement with hacking group LulzSec. Another alleged hacker, whose name was bleeped out by Anonymous, was described by a British operative as “a pain in the bum.”

The FBI admitted that the call, which took place some time in January, was genuine and that it was now looking for those responsible for recording it and putting it online.

via Anonymous hacks call between FBI and Scotland Yard about hackers.

Filed Under: From The News, Tech Bytes Tagged With: , , , , , , , , ,

NIST issues security, privacy guidance for public cloud – FierceGovernmentIT (Molly Bernhart Walker)

February 2, 2012 By Leave a Comment

Many of the features that make public cloud-computing services attractive run up against government’s traditional security models and controls, according to the National Institute of Standards and Technology’s recently-released Special Publication 800-144 (.pdf), which tallies the threats, risks and access concerns agencies should consider before entering into such contracts.

The publication stops short of recommending service arrangements, service agreements, service providers or deployment models, however. Departments and agencies should use NIST’s guide to analyze their specific requirements against public cloud services, write report authors.

Sign up for our FREE newsletter for more news like this sent to your inbox!

The publication emphasizes that in the end, the organization is responsible for security and privacy in the cloud, not the service provider. As such, SP 800-144 stresses a risk-based approach in analyzing how and what functions to move to the public cloud–organizations should extend to the cloud the same governance practices employed when deciding to outsource any other IT service.

via NIST issues security, privacy guidance for public cloud – FierceGovernmentIT.

Filed Under: Tech Bytes Tagged With: , , , , , , , ,

Big name tech companies team up to combat email phishing scams – The China Post

February 2, 2012 By Leave a Comment

Google, Facebook and other big tech companies are jointly designing a system for combating email scams known as phishing.

Such scams try to trick people into giving away passwords and other personal information by sending emails that look as if they come from a legitimate bank, retailer or other business. When Bank of America customers see emails that appear to come from the bank, they might click on a link that takes them to a fake site mimicking the real Bank of America’s. There, they might enter personal details, which scam artists can capture and use for fraud.

To combat that, 15 major technology and financial companies have formed an organization to design a system for authenticating emails from legitimate senders and weeding out fakes. The new system is called DMARC — short for Domain-based Message Authentication, Reporting and Conformance.

via Big name tech companies team up to combat email phishing scams – The China Post.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

Video: Google Privacy Policy Update

January 26, 2012 By Leave a Comment

 

A brief overview of recent changes to the Google Privacy Policy

Filed Under: From The News, Tech Bytes Tagged With: , , , , ,
« Older Posts