News

Wednesday, January 30, 2008

Vendors' Lax Security is Our Problem

SECURITY UPDATE
A Penton Media Property
January 30, 2008


If you want to view this on the web go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141779-0-0-0-1-2-207


IN FOCUS

--Vendors' Lax Security is Our Problem
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Last week, I blogged about a rather shocking incident. It's shocking
both because it even happened and because it continues to happen. The
incident I'm referring to is that Best Buy shipped digital picture
frames that contained a virus that was installed during the
manufacturing process. Can you believe it? In this day and age, given
all the focus put on computer security problems by nearly every media
outlet in the world, Best Buy still shipped a product infected with a
virus. There's no excuse for that whatsoever.

But Best Buy isn't alone in making such a gigantic mistake. Several
other companies have faced heat for shipping products already infected
with viruses. In August of 2007, Seagate Technology reportedly shipped a
bunch of Maxtor Basics Personal Storage 3200 devices with spyware that
snoops around the system looking for passwords and then sends them to an
external site over the Internet. For more information about the Seagate
Technology incident, go to
www.seagate.com/www/en-us/support/downloads/personal_storage/ps3200-sw
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141780-0-0-0-1-2-207.

In September of 2007, Apple shipped some of its hugely popular video
iPods with the RavMon worm. (For more information, go to
www.apple.com/support/windowsvirus
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141781-0-0-0-1-2-207) Apple then had the
audacity to state that "As you might imagine, we are upset at Windows
for not being more hardy against such viruses, and even more upset with
ourselves for not catching it." Talk about shifting the blame! Wow. To
Apple I would say, "just own up to your catastrophic mistake and leave
it at that."

Also in September of 2007, German manufacturer Medion reported that
several of its ALDI laptops were infected with the Stoned.Angelina
boot-sector virus. In case you didn't know, variants of the Stoned virus
have been floating around for more than a decade, so it's amazing that a
variant of it found its way onto a new laptop direct from the factory.
To read Medion's bulletin (translated from German to English via
Google), go to
translate.google.com/translate?u=http%3A%2F%2Fwww.medion.de%2Fpopup_md96290.htm&langpair=de%7Cen&hl=en&ie=UTF-8
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141782-0-0-0-1-2-207.

In January of 2007, TomTom International admitted that it shipped
several of its TomTom GO 910 GPS units with an unnamed virus. The
affected units were manufactured between September and November of 2006.
You can read more about the incident at
www.tomtom.com/news/category.php?ID=2&NID=349&Language=1
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141783-0-0-0-1-2-207.

If that weren't enough already, in 2005, Creative shipped several
thousand Zen Neeon digital audio players that contained a variant of the
Wullik mass-mailing worm. You can read about that fiasco (translated
from Japanese to English via Google) at
translate.google.com/translate?u=http%3A%2F%2Fjp.creative.com%2Fcorporate%2Fpressroom%2Freleases%2Fwelcome.asp%3Fpid%3D12173&langpair=ja%7Cen&hl=en&ie=UTF-8
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141784-0-0-0-1-2-207.

Even big shots such as IBM have made the same mistake. In 1999, the
company revealed that several of its Aptiva 2158 laptop systems were
shipped with the CIH virus, which later became more commonly known as
the Chernobyl virus. You can read IBM's admission at
www.pc.ibm.com/partner/us/ssg/2b7e.html
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141785-0-0-0-1-2-207.

There are probably several other companies that have made similar
mistakes, but the seven companies I've listed here are more than enough
to make one think (possibly in disgust) about just how terrible the
security practices of these major companies really are. They obviously
didn't take security seriously enough, if they even considered it at
all.

The ramifications of their oversights could have been enormous. Imagine
a hiker using a TomTom GPS unit to navigate in the wilderness, only to
find that the device was giving out bogus coordinates. Or imagine a
doctor using an Aptiva or ALDI laptop that suddenly started deleting
patient records or important diagnostic results.

The lesson here is pretty clear. A vendor's lax security practices
quickly become their customers' problem. Vendors need to have adequate
security at all levels of their organizations, particularly those
vendors who manufacture any type of electronic products.

----------------------------------------
ADVERTISEMENT
Double-Take Software

Ensuring Protection and Availability to Microsoft Exchange

Microsoft Exchange is integral to an organization's day-to-day
operation. For many companies, an hour of Exchange downtime can cost
hundreds of thousands of dollars in lost productivity. This paper
discusses new ways to maintain Exchange uptime by using data protection,
failover, and application availability. When recoverability matters,
depend on Double-Take Software to protect and recover business critical
data and applications.

http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141786-0-0-0-1-2-207
----------------------------------------


SECURITY NEWS AND FEATURES

--Cisco's New Adaptive Security Appliances
Cisco launched a new ASA 5580 series of security appliances that the
company said is its highest performing appliance offering to date.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141787-0-0-0-1-2-207

--Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts,
which inform you about recently discovered security vulnerabilities. You
can also find information about these

discoveries at

www.windowsitpro.com/departments/departmentid/752/752.html
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141788-0-0-0-1-2-207)

--Washington D.C. Mayor Fires 9 Employees for Inappropriate Computer Use
Washington D.C. Mayor Fires 9 Employees for Inappropriate Computer Use
Washington D.C. Mayor Adrian M. Fenty gave the axe to nine employees
after a month-long audit of the city's computer systems. The employees
were found to have surfed porn and sex sites using city-owned computers.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141789-0-0-0-1-2-207

--Webroot Launches Email Security SaaS
On the heels of its merger with Email Security, Webroot has launched its
new E-Mail Security Software as a Service (SaaS) offering. The SaaS lets
companies outsource email security instead of handling those tasks
inhouse.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141790-0-0-0-1-2-207

----------------------------------------
ADVERTISEMENT
PolyServe

Web Seminar - Consolidation of File Servers

See real-world examples of server consolidation efforts resulting in
cost savings, performance improvements, and reduction in time-to-manage
efforts. This web seminar shows how server sprawl makes inexpensive
systems expensive through large management burdens, expensive use of
assets, and sub-optimal availability. Thanks to advances in clustered
storage technologies, IT departments can consolidate multiple Windows
file servers into a single, unified NAS cluster.

View this free web seminar now to see how you can optimize data
efficiency!

http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141791-0-0-0-1-2-207
----------------------------------------


GIVE AND TAKE

--FAQ: Checking An Object's SID
by John Savill
Q: How can I use a script to check an object's SID?

Find the answer at

www.windowsitpro.com/Article/ArticleID/98110
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141792-0-0-0-1-2-207)

--FROM THE FORUM: Minimum Permissions Needed to Change Proxy Settings in
IE 6.0
A forum participant writes that he's setting up new machines running
Windows XP SP2 and Microsoft Internet Explorer (IE) 6.0 SP2, and the
systems have been hardened in accordance with his corporate guidelines.
A proxy server sits between the users and the Internet and is configured
in the IE setup. However, the users must be able to get to one site
that, because of the company's security rules, requires them to bypass
the proxy server. As the machines are configured right now, the
administrator can disengage the proxy server and reach the one site or
engage the proxy server to reach all other sites, but users can't
currently make this adjustment and they can't be given administrator
privileges. He wants to know what permissions he can give the users that
will allow them to make this change themselves. Can you help solve this
problem? Lend a hand at
forums.windowsitpro.com/web/forum/messageview.aspx?catid=42&threadid=88113&enterthread=y
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141793-0-0-0-1-2-207.

--SECURITY MATTERS BLOG: A Picture Is Worth 1000 Viruses
by Mark Joseph Edwards, http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141794-0-0-0-1-2-207
Apparently, Insignia's NS-DPF10A model -- a 10.4" digital picture frame
-- was shipped from the factory with a virus already installed.

windowsitpro.com/blog/index.cfm?action=BlogIndex&DepartmentID=949
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141795-0-0-0-1-2-207)

--SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in Security Pro VIP's Reader to Reader column. Email your
contributions to r2r@securityprovip.com (mailto:r2r@securityprovip.com).
If we print your submission, you'll get $100. We edit submissions for
style, grammar, and length.


PRODUCTS

--New Appliances Block Email-Borne Spam and Viruses
by Renee Munshi, products@windowsitpro.com
Sunbelt Software announced the general availability of the Ninja Blade
series of email security appliances. Ninja Blade appliances are built on
Dell's PowerEdge servers. For antispam protection, the appliances use
the Cloudmark antispam engine, the Sender Policy Framework (SPF), and
Realtime Blackhole Lists (RBLs). To protect against viruses and zero-day
threats, Ninja Blades incorporate BitDefender's antivirus technology.
The appliances use MessageSystems' Message Transfer Agent (MTA), which
Sunbelt says is capable of handling millions of unique messages per
hour. You can set rules for inbound and outbound messages, and create
filters for message attachments. The appliances have a Web-based
interface, integrate with Active Directory, and come with a set of
predefined reports. For more information, go to

www.ninjablade.com (http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141796-0-0-0-1-2-207)


RESOURCES AND EVENTS

Protecting Your Data: Mirroring in SQL Server 2008

SQL Server 2008 builds on SQL Server 2005 by providing a more reliable
platform that enhances database mirroring and includes automatic page
repair, improved performance, and better supportability. Randy Deyess,
SQL Server MVP, discusses database mirroring and how to use it and
explains the various ways in which you can set up mirroring. Watch this
video to learn how database mirroring supports rapid failover without
loss of data.

www.sqlmag.com/go/SQL08Mirroring
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141797-0-0-0-1-2-207)

Tips From David Chernicoff on Backing Up Remote Business Sites

Does your business operate in multiple locations? Do stretched IT
resources shortchange data protection for your remote sites? Keeping
data at remote sites backed up and secure is a critical component of
business success. In this podcast, David Chernicoff discusses the
problems surrounding data backup to remote sites and offers ideas and
suggestions for successful remote backups. Register now to get the
knowledge you need to protect all your business data.

www.windowsitpro.com/go/podcast/storageguardian/?code=12308er
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141798-0-0-0-1-2-207)

Enterprise Protection at an Affordable Price

Looking for an alternative to expensive licensed options for
Exchange protection? This white paper discusses continuous data
protection solutions not only for customers who are unable to utilize
block-level protection, but also for SAN customers who want an
alternative to costly licensed options for Exchange protection.
www.windowsitpro.com/go/wp/appassure/affordable/?code=012308e&r
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141799-0-0-0-1-2-207)


FEATURED WHITE PAPER

Best Practices for Measuring and Managing Today's Complex Messaging
Environment In today's
world, email is a business-critical communication tool, and downtime can
be disastrous. This white paper examines the components of a typical
messaging environment and discusses best practices for keeping your
environment operating at its peak. Learn how to maintain a healthy
messaging environment; download this white paper today.
www.windowsitpro.com/go/wp/quest/messaging/?code=012308e&r
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141800-0-0-0-1-2-207)


ANNOUNCEMENTS

Check out all the info-packed publications offered by Windows IT Pro!

If you're receiving the HTML version of this email newsletter, click
"Our Publications" in the menu bar.

You can also click on the link below:

store.pentontech.com/index.cfm?s=1&cid=18000306&promotionid=18003253&code=
(http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141801-0-0-0-1-2-207)

CONTACT US
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).

http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141802-0-0-0-1-2-207

http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141803-0-0-0-1-2-207

You are subscribed to this newsletter as boy.blogger@gmail.com

Manage your Security UPDATE subscription at
http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141804-0-0-0-1-2-207.

To unsubscribe:
http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141805-0-0-0-1-2-207&list_id=803&email=boy.blogger@gmail.com&message_id=1843

Be sure to add Security_UPDATE@email.windowsitpro.com
to your spam filter's list of allowed senders.

To contact us:
About Security UPDATE content -- mailto:letters@windowsitpro.com
About technical questions -- http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141806-0-0-0-1-2-207

About your product news -- mailto:products@windowsitpro.com
About your subscription -- mailto:windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- mailto:salesopps@windowsitpro.com

View the Windows IT Pro privacy policy at

http://ct.email.windowsitpro.com/rd/cts?d=33-1843-803-202-62923-141807-0-0-0-1-2-207

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2008, Penton Media, Inc. All rights reserved.

No comments:

Blog Archive