StratVantage – The News 03/22/02
Cleaning Out the Old Links, part 2
- Facial Recognition and Other Threats to Privacy: Virage Inc. has developed software that can automate video security, eliminating the need to pay low wages to bored personnel just to stare at monitors all day. You can program the system to recognize suspicious faces, locations, words or phrases. Great. Now surveillance can be in the hands of machines. Doesn’t that make you feel better? To top it off, Visionics, a maker of face recognition software, is enthusiastic about the possibility of creating “national shield” (Mom & apple pie alert!) linking every camera in the country.Thankfully, not everyone thinks this is a great idea. “We’re collecting data on everyone on the assumption that anyone may be the next terrorist,” said Deirdre Mulligan, director of the Law and Technology Clinic at UC Berkeley. “This subverts our traditional notion of the ability of the government to survey its citizens” only if there is probable cause to suspect criminal conduct. Security expert Bruce Schneier agrees: “You end up with a society in which the database is more important than reality.”
- UK ISP Closes After DoS Attack: For those who are still wondering if the danger posed by Internet miscreants is mostly hype, check out this story. UK Internet Service Provider (ISP) Cloud-Nine was forced to close after being hit with a massive denial of service (DoS) attack.
ISP Review (UK)
- Walk-up Printing for PDAs: Startup Flexiworld wants to make it easy for your to walk up to any printer and print emails or other documents wirelessly. I don’t even want to think about the security implications of this idea.
The Portland Business Journal
- The eBay Scam: Miscreants have been attempting to steal unwary users’ credit card numbers through a fake email that purports to be a purchase confirmation from eBay. My Dad received the email in mid-January, along with thousands of others. Recipients received the following email:
Your order has been completed and will be mailed within 24-48 hours.
Your credit card has been charged $460.50 for the following purchase…
– Microsoft X Box ( $399.00 )
– NFL Fever ( $50.00 )
Plus shipping and handling. If you feel that your credit card has been billed wrongly, please visit http://ebayservices-cancelorder.cjb.net and fill out all the needed information to cancel the following order.
Again that site is <a href=”http://ebayservices-cancelorder.cjb.net”>eBay Services: Cancel Order</a>,
CJB.net is an URL redirection service that sent users to a page hosted at AOL. The page asked the user to enter credit card number and other personal information so that eBay could cancel the order. Obviously, eBay was not involved in this scam, but, oddly, Harry Caray’s Chicago-area restaurants were, albeit unknowingly. For some reason, after users submitted the information, they were sent to a page on Harry Caray’s restaurants site that simply said, “Your order has been canceled.”
- “Unbreakable” Oracle 9i Broken: It had to happen. The good marketing people at Oracle thought an ad campaign calling Oracle 9i unbreakable was a good idea. If they’d asked the Oracle techies, they probably would have been told that nothing’s unbreakable, given enough time and motivation. Sure enough, the software has been cracked, easily, using the ever-popular buffer overflow exploit. Make sure your marketing department has a better clue than Oracle’s!
- More from the FBI Survey: A recent SNS quoted results from a recent survey by the Computer Security Institute (CSI), in conjunction with the FBI Computer Intrusion Squad. In addition to finding that that 81 percent of corporate respondents said the most likely source of attack was from inside the company, the survey also revealed:
- 85 percent of respondents (Large corporations and government agencies) detected security breaches within the last twelve months
- 35 percent of respondents quantified their financial losses at $377,828,700
- 91 percent of respondents detected employee abuse of Internet privileges
- 94 percent detected computer viruses within their network
- 78 percent of respondents stated they had detected Denial Of Service Attacks
- 58 percent reported their network had been attacked 10 or more times
Domain Sellers Busted: Alert SNS Reader Roger Hamm sent along this article about domain scammers who were selling bogus .usa domain names. The UK company, dotusa.com, traded on Amercians’ patriotic sentiment to sell more than $1 million in names at $59 apiece before being busted by the FTC. Buyers of the .usa domains found they couldn’t be used on the Internet. Oops.
- Genomics Predictions: The Centre for Research on Innovation and the Institute for Alternative Futures recently released predictions from the ESRC Genomics Scenario Project. One of the most intriguing: “By 2005 biomarkers indicate the likely presence of several cancers, classify their defining molecular characteristics, and indicate which therapies should be beneficial to the particular type of tumour.”
Institute for Alternative Futures
- Verticalnet Gets Serious: Last month, Kevin McKay, former SAP CEO, was appointed Verticalnet’s new president and CEO. McKay appears to be a heavyweight, having held key positions at SAP, Sony Electronics and PricewaterhouseCoopers. Erstwhile B2B exchange Verticalnet appears to be trying to remake itself as a vendor of Collaborative Supply Chain solutions. Such solutions provide supply chain visibility, comprehension, and rapid response that leads to lower costs and inventory, higher revenue, and growth opportunities. Modernizing the supply chain by improving communication and planning processes will be corporations’ big To Do for this decade. Strategic Sourcing, Collaborative Planning, and Multi-tier Order Management look to shave dollars off supply chain costs. It remains to be seen, however, how successful Verticalnet will be in a marketplace dominated by i2 and, to a lesser extent, Manugistics.
Philadelphia Business Journal
- Automated Security Testers: I’ve recommended the Microsoft Personal Security Advisor, and the enterprise tools offered by its creator, Twin Cities-based Shavlik Technologies, in the past. They’re great tools, and a must for any Microsoft-based user. A new player in the area of security vulnerability assessment and automated fixes is BigFix.com, which offers customers a free online service that finds security holes, software bugs, outdated drivers, and viruses on a PC, then automatically retrieves and installs the patch or update. It’s unclear if BigFix makes use of the Microsoft database of security vulnerabilities that the Shavlik tools access. To use BigFix, the user must subscribe to Fixlet sites maintained by experts around the world, who provide Fixlets in their area of expertise. I’m a little wary of allowing “experts” to determine how to fix my software, however. And while automatic updating might be OK for desktop computers, I don’t think it would fly for production servers. A free consumer version of the software is available atDownload.com.
- Wireless Email Easily Hacked: If you use a BlackBerry™or SMS (Short Message Service) or any other kind of messaging on your wireless phone, be aware that your messages can be intercepted. While you may not be sending information on your company’s latest secret project from your portable device, if you route all your messages to your BlackBerry, you could be receiving sensitive information. The latest demonstration of the insecure nature of wireless communications is courtesy of @Stake Inc., a security consulting company in Cambridge, Mass. mentioned in a previous SNS. @Stake was able to intercept BlackBerry Internet Edition traffic using a scanner with a digital output, an antenna and freely downloadable software. Since the email is sent over the wireless network in the clear, much like the email you send over the Internet every day, once the message is intercepted, it’s easily readable.
- Shameless Self-Promotion Dept.: Take our survey on corporate policies on home use of network resources.StratVantage has launched a new service, CTOMentor™, designed to allow Chief Technology Officers and other technical leaders to get rid of the Guilt Stack, that pile of magazines you’ll get around to reading someday.
CTOMentor is a subscription advisory service tailored to customers’ industry and personal information needs. Four times a year CTOMentor provides a four-hour briefing for subscribers and their staffs on the most important emerging technology trends that could affect their businesses. As part of the service, subscribers also get a weekly email newsletter, Just the Right Stuff™, containing links to the Top 10 Must Read articles needed to stay current. These and other CTOMentor services will let you Your Inbox™.
As part of its launch, CTOMentor is offering a two-part white paper on peer-to-peer technology: Peer-to-Peer Computing and Business Networks: More Than Meets the Ear. Part 1, What is P2P?, is available for free on the CTOMentor Web site. Part 2, How Are Businesses Using P2P?, is available for $50.
Home Networking Survey
Take our survey on corporate policies on home use of network resources.
This issue can be found at:
Return to Mike’s Take
Copyright © 2000-2008, StratVantage Consulting, LLC. All rights reserved.
Please send all comments to firstname.lastname@example.org.
Home Networking Survey
Take our survey on corporate policies on home use of network resources.
|Announcing Linked InSolutions, a New Social Media Consulting and Training Service from StratVantage
Our first workshop:
Linked In or Left Out –
Heard the buzz about online social networks like LinkedIn, Twitter and Facebook?
Did you know many people are using them to get jobs? Yes, even Facebook!
Online Social Networking was ranked by recent hires as the #1 job-getting strategy, beating in-person networking by a wide margin!
Attend this Power Workshop and learn how you can use Web-based social networks to build professional relationships – even if you don’t know the first thing about them – and learn how to use these relationships to find your next job.
Classroom rate: $125
We have two upcoming sessions at 2 pm and 5:30 pm on Thursday, May 28th. Sessions are held at:
The Commerce Building, 2nd Floor Conference Room
Located near the junction of 494 and 35W
Sign up at www.linkedinsolutions.com!
House for Sale
Offers 3 levels of living! Central air & vacuum, light and bright kitchen & canning kitchen! 1st floor laundry, master suite opens to heated solarium and to large 40+ ft deck, skylights, fireplace, storage cedar closet, etc. Walkout from the large 24 x 24 family room! This home has so much to offer!!
The detached 28 x 36 Garage has lots of storage and will accommodate parking your RV inside! $1863 ECA dues, $3000 member fee @ closing.
Contact email@example.com for more information, to request a 360° virtual tour, or to arrange a showing.
Looking to light up your office, your business, or your city?
The WiMAX Guys™ can help you easily provide secure wireless Internet to your customers.
The WiMAX Guys specialize in designing and running wireless networks. We’re experienced, we’re quick, and we won’t cost you an arm and a leg. Give us a call today provide your users a wireless Internet experience tomorrow.
Call Mike Ellsworth
Please Support SNS
For more than five years, SNS has been free, but, sadly, it is no longer, ad-free.
I know I said I’d rather do almost anything other than charge a subscription or pelt you with banner ads, but the time has come to derive some monetary benefit. I now host ads.
If you select the button below, you’ll go to PayPal’s site via a secure, encrypted connection. Once there, you can donate any amount — 1 dollar to hundreds — to the cause of keeping SNS coming.
Since the connection is secure, you don’t need to worry about anyone stealing your personal information or credit card number.
Note: The PayPal account you will be sending money to is firstname.lastname@example.org. If the form you see says any other name (and that’sextremely unlikely!), please cancel and email me.
So please think about it. A dollar here, a dollar there could allow me to ditch the ads. Please be assured, however, that even if you don’t give (till it hurts), I’ll keep sending you SNS till they pry my keyboard from my cold, dead fingers!
Thanks for your support.