Thursday, March 06, 2014
The last couple of weeks have seen a lot of people 'talking up' cloud security. From IBM, which has insisted that it can make cloud data more secure than non-cloud applications, through to Google and Microsoft agreeing with each other (at the annual RSA security conference) that cloud security is nothing to be feared any more. It was interesting to hear how both Microsoft chief information security officer Bret Arsenault, and Google Apps director of security, Eran Feigenbaum sang from the same hymn sheet to the point of almost being cringe-worthingly agreeable on the matter.
Android-driven devices, including smartphones and tablets manufactured by the likes of Asus, LG, Motorola and Samsung, are being sold with pre-installed malware according to claims made by the CTO and Founder of Marble Security. David Jevans made the claim following complaints from a potential client that a mobile security platform from the vendor was mistakenly identifying a Netflix app as being malware. Upon further investigation, Marble researchers discovered that the apps in question were not only malware but were actively harvesting both passwords and financial data which were being sent to a Russian server. Although malware is nothing new, and Android malware distribution in particular is growing at a phenomenal rate year on year according to just about every bit of statistical evidence I have seen, what peaked the interest of Jevans was the fact that the victim in question insisted that the malicious apps were pre-installed on the devices and there when they purchased them.
Saturday, March 01, 2014
The problem with passwords can usually be summed up in three words: simplicity, memory and reuse. People tend to choose less secure passwords since they’re easier to remember, and this is often compounded by the habit of reusing the same insecure password for every site and service. Without doubt, this is seriously concerning. Sometimes, however, an unorthodox password problem hits you from left-field and leaves you reeling, which is exactly what happened to PC Pro reader Roger P when he purchased a new MacBook Pro with Retina display from his local Apple Store.
We would like to think that people learn by their mistakes, and given the publicity surrounding certain online scams, nobody would fall for them any more. Unfortunately, this doesn't appear to be the case. Scammers are sticking with tried and trusted methods of stealing information and, ultimately, money from their victims. The keyword for the people who perpetrate these scams is profit, and as long as that profitability remains, there is no compelling reason for them to be retired. While the average PC Pro reader is surely too savvy to fall for such scams, the people criminals target are the less technically-adept family and friends that our readers provide free IT support for. Point them in the direction of this feature, or print it out and make sure they read it, and you could save yourself some precious time. Here are our top five old-school scams that are still doing the rounds, and our tips on how to mitigate them.
Friday, February 28, 2014
When people talk of opposing forces in cloud, they often mean complementary ones. Traditionally, yin and yang can be thought of as being the interconnection of contrary forces within the natural world. Dualities such as life and death, light and dark or hot and cold can be seen through this conceptual lens which demands balance in all things. The cloud is, of course, no exception.
Wednesday, February 26, 2014
It was once the biggest Bitcoin exchange in the world, accounting for as much as 80% of the global trading market in the virtual currency, but Mt. Gox suddenly stopped trading yesterday and reports suggest that some $375m worth of Bitcoins, or 6% of all Bitcoins in circulation, have gone missing. In an official statement, the Mt. Gox management team state that: "In light of recent news reports and the potential repercussions on Mt. Gox's operations and the market, a decision was taken to close all transactions for the time being in order to protect the site and our users. We will be closely monitoring the situation and will react accordingly."
Tuesday, February 25, 2014
So this morning I get an email from Amazon which promises to inform me of some important information about my Amazon Prime membership. This is the subscription service which, in return for an annual charge of £49 here in the UK, provides free next day delivery on any item which is flagged as eligible for Prime members. That may sound like a lot, but actually if you do the math properly it's a pretty good money-saving deal for anyone who falls into the 'regular shopper' category and likes the tracked next day delivery option which usually costs an arm and a leg. So what was the important information that Amazon had to tell me? Look, I'm not completely stupid and know that generally speaking such an email is going to announce a price rise wrapped up the promise of some new additions to the service that somehow serve to cushion the blow. The question was, as ever, how much? I was expecting maybe 10% or so to take it up to £49.99 which, just maybe, I would have swallowed and continued to subscribe. I certainly wasn't expecting a 60% rise in Amazon Prime membership costs. Let me just run that past you again in case you missed it: AMAZON PRIME MEMBERSHIP COSTS TO RISE BY 60% WITH IMMEDIATE EFFECT.
Monday, February 24, 2014
There's more to IT security than protecting the valuable data an enterprise obtains, uses and stores. How you dispose of it when the hardware it’s sitting on reaches end-of-life should be a major concern too. These days, only a fool thinks clicking 'delete' is enough to wipe data from a hard drive or that a quick disk reformat will do the trick. Smashing the drives with a hammer isn’t a smart move either. So how should the enterprise tackle this problem, and what are the best weapons of data destruction? IT Pro has been investigating.
The average DaniWeb member if not already au fait with Pastebin.com is almost certainly aware of something like it. A pastebin has become, for many programmers, a default tool in the coding box and for very good reason: it makes sharing large quantities of code very easy indeed. Of course, any pastebin is essentially just a temporary text store and that means any type of text, not just code; and it's here that the problems for pastebin.com would appear to start. The service has been branded "a major trading place for exploits and passwords" according to recently released research.
Friday, February 21, 2014
A year ago our sister publication IT Pro was warning that an IT security skills shortage could leave UK PLC at risk of attack for the next 20 years, blaming this on a decline in computer science teaching over the previous decade. I can't help but wonder, as a keen follower of the IT security business over the years, whether this trend is true within the cloud. Indeed, this should come as no surprise as much of what can be summed up as 'the cloud knell of doom' over the last few years quite simply hasn't panned out in the way the naysayers predicted.