Tuesday, May 31, 2011

THE NEW US TECHNOLOGY SECURITY PROGRAM

The U.S. Department of Homeland Security is researching using open-source software as a means for defending government networks for IMB Memory Upgrade. The open-source software can be manipulated to meet government needs without giving up security.
A new five-year, $10 million program aims to survey existing open-source software to find those like Baltimore IT Services that could fill "open security" needs. Called the Homeland Open Security Technology program, or HOST, it also may plant seed investments where needed to inspire innovative solutions that can fill gaps in cybersecurity defenses.
Although this idea is not to be the main solution, it is being seen as a viable option to raise security. Open-source software often gives users the right to change its code to suit their purposes, as well as to share or give away copies. That means the U.S. government could modify such software to suit its cybersecurity needs.
It also means that a federal agency could distribute software copies to all of its 10,000 employees without paying extra licensing fees for electronics such as a Toshiba Hard Drive.
The ultimate goal is for open source and open security to be considered whenever there's a tech solution needed, possible even through IT Services Maryland. They don't want it mandated for the government; they just want a level playing field.
Open-source software allows anyone change the core of the software, but that doesn't make for bad security. On the contrary, having such transparent innards means that a big open-source community of savvy programmers can root out any weaknesses.
Unfortunately, people can put a backdoor or Trojan Horse in just about anything, even possibly Voice Optimized DSL. The open-source model's ability to include transparency in development and maintenance can make it as secure, if not more secure than existing processes.
In fact, more than half of all Internet websites rely upon a popular open-source software product called Apache. That software runs the Web servers that serve as the heart of the Internet.
The open-source perk also means that the U.S. government is not at the mercy of companies that hold the license for proprietary cybersecurity software or a Hosted Voip Call Center. If bugs crop up or an exploiter penetrates the cybersecurity defenses, programmers can dive right into open-source software to fix it.
Many government employees who purchase security software or used HP storage arrays, simply don't realize that open-source choices exist so the HOST program aims to change that.
The Homeland Security effort has already begun comparing existing open-source products with the needs of government users, so that it can decide where to invest seed capital to encourage innovative solutions to meet those needs. But any open-source solutions for cybersecurity must ultimately stand on their own commercial success or they will die.
In a time when budgets are getting smaller, the government is tightening it’s belt and looking for alternative ways such as IC parts sourcing, to meet their needs without breaking the bank. Looking at alternatives such as open-source software could be one of the answers to their security woes.

Wednesday, May 18, 2011

THINK TWICE BEFORE YOU IGNORE THOSE DOWNLOAD WARNINGS

When a download warning pops up, 25 to 70 percent of the time that program will actually be malicious. Hackers are getting creative in their efforts to download Trojans onto your computer. With advancements in programming, hackers are finding it harder to hit your computers, so they have taken a new approach…get you to do it for them.
One out of every 14 programs downloaded by Windows users turns out to be malicious. And even though Microsoft has a feature in its Internet Explorer browser designed to steer users away from unknown and potentially untrustworthy software, about 5 percent of users ignore the warnings and download malicious Trojan horse programs anyway.
Five years ago, it was pretty easy for criminals to sneak their code onto computers. There were plenty of browser bugs, and many users weren't very good at patching. But since then, Internet security has evolved: Browsers have become more secure, and software makers can quickly and automatically push out patches when there's a known problem.
Now, instead of hacking the browsers themselves, the criminals are trying to hack the people using them. It's called social engineering, and it's a big problem these days. The attackers have figured out that it's not that hard to get users to download Trojans. Social engineering is how the Koobface virus spreads on Facebook. Users get a message from a friend telling them to go and view a video. When they click on the link, they're then told that they need to download some sort of video playing software in order to watch. That software is actually a malicious program.
Social-engineering hackers also try to infect victims by hacking into Web pages and popping up fake antivirus warnings designed to look like messages from the operating system. When these are downloaded they infect your computer. The criminals also use spam to send Trojans, and they will trick search engines into linking to malicious websites that look like they have interesting stories or video about hot news such as the royal wedding or the death of Osama bin Laden.
In enterprises, a social-engineering technique called spearphishing is a serious problem. In spearphishing, the criminals take the time to figure out who they're attacking, and then they create a specially crafted program or a maliciously encoded document that the victim is likely to want to open such as materials from a conference they've attended or a planning document from an organization that they do business with.
With its new SmartScreen Filter Application Reputation screening, introduced in IE 9, Internet Explorer provides a first line of defense against Trojan horse programs, including Trojans sent in spearphishing attacks.
Internet Explorer also warns users when they're being tricked into visiting malicious websites, another way that social-engineering hackers can infect computer users. In the past two years, Internet Explorer's SmartScreen has blocked more than 1.5 billion Web and download attacks.
Better browser protection appears to be pushing the criminals into social engineering, especially over the past two years where these types of crimes are off the charts. Odds are that each user will see approximately two pop up SmartScreen warnings a year. With that in mind, each user needs to think twice before they ignore these warnings.

Monday, May 9, 2011

Are you willing to risk your life for the new iPad 2?

Dell deals never looked so good as people go on a rampage in Beijing to get the new Apple iPad 2.

People were excited to get the new, latest and greatest technology; however, demand is higher than production. If you are lucky enough to get your hands on the new Apple iPad 2 through a store purchase, you can count yourself a member of a very elite club. Now others must find alternative ways to meet their technology needs with a tight pocketbook. In comes items like used cisco switches and a used dell notebook.

Many feel the only way to upgrade is not to buy new but to buy used or refurbished. The demand for these products is on the rise. The market has also seen a significant rise of repair companies and do-it-yourselfers looking for an it parts database to find that elusive piece that will make their it equipment whole again. It services Baltimore has been looking for plasmon optical drives and refurbished cisco routers in ic parts sourcing companies.

A perfect example of the new technology shortage was seen recently at an Apple Store in Beijing. The store was opening to its first day of business selling the iPad 2 to 1000 customers who had been waiting since as early as 4:00am. A violent attack broke out between a customer and an Apple Store employee that left four people injured. The customer was surmised to be a scalper who tried to cut in the huge line. Three Apple security guards and an Apple manager attempted to shove the scalper aside, which ultimately resulted in a shoving match between an Apple security guard and a member of the scalper’s family.

The iPad 2 went on sale in China at 8 am Friday. The first stock-out was reported about four hours later. The slimmer, faster and lighter rendition of iPad was also available on the China Apple Online Store. By Friday afternoon this supply had also been depleted.

The incident confirms the problem scalpers are posing to Apple product launches. Scalpers are buyers who attempt to buy as many Apple devices as they can to later sell it at a premium. Scalpers then resell the devices on Craigslist, eBay or export to other countries.

Another violent incident occurred and police had to be called at the New York Apple Store in March to break up crowds after genuine customers attempted to get past scalpers. Chinese scalpers had lined up outside Apple Store in New York to get hold of as many iPads as they could to later sell the tablets in China at a premium.
Scalpers at New York doled out $100 bills to five cohorts who then went and disbursed the amount to more than 200 Asians waiting outside the queue, who then cleared iPads of the shelf. One of the scalpers demanded $1700 for a top of the line iPad 2 which is priced at $829. However much of the merchandise was shipped to China.

The new devices command a huge premium on sites like Craigslist and eBay. In March when an AT&T iPad 2 was listed on Craigslist, a Russian entrepreneur offered $1050 for the device. The Russian buyer confirmed that he was buying as many AT&T iPads as he could to resell them in Moscow. The site also cited that scalpers usually go for AT&T iPads rather than Verizon ones, as AT&T devices are GSM and come unlocked.
The system followed by the Russian scalper was to wait in the queue from 6 am with seven other friends in New York City. After the first round of purchases they waited in the line again and then arrived again on the scene the third time in a disguise wearing glasses and a baseball cap. He also paid $200 to a guy standing ahead of him to get him another iPad. The scalper specifically went for AT&T iPad 2's. The Russian operative also stated that he would be going to Canada for repeat performance at the Apple Store launch.

At the back of Apple's success scalpers are profiteering by exploiting the Apple iPad 2 mania which has gripped customers globally. However, the violence in Chinese reveals that Apple will have to take action to curb scalpers from curbing supply for real buyers.
Where does that leave the rest of us? Well like many, we go to places like it services Gaithersburg for our Seagate hard drives or for a refurbished dell notebook. After all, either we can’t afford what the scalpers are selling or we just do not want the physical risk to get what we really want.