April 10, 2006

Good Morning:
Light news day this morning. Hopefully you enjoyed your weekend. We had quite a storm down in the Southeast US over the weekend. Tornadoes and all. I blissfully slept through it only to find the hard drive on my main computer to be fried (the storm seems to have taken my UPS with it as well).

So I am learning how woefully unprepared I am for this kind of situation. I'm better off than most, I suspect, since I think I'll be able to recover most if not all of my data - but I'm not anywhere near where I need to be. I'll be posting throughout most of today with progress on how I am rebuilding and also some of the experiences I'm having with my online backup provider. Suffice it to say - my old backup provider once I'm back up and running.

Have a great day.

Top Security News

Cross-platform malware is here
So what? - It was just a matter of time, I guess. Kaspersky has found the first virus capable of compromising both Windows and Linux. Not that this is earth shattering or needs to change anything that you are doing, it's not. If you have the right protections in place, much of this is noise. My objective in mentioning a lot of these malware stories is so you know what's going on and can answer questions - as opposed to having to take immediate action.
http://www.computerworld.com/securitytopics/security/virus/story/0,10801,110330,00.html?SKC=security-110330

Nigerian email scam wins
So what? -  Having spent time in the anti-spam business - these kinds of datapoints are both funny and shocking to me. A study showed that the Nigerian email scam (where some Nigerian royalty needs your help to get access to hundreds of millions of dollars) tends to yield $5000 from the folks that report being scammed. I guess there is a sucker born every minute and I suspect this is mostly consumer being swindled, we need to remain diligent about keeping bad stuff out of inboxes because clearly our users cannot be trusted to do the right thing.
http://www.informationweek.com/story/showArticle.jhtml?articleID=184429380

Compliance, not malware drives IT budgets
So what?-  Put this one in your archives, since it will be radically different this time next year. Yes compliance is a board-level discussion, but it's not a product or a project - IT'S A PROCESS. I've been advising end users to use compliance as a way to fund those critical security projects that always seem to fall off the plate when dollars get tight. As long  as compliance is treated as a project, we all have failed. It needs to be ingrained into everything that we do. We need to protect private information because it's the right thing to do, not because some legislation tells us to. But ultimately, you need to do the right stuff and be able to report on it - that's what compliance is all about.
http://www.informationweek.com/news/showArticle.jhtml?articleID=184429550

Stock Spam Boosts Prices
So what? - For any of you that thought spam was going to go away, forget it. It seems that it works and here is another data point. A study tracked stock performance right around the time spam-based solicitations were sent, and amazingly enough - stocks were up 1.7% that day. So someone is making money on these ruses (and it's certainly not the folks investing in the stock). But free markets dictate that as long as someone is making money, these tactics are going to continue.
http://www.securityfocus.com/brief/180?ref=rss

Top Blog Postings

Full disk encryption on a Mac
Here Kelly Martin on SecurityFocus goes through his experiences with full disk encryption on his new Macbook Pro. I really like these kinds of actionable case studies of someone's experience. I do think that disk encryption is important for those with laptops that have any kind of private and/or proprietary information. Computer theft and other shenanigans are a fact of life now, so we need to be protected. Shame on you if you end up in the Wall Street Journal because of a lost laptop.
http://www.securityfocus.com/columnists/393

Ego and Computer Maintenance Don't Mix
George Ou on his ZDNet blog rants a bit about the dust up last week on whether to blow away a machine that is spyware compromised or try to fix it. His take is folks can save a ton of time by imaging a known good state and just giving up the ghost (this is where ego fits into the mix) when there is a problem by starting over again. I am in full agreement with him. It's about saving time, not being right or showing how smart you are by fixing the machine. As long as users don't lose work, we should be looking for the most expedient solution.
http://blogs.zdnet.com/Ou/?p=189

(In)Secure Magazine
OK, so this isn't really a blog posting, but it's not news either. I just stumbled across this monthly e-zine on security. It's looks nice, but I find the mostly vendor supplied content to be a bit weak.  Suffice it to say, I don't think Information Security Magazine is worried. But feel free to make your own judgments on the book. If you do find it interesting, let me know - I'm always interested in other perspectives.
http://www.insecuremag.com

Recently on the Security Incite Rants Blog

Understanding the Opportunity Cost of a Deal Gone Bad
Given the current difficulty in getting security deals done, it makes sense to take a look at the opportunity cost of these deals when they go south. Most folks are still thinking about the honeymoon before they even know if the wedding is going to happen.
http://securityincite.com/blog/mike-rothman/are-acquisitions-good-for-customers

Are Acquisitions Good for Customers?
One of my contentions is that there will be more consolidation in the security business. But let's take a look from the customer's standpoint and try to get a feel for whether these deals are good for customers. Typically the answer is no and I explain why. Most importantly, I lay out a few things that customers need to do after a deal closes to get a feel for whether the deal is a train wreck or not.
http://securityincite.com/blog/mike-rothman/are-acquisitions-good-for-customers

Read Friday's Daily Incite
http://securityincite.com/blog/mike-rothman/the-daily-incite-april-7-2006