The Daily Incite - March 14, 2006

Submitted by Mike Rothman on Tue, 2006-03-14 08:58.
::
March 14, 2006

Welcome to today's Daily Incite. Given this is the maiden voyage and a bunch of stuff piled up over the weekend, it's a bit longer than normal. But you should still be able to scan it in 5 minutes and stay on top of the security world. I also appreciate your patience as I work out the design concepts for the newsletter. I'm not there yet, but you'll see some rapid improvements this week and I nail down the process.

Have a great day,
Mike.

Top Security News

Identity Federation Potpourri - Ping Identity Raises $3 million and RSA announces Federation Manager 3.0.

So what? - Federation is increasing in importance as more and more companies deploy identity management. The logical first step is to clean your own house, basically implementing identity internally and then you start focusing on your trading community. That's where Federation comes in. All of the big stack players (Oracle, CA, BMC, HP, IBM) have federation products, and RSA and Ping are the most visible niche federation providers.

Links: Ping Identity Press Release - http://biz.yahoo.com/prnews/060313/sfm051.html?.v=42
          RSA Press Release - http://www.rsasecurity.com/press_release.asp?doc_id=6617

Patch Tuesday - Two More on The Way - Microsoft will release two patches today (down from 5 last month).

So what? - Details are sparse, but we know that one is a "critical" issue. Ramp up your patching engines sports fans, you'll probably need to implement this patch sooner rather than later. More details tomorrow I'm sure.

Links: http://www.informationweek.com/story/showArticle.jhtml?articleID=181502557&cid=RSSfeed_IWK_winsecurity
 
"The worst hack ever" - Information Week covers the Citibank (and loads of others) having debit card PINs stolen.

So what? - It seems everyone still has a flare for the dramatic. If this is the "worst" hack ever than we'll see it on the cover of Time Magazine. I don't think that's the case. But it does highlight some of the issues of using Debit Cards (like it's your bank account, as opposed to a fraud protected credit card). There seems to be a pretty simple fix to this - don't use debit cards at point of sale terminals. I know, I know. The consumer banking folks will yell at me about the evils of credit. Blah blah blah. Not everyone has a credit card. Blah blah blah. Whatever. I don't use a debit card - EVER! So I'm personally not too concerned about this.

Links: http://www.informationweek.com/story/showArticle.jhtml?articleID=181502474

Counterpane and MessageLabs Release Joint Intelligence Report - Cyber Attacks To Significantly Impact Financial, Healthcare and Utilities Sectors

So what? - This definitely falls into the category of MASTER OF THE OBVIOUS. Yes, hacking will continue to be an issue. But MSS players see lots of data and they can point out some cool trends that most users just don't have the breadth of information (or time) to figure out. So, things will continue to get worse before they get better. No kidding. Get back to work and make sure your security architecture makes sense.

Link: http://biz.yahoo.com/bw/060313/20060313005260.html?.v=1  

Bit9 Releases New Online Search Engine that Draws from the World's Largest Knowledgebase to Identify Computer Files

So what? - This is a big database of all the files out there and some idea of whether you want them on your machine or not. This kind of thing will save you time. When a machine is acting up, you usually see what applications and processes are running to see if something is amiss. Usually I'll find some executable that I'm not familiar with, so I Google it. Then I need to read a few postings to draw my own conclusions about whether it makes sense or not to have it running. This kind of database can eliminate a few of those steps, so I think it's a good thing.

Link: http://biz.yahoo.com/bw/060313/20060313005163.html?.v=1


Top Blog Postings
 

Shavlik and Ellen Messmer of Network World on Microsoft's anti-spyware stuff - My thoughts on this are covered in the "More Musings on Spyware" blog posting.

http://shavlik.typepad.com/mark_shavliks_blog/2006/03/microsoft_micro.html
http://www.networkworld.com/weblogs/security/011401.html#011401  

Wireless Security is Not that Hard - Paul McNamara of Network World hands over the keyboard to Joel Snyder of Opus One to discuss the lunacy of people being surprised when a neighbor (or worse) jumps onto an unsecured access point. I'll write up my own blog posting on this later today, since I have a few ideas on the topic.

http://www.networkworld.com/community/?q=node/4913&nettx=031306netflash&code=nlnetflash26385  

Teaching the Next Generation of Security Pros - Martin McKeay on the ComputerWorld blog writes about a school that has a 10-week class in cyber-security. This is a great thing, and the shape of things to come. We will see a lot more focus on initial training (like initial computer skills), so today's generation at least knows where the key exposures are. I'm hopefully that my kids know about anti-X and simple network security stuff as they are learning early programming and other computer skills.

http://www.computerworld.com/blogs/node/1995  

Real spyware and botnet stuff - Suzi Turner's blog on ZDnet has a great overview of a real spyware attack and some of the counter measures used to control it. You'll need to jump around a bit (there are lots of links and sites in the post), but it's cool. When these attacks happen, lots of folks need to act quickly, so it's nice to see a bit about what happens in the background that keeps the unsophisticated of us reasonably safe.
http://blogs.zdnet.com/Spyware/?p=791∂=rss&tag=feed&subj=zdblog