logo
Published on Security Incite: Analysis on Information Security (http://securityincite.com)

The Daily Incite - March 23, 2006

By Mike Rothman
Created 2006-03-22 21:34
Today's Daily Incite

March 23, 2006

Good Morning:
On the theme of leading a more balanced life, I am taking a few days off to celebrate my wife's birthday in style. So there will be no Daily Incite on Friday. We'll catch everyone up on Monday.

Have a great weekend, since mine is starting now.

Top Security News

Microsoft Vista Delayed Further (http://biz.yahoo.com/prnews/060321/sftu157.html?.v=11 [1])
So what? - I know, it's hard to believe but Microsoft is slipping Vista's full roll-out until early January. Early business adopters can get it in November, but no one is going to do that. This has minimal impact since almost very few organizations start migrating to a new Microsoft anything in the first few months of deployment. This will impact the security ecosystem of folks waiting on Vista (and Longhorn) to access new features. This also provides almost certainty that Firefox 2.0 will be out before Vista (and presumably IE 7), so there is a window for Firefox to increase market share.

Trend to Jump on the Services Bandwagon (http://snipurl.com/o0r1)
So what? - Not to be left off the train when it leaves the station, Trend does a soft release ("we aren't announcing anything formal") that they will also offer a subscription AV and other assorted security goodies. Scarily enough, Microsoft is driving activity in the consumer AV sector and innovating from a packaging standpoint. That just proves how fat, dumb, and lazy the AV incumbents have become.

Check Point Announces Eventia 2.0 (http://www.checkpoint.com/press/2006/eventia20032206.html [2]) 
So what? - Was there even an Eventia 1.0? Must have missed that one. Anyhoo, Check Point announces an upgrade to their SEM product. Normally I would yawn through this, but it reinforces my Incite on SIM/SEM. This kind of management functionality is clearly the domain of the security vendors, not stand-alone management vendors. Sure, it will deal best with CHKP equipment, but many folks have Check Point perimeters - so this will be good enough. I'll once again stand with my contention that SIM goes away as a stand-alone market in 2007.

Secure Software Builds into Eclipse  (http://www.securesoftware.com/news/releases/20060321.html [3])
So what? -Secure coding products must be built right into the environments where the software is built. Secure Software shows that they can plug into the Eclipse framework. At some point, this functionality becomes the purview of the application wonks, since it is not really a "security" type of function any more. But this is the shape of things to come because the sooner you can eliminate simple code vulnerabilities, the better it is for everyone.

Security's Next American Idol (http://snipurl.com/nzy5 [4])
So what? - Security is definitely more top of mind in our colleges and universities, which is a good thing. GA Tech in my hometown of Atlanta is running a competition with its students to award $50,000 to the one that comes up with innovations to make security easier. This is great (if not a bit hokey on the Idol link) because most security technologies are definitely too hard to use, so anything that will make it easier is certainly welcome.

Top Blog Postings

Badware's Seven Deadly Sins
On Ellen Messmer's Network World blog, she covers the first report out of the Stopbadware.org folks. I had some opinions early on (here [4]) that this type of organization won't stop much of anything and I haven't changed my mind. So the report is out and they say some folks are bad, like Kazaa. Wow, there is something I didn't know. So what? Sure, I'll be careful on those sites, but will anyone else? I don't think so. End users need a far more automated way to control the bad stuff.
http://www.networkworld.com/weblogs/security/011559.html
 [5]
Vista Takes a Stab at Malware
George Ou on his ZDNet blog rants a bit about whether Microsoft Vista will eliminate spyware once and for all. Of course it won't. So George and I concur. He brings up a number of good points in that Vista does eliminate a lot of the low hanging fruit that is enabled by run of the mill users running as administrators on their machines. But will it eliminate spyware, not a chance? There is too much money in it, so that means there will continue to be innovation. And the reality is that it will take years to get rid of XP and Win2000, which are the real problematic OS platforms.
http://blogs.zdnet.com/Ou/?p=175 [6]

Log Management is a Stand Alone Market
James Governor of RedMonk weighs in on log management and whether it is a stand-alone market. I agree that it is, but these folks (like LogLogic) value is clearly in gathering the data. Other folks will be analyzing it, but the ability to gather large amounts of data, reduce it, and store it securely UNTAMPERED (for forensics purposes) is important. But with logs you are still looking in the rear view mirror, so correlation must happen within the security devices themselves.
http://www.redmonk.com/jgovernor/archives/001421.html [7]

 

Source URL:
http://securityincite.com/blog/mike-rothman/the-daily-incite-march-23-2006

Links:
[1] http://biz.yahoo.com/prnews/060321/sftu157.html?.v=11
[2] http://www.checkpoint.com/press/2006/eventia20032206.html
[3] http://www.securesoftware.com/news/releases/20060321.html
[4] http://snipurl.com/nzy5
[5] http://www.networkworld.com/weblogs/security/011559.html
[6] http://blogs.zdnet.com/Ou/?p=175
[7] http://www.redmonk.com/jgovernor/archives/001421.html