Archive for April, 2008

The Quest for Secure Software

Counts of the number of reported vulnerabilities in software products per year vary, but if you take an average of the available counts, you’ll find that approximately 2,500 vulnerabilities were reported in 2002. By 2006 this count had risen to something like 8,000. According to several sources, the number of vulnerabilities reported in 2007 fell slightly, but it is safe to say that over the years the number of reported vulnerabilities has risen substantially. Why? There are simply so many software vulnerabilities to be discovered. Additionally, the number of people attempting to discover vulnerabilities has increased (because discovering vulnerabilities can lead to fame and glory, as well as large financial remuneration), and discovery methods have improved considerably, too.  Read more…

Categories: Uncategorized Tags:

Empirical Evidence Concerning the Cost of Security Compromises

A significant barrier that information security professionals constantly encounter during efforts to obtain needed resources is skepticism among senior managers concerning whether serious information security breaches really do occur and if they do, whether they could occur in their particular organizations. One of the best antidotes is to present empirical evidence concerning the cost of security compromises. Whereas horror stories and handwaving concerning the likelihood of and damage due to potential security incidents are generally ineffective, presenting empirically determined incident-related losses resulting from security compromises is more likely to convince senior management.  Read more…

Categories: Uncategorized Tags:

Strategies for Dealing with Latest Cyberattacks: The Need to Reinvent the Wheel

If you regularly read security-related news, you have undoubtedly seen news items regarding the growing number of targeted attacks against sensitive US government and commercial sector computing systems. Although the attack methods have varied widely, many of them have involved sending malicious attachments to certain US government or private sector employees which, if opened, implant malicious code in the system used by the unsuspecting targeted individual. Now in control of the system it has infected, the malicious code covertly notifies the attacker that this code has control of a system. The attacker follows up by gaining backdoor access to the infected system with full privileges without leaving any indication of the activity whatsoever. The only real common denominator is that systems keep getting broken into time-after-time. Read more…

Categories: Uncategorized Tags:

Endpoint Security

I recently attended the RSA Conference in San Francisco. Among the many things that I did while I was there, I visited various vendors’ booths. I could not help noticing the huge emphasis that a number of vendors were placing on endpoint security. Endpoint security “is a strategy in which security software is distributed to end-user devices but centrally managed.” Just about everybody who knows anything about information security knows that security threats have shifted considerably over the years to the point that workstations and users are now more than ever frequently targets of attacks. The greater emphasis upon endpoint security thus makes a great deal of sense. Read more…

Categories: Uncategorized Tags:

Data Deduplication Technology

Data deduplication (often known as “single-instance storage” or “intelligent compression”) is a way of getting rid of redundant data by keeping only one unique copy of each piece of data on storage media such as disk drives. Every redundant copy of every piece of data is deleted and a pointer to the unique copy of the data is left in its place. The main purpose of this technology is to save storage space. The more potential copies of a given piece of data, the greater the economy of storage is. Additionally, data deduplication can substantially reduce the amount of data that needs to go over networks when backup and restore operations occur, thereby making more bandwidth available for ongoing network operations. Read more…

Categories: Uncategorized Tags:

Windows versus MacOS Security

While I am still on the topic of the relative security of one operating system versus another, it is a good time to mention the results of a fascinating study recently conducted by Stefan Frei, Bernhard Tellenbach and Plattner of the Computer and Engineering Networks Laboratory at the Swiss Federal Institute of Technology. The results of this study show that from 2002 through 2007 678 vulnerabilities (including 658 high- and medium-risk vulnerabilities) in Windows operating systems were discovered. Over the same period 810 vulnerabilities (including 738 high- and medium-risk vulnerabilities) in MacOS were identified. Not only did MacOS have more vulnerabilities, but Apple was on the average slower in developing and releasing patches for the vulnerabilities. Furthermore, over the six year time period covered in the study, there were more unfixed vulnerabilities in MacOS as well as a higher number of attacks in which these vulnerabilities were exploited (including by using zero-day exploits) than in Windows systems. Read more…

Categories: Uncategorized Tags: