U.S. funds study of tech monocultures
Posted Monday, December 1, 2003 - 10:56pm by
<mailto:kirkhope@terrorism.com>kirkhope
The National Science Foundation has granted $750,000 to two universities to
study how diversifying information systems and software could help fend off
future cyberattacks, the agency said Tuesday. The study, proposed by
Carnegie Mellon University and the University of New Mexico almost a year
ago, will seek to identify commonalities in software that could be used as
the basis for attacks. Such common vulnerabilities would point to a
computer "monoculture"--a population so homogeneous that a single threat
could destroy it. "We are looking at computers the way a physician would
look at genetically related patients, each susceptible to the same
disorder," Mike Reiter, a professor of electrical and computer engineering
and computer science at Carnegie Mellon, said in a statement. "In a more
diverse population, one member may fall victim to a pathogen or disorder
while another might not have the same vulnerability."
<http://zdnet.com.com/2100-1105_2-5111905.html>Full St! ory
Virus protection: it's time to patch things up!
Posted Monday, December 1, 2003 - 10:58pm by
<mailto:kirkhope@terrorism.com>kirkhope
Gartner's pronouncement that, 'through 2005, 90 per cent of cyber attacks
will exploit known security flaws for which a patch is available or a
solution known' will not be a huge surprise to anyone. Rather, with viruses
continuing to cost businesses billions of pounds every year, it seems the
biggest issue facing both the software industry and IT management
everywhere is why this is still the case. Patch management, or knowing
which systems are patched - and which are not - as well as ensuring new
patches are quickly and effectively installed, is becoming a key concern to
many corporations as a result. Government bodies are reacting to the common
threat posed by virus attack with legislation. The US may be leading the
way but Europe and the UK are not far behind. The UK Data Protection Act
has for some time demanded data be stored securely, and the UK Financial
Services and Markets Act requires that financial organisations can produce
data within 24 hours. However, the quest! ion of whether viruses threaten
the integrity of systems and data to the extent that being infected
infringes on these Acts remains a grey area. For instance, if data is
deleted by a virus, it is safe to assume that the data was not secure and
could not be delivered upon demand easily.
<http://www.biosmagazine.co.uk/op.php?id=70>Full Story
Weak monitoring lets hackers run riot
Posted Monday, December 1, 2003 - 10:59pm by
<mailto:kirkhope@terrorism.com>kirkhope
Computer forensics expert says IT administrators must do better. Too many
IT administrators are taking their eye off the ball and allowing easy
back-door entry into company systems, a leading computer forensics expert
has claimed. In an interview with vnunet.com, Bryan Sartin, technology
director at security service provider Ubizen, said that breaches are often
the result of poor monitoring. Ubizen works with police authorities, banks
and businesses to investigate attacks on networks.
<http://www.vnunet.com/News/1149962>Full Story
"Never Mistake Motion for Action"
Ernest Hemingway (1899-1961)
[Non-text portions of this message have been removed]
------------------------ Yahoo! Groups Sponsor ---------------------~-->
Buy Ink Cartridges or Refill Kits for your HP, Epson, Canon or Lexmark
Printer at MyInks.com. Free s/h on orders $50 or more to the US & Canada.
http://www.c1tracking.com/l.asp?cid=5511
http://us.click.yahoo.com/mOAaAA/3exGAA/qnsNAA/kgFolB/TM
---------------------------------------------------------------------~->
------------------
http://all.net/
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Received on Tue Dec 2 03:52:10 2003
This archive was generated by hypermail 2.1.8 : Fri Dec 05 2003 - 14:25:47 PST