Friday, February 18, 2005

Interesting Security Issues to watch

Two interesting stories dealing with companies and consumers reached the surface this week. The first has to deal with Choicepoint PRG, which is a company that is generally used by companies to do background checks on prospective employees among other features. Apparently, they opened business accounts to members of the criminal element, which allowed them to access a ton of information about people. Choicepoint has notified by letter 35,000 customers in California (as required by California Statue) about the possible compromise of their data. Some estimates say that as many as 110,000 people might be affected nationwide. There has been over 700 cases of identity theft because of this data compromise. The Reuters article can be found here.

The other article comes from the "You have to be kidding me file." A man in South Florida is suing Bank of America for the $90,000 in losses he incurred because of a trojan program on his computer. The trojan had a keystroke component, which allowed the program creator to gain passwords and to wire monies to Latvia. The core of the case is that B of A did not inform customers about the possibilities that this trojan may affect them. At what point is a company doing business with you responsible for disclosing the possibility that a security threat (worm, virus, or trojan) can put your data at risk, especially if the threat lives on your computer. Businesses have plenty of threats to combat without making sure that you are running anti-spyware, anti-virus, and a firewall on your personal computer. A loss by B of A in this matter might limit businesses interest in using the internet as a mode of commerce, as no one will want to accept the risk of some moron who can't keep malware off of his computer suing them for not telling him/her he should be running personal computer security software.

Tuesday, February 15, 2005

Gates talking about the Security Future at RSA Conference

Bill Gates said some interesting things at his keynote address at this years RSA conference.

Some of the interesting notes:
  • Microsoft will keep the personal edition of its Microsoft Antispyware free.
  • Internet Explorer 7 will be in beta later this summer and will be available for XP SP2 and Longhorn (when it comes out) users with a valid Microsoft License.
  • Windows Update will become much more (Microsoft Update), which will incorporate a wider group of Microsoft products
  • More training programs.
We'll see how this helps internet security. The first and the third initiatives will be the more important when they come out.

Thursday, February 10, 2005

Symantec joins Microsoft in Patching

Symantec announces a critical flaw in its security products that can lead to compromise. The announcement is here. Make sure you are patching this as you take care of your Microsoft products.

Friday, February 04, 2005

Busy Microsoft Patching Month

Microsoft is releasing 13 patches on Tuesday. Make sure your automated updates are working. You will also likely have to visit Microsoft Office's site as well for a patch.