In The News 42 –

Technorati Tags: News,computer,security,alternative energy,cybercrime,regulations,microsoft,privacy,offshore

 

India To Lead New Charge For Solar Power

Lux Research predicts that India, South Africa, Russia, Brazil, Mexico, and the UK will become the leading consumers of solar technology in the next five years because there will no longer be as much demand in the existing solar markets. In 2010, Germany and Italy accounted for about two-thirds of purchases in the solar market, but government subsidies are expected to be scaled back, so Lux Research believes that solar growth will level off in those countries. Japan, China, and the United States are other markets where large capacities of solar panels were installed, but the question of subsidies and solar penetration leaves the future of those markets unsure. In India, Lux says solar technology will likely need to be integrated with storage in order for off-grid applications to gain ground.

New Privacy Rules Adopted In India

India has issued new rules that restrict how businesses handle personal information. With the spread of cloud computing adoption, IT organizations worldwide are seeking standardization of data protection laws to promote privacy so that cloud computing firms can move data internationally without fear of legal consequences. India’s new Privacy Rules will require organizations to notify individuals by letter, fax, or email, when their personal information is collected. Additional stipulations require organizations to make a privacy policy available, implement measures to secure personal information, and set up a process to resolve disputes relating to the collection and use of personal information.

FTC Settles With Companies

In what might be construed as a stern warning to Web site developers and providers who collect sensitive user information, the Federal Trade Commission says that payroll provider Ceridian and immigration services software provider Lookout Services have settled charges that they failed to enact security measures sufficient to protect sensitive data. The two companies failed to secure consumer information, the FTC says, exposing some 65,000 users’ personal information during recent security breaches. As part of the settlement, the companies have agreed to implement comprehensive security programs and to obtain independent security audits every other year for the next 20 years.

Google Facing DoJ Probe

After taking a hit on mobile privacy issues related to the collection of users’ location data by the company’s Android devices, Google is now being investigated by the Department of Justice in connection with practices related to its advertising program. In connection with that probe, the company has earmarked some $500 million toward a possible settlement, the terms – and even potential recipient – of which remain undisclosed. Google has therefore revised its first-quarter profit figures, dropping its expected profit from $2.3 billion to $1.8 billion for the quarter, which ended March 31. The company has declined to comment on the issue.

Microsoft Acquire Skype for $8.5 Billion

Microsoft announced that it will buy video voice and communications company Skype for $8.5 billion. The acquisition, Microsoft’s largest ever, will give Microsoft access to Skype’s customer base of more than 660 million users, about 107 million of whom use Skype at least once a month. Analysts say that the acquisition gives Microsoft an advantage over Google in the Internet communications market. Microsoft CEO Steve Ballmer says the company ill integrate Skype technology with many of its products, including Xbox, Outlook, and Windows Phone. Ballmer also said that Skype will still be available on competing mobile OS platforms from Google and Apple. Other potential buyers for Skype included Google and Facebook.

Federal Government To Close Data Centers

By the end of 2011, the US government will close 137 data centers, 39 of which have already been closed, according to a recent White House blog post by US CIO Vivek Kundra. The government wants to close at least 400 data centers by the end of 2015. The Department of Defense will close 52 data centers before the end of the year, which was the highest number of any government department. The Department of the Interior operates 18 of the closures, while NASA runs 14. Other agencies that will lose data centers this year include the Departments of Agriculture, Homeland Security, Justice, and Energy.

Mind Boggling Server Data

Two teams of researchers from UC San Diego claim that as of 2008, the world’s 27 million business servers processed 9.57 zetabytes of data. The researchers claim that this is equal to 20 separate 5.6-billion-mile-high stacks of books piled high enough to reach Neptune. By 2024, the world’s business servers will annually process data that equates to a stack of books 4.37 light-years high that stretches to Alpha Centauri. To calculate the data, researchers pegged the worldwide work force at 3.18 billion, with each worker responsible for an average of 3 TB of information each year.

Study: Cloud Providers Debate Security Responsibility

According to a study released by the Poneman Institute, 69% of cloud service providers in the United States and Europe believe it’s the customer’s responsibility to ensure security. In fact, just 25% of those surveyed in the United States answered “yes” when asked if their organization views security as one of their primary responsibilities. About 80% devote just 10% or less of their resources to security, yet more than 60% are confident that they’ve met acceptable security requirements. The study also notes that private cloud providers tend to focus more on security than public cloud providers.

Microsoft Antitrust Deal Expires

Confident that Microsoft has sufficiently met its stipulations, the US Department of Justice has approved the May 12 expiration of its decade-long antitrust oversight of the company. As part of the antitrust deal, Microsoft was required to allow oversight of its internal affairs, to enable computer makers to replace the company’s software with alternatives from third parties, and to license parts of its portfolio of patents. In a trial early last month, attorneys for the states that originally brought the antitrust case against Microsoft told US District Court Judge Colleeen Kollar-Kotelly that they believed Microsoft had satisfactorily met the requirements set forth and that they would not object to letting the oversight expire. For its part, Microsoft says it is pleased with the decision and looks forward to continuing in its compliance.

Google Named Most Reputable Company

Google is considered the most reputable company in the United States, according to a recent Harris Interactive Poll. The poll gathered opinions from more than 30,000 respondents and asked them to identify 60 of the most visible companies in the United States and rate them on 20 attributes, including financial performance, emotional appearance, and social responsibility. Google topped the list with 84.05 out of 100 points on the reputation scale; 80 points and above is considered excellent. Other tech companies making the list include Apple at number 5, Intel at number 6, Amazon at number 8, Sony at number 14, and Microsoft at number 16.

Larger firms Reject Public Cloud Storage

Few enterprise-class corporations are utilizing or considering using the public cloud for storing data – even noncritical data. Of the 240 Fortune 1000 corporations surveyed by TheInfoPro, fewer than 10% indicate a willingness to consider the public cloud as a place for archiving data. Instead, large organizations are concentrating on the use of solid-state drive technology and server virtualization as tools for improving efficiency and providing storage options. Most companies, however, report no reluctance to adopt the private cloud as a storage medium, although about 20% indicate they have encountered reliability issues with their private clouds.

South Korea Raids Google Offices

Police raided Google’s Office in Seoul on the suspicion that its AdMob mobile advertising subsidiary had been illegally collecting smartphone users’ location data without their consent. Google says it is cooperating with the investigation. In January, the Seoul police said that Google’s Street View service had illegally gathered location information from about 600,000 South Korean wireless Internet users. Google along with Apple, has also recently come under fire in the United States because of how it handles location and other personal user data that it collects using smartphone applications.

Microsoft To Raise Certification Exam Fees

Microsoft announced that the fees for a number of its certification programs, including the Microsoft Certified IT Professional, Microsoft Certified Application Developer, and Microsoft Certified Database Administrator certifications will be raised in July. The rate hike is not universal, however, rates will go unchanged in countries with shaky economies, such as Ireland and Greece, but will increase about $25 in the United States and Canada. Microsoft plans to use the extra money garnered from the increased rates to improve its certification programs through updates to tests and exam security, and the company plans to offer discounts and other savings to its partners and to university students.

 

Share this post :

Security’s Gaping Hole: USB Flash Drives

Technorati Tags: Security,employees,USB flash drives,memory devices,viruses,malware,Trojans

 

Every day, flash memory devices are connected to business networks, posing a threat for which few companies are prepared.

The US military recently underscored the problem in confirming that a 2008 attack on its systems originated with a flash drive plugged into a military computer located in the Middle East. The attack served as a wake-up call to the Pentagon, which responded by banning USB flash drives for more than a year. The ban was lifted earlier this year.

Few companies have locked down their systems against devices that can be used to steal data or infect networks from behind the perimeter. Earlier last year, a variant of an attack program known as Stuxnet used USB and other methods to spread among power companies, stealing information on the configuration of their sensitive operational networks.

Panda Security recently reported that 32% of small and midsize businesses cite USB flash drives and other external memory devices as the vector for viruses that infected victims. Almost half of all US companies have been infected by a virus via a USB flash drive.

An employee who takes work home by loading it onto a USB flash drive could lose the device, exposing potentially valuable data. That raises a question: Is the threat posed by the device or by data on the device?

In a recent Ponemon Institute survey of IT security and operations managers, funded by Lumension, nearly 60% of respondents rated technology to control USB and other devices as important or very important, while 57% gave a similar rating to data-loss prevention technologies. However, antivirus and antimalware technologies, whole-disk encryption, application controls, patch management, and IT asset management were all rated as more essential.

Employee education is part of the fight to secure companies against such mobile devices. In addition, encryption, role-based authentication, and data-loss protection can all help reduce the threat.

 

Share this post :

How Radio Frequency ID Can Invade Your Privacy

Technorati Tags: Security,RFID,tracking,wireless,privacy,intrusion,prevention

 

How RFID Works

If an RFID tag (also called a card or transponder) is placed on a product’s label or attached to or embedded in a product. This label uniquely identifies the product and may include information such as the date of manufacture, the lot number, and similar information.

An RFID tag is made up of three components; a coil, which acts as an antenna; a silicon chip, which includes a processor, memory that contains information about the product, and a radio transceiver; and a material onto which the coil and chip are implanted.

An RFID reader is used to read information from the RFID tag. The RFID reader generates a radio frequency field around it. When an RFID tag comes within the reader’s field, the tag powers up and transmits the data in its memory to the RFID reader. (Note: Some RFID tags are active and can transmit data without having to get energy from an RFID reader.)

The reader is attached to the network, either wired or wirelessly, and transmits the information it receives to a central computer. This computer can be used to track the entire life cycle of a product shipment. For example, readers might be located in a warehouse and transmit shipping information about each product as it leaves.

RFID readers at every point along the supply chain read information from the RFID tag and transmit that information to a central computer. In this way, manufacturers can immediately know when a product is delivered.

RFID readers in stores can track how quickly goods move from back rooms to shelves, how quickly they sell, and so on. Readers can also be used to automatically ring up sales when shoppers wheel a shopping cart out a door, eliminating the need for checkout lines.

How RFID Can Track Your Life

the key to understanding the privacy implications of RFID is recognizing that every RFID tag has a unique ID number that identifies the product to which it is affixed. Unlike bar codes, in which every item of the same type of goods (such as a can of Coke) has the same bar code, with RFID, every item of the same goods has a different RFID tag (meaning each one has an individual serial number). That makes it possible to trace that individual item anywhere it goes.

New advances in RFID technology worry privacy advocates. RFID chips can be embedded between layers of cardboard, molded into plastic, sewn into clothing seams, and integrated into packages. In addition, RFID chips can now be printed in ink and can use conductive ink rather than an antenna. That means it could be impossible for someone to know that she has bought goods or is carrying or wearing goods with RFID chips in them.

RFID tags can be read from a distance by readers, and anyone or any company with an RFID reader can read the tags – not just the company that sold or manufactured the item. So, as you move in public places and stores, those with RFID readers would theoretically be able to learn many details about your private life, if your clothing, books, and other consumer items had RFID tags in them, someone or a store could easily find out intimate details of your private life.

The Food and Drug Administration (FDA) has called for the use of RFID tags in prescription medications as a way for consumers to be sure they are getting legitimate medications when they fill prescriptions. Privacy advocates worry that individual pills might be able to have tiny RFID tags printed on them, so privacy invaders with RFID readers could easily track what individual medications people are taking.

Some government agencies have proposed that ID cards, such as passports and driver’s licenses, have RFID tags embedded in them. Privacy advocate warn that this would allow those with RFID readers to get a great deal of personal information about anyone passing by, including his name, date of birth, current address, and similar information.

Groups worry about the possible use of human RFID chip implantation – for example, in healthcare settings, RFID chips are now implanted in livestock as a way to track their movements, and even in endangered species to track their wanderings. But groups such as the Electronic Privacy Information Center (EPIC) say that there has been a movement to implant RFID chips in people in healthcare settings. The chip would contain a persons identification and health information, such as diseases, symptoms, medications being taken, and so on. Those with RFID readers would be able to gather this information about people.

Information from RFID readers could be compiled from multiple RFID sources and put into a database with information about individuals. So, a profile could be created about an individual, including the clothing she wears, the food she eats, the medications she takes, her medical conditions, and other information that is widely considered private.

 

Share this post :