|
|
|
 Related Articles
|
|
|
|
| |
A group of 14 African nations raised the stakes yesterday before next week’s
EU-Africa summit by threatening to pull out unless European leaders agreed
not to single out Zimbabwe for criticism. Officials in Brussels, however,
said there was no way that President Mugabe could escape a lecture on the
dire straits of his countrymen if he turned up to the meeting in Lisbon. |
| |
|
| |
| |
The founder of the Stoke-on-Trent Portmeirion group of ceramics dies at the age of 89. |
| |
|
| |
| |
A Sunni group in one Baghdad suburb has turned its back on insurgency and is now cooperating with the Americans. |
| |
|
| |
| |
Three teenagers are stabbed, leaving one in a critical condition, following an attack by a group of youths. |
| |
|
| |
| |
Critical vulnerabilities in common PC software, including both applications and operating systems, continue to grow in number and stand as the leading cause for concern in the IT security landscape today, according to training experts at the SANS Institute.Holes in so-called client-side applications, including Web browsers, e-mail clients, productivity suites, and media players, have become particularly worrisome over the last year, according to SANS, which highlighted the issue as part of its annual report on the top 20 Internet security risks for 2007.As hackers have shifted their attention further away from operating system flaws and drilled down to applications-layer vulnerabilities they have found a seemingly endless wealth of possibilities for infecting PCs with everything from spyware to botnet programs, SANS researchers contend.Unless something can be done to improve software developers' coding habits or better test popular applications for such issues before they land on end-users' machines, attackers will be able to continue their successful assaults against enterprise networks and devices for the foreseeable future, said Rohit Dhamankar, project manager for the Top 20 report at SANS and a senior manager of security research for TippingPoint.?"There's just been such a dramatic rise in the numbers of vulnerabilities found in applications like Internet Explorer and Microsoft Office and a number of media players that attackers are having their way," said Dhamankar. "Enterprises are bolstering security, but desktop users still pose a massive risk if they can download anything they want from the Web; the attacks are also growing in sophistication to the extent that many can defeat antivirus and other security systems primarily by obfuscating their code."Some of the most powerful tools that hackers have adopted in hunting for potential targets are the same industrial-strength applications fuzzing tools that software vendors themselves are using to search for holes in their products, said the expert.Enterprises could do themselves a favor by enforcing stricter policies that dictate the types of applications that end-users are allowed to put on their work machines and using technical means to ensure that those rules are being followed, Dhamankar said.Other SANS researchers noted that while companies may not want to tell end-users that they cannot utilize media players, messaging clients, and other applications that have moved into the business world from the consumer sector, they could help themselves out by limiting the variety of client-side applications that people may choose from."IT departments can't focus on all the applications of the world, but they can choose several and keep their eye on those while allowing end-users some freedom," said Amol Sarwate, research manager at Qualys who studies vulnerability patterns for SANS. "What companies need to do is enforce standards for applications usage and utilize technical means to block unwanted software, devices, and even wireless access points."While many businesses have already realized that they need to shift more of their efforts toward defending client-side vulnerabilities, most have failed to embrace a proactive approach versus simply keeping track of publicly-reported flaws and patching those issues said Sarwate.Enterprises need to think about future security issues
It will be particularly important for firms to examine the additional security issues that will be introduced in the coming years with broader adoption of technologies including VoIP (Voice over IP), according to the expert."The key is for people to start thinking ahead of these client-side vulnerabilities to understand what the next big thing may be. Things like VoIP need to be examined for their security implications," said Sarwate. "Many companies are already adopting these tools because of all the advantages they offer, but there will be many attacks carried out against these systems as well."Among the advice that SANS is offering organizations hoping to improve their client-side security coverage is to mandate secure configurations at installation time for all applications, to constantly verify patching and upgrading of both applications and system software, to scan for new vulnerabilities frequently, and to keep their security systems up to date.Other leading areas of concern highlighted by SANS in its report included critical vulnerabilities in Web applications that allow for cross-site scripting attacks or for computers to be otherwise compromised simply by pointing their browsers at poisoned URLs."Gullible, busy, accommodating computer users," including executives, IT staff, and others with privileged access also remain a major weak point for enterprise security, according to SANS, as these seemingly more seasoned users of computers and software are still falling for increasingly targeted spear-phishing campaigns in large numbers.One of the best ways to educate users about the problem is for organizations to create fake spear-phishing threats and send them out to internal users to determine which individuals might be most likely to fall for the schemes and follow up with additional training, the group said.Critical vulnerabilities in the software and systems that provide the operating environment and primary services to computer users, or server-side software, remain another area of leading concern, according to SANS.Problems in Microsoft Windows services, Unix and Mac OS services, back-up and AV programs, management servers, database software, and VoIP technologies in particular are proving troublesome, according to the report.Many of those issues can be addressed by following the same advice offered for solving client-side vulnerabilities, SANS said in the research. |
| |
|
| |
| |
Verizon Wireless' decision to open its network to outside mobile devices and applications has won praise from several groups, including past critics.Verizon Wireless officials announced Tuesday they would open up their network to any devices and software customers want to use by the second half of 2008. Any device that passes a minimal connectivity test will be allowed on the Verizon Wireless network, officials said.That announcement drew applause from a wide variety of groups. Public Knowledge, a consumer rights group that has pushed for open network regulations from the U.S. Congress or the Federal Communications Commission, said it was "cautiously optimistic" about Verizon's decision.Verizon's decision could lead to "a more open network in the wireless industry at large," said Gigi Sohn, Public Knowledge's president. Wireless carriers have fought an FCC decision to require open access on a portion of spectrum in the 700MHz band to be auctioned starting in January, she noted."The Verizon announcement, however, is very limited," Sohn added. "If other carriers don't follow the same model, then consumers will still find their phones tied to a specific technology or wireless company. In order for an open network to become a reality, all carriers will have to participate."Verizon will still decide what phones can operate on its network, she said. Public Knowledge would prefer to have a third party decide what phones can operate on the Verizon network, she said.She also has continuing questions about prices. If Verizon continues to offer its preferred mobile phones at a discount, "then the adoption of the open model will be minimal, absent a rapid decline in cell phone prices," Sohn said. "We need to know whether the rates for Verizon service plans will vary for those with subsidized phones and for those customers with a phone bought elsewhere."Others were less guarded with their praise.Verizon's announcement, combined with the Google-led Open Handset Alliance, is a "significant" step toward the goal of more open wireless networks, FCC Chairman Kevin Martin, said in a statement."As I noted when we adopted open network rules for our upcoming spectrum auction, wireless customers should be able to use the wireless device of their choice and download whatever software they want onto it," Martin added. "I continue to believe that more openness -- at the network, device, and application level -- helps foster innovation and enhances consumers' freedom and choice in purchasing wireless service. I am optimistic that Verizon Wireless's commitment along with the upcoming spectrum auction will ensure an exciting new era in wireless technology for the benefit of all consumers."Solveig Singleton, an adjunct senior fellow with Maryland think tank the Free State Foundation, said Verizon's voluntary decision makes more sense than open network regulations, such as net-neutrality rules pushed by Public Knowledge and other groups."Requiring openness or neutrality beyond the basics now supported by demand would needlessly make development far more costly and slow," she said. "A company that wants to invent a new type of phone with cutting-edge features already has a good bit to think about without having to worry about new phones and networks being simultaneously built by everyone else."Many proposed net-neutrality rules would require wireless and broadband providers to treat all network traffic equally, she said."Mandate 'open' and 'neutral' everywhere all the time for everything, and innovation will slow to a snail's pace and network traffic will jam," she added. "Competition between operators to offer innovative combinations of services at special prices would become almost impossible. In this fast-changing context, a regulatory command to treat all traffic all the same is just a bad idea."Also praising Verizon's decision were Funambol, a developer of open-source calendar and messaging tools for mobile phones, and the New America Foundation, a think tank that has pushed for open access rules on the 700MHz spectrumThe FCC and Google deserve credit for pushing the issue forward, said Michael Calabrese, director of New America's Wireless Future Program."This appears to be a move to head off market entry and new wireless competition from Google and other Internet companies that would result if the incumbent carriers were unwilling to meet minimal FCC consumer choice requirements," he said in an e-mail. |
| |
|
| |
| |
Poland, the Czech Republic, Greece, and Belgium have the worst telecommunications regulators in Europe, according to a study carried out for the European Competitive Telecom Association (ECTA), an industry group that promotes the interests of new entrants into the market.The annual study, available on ECTA's Web site, compares the telecom regulatory environment and the application of the current legislative framework in 19 European countries. Top of the class were the U.K., the Netherlands, Denmark, Norway, and France."This year’s results show that countries where regulators have taken action to enable competition to flourish, including the UK, Netherlands and Scandinavian countries, have seen strong performance in their telecom markets. However, others including Poland, the Czech Republic and Greece have fallen behind," ECTA said in a statement.It added that "institutional weaknesses" may be preventing Germany, Belgium, and Finland from reaching their full potential.The study, dubbed the 2007 Scorecard, shows the impact of weak competition on consumers."If you are paying high prices for broadband, it may be because your regulator has not been able to open the market to competition," said Innocenzo Genna, chairman of ECTA, in prepared remarks at a conference in Brussels on Wednesday.ECTA supports the European Commission's plans to change telecom rules. In particular, it backs moves to allow regulators the power to break up an incumbent operator if it isn't giving rival service providers fair access to the infrastructure, such as the "local loop" of telephone lines that lead directly into people's homes and offices.Meanwhile, the Commission took Bulgaria to court on Wednesday for failing to police its telecom market "independently and effectively." Bulgaria joined the European Union at the beginning of this year, but it was supposed to have applied all the E.U.-wide rules concerning market access and fair competition in the telecom sector before its arrival.Viviane Reding, commissioner for telecom at the European Commission, attended the ECTA's conference in Brussels. In her keynote speech, she thanked ECTA for supporting the reforms she is trying to push through, but she warned that it will be a "hard fight" ensuring that the changes she has proposed get adopted.As well as proposing that functional separation should be introduced as a remedy to instill fair competition, she also called for the creation of an E.U.-wide telecom market authority to ensure that all national regulators apply the same rules in all markets. Functional separation calls for operators to set up separate units to manage and sell network services."We shall have to fight hard in the coming months to ensure that this vision of a competitive single market for the telecom sector becomes a reality. I count on your continuing support," Reding said. |
| |
|
| |
| |
HP, Dell, and Sun made significant gains in the worldwide server market at IBM's expense in the third quarter, Gartner said in a report issued Monday.Despite losing market share due to an 8.1 percent drop in revenue and 3.9 percent drop in shipments, IBM issued a press release claiming success, noting that it still holds a slim lead in market share revenue.The popularity of server virtualization hasn't significantly affected overall server sales. Worldwide, shipments grew 8.7 percent over the previous year's third quarter, with 2.2 million units delivered, for revenue growth of 2.6 percent. The server market started growing in the second quarter this year after three years of stagnant sales, a previous report by IDC said."Underlying market dynamics such as growth from emerging markets, coupled with an ongoing demand for increased capacity, are stronger than any inhibitors such as server virtualization," Gartner analyst Errol Rasit said in a press release.HP made the biggest gains, delivering 649,958 server shipments, 20 percent more than the previous year's third quarter. HP was already making the most shipments but solidified its lead over second-place Dell and third-place IBM.IBM earned more server revenue than any of its rivals, despite making 319,674 third-quarter shipments, fewer than half the number delivered by HP.HP did narrow IBM's lead in revenue market share, growing revenue 13.9 percent to $3.7 million. IBM revenue dropped 8.1 percent to $4 million, for a slim lead over HP -- 30.1 percent to 28.1 percent - in revenue market share.Dell and Sun posted double-digit revenue increases but are still a distant third and fourth place in market share, according to Gartner's statistics.The 8.7 percent increase in worldwide server shipments was driven partly by growth in the x86 and blade server markets, both led by HP, which shipped 91 percent more blade servers than the previous year's third quarter.IBM was able to increase revenue for System p and System x, but lost revenue for its System z mainframes and System i midrange servers.The company nonetheless touted the popularity of its System z mainframe, saying it led the market in revenue for servers priced at $250,000 or more."We believe IBM's eight consecutive years of leadership in the worldwide server market is a testament to our commitment to technology innovation for our clients," Bill Zeitler, senior vice president and group executive for IBM Systems & Technology Group, said in a statement.Network World is an InfoWorld affiliate. |
| |
|
| |
| |
AP - An electronic privacy group challenging President Bush's domestic spying program scored a minor victory after a judge ordered the federal government to release information about lobbying efforts by telecommunications companies to protect them from prosecution. |
| |
|
| |
| |
Demand accelerating
Three-quarters of a million Americans now own a dedicated HD DVD player or Xbox 360 add-on drive, the HD DVD Promotional Group said today.… |
| |
|
| |
|
|
Related Companies |
| |
|
|
|