and the drawbridge is raised, you find that the dragon, is indeed, in the court yard. Researchers have developed two new techniques for stealing data from a computer that do not involve viruses, malware, or root kits. Instead, they use some unlikely hacking tools: cameras and telescopes.
is a good offense only works in sports where one team can maintain control over a token that enables them to score points while, at the same time, disables their opponents from scoring points. In football, rugby, and soccer it's the football. In hockey, it's the puck, and in hoops it's the basketball. In computing, "the best defense is a good offense" falls flat on its tush.
The best defense in computing goes to the vigilent. But what do the vigilent watch? and do you do it by land, sea, or air?
I could spend most of my blogging career reporting vulnerabilities and patches; but I watch the U.S. Cert Technical Alerts where I saw that Microsoft recently released updates to address vulnerabilities affecting Microsoft Windows, Office, Jet Database Engine, Windows Live OneCare, Antigen, Windows Defender, and Forefront Security, all part of their Security Bulletin for May 2008.
For instructions on subscribing to their mailing list, visit www.us-cert.gov/cas/signup.html.
The iPhone, Apple's entry into the do-it-all smart-phone market, is popular with consumers, while raising security concerns within information technology departments of some businesses and law firms. Because it's the rock-and-roll cousin of the buttoned-down BlackBerry, the iPhone is more for play than for official business right now because the iPhone can't be password-protected and its content can't be erased from a remote location when lost or stolen.
Mobile lawyers have a variety of tools at their disposal -- cell phones, laptop computers and PDAs -- which increase productivity but also create security challenges. How can network administrators maximize remote access capabilities while also making them secure? It's nearly impossible to keep track of all devices and keep everyone in compliance with firm policies, but your IT department must assess each specific risk and implement security procedures to take advantage of the latest technologies.
is language I normally associate with a B-rated thriller or when someone happens to wander into a mine field. Now, I have a different connotation. Researchers at the Center for Information Technology Policy, Princeton University, broke the encryption system on a hard drive by freezing memory chips.
Putting the freeze on a DRAM chip from an inexpensive can of compressed air caused the chip to temporarily hold data, including the encryption algorithm used to unlock scrambled data on a disk. Once the chip was frozen, researchers isolated the encryption keys from the chip's memory and used them to access the encrypted data on disk.
Granted, this exploit would require physical access to the machine. But at the rate laptops wander away from their owner, not a difficult task.
The lesson to take away from Princeton is to use another factor when encrypting data on your hard drive such as a USB hardware key or a secure identification card.
Lawyers are becoming increasingly adept at using convenient technology, like laptop computers and wireless networking technology, to make their work easier and to provide prompt advice and services to clients. But when lawyers use WiFi to connect to the Internet or an office server to access e-mail or client documents, they risk the disclosure of sensitive data and confidential client information. Attorneys Joel Frank and Scot Withers provide some basic tips to protect data on public WiFi networks.