Archive for the ‘Security’ tag
RSA Conference, the biggest security event of the year will take place next month.
IMO now is a good time to review how we are doing as an industry, fulfilling our destination (that is, securing).
On Jone 2003, Gartner declared that IDS are dead and “recommends that enterprises redirect the money they would have spent on IDS toward defense applications such as those offered by thought-leading firewall vendors that offer both network-level and application-level firewall capabilities in an integrated product.”
6.5 years later, are we there yet?
2008 is almost over but still there are respectable and notable companies that act like security is non of their business. I find it very irritating that some companies that promote security as a product and company differentiators act in a non secure fashion. Following the “no one want to see an obese promotes healthy food” analogy, I would expect companies nowadays to act in a secure fashion. Most of the web sites will send you a thank you letter after registering at their web site, but as I discovered today, some will send you an email confirming your registration alongside your username and password in cleartext.
As a service for those who forgot, here’s how email privacy works:
And here’s the message that turned me mad (Identifiable elements deleted to protect the innocent):
HWY 101 is jammed again, which gives me a lot of time to stare at the billboards. Symantec (big yellow) caught my attention with a “you need the speed” sign promoting their latest anti virus release. Apparently, they started a huge campaign around the speed of their anti virus, it’s weightless etc. No too many words about security.
I am not trying to pick on Symantec’s Norton Anti Virus. In today’s commercialized and commoditized environment, the messages should be catchy, fast and appeal to the common dominators. But this ad allows me to rant on some of the two non-changeable variables couples or opposite pairs that makes data security such an interesting field.