Chris Soghoian is giving a Berkman lunchtime talk called: “Caught in the
Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era,”
based on paper he’s just written. In the interest of time, he’s not going
to talk about the “miscreants in government” today.
Pew says that “over 69% of Americans use webmail services, store data
online, or other use software programs such as word processing applications
whose functionality is in the cloud.” Chris’ question: Why have cloud
providers failed to provide adequate security for the customers. (”Cloud
computing” = users’ data is stored on a company server and the app is
delivered through a browser.)
NOTE: Live-blogging. Getting things wrong. Missing points. Omitting key
information. Introducing artificial choppiness. Over-emphasizing small
matters. Paraphrasing badly. Not running a spellpchecker. Mangling othe... (more)
Building on the continued success of the public key infrastructure (PKI)
platform, Entrust is advancing the technology to bring it to new markets.
With the introduction of Entrust Authority Security Manager 8.0, Entrust
customers can implement one of the most trusted PKI security solutions
available on the cost-effective Linux Red Hat platform. This release
introduces Entrust to the open-source platform market and expands the
potential overall installation base for the PKI solution.
"Linux is recognized as one of the most popular operating systems installed
on servers globally, and provides Entrust with an active new market segment
for PKI deployments," said Entrust President and CEO Bill Conner. "This is a
key milestone for Entrust and the entire PKI platform. We're eager to see how
the Linux community embraces and implements our PKI technology."
In a recent publi... (more)
Before looking for a managed file transfer solution, it is important to
determine how data is currently being transferred from your organization. You
should find out what users and applications are performing the data
transfers, where the source of the data resides, how sensitive the data is,
how the data is formatted for the partners and what protocols are used to
transmit the information. If the files are encrypted or compressed before
transmission, find out what tools and standards are being utilized.
After you’ve done your in-house analysis, then start a search for a secure
file transfer solution that best fits your needs. Listed below are the Top 10
managed file transfer considerations:
1. Platform Openness – To reduce the points of connection to sensitive data
and reduce the risk of exposure to those without a need-to-know the MFT
solution should be installed ... (more)
When it comes to having a Linux server hosted in a data center or it is not
behind any kind of Firewall or NAT device there are a number of security
requirements that need to be addressed. Linux servers generally come with no
protection configured by default and depending on the hosting company or
distro can come preconfigured with many services installed that are not
required, including Web Servers, FTP Servers, Mail Servers and SSH Remote
The following is a compilation of various settings and techniques you can
employ to harden the security of your vulnerable Linux systems. While I have
tried to put them in order of the most important features first I would
recommend all of these options be used on your critical production servers.
TIP #1 – Strong Passwords
Always create long passwords that contain upper and lower case letters,
numbers and non alpha-numeri... (more)
By John Sotiropoulos - In my previous post (Cloud Data, Security, Privacy &
Confidentiality/ The ISV Perspective) I talked about the increasing exposure
of data, the changing landscape of data confidentiality and the need to
shield data rather than retreat into – largely mythical -“safe
heavens” of on premise. When storing data in the cloud, key management
becomes a critical aspect of data confidentiality and a new crop of vendors
are beginning to emerge simplifying encryption and key management.
Having looked at most of the new crop of cloud encryption vendors, we
liked Porticor for its innovative application of homomorphic algorithm to
split key encryption and its use of a customer-owned security appliance.
The combination of two eliminates the need to expose the encryption key and
minimizes the risks offering a unique approach to comply with EU data
CLOSTER, NJ -- (MARKET WIRE) -- 04/25/05 -- Ericom® Software, Inc., a
leading provider of enterprise application access & Server Based Computing
solutions, today at Microsoft's WinHEC, announced the release of PowerTerm®
WebConnect with newly added 64-bit support, in tandem with Microsoft's
exciting Windows Server 2003 x64 Editions release. PowerTerm WebConnect is a
comprehensive solution for secure local and remote access to enterprise
applications, residing on Windows Terminal Servers and Legacy systems.
Ericom's support for servers running Microsoft's Windows Server 2003 x64
Edition operating system will enable users to take advantage of the latest
64-bit hardware based on Intel EM64T and AMD64 processors. Ericom supports
the Microsoft Terminal Server platform with features including Application
Publishing, Seamless Windows applications, Load Balancing, SSL Gatew... (more)
SCOTTSDALE, Ariz., April 21 /PRNewswire/ -- GoDaddy.com, the No. 1 registrar
of domain names worldwide and the world's largest Web host in terms of
hostnames, now supports Web sites created using Ruby on Rails.
Ruby on Rails is an open-source framework which lets developers easily
assemble rich and dynamic Web sites. Programming with Rails allows a Web
designer to wrap applications easily around a database. It has been widely
acclaimed in Web development and software engineering circles as a new
standard for ease of development and speed of delivery.
"Our customers are finding Ruby on Rails to be incredibly valuable in shaping
their online presence," said Bob Parsons, GoDaddy.com CEO and Founder. "We
are pleased to be able to offer support for a framework that increases the
utility of the sites we host."
"We came over to Go Daddy specifically because Ruby on Rails wa... (more)
(SYS-CON Media) - The main drivers for SOA-based architectures are to
facilitate the manageable growth of large-scale enterprise systems, to
facilitate Internet-scale provisioning and the use of services, and to reduce
the cost of organization-to-organization cooperation - SOA RM
When approaching a SOA implementation, I would like to consider two
fundamental questions that many developers ask:
1) What's the difference between service-oriented and service-based
2) What special architecture elements are defined by the SOA RM?
In my opinion, the answer to the first is in the difference between the words
oriented and based. I believe that smart IT organizations offer a lot of
services already because the technical benefits of services have been well
known for a while. However, the applications based on these services are
still monolithic and don't provide ... (more)
PARIS, July 1 /PRNewswire/ -- Chip PC Technologies annonce aujourd'hui que
ses terminaux haut de gamme seront livrés avec le dernier Windows Embedded
CE 6.0 R2 incluant RDP 6.0.
Le nouveau Windows Embedded CE 6.0 R2 permet une connexion intégrée et
simplifiée à Windows Vista et Windows Server 2008.
De plus, ce nouvel OS dispose de la dernière version de Remote Desktop
Protocol (RDP) 6.0, qui procure d'importants avantages aux utilisateurs,
comme le support de Secure Sockets Layer/Transport Layer Security (SSL/TLS),
de Network Level Authentication, Server Authentication, et de couleurs
Les terminaux Chip PC avec Windows Embedded CE 6.0 R2 sont optimisés pour
une meilleure gestion, sécurité, un déploiement simplifié, un support
avancé des périphériques USB couplé, RDP 6.0 optimisé pour une gestion
graphique avancée (Wide Screen et haute résolution), authentif... (more)
Open Source SSL Accelerator solution not as cost effective or well-performing
as you think
o3 Magazine has a write up on building an SSL accelerator out of Open Source
components. It's a compelling piece, to be sure, that was picked up by
Slashdot and discussed extensively.
If o3 had stuck to its original goal - building an SSL accelerator on the
cheap - it might have had better luck making its arguments. But it wanted to
compare an Open Source solution to a commercial solution. That makes sense,
the author was trying to show value in Open Source and that you don't need to
shell out big bucks to achieve similar functionality. The problem is that
there are very few - if any - commercial SSL accelerators on the market
today. SSL acceleration has long been subsumed by load balancers/application
delivery controllers and therefore a direct comparison between o3's Open
Crescendo Networks has announced the Maestro CN-7000 series, a new line of
advanced application delivery hardware platforms. The CN-7000 series includes
the entry-level CN-7710, the CN-7740 for medium to large organizations, and
the CN-7790 for the largest organizations, with up to 10 Gbps throughput.
The new platform series allows Web-based businesses of all sizes to
accelerate and optimize application delivery, boost server and network
efficiency and dramatically reduce data center costs. It further expands the
award-winning Maestro Platform, which is designed to work specifically with
Crescendo’s flagship application delivery controller, AppBeat™ DC.
“Unlike other application delivery controllers that rely on general purpose
components that sacrifice performance and reliability under heavy traffic
loads, the entire CN-7000 series leverages Crescendo’s unique custom... (more)