Once again, the IT Watch Blog is packing up its bags and reading to San Francisco for RSA, one of the security industry’s largest conferences. This year, mobile device threats are front and center: As Rob Westervelt with SearchSecurity reported, one firm hopes to make a big splash by debuting a new Android-based attack. Mobile attacks are a continued focus this year not only because of new attacks but because of continuing trends: Knowledge workers continue to BYOD (Bring Your Own Device) leaving IT with less control and visibility even as more critical data is pushed out into more places.
Other hot topics this year are cloud security best practices and standard compliance issues. I’ll be covering the most interesting sessions and news right here, but SearchSecurity will also be providing special RSA 2012 coverage with the site’s editors out in force during the duration of the show.
Jason D. O’Grady’s post regarding Apple’s frustrating PR practices kept popping up in my inbox today:
Then I got an idea. Since Apple PR never responds to my voicemails or emails, maybe they’d respond to the guys that do have access. So I contacted several prominent Apple pundits (who shall remain nameless) that are known for their access to Apple (some of whom get replies from Apple “every time”) and I asked them to enquire about Apple’s stance on enforcing its policy on address book uploads.
And you know what? None of them would do it.
Why? They’d probably say that Apple wouldn’t comment. But someone’s got to ask if they expect Apple to reply. I mean come on! Apple’s not going to press release its shady developers that steal your contacts.
The fact of the matter is that most journos with access to Apple are afraid of losing it. They’re afraid of asking the tough questions. They’re afraid of getting blacklisted. Like me.
The post is right on one thing: Apple is a pain in the ass to get a hold of, and almost impossible to get a substantive comment out of. A bit paranoid? Possessive? Absolutely. But saying Apple has a blacklist is far from my experience: Dozens of reporters I know have tried over the years to get a comment about this or that, and almost invariably fail, whether or not their Apple coverage is positive, negative or (usually) a bit of both. Instead, Apple has a whitelist: Those reporters it chooses to give access to, while blocking off the rest of the world. It’s not retribution for aggressive reporting. It’s that the universe of people Apple cares about in media is very, very small (though probably expanding if it’s doing one-on-ones as standard practice now). Continued »
The search engine and file-sharing site, BTJunkie, is voluntarily shutting down its website following the recent shut down of MegaUpload.com and the arrest of its founder, Kim Dotcom.
BTJunkie issued a statement on their website saying goodbye to their users and proclaiming the move was voluntary. “This is the end of the line my friends. The decision does not come easy, but we’ve decided to voluntarily shut down. We’ve been fighting for years for your right to communicate, but it’s time to move on. It’s been an experience of a lifetime, we wish you all the best!”
With file-sharing sites already looking over their shoulders, BTJunkie decided enough is enough and needed to make a major change.
After seeing this, the major question becomes: How much longer will file sharing be able to last?
Several other sites have been scared off: QuickSilverScreen has shut down and FileSonic and FileServe has restricted themselves to files members have uploaded themselves.
Even though BTJunkie didn’t host files for download, the website allowed users to download them from others and quickly became one of the top file sharing websites in the world.
In the recent months, we have seen illegal downloading and online piracy become an issue across the world. Leading the charge was SOPA/PIPA followed by Kim Dotcom’s arrest. It seems to me the damage has been done: File sharing sites are now on notices and much more carefully watching where they tread.
Michael Tidmarsh is the Assistant Community Editor at ITKnowledgeExchange.com. He can be reached at email@example.com.
Privacy is the forefront issue once again as Congress is preparing to attack Google over their latest changes to their privacy policies. Several lawmakers are concerned with how Google will collect a user’s data across their services.
Members of the House Subcommittee on Commerce, Manufacturing and Trade, Mary Bono Mack and G.K Butterfield, wrote a letter to the Internet giant expressing their concerns on their privacy changes.
Beginning on March 1st, Google will be able to cross reference data from their users which is collected from their various services including Google Apps, Gmail, and Youtube.
Google fired back to explain the new changes as Google director of public policy Pablo Chavez wrote a blog post accompanying the letter.
“We’re not collecting more data about you. Our new policy simply makes it clear that we use data to refine and improve your experience on Google.”
Last year, the FTC reached a settlement with Google regarding complaints of unfair practices and the company would submit to reviews by an independent auditor.
Michael Tidmarsh is the Assistant Community Editor for ITKnowledgeExchange.com. He can be reached at Mtidmarsh@techtarget.com.
With one simple call, the CSO of Rapid 7, HD Moore, could see into the boardrooms of law firms, pharmaceutical and oil companies, and even Goldman Sachs.
With only exploring 3% of the Internet, Moore and Mike Tuchen, found over 5,000 video conferencing unsecured systems not installed into their firewall. The result: anyone all across the world could watch and listen in to their meetings.
In an interview with the New York Times, Moore explains why video conferencing security is extremely important. “These are literally some of the world’s most important boardrooms-this is where their most critical meetings take place-and there could be silent attendees in all of them,” he said.
Why would companies set up their video conferencing this way? Moore explains it’s easier for other companies to be included in conference calls but it restricts their safety.
Imagine: a multi-national corporation having a board meeting pertaining to their projected revenue or future deals and their competitors are watching without them even noticing.
Moore explains how easy it was to break into several video conferencing systems. “Any machine that accepted a call was set to autoanswer. It was fairly easy to figure out who was vulnerable, because if they weren’t vulnerable, then they would not have picked up the call,” Moore said.
This can become a troubling problem for companies if it’s not settled quickly and quietly. Tuchen believes the safest way to secure calls is to install a ‘gatekeeper’ that connects calls outside the firewall. However, the process takes time and is usually skipped.
One would have to imagine if these two men could successfully hack into thousands of video conferencing systems, what could some of the world’s greatest hackers do?
“Any reasonably computer literate 6-year-old can try this at home,” Tuchen said.
Now companies have to ask themselves: security over access?
Michael Tidmarsh is the Assistant Community Editor at ITKnowledgeExchange.com. He can be reached at firstname.lastname@example.org
What will happen if SOPA passes through Congress? Is the FBI going to come after us? Should I shut down my whole system? If you run one of the various popular file hosting services, these might just be a few of the thoughts running through your head lately.
With Internet protests against SOPA and the arrest of Megaupload founder Kim Dotcom, there is no telling what will come next.
Many web-based storage companies have come out and publicly opposed Internet piracy. Mediafire CEO Derek Labian, for example, has publicly stated his website is legitimate and doesn’t support illegal fire-sharing. “Like many other cloud-based sharing services like Box.net and Dropbox, we’re a legitimate business targeting professionals.”
A quick Google of “Mediafire mp3″ plus various song names, however, still found numerous high quality download links for popular songs – all for free and presumably unlicensed.
Other websites have sharply curtailed operations. File-sharing website FileSonic posted a banner on their website explaining it’s partial shutdown. “All sharing functionality on FileSonic is now disabled. Our service can only be used to upload and retrieve files that you have uploaded personally.” In other words, users can still use it to save and retrieve their own files, but sharing publicly is now nixed.
The question for file storage websites comes down to this: Do they continue to look the other way and continue to allow pirated material to be stored on their website or do they take a stand and control the content coming in? And can this currently shady underbelly of the storage world turn legit before its wiped out by legal threats?
At least some companies will continue to run their sites without fear or anxiety for now. A spokesperson for Rapidshare spoke after the Megaupload arrests, “File hosting itself is a legitimate business, so we’re not concerned or scared about the raid.”
Should they be concerned? Only time will tell but if their caught, they will have a lot of explaining to do.
Despite today’s earlier post, I loved RIM. I think the Curve was, hands down, a great piece of hardware when it came out and stood the test of time. But as much as Mike Lazaridis, RIM’s former co-CEO, was trashed for being tone deaf when it comes to PR, his successor Thorsten Heins has miles to go to catch up with him, as a new YouTube video shows:
My only theory as to why this was published is that Heins recurring insistence that a new head of marketing must be hired irked the current marketing people, but that is pure conjecture on my part.
The most unsettling Heins quotes from the video: Continued »
Now that RIM’s long time co-CEOs Jim Balsillie and Mike Lazaridis have savaged the empire they worked so hard to build, beleaguered business mobility juggernaut’s new chief executive Thorsten Heins is in the spotlight.
I’ve thought a lot over the past few years about my interview with Lazaridis, particularly how dismissive he was about touch and certain he was about BlackBerry’s strength with corporate IT. The early reviews of Heins peg him as being a company insider while slagging him for saying “drastic change” isn’t needed. His first press conference didn’t help dispel these sentiments.
Looking further back, however, Heins has a track record that’s anything but Lazaridian: He introduced innovative products, bold partnerships and new form factors one after another. The only problem is, they generally were pretty terrible. Continued »
From Twitter outbursts to major websites shutting down, SOPA has become public enemy #1 for Internet users.
SOPA, otherwise known as the Stop Online Piracy Act, has created headlines all across the United States. We have seen protests from New York City to Silicon Valley. Even Facebook founder Mark Zuckerberg weighed in with a status against SOPA.
“Sharing and talking about content and art are valuable to our everyday lives,” said Tiffiniy Cheng, co-founder of Fight for the Future.
Critics are comparing the bill to the Great Firewall of China, which controls and censors the Chinese Internet.
Jordan Hahn, CEO of IT firm Silent Movement Inc., told euronews that “Both bills contain broad language which could be used to censor web content and search engines in ways similar to China’s Great Firewall. The bills themselves are so far-reaching, it is impossible to predict their potential effects upon the internet as a whole. The question I have for the American government is simply this: Is it a good idea to put restrictions upon the last bastion of American innovation?”
What would happen to technology and the Internet if SOPA is passed by Congress? Thousands of Internet sites could be vulnerable to legal restrictions and possible shutdown.
Even though SOPA would target domain names outside the United States, many American companies have domain names registered abroad. Businesses all across the U.S. would need to monitor Internet content and user access.
Network security personalities Dan Kaminsky and Paul Vixie sent a letter to Congress opposing SOPA stating the bill could ‘seriously harm the credibility of the United States in its role as a steward of key Internet infrastructure.’
The key fact to take away is SOPA will affect everyone, from major corporations to small start-up businesses.
Social media in particular could be potentially devastated by the passing of SOPA. Facebook, Twitter and YouTube would need to find a way to screen messages to filter links and pictures of pirated domains.
Technology and IT sites depend on social media to promote content and advertise online. How would companies promote and engage their online community without it?
Social media has become the focal point for where businesses, groups, and people could interact with each other. If it’s taken away, technology and the American economy would take a significant hit.
Michael Tidmarsh is the assistant community editor at ITKnowledgeExchange.com.
Today’s guest post is from Greg Schulz, a storage virtuoso who has guest-blogged on ITKnowledgeExchange before. Now he’s working to take the fear factor out of virtualization and – even more terrifying – the future of converged, cloud-driven infrastructure. If you like what he has to say, or think it’d be a helpful primer for someone else you’re trying to get up to speed, his new book Cloud and Virtual Data Storage Networking (CVDSN) tackles these topics and more in depth. He’s even offered up a free chapter preview for ITKnowledgeExchange readers.
When it comes to cloud computing and cloud storage, virtualization, converged and dynamic infrastructures, do not be scared. Do, however, do your homework and be prepared so that you look before you leap. It’s important to understand the differences in public, private and hybrid cloud approaches, products, services and management best practices and how they apply to your needs.
A common theme today is that the amount of data being generated, moved, processed and stored for longer periods of time shows no signs of decreasing. After all, there is no such thing as a data or information recession! What has changed is that we need to do even more with less or more with what we currently have available to support and sustain business growth.
To sustain business growth while enabling new functionalities or services, providers of information services need to look at various options for becoming more efficient. Becoming more efficient means more than cost avoidance; it also includes boosting productivity while streamlining information services delivery. If all that is done is to boost utilization in order to reduce costs chances are that quality of service (QoS), service level objectives (SLOs) and service level agreements (SLAs) will be sacrificed which means impacting productivity or causing waste and rework to occur. Doing more with available resources also needs to be combined with reducing per-unit costs and maintaining or enhancing quality of service and customer satisfaction. This means stretching resources (people, processes, budgets, hardware, software, energy, facilities, and services) further while enabling better business agility and productivity.
Not everything can be consolidated due to performance, (QoS), security, organizational politics, third party software or hardware support and regulatory compliance requirements. However that does not mean everything cannot be virtualized. The next wave of virtualization involving servers, storage, desktops, applications and networks is life beyond consolidation where the focus expands to agility, flexibility, mobility, speed of deployment and business enablement.
In virtualization life beyond consolidation also happens to be a stepping stone to clouds, life beyond cost cutting, emphasis is around boosting productivity and supporting business growth. This means finding and removing complexity and costs in service delivery, enhancing customer QoS meeting or exceeding SLOs and SLAs while reducing waste and rework.
While consolidation and cost cutting will remain for some environments and applications or use scenarios, there is a growing trend around awareness of the need to maintain or enhance SLOs and SLAs. SLO and SLAs need to be maintained or enhanced while supporting growth and reducing the cost of service delivery. For example reducing the cost to deliver a transaction, file video or enabling faster individual file or database table or email box restoration, or lower the overhead of hosting a database or virtual machine or virtual desktop infrastructure (VDI). To meet the objectives of supporting growth, reducing cost to deliver a given unit of work or service while maintaining or enhancing QoS and SLOs requires innovation.
Your return on innovation or the new ROI will how effective you can be in meeting growth demands, maintaining or enhancing QoS and SLOs while staying within budget. Another gauge of effective ROI or return on innovation is how much of your budget can be reinvested back into IT as a result of meeting growth requirements while maintaining QoS and SLOs via improvements to efficiency, effectiveness, agility and productivity.
Public and private clouds, converged and dynamic as well as virtual infrastructures should do more for your organization than play to a theme of reducing costs via consolidation. They should also enable agility, flexibility, remove or mask underlying complexity while boosting customer service expectations and productivity. The byproduct should be to remove complexity which results in taking cost out of doing things vs. simply cutting costs.
My new book Cloud and Virtual Data Storage Networking (CRC Press) expands on the above themes, technologies, services, tools and best practices to enable your journey to efficient, effective and productive information services.
Greg Schulz is founder of Server and StorageIO, an IT industry advisory consultancy firm and author of the books Cloud and Virtual Data Storage Networking (CRC Press, 2011), The Green and Virtual Data Center (CRC Press, 2009), and Resilient Storage Network (Elsevier, 2004). Learn more at www.storageio.com, www.storageioblog.com or on Twitter at @storageio. His latest book is available from Amazon and other retailers.