From the dWb website

News Snippets

November 2007 News

  • You just can't get the virtual personnel
  • Microsoft passwords graphically exposed 
  • The Apple Leopard firewall is flawed

You just can't get the virtual personnel

Lack of qualified personnel is a hindrance to data centre managers adopting potentially money saving virtualisation strategies, according to a new report from security firm Symantec.

Microsoft passwords graphically exposed

NVidia's GeForce 8800 graphics card could be utilised to "dramatically" reduce the time needed by hackers to perform brute-force password cracks, security experts have warned.

Moscow-based IT security software vendor Elcomsoft claimed that the GeForce 8000 could be used to increase the speed of password cracking by a factor of 25.

This means that Windows Vista's password system, which would normally take months to crack using a brute force technique, could be broken in a matter of days.

The Apple Leopard firewall is flawed

The firewall in Apple's new OS X Leopard operating system is unreliable and unable to keep out hackers, according to one security researcher.

Jurgen Schmidt, of Heise Security, issued a report claiming that the Leopard firewall failed every security test performed by the firm.

"The most important task for any firewall is to keep out uninvited guests," wrote Schmidt. "But a quick look at the firewall configuration in the Mac OS X Leopard shows that it is unable to do this."

Among the shortcomings are a default 'off' state, hidden components that can be accessed by remote users but cannot easily be blocked, and an inability completely to block incoming connections. "Even if users select 'block all incoming connections' potential attackers can continue to communicate with system services such as the time server and possibly with the NetBIOS name server."

Schmidt compared the vulnerability of Leopard to that of Microsoft's Windows XP when it first debuted. "Apple is showing here a casual attitude with regard to security questions which strongly recalls that of Microsoft four years ago," he wrote.

Virtual appliances will kill the traditional appliances in large centralised environments but traditional appliances will still have a place in the remote small sites that have traditional support requirements.

Snippets

  • Microsoft has finally learned to share. Sharepoint 2007 builds upon the document sharing capabilities and provides comprehensive Office linkages with enterprise search and records management.
  • SAP released its Business ByDesign on-demand suite focused on smaller companies. The licensing model will be the real test: $149 / user / month (min 25 users) or $45K year with no hardware.
  • IBM have decided to give away Lotus office productivity software to compete with SUN and Google.
  • Microsoft face an EU €497M fine plus €281M for not complying to the original decision. I assume we can expect some chargeable software upgrades to cover these costs in the near future - what did the EU expect, Bill to just sign a cheque.
  • EDS shrinks to get bigger. They intend to reduce 11% (12,000) of their high cost workforce to be able to replace them with low cost workforce - this should be good for morale!!

This document maintained by dwb@dwb.co.uk. -------- Material Copyright © 1999-2009 dWb

s