JUDGE RULES AGAINST CONSUMERS

By D.E.Levine

In Portland, Maine a federal judge threw out all except one lawsuit from the Hannaford data breach case.

The judge's ruling stated that consumers whose payment data is stolen can recover claims only if deliberate negligence on the part of the merchant was responsible for the direct loss to the account.

This ruling is a blow to consumers who found out after the breach that it had happened and that their private data was compromised.

CISCO'S WATCHING GOOGLE

By M.S.Welles

Cisco Systems Inc. admit the firm is watching closely to monitor Google's foray into the unified communications market.

Cisco plans to respond quickly by boosting the capabilities of Cisco's offerings.

The firm has already started responding to Google by announcing plans to offer some pieces of its IP voice technology as a hosted service.

Cisco executives acknowledged the challenge from Google during the Cisco Live user conference in San Francisco in June.

While initial reports were that Microsoft would be challenged by Google Voice Internet telephony service and Google Wave, a hosted collaboration an d communications service, it now appears that Cisco will also be challenged and will have to rise to meet it.

Although Google is gearing up for a consumer offering, it's anticipated the products will become attractive to small businesses and eventually to large corporations. There are some privacy issues that need to be worked out, but Google is taking a very aggressive stand and analysts expect the company to present a real threat to the other, already established companies.

EMC ACQUIRES DATA DOMAIN

By K.C.Bishope

After a battle with NetApp Inc. that continued since March, EMC has finally won and will acquire data de-duplication vendor Data Domain Inc. for $2.1 billion in cash.

DDI must now pay a $57 million deal-termination fee to NetApps.

It's anticipated that implementation of the merger will be more difficult for EMC than its acquisitions of RSA Security. Those companies provided EMC with products in new categories and are still operated as separate divisions.

EMC has stated that it expects DDI technology to help it expand next-generation disk-based backup and archive product offerings.

POSSIBLE RAPID IE INFECTION

By D.E.Levine

Microsoft acknowledged a critical flaw in the Active X control that can be accessed via Internet Explorer on July 6, 2009. Microsoft plans to issue a patch.

The admission came hours after thousands of compromised sites were serving up exploits. The flaw leaves the Internet Explorer browser as a prime candidate for another Conficker-scale attack.

The vulnerability can be exploited through the firewall, and basically the entire world is exposed.

Over the July 4th weekend, there were thousands of hacks of legitimate Web sites that exploited the bug.

Taking advantage of the bug, hackers rerouted users to a malicious site which downloads and launches a multi exploit hacker tool kit.

Microsoft has admitted that members of IBM's X-Force threat research team reported the vulnerability in 2008. The X-Force researchers originally found the flaw in late 2007.

Microsoft did not explain why, after having been notified in 2008, the company took no action to patch the flaw until now.

ZUNE INSTEAD OF IPOD?

By K.C.Bishope

Zune has been around for a long time. It's an iPod challenger. Yes, such devices do exist. The Zune 8 by Microsoft costs only about $140 and offers 8GB of storage. The Zune players also come in 4GB, 16GB, 80GB and 120GB versions.

Featuring a built-in FM-tuner and Wi-Fi for connecting to the Zune Marketplace and streaming music directly to the Zune (with a Zune Pass subscription), the device has three buttons that make for simple navigation, and a 1.8-inch color-screen for viewing photos and videos.

A mere $14.99 monthly buys the user unlimited access to more than 4 million songs. Songs can be downloaded to Zune software on a PC and instantly synchronized with the Zune Player.

While a subscription service ties you into a monthly fee, on the brighter side, 4 million songs and unlimited use and downloads allows you to experience more and differing types of music that you might not ordinarily purchase.

BOTNET ATTACKS ARE BOOMING

By D.E.Levine

Botnets or networks of bots, software robots that run autonomously and automatically, frequently are malicious software.

Botnet attacks are thriving. Both U.S. and South Korean government Web sites were recently hit by distributed denial of service (DoS) attacks and North Korean is suspected. Although the attacks did no lasting harm, the FTC and the Department of Transportation both suffered outages. And the DoS attack is ongoing, with additional South Korean banks expected to be hit.

From 1,500 botnets identified 2 years ago, now there are 3,500 identified botnets today. They are usually specialized, designed for criminal tasks, and the most successful ones have survived for years operated by shadowy, untraceable groups.

Researchers frequently give botnets names but getting an actual count of how many compromised computers are under their control is tricky and inaccurate due to network technologies influences and constant change.

Conficker, a bot which has infected between 5 and 10 million Windows-based computers is still out there, but currently very quiet. When and where it will strike again, nobody knows, but it's certain to infect still more machines.

Spam botnets appear to be the easiest botnets to count. Cutwail, the top June botnet, generated more than 45% of all spam worldwide. According to Symantec MessageLabs division, the recent FTC shutdown of Pricewert, a web-hosting firm accused of illegal activities, seems to have disrupted the Cutwail botnet, which no longer ranks number 1.

Spam service buyers appear to be switching to Rustock, another botnet. Both Cutwail and Rustock have existed for several years and their master controllers are suspected of being in Ukraine or Russian speaking countries.

Prosecution of botnet illegal activities is extremely difficult due to activity across different countries with different legal systems.

GOOGLE TAKING A RUN AT MICROSOFT

By M.S.Welles

Google is taking at run at Microsoft's core businesses but the road is long and hard.

With the unveiling of its Chrome OS project, an open source, Linux-based lightweight operating system for Internet centric computing, the removal of beta labels from Google Apps service, the debut of Google Voice, added to the launch of an industry campaign to "make the Web faster", Google is targeting Microsoft's client operating system and Office, plus Microsoft's emerging online service strategy.

With Microsoft due to deliver Windows 7 shortly (which includes a copy of the netbook platform Google is targeting) it's obvious that although Google will be shipping later than its competitor, it is rushing to get its strategy and services in place for battle.

How much damage can Google do? It really depends on how well the Chrome OS works. Google is only targeting the netbook subset of the personal computing market so whether the company will make a dent in Microsoft's figures is dubious.

Google is offering the OS free to OEMs that normally pay Microsoft a $40-$90 fee for Windows. This will surely make it attractive.

On the other hand, the vendor needs to form solid relationships with partners that can offer applications, drivers and other peripherals to work with the Chrome netbooks and eventually with the desktop PC version Google plans to offer. Microsoft already has 7500 partners doing just that.

U.S. TO BASE CYBERCRIME EXPERT IN ESTONIA

By D.E.Levine

For the first time in history the FBI has announced it will permanently base a cybercrime expert in Estonia to work on international cyberthreats.

This placement will be the first time the agency has placed an agent outside of the U.S. to focus exclusively on cybercrime.

Estonia has an advanced computing infrastructure, and that was given as the reason for the country being selected.

IBM RETOOLS ITS CLOUD STRATEGY

By D.E.Levine

About 18 months ago IBM unveiled its "Blue Cloud" wherein the company took previously released products and added the "cloud" label.

However, now IBM has retooled its cloud strategy and has a set of offerings that should make the public and private cloud models more appealing to enterprises.

IBM is focusing on development and test environments and virtual desktop management. The company intends to help clients build private clouds behind their firewalls for these purposes.

Additionally, IBM will host a public cloud service so companies can access test and development environments or virtual desktops over network connections from remote locations.

Regarding virtual desktops, IBM partners with others and adds its own management tools to deploy security and governance policies, monitor key systems, and automate processes.

While several of the announced cloud technologies are not new, they're being packaged in new ways that permit deployment of services and increase levels of automation and efficiency within the data center.

PALM PRE IS STILL COOL

By M.S.Welles

We saw the Palm Pre at CES2009 in January, but Palm stuck around barely long enough to pick up its awards and then took the smartphone away under wraps.

Now, this very cool smartphone is being offered by Sprint on its network, for about $200. Offering a compact size, e-mail access, Web browser, digital camera, multimedia music and videos, embedded GPS, downloadable apps directly from the app store, the ability to keep multiple applications open simultaneously, and a slide out QWERTY keyboard.

The question is whether Palm can make inroads into a market that is currently dominated by the iPhone 3G and the Blackberry.

On the positive side, the Pre closely emulates the iPhone experience with its touchscreen. The browser equals the iPhone Safari browser. The Pre's digital camera with autofocus/flash is actually better than the current iPhone camera.

On the negative side, the QWERTY keyboard is small and cramped and may be difficult for some users who are used to the touchscreen keyboard. Additionally, in order to go back on a page users must use a fingerslide right to left back gesture.

For now, the phone may only be offered by Sprint but rumor has it that in January 2010 Verizon will also offer the Pre. About that time the iPhone 3GS will be offered, so it seems there will be a lot of choices for users wanting smartphones.

A ROUTER IS STILL A ROUTER

By K.C.Bishope

The traditional concept of a router is dead. Currently routers are undertaking a variety of jobs besides forwarding packets. Applications like firewalls, voice gateways, video monitoring and VPN concentration are all being piled onto routers.

Now, a router is becoming a hosting platform for any service linked into the routing capability. About 1/5 of Cisco's $40 billion annual revenue is attributable to routers. The 2008 worldwide router market was just less than $13 billion.

Tracking the dollars in the router market is becoming increasingly more difficult since whether you call a chassis or platform a router depends on its primary use.

Routing has actually become a more general purpose utility on a hardware platform that isn't exclusively used for routing.

Instead of developing a new box around each new function as was done in the old days, now there's a deliberate move to bring all the functions together in the same box. We now see more general purpose boxes that support diverse functionality.

Consequently, the router is more software and less of a hardware platform like it was previously characterized.

So, a router is still a router, but the definition is changing. A lot of extra features added to routers still move data packets in and out of interfaces after altering the data slightly. But now, a lot of the added features of routers do the same thing but at different Layers besides the traditional Layer 3.

Most manufacturers agree that the core function of the router remains the same - despite the fact that the capabilities have evolved and changed. It's still a router but it's enhanced with advanced services.

DEFENSE GIANTS RUSH TO GET A PIECE OF THE SECURITY WAR PIE

By D.E.Levine

The United States has been busy solidifying its cyberdefenses. Major government contractors are rushing to increase their network security expertise so that they won't miss out on the opportunity to participate in the high-stakes and expensive mission.

Busy creating cybersecurity divisions or buying up smaller security firms, and hiring new network security staff, the major government contractors like Boeing, SAIC, Lockheed, Raytheon and others are rushing to augment their credentials.

It's been projected by Market Research Media that government cybersecurity spending is growing at 6.2% per year and over the next 6 years will achieve a total of $55 billion. But that estimate conflicts with other published estimates that say 2013 will see an expenditure of nearly $13 billion.

While it's true that some contractors have extensive network security experience, the lure of the dollars to be spent and the amount of work to be done has catapulted other companies to try to acquire it.

Even as they rush to acquire the knowledge analysts comment that while some of the security needs are unique to classified security projects for government, other security needs are mundane activities that mimic the mainstream challenges of corporate America.

Government projects generally take longer than those in the private sector because projects tend to be on the largest scale, requiring systems that are capable of being repeatedly replicated.
Structure and consistency in government projects tend to take precedence over the need for efficiency that one finds in commercial projects.

Lockheed doesn't market its security expertise independently but has been combining securing the data involved in each project with each new contract. Many of the tools that Lockheed uses are the same as those available commercially to corporations. Only if the commercial products are not applicable to the specific need will Lockheed develop its own products.

Frequently though, technologies and products developed specifically for the government are then extended into the commercial sector. Additionally, it's not unusual for a government contractor to buy up a smaller firm and continue to market its products commercially as "military-grade technology".