InformationWeek Daily Archives
05/22/2013 04:49:00 Daily, April 17Google Calendar Beta
Listen to a podcast version of this newsletter
In This Issue:
1. Editor's Note: Security Research Isn't Pretty, But It's Necessary
2. Today's Top Story
- Langa Letter: XP's Little-Known 'Rebuild' Command
3. Breaking News
- Review: Google Calendar Beta Is A Hot Date
- Vista Upgrades May Be Slowed By Graphics
- Intel's Q1 Outlook Appears Gloomy
- Report: South Koreans Putting $1.6 Billion In Web Infrastructure
- Gaming Technology And Business IT Begin To Meld
- Red Hat-JBoss: Hitching Open To Service-Oriented Architecture
- Speed Bumps Await Cisco In App Accelerator Market
- Microsoft Launches Specialized Search Engine
- Can Salesforce.com Fix What's Wrong With Mobile Apps?
- Gap Embraces E-Learning
- Ready For The Next Big One
- Lightning Rod No Longer
- You're Hired!
- How To: Podcasting In Four Easy Steps
- Microsoft To Tap Health Insurance Market
- MySQL Adds Second Option As Storage Engine
4. Grab Bag:
- Price, Interface Dampen 'Origami' PC Debut (The Korea Times)
- A Sinister Web Entraps Victims Of Cyberstalkers (The New York Times)
- Man Trading Up From Paper Clip To House (Netscape News)
5. In Depth: Reviews And Personal Tech
- The Fear Industry
- Web App Vulnerabilities Are Getting More Attention; Now's The Time For IT To Get Defensive
- Steps For Better, Simpler Wireless Network Security
- Microsoft Offers Registry Fix To Patch IE, Office
6. Voice Of Authority
- IT Confidential: E-Business Calls For Born Optimists
7. White Papers
- Making The Business Case For IP Communications
8. Get More Out Of InformationWeek
9. Manage Your Newsletter Subscription
Quote of the day:
"Sunlight is said to be the best of disinfectants; electric light the most efficient policeman." -- Justice Louis Brandeis
Security research is a dirty job, but somebody has to do it. Security researchers run an assembly line of self-aggrandizing publicity, churning out press releases and announcements patting themselves on the back for discovering security vulnerabilities in software by Microsoft, Oracle, and other major vendors.
The researchers operate under a constant cloud of suspicion: Are they simply creating a climate of useless fear, stifling innovation, E-commerce, and technology implementation? Are they providing guideposts to computer criminals on where and when to attack?
But as reported in today's package of articles, featuring "The Fear Industry" by Larry Greenemeier, security researchers provide an essential function. They apply pressure on vendors to fix security flaws instead of simply denying the flaws exist and hoping they go away. And they help fill IT managers' insatiable need for information about vulnerabilities and security.
Larry describes how security researchers drove exposure of the Windows Metafile vulnerability earlier this year, discovering the flaw, posting a sample exploit, releasing a third-party patch when Microsoft moved too slowly to fix the problem, and eventually driving Microsoft to release its own patch for the vulnerability five days ahead of schedule. The relentless action by security researchers drove people like Connie Sadler, director of IT security at Brown University, to tear up their schedules for several days and focus on fixing the Windows Metafile vulnerability on their own networks.
Vendors like Cisco, Apple, and Oracle have similarly had their feet held to the fire.
Security vendors like 3Com and iDefense offer bounties of up to $10,000 to researchers who discover a serious security flaw. They say they provide an alternative to security researchers, who can be paid up to $4,000 for selling those vulnerabilities to crooks.
So are these researchers providing a service, or are they little better than crooks themselves? IT managers like Sadler love them, despite the inconvenience they cause. "Yes, sometimes that backfires. But from a high level, it's a good thing. The folks who use this information to do damage are going to know about it long before us anyway," she says. And she likes knowing which vendors are producing insecure products.
What do you think? Should security vulnerabilities be covered up, or aggressively exposed to public scrutiny? Leave a comment on the InformationWeek Weblog and let us know.
Mitch Wagner
Langa Letter: XP's Little-Known 'Rebuild' Command
Review: Google Calendar Beta Is A Hot Date
Vista Upgrades May Be Slowed By Graphics
Intel's Q1 Outlook Appears Gloomy
Report: South Koreans Putting $1.6 Billion In Web Infrastructure
Gaming Technology And Business IT Begin To Meld
Red Hat-JBoss: Hitching Open To Service-Oriented Architecture
Speed Bumps Await Cisco In App Accelerator Market
Microsoft Launches Specialized Search Engine
Can Salesforce.com Fix What's Wrong With Mobile Apps?
Gap Embraces E-Learning
Ready For The Next Big One
Lightning Rod No Longer
You're Hired!
How To: Podcasting In Four Easy Steps
Microsoft To Tap Health Insurance Market
MySQL Adds Second Option As Storage Engine
In the current episode:
John Soat With 'News You Can Use'
Larry Greenemeier With 'The Analytical Edge'
Stephanie Stahl With 'Security Is A Game'
InformationWeek 500 Entry Call
Podcast Central
Price, Interface Dampen 'Origami' PC Debut (The Korea Times)
A Sinister Web Entraps Victims Of Cyberstalkers (The New York Times)
Man Trading Up From Paper Clip To House (Netscape News)
The Fear Industry
Web App Vulnerabilities Are Getting More Attention; Now's The Time For IT To Get Defensive
Steps For Better, Simpler Wireless Network Security
Microsoft Offers Registry Fix To Patch IE, Office
IT Confidential: E-Business Calls For Born Optimists
Making The Business Case For IP Communications
Recommend This Newsletter To A Friend
To unsubscribe from, subscribe to, or change your E-mail address for this newsletter, please visit the InformationWeek Subscription Center.
Note: To change your E-mail address, please subscribe your new address and unsubscribe your old one.
Keep Getting This Newsletter
We take your privacy very seriously. Please review our Privacy Policy.
InformationWeek Daily Newsletter
1. Editor's Note: Security Research Isn't Pretty, But It's Necessary
mwagner@cmp.com
www.informationweek.com
There's an easy fix for "Missing HAL.DLL," "Invalid Boot.Ini," and several other fatal startup errors, Fred Langa says.
The beta release of Google Calendar offers a lot of interesting features, but may have been premature.
A pair of software industry analysts argue that the graphics requirements called for in Windows Vista, Microsoft's forthcoming operating system, will be a barrier for end users. Consumers will wait to get the new operating system, they say, until they need new hardware.
Don't look for a stellar quarter from Intel. Intel, which is expected to report its first-quarter results on Wednesday, is seeing slower-than-expected growth in the PC sector.
South Korean small businesses are preparing to invest $1.6 billion to improve their Internet infrastructure and solutions this year, according to a report.
The two worlds have a lot to learn from each other as businesses try to make applications more fun, and game developers learn how to manage large projects.
To make the merger pay, the companies need to prove they can be a foundation in shifting business IT strategies.
The market for application acceleration jumped more than 30% last year to $1.2 billion, and it's expected to grow even faster this year, according to Gartner. The potential isn't lost on Cisco Systems, which is trying to elbow its way back to the No. 1 spot.
Windows Live Academic Search scours the Web for journal articles, academic papers, and notes and slides from scholarly conferences.
Salesforce.com buys a vendor specializing in delivering mobile applications to handhelds.
The clothing retailer turns to an E-learning program to improve the leadership skills of its IT management team.
Insurance companies, blindsided by the 2005 hurricane season, are using technology to become better prepared.
Open-source advocate and former Massachusetts CIO Peter Quinn, cleared of ethics charges, exits the public sector, but shares his experiences with kids on the speaking circuit.
Strong tech skills pay off as online job recruitment sites report employer demand is up for entry-level IT jobs across all sectors.
Here are four helpful steps for getting started with your own podcast.
This week at the World Health Care Congress, the software giant will provide developers of health insurance apps guidance for working with Microsoft products.
MySQL users can now choose the SolidDB storage engine. The storage engine MySQL had been using, Innobase, has been acquired by Oracle, but still remains a MySQL option, at least for the time being.
Firefox patches vulnerabilities, AMD subpoenas Microsoft in its antitrust suit against Intel, and Bill Gates hosts the President of China.
Professor Tom Davenport discusses how businesses use analytics.
Play the computer game "IT Defender" from Fortify Software. The goal: to prevent security breaches in your office.
----- The latest research, polls, and tools -----
Is your company one of the best technology innovators? The InformationWeek 500, an annual study that identifies and honors 500 of the nation's most innovative users of information technology, provides an opportunity for recognition. If your company has $500 million or higher in annual revenue, register today for this year's InformationWeek 500.
Get the best technology audio and video delivered at our new Podcast Central page, including The News Show, the InformationWeek Daily News Podcast, Dr. Dobbs' .NET Casts, and more.
4. Grab Bag: News You Need From Around The Web
Samsung Electronics Wednesday said it will start to market the much-hyped mini-PC, or Origami, next month, but its high price and uncomfortable user interface are casting doubt on its commercial viability. The new product will be sold at around 1.2 million won ($1,200), which far exceeds Microsoft's initial estimation of $500 to $700.
The problem of cyberstalking can be devastating, and it's not easily legislated away.
Kyle MacDonald had a red paper clip and a dream: Could he use the community power of the Internet to barter that paper clip for something better and trade that thing for something else--and so on and so on until he had a house? After a cross-continental trading trek involving a fish-shaped pen, a town named Yahk, and the Web's astonishing ability to bestow celebrity, MacDonald is getting close. He's up to one year's free rent on a house in Phoenix.
Shameless self-promoters? Fear mongerers? Sure, security researchers aren't always model citizens, but business technology pros want them on the job.
The number of vulnerable sites is small but growing rapidly, and attacks can happen without victims even knowing they've been hit.
Intrusion detection and prevention are often overlooked in WLAN security deployments. And security pros sometimes don't realize that unauthorized access points aren't always the work of mischievous hackers.
Beware: Microsoft is advising editing Windows' registry, a chore usually left to advanced users.
Americans' optimism helps explain why we continue to do business on the Internet despite the dangers, John Soat says.
This white paper describes the factors to consider in developing a strategic and financial business case for Cisco IP communications solutions. It covers the distinct value delivered for different IP communications technologies and deployment scenarios. It also discusses the measurable, highly attractive financial returns and productivity.
8. Get More Out Of InformationWeek
Try InformationWeek's RSS Feed
Discover all InformationWeek's sites and newsletters
Do you have friends or colleagues who might enjoy this newsletter? Please forward it to them and point out the subscription page.
9. Manage Your Newsletter Subscription
Don't let future editions of InformationWeek Daily go missing. Take a moment to add the newsletter's address to your anti-spam white list:
InfoWeek@update.informationweek.com
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. Thanks.
A free service of InformationWeek and the TechWeb Network.
Copyright (c) 2006 CMP Media LLC
600 Community Drive
Manhasset, N.Y. 11030