In This Issue:
1. Editor's Note: RFID -- Future Consumer-Data Battleground
2. Today's Top Story
- Bots Infest 175 Companies In Year's Biggest Attack
- Bot Battle Brewing
- Zotob Worm Is Bad But It's Not Sasser Or MSBlast
- Bot Attacks U.S. Media Companies
3. Breaking News
- Microsoft Unveils Pricing For Xbox 360
- AOL Launches AIM Homepage, Upgrade
- FTC Nails Credit-Report Firm For $950,000
- SHARE To Celebrate 50th Anniversary
- Steady Growth Expected In Global IT Spending
- IT Wage Increases Are Lukewarm -- Unless You're Hot Stuff
- IBM Showcases Tech Innovations For Financial Services
- Toshiba Ships 'Perpendicular' Disk Drive
- Blue, Red State Broadband Penetration Mirrors Election Results
- Study: Indian Software Firms Going Global Pose Threat To
- NVidia Scientist Calls For Expanded Research Into Parallelism
- Can Linux Put PalmSource Back On Top?
4. In Depth: Targeting Terrorism
- Video Surveillance Software Seen As Weapon Against Terrorists
- FCC Rule On Internet Calls Said To Encourage Hacking
- Soldier Punished For Allegedly Posting Classified
Information On Blog
- Homeland Security To Launch RFID Systems At Border Crossings
- E-Mail Analysis Is Key To Catching Terrorists And Corporate Crooks
5. Voice Of Authority: Wireless Freeloaders Are Breaking The Law
6. White Papers: How Frontline Employees Can Drive Your
7. Get More Out Of InformationWeek
8. Manage Your Newsletter Subscription
Quote of the day: Defining Fear
"Fear is that little darkroom where negatives are developed." -- Michael Pritchard
"Fear is the tax that conscience pays to guilt." -- George Sewell
"The only thing we have to fear is fear itself -- nameless,
unreasoning, unjustified terror which paralyzes needed efforts to
convert retreat into advance." -- Franklin D. Roosevelt
1. Editor's Note: RFID -- Future Consumer-Data Battleground
I hate to be the one to say I told you so, but earlier this
month, I declared in a posting here that the
next big acknowledgement of a customer-data compromise was right
around the corner, and almost on cue, Sonoma State University in
California and the University of North Texas separately revealed
just a few days later that hackers recently swiped a combined 100,000 student
records from the schools. So that got me thinking -- what can
I warn you about that would further my budding powers of
prognostication? And it came to me rather quickly -- RFID, the
future frontier for consumer-data breaches.
In all the discussion of RFID's expected payoff in the areas of
supply-chain visibility and real-time business processes,
concerns over consumer privacy have been somewhat muted by
promises that it will be a long wait before RFID finds its way
into our homes in a big way. But find its way there it will, and
when it does, there better be some pretty stringent security
measures in place to keep our wallets and hidden shoeboxes from
becoming low-hanging fruit in the eyes of hackers everywhere.
While it's not likely that an RFID tag embedded in a package of
disposable razors is going to pose a whole lot of data-theft risk
to consumers (we'll leave the privacy issues to another
discussion), long-standing plans for RFID-enabled loyalty cards, credit cards, and passports, to say nothing of a potential national ID card, must have identity thieves
drooling in anticipation.
Let's take loyalty cards, since they figure to get wrapped in
less security than the more sensitive items mentioned here. Much
of the talk about RFID in loyalty cards has revolved around the
hotel industry and the desire to simplify check-in and streamline
transactions while at a property. A loyalty card with a tag could
be used to identify and check in a guest before they even walk up
to the front desk (or a kiosk, for that matter), or charge their
room for a meal or a gift shop purchase. So what kind of data is
behind a loyalty card? The usual name, address, phone number, and
possibly E-mail address for starters. But depending on the
comfort level of the guest in sharing data, not to mention the IT
architecture that supports a loyalty program, it's possible a
credit-card number could potentially be linked to that card.
There could even be demographic data, such as income level, or
personal preferences, such as favorite activities.
So would someone please offer me assurances that an enterprising
identity thief -- or even just a particularly ambitious phisher
-- couldn't drive through residential neighborhoods with RFID
readers, zapping information from people's homes and then using
it for nefarious purposes? I may be off my rocker here, but I
believe there still haven't been enough assurances to date that
can significantly ease such concerns. And what really scares me
is that I'm not sure anyone can really offer any. All of which
leads me to this not-so-happy thought: When it comes to
consumer-data breaches, I'm convinced we're still very early in
While not infecting the Internet at large, the ongoing attack of
multiple bot worm families stepped up Wednesday. Security experts
estimated that so far more than 175 corporations have been hit with
malicious code exploiting Windows 2000's Plug and Play vulnerability.
Related Stories: Bot Battle Brewing
Just as the author of the Zotob bot worm was tentatively
identified Wednesday as the same individual who wrote some of the
Mytob worms, several security firms warned users that a Bagle
versus Netsky-style battle between bots is under way.
Microsoft on Wednesday said pricing for the Xbox 360 video game
and entertainment system would start at $299.99.
AOL Launches AIM Homepage, Upgrade
America Online on Wednesday upgraded its instant messaging
service, and launched a homepage highlighting the features and
add-ons of AIM and a Web browser that provides quick access to
FTC Nails Credit-Report Firm For $950,000
The Federal Trade Commission has settled with Consumerinfo.com,
one of the largest firms marketing "free" credit reports to
consumers, for nearly a million dollars in fines. The deal is
part of a crackdown on so-called "imposter" sites of
Annualcreditreport.com, where consumers really can obtain one
free credit report each year.
SHARE To Celebrate 50th Anniversary
IBM's user group will meet next week in Boston to celebrate its
50th anniversary and to examine how IT has changed from the huge,
bulky mainframe to the networked installation of multiple
computers while somehow retaining much of its past traditions.
Toshiba Ships 'Perpendicular' Disk Drive
Toshiba has started shipping production quantities of a 1.8-inch
hard drive using perpendicular recording to pack 40-Gbytes onto a
platter, which could give the drive an edge against
lower-capacity one-inch models popular in MP3 players.
Blue, Red State Broadband Penetration Mirrors Election Results
U.S. households continue to install broadband at a furious rate,
according to a report released Wednesday. Curiously, the
penetration of cable modem and DSL has been tracking
state-by-state splits in the 2004 presidential election,
with "Blue" states having the highest concentration.
Study: Indian Software Firms Going Global Pose Threat To
Indian developers gearing up to take on established international
players could eventually surpass them, according to a study by
Katzenbach Partners of New York. Among the companies it claimed
might be left in the dust are Accenture, BearingPoint, Capgemini,
Computer Sciences Corp., EDS, Perot Systems, and Unisys.
Can Linux Put PalmSource Back On Top?
If its strategy for migrating its Palm OS over to an open-source
kernel is successful, PDA powerhouse PalmSource could thrust
Linux into the center of the mobile device marketplace.
A Week's Worth Of Dailies -- All In One Place
Have you missed an issue or two of the InformationWeek Daily? Or
want to check out some recent quotes of the day? Check out our
all new Daily Newsletter archive page, and get caught up quickly.
Initially installed as a defense against routine law-enforcement
violations, video surveillance has become a key weapon against
terrorism, according to a new report.
FCC Rule On Internet Calls Said To Encourage Hacking
While the FCC agreed with a request from law enforcement to
affirm that VoIP falls under the purview of a wiretapping
statute, alarmed industry groups warn that compliance will create
more vulnerabilities and opportunities for hackers.
You can try to justify it, but there's no way around the fact,
Parry Aftab says. And if you fear it's your wireless connection
that's being stolen, it's time to get proactive about securing
This paper will outline the business advantages and success
metrics of Always Available computing, and provide some
representative examples of that capability at work in real-world,
Note: To change your E-mail address, please subscribe your new address and unsubscribe your old one.
Keep Getting This Newsletter
Don't let future editions of InformationWeek Daily go missing. Take a moment to add the newsletter's address to your anti-spam white list:
If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. Thanks.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.