Site News
Current section

July 30, 2010

StaffCop added!

Voting

Would you prefer to have 1 product that can fight both viruses and spyware or a specialized product for every threat?

1 multifunctional product
2 specialized products
VotingView results

September 16, 2009

Data Debauchery That Happens in Vegas Doesn't Stay There

Organizations love to collect data on people, often in the name of identity and access control. But more often than not, the information gathering fails to improve security. In fact, it often makes matters worse, according to security experts speaking Tuesday at CSO Magazine's Digital ID World 2009 conference.

Employers want all the data they can get on a potential worker to ensure they won't do anything evil if hired, but they hire sinister seeds anyway. [See also: Hard Questions About Background Checks]

Retailers ask online customers lots of security questions to ensure they're the rightful owner of the credit card numbers they're using, but that does more to drive customers -- and their money -- to other sites than it does to prevent online fraud. [See also: Identity Management: Implementation Dos and Dont's]

Jeff Jonas, chief scientist of IBM's Entity Analytic Solutions division, described the first problem using a Las Vegas scenario.

Despite extensive background checks, crooked dealers have still been known to work the craps tables, partnering up with outside fraudsters on any number of schemes. The insider threat, he said, is alive and well in gambling halls along the strip and elsewhere.

"Organizations [like casinos] are getting dumber as more data becomes available," Jonas said. "They get overwhelmed and don't check all the details in front of them, like the fact that someone they're hiring has a criminal record and is likely to become part of a scam."

Jonas went beyond the insider threat to point out another chilling fact about all the data swirling around us: Thanks to the proliferation of mobile devices connecting to the Internet, especially laptops and mobile phones, it's becoming relatively simple for strangers to get a fix on your typical traveling habits, and that can be used to your disadvantage.

He noted that some 600 billion cell phone transactions are generated annually. Put the data from those transactions together and one can quickly get an idea of where you spend your time and who your friends are. And more often than not, the phone provider is more than happy to share that information with third parties. "The consequences for ID management systems are huge," Jonas said. "Your movements speak for themselves."

On hand to describe the second problem was Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. He unveiled newly conducted research showing that consumers aren't liking that online retailers insist on asking a lot of security questions. They want companies to put better authentication technology in place to verify their identities instead.

For his report, sponsored by device identification software vendor ThreatMetrix, Ponemon surveyed more than 500 Internet users and found that 78 percent of respondents believe online merchants, banks and social networks should use technology such as a cookie or other invisible software to protect their identity while only 21 percent want online vendors to require more personal data from the consumers themselves. In other words, people are willing to let trusted online vendors profile their computers if it means increased security and reduced need for them to share personal information.

Privacy remains a vexing concern among respondents, but they are increasingly willing to bend on the issue if it means better protection from fraud without all the questions. Nearly 70 percent of respondents said they'd be willing to have their computers authenticated by an online merchant before purchases are completed and 75 percent said computer authentication is preferred because it's more convenient than remembering passwords or answering pre-selected questions.

"Given the negative attention to and connotations of cookies and similar types of tracking software, we were surprised to find that an overwhelming majority of consumers surveyed were comfortable with the idea of having their computers profiled in order to be identified by online vendors," Ponemon said. "However, the finding is consistent with the value consumers place on convenience and their desire to have a more secure, trusted transactional experience online."



Source: NetworkWorld



All news for September 18, 2009:
20:13Microsoft Internet Explorer SSL security hole lingers
20:11Conservatives call for DNA databases to be reduced
20:09McAfee warns of bogus security suite
20:08Security market remains buoyant in choppy waters
20:07The good and bad of government in the cloud
20:05Vista, Windows 7 Are More Secure than Snow Leopard
20:04Will Google's Buy of reCAPTCHA Hurt Internet Security?
20:01HHS guts health-care breach notification law, groups warn
20:00Man gets 15 months for E-Trade skimming scam
19:59Sophisticated botnet causing a surge in click fraud
19:59Microsoft sues scareware scammers
19:58Software company fined for trading with the enemy
19:58Misdirected spyware infects Ohio hospital
19:57Firefox's Flash check drives 10M to Adobe's download
19:55Microsoft, Yahoo in informal talks with EU over search deal



All news for September, 2009
All news for 2009 year

DONATION: www.anti-keylogger.org and www.keylogger.org is an independent research projects supported by a team of enthusiasts. If you find this project useful and would like to help foster its continued development, please consider making a donation.
donate

Thanks in advance for your support!