Tom Henderson – Page 5 – WindowsTechs.com

Harbinger of The Great Internet Wall arrives

Posted on January 30, 2017 by Tom Henderson

By Presidential proclamation, non-U.S. citizens’ data is in jeopardy.

An executive order by President Trump could hurt a data transfer framework that allows EU citizens’ personal information to be transmitted to the U.S. for processing with the promise that the data would have the same privacy protection in the U.S. as it has in the EU.

That’s because a section of the order says, “Agencies shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.”

To read this article in full or to leave a comment, please click here

Continue reading Harbinger of The Great Internet Wall arrives→

The latest database attacks: Tips of the icebergs

Posted on January 23, 2017 by Tom Henderson

MongoDB wasn’t the first database hit by ransomware, just a rich target for attacks. Now, ElasticSearch and Hadoop have become ransomware targets. They won’t be the last. Were these three database products insanely simple to secure? Yes. Were they secured by their installers? Statistics and BitCoin sales would indicate otherwise.

And no, they won’t be the last. Every hour of every day, websites get pounded with probes. A few are for actual research. When the probe is a fake logon, like the dozens of hourly WordPress admin fails I get on my various websites, you have some idea that the sender isn’t friendly.

To read this article in full or to leave a comment, please click here

Continue reading The latest database attacks: Tips of the icebergs→

On being a 24/7 organization and the 2016 leap second

Posted on December 19, 2016 by Tom Henderson

If the cloud is real, software important, and system reliability paramount, then non-stop computing, computing across time zones, and invisibly short repair times ought to be mandatory, wouldn’t you think?

Of many requirements lain in litigation, regulatory compliance, and other “best practices,” there is one that doesn’t seem to make the checklists.

Let me lay it out for you:

Can you get support 24/7/365.25?

You get bonus points for knowing leap seconds are coming. Why? Because among other things, Kerberos time synchronization mandates pretty accurate timing. We’re about to insert a leap second into your life on western New Year’s Day. You may have zones that celebrate other years, but to be in sync with the time standards in the United States, there will be an extra second. The earth is slowing down.

To read this article in full or to leave a comment, please click here

Continue reading On being a 24/7 organization and the 2016 leap second→

Zen and the art of security

Posted on December 13, 2016 by Tom Henderson

I’m a Zen heretic, and so also is my sense of systems security.

A very cogent citation describes the folly of it all. The people who install toolbars, click on random stuff and feel like they won something when they downloaded the free app are too plentiful, and security is too tough to understand—even PGP.

Bringing up the bottom is as important as extending the top. We don’t ritualize security because that would be too tough, to impolite to do. Your mother did not teach you to use complex passwords and to change them as frequently as your underwear. Given some people I know, it’s a wonder they passed the “p@55w0rd” rubric they were trained to use.

To read this article in full or to leave a comment, please click here

Continue reading Zen and the art of security→

IBM MaaS360 delivers powerful, easy-to-use mobility management

Posted on December 12, 2016 by Tom Henderson

Fiberlink MaaS360 won our Clear Choice test of mobile device management tools in 2011. IBM bought Fiberlink in 2013, so we wanted to see how the product has evolved over the years.To read this article in full or to leave a comment, please click here(I… Continue reading IBM MaaS360 delivers powerful, easy-to-use mobility management→

Looking to 2017: It’s not just enterprise security

Posted on December 9, 2016 by Tom Henderson

IoT, rotten home AP firmware, freaking Wi-Fi cameras: They’re all eating your lunch. Here’s an Advanced Persistent Threat notice: EVERYTHING AROUND YOU can give you a miserable day.

It’s now entirely myopic, and hence irresponsible, to think there is such a topic as enterprise security because sadly video cams in Macedonia can give your hosting environment a DDoS headache.

Poor TLS handshakes crack browsers open like an egg.

Your router vendor had all of the hardening of a “fairy tap.” Remember those when you were a kid? A fairy tap was a gentle touch, designed to invade your space but do no damage. Now the damage is pOwn1ng your infrastructure. Or you business partner’s infrastructure.

To read this article in full or to leave a comment, please click here

Continue reading Looking to 2017: It’s not just enterprise security→

2016: A systems security disaster

Posted on November 29, 2016 by Tom Henderson

This will likely make you angry. It made me livid.

It’s a report, 34 pages long, from the Identity Theft Resource Center of the known systems breaches just this year.

Read it and rage.

It does not include the San Francisco Metro Transit Authority (SFMTA) hack from Thanksgiving weekend, where the SFMTA had to let passengers go free through the gates.

To read this article in full or to leave a comment, please click here

Continue reading 2016: A systems security disaster→

Your security mirages

Posted on November 14, 2016 by Tom Henderson

Yes, I was hit last week. Forensics are in progress. I got doxxed, too.

It has made me realize that most of systems security is an illusion. Here are my favorite alternate realities:

1. Everything is safe behind the firewall.
Ever heard of UBFWI—as in User’s Been Fooling With It? While IPD/IPS and firewall networked-technology has improved so vastly, there’s nothing like a user with an infected laptop to bring in a lulu.

2. Obscure operating systems never get hit. Hackers only go for the gold with Windows.
Here, let me laugh out loud and roll on the floor. Mine was an obscure server version on an obscure branch of an obscure BSD limb. Listen to the sound of lunch getting eaten: mine. Chomp, chomp, burp.

To read this article in full or to leave a comment, please click here

Continue reading Your security mirages→

When DR fails

Posted on November 7, 2016 by Tom Henderson

Someone hacked into my main server. I have a small organization, and the server was an old Apple Xserve 10.6.7 chosen because it’s not the usual host. Now it’s time to scratch security through obscurity off the list.

So let’s do a rudimentary recover. Forensics will have to wait.

I went to a hosting company to spin up httpd and mail. They’re already my registrar. Pretty big organization.

And they don’t have 24/7 support.

Since this happened on a Saturday, I was already in trouble. I chose one of their hosting plans. It costs a rudimentary $60 for a web server plus mail. It uses the famous CPanel hosting.

To read this article in full or to leave a comment, please click here

Continue reading When DR fails→

When DR fails

Posted on November 7, 2016 by Tom Henderson

So let’s do a rudimentary recover. Forensics will have to wait.

I went to a hosting company to spin up httpd and mail. They’re already my registrar. Pretty big organization.

And they don’t have 24/7 support.

Since this happened on a Saturday, I was already in trouble. I chose one of their hosting plans. It costs a rudimentary $60 for a web server plus mail. It uses the famous CPanel hosting.

To read this article in full or to leave a comment, please click here

Continue reading When DR fails→