October 17, 2014

Six browser plug-ins that protect your privacy
There's one other consideration, and that's the funding behind the blocker. While most of the apps that I looked at are free or open-source, supported exclusively by donations, at least one, DoNotTrackMe, employs a freemium model (charging a subscription fee if you want advanced features), while Ghostery asks you to provide usage data. Of the six tools reviewed here, only Adblock Plus has an "acceptable ads" feature that allows advertising from Google and other paying companies, and it's turned on by default. But you can easily disable it if you want a totally ad-free experience.


The anatomy and physiology of APT attacks
Nothing in our past has happened so quickly or with as far-reaching implications and dependencies. Critical networks, utilities and other infrastructures are all intertwined with the networks of companies and governments. Almost everything that's built, designed and manufactured is on the Internet. If the Internet stopped working, the global economy would collapse. With that dependency comes issues of national security. Governments have recognized the strategic and tactical advantage of having both defensive and offensive capabilities in the electromagnetic arena.


New technique allows attackers to hide stealthy Android malware in images
In the researchers’ demonstration, the APK hidden inside the image was designed to display a picture of Darth Vader, but a real attacker could use a malicious application instead to steal text messages, photos, contacts, or other data. During the demonstration, Android displayed a permission request when the wrapper application tried to install the decrypted APK file, but this can be bypassed using a method called DexClassLoader so that the user doesn’t see anything, Apvrille said. The image wouldn’t even have to be included in the wrapper application and could be downloaded from a remote server after installation, she said.


Putting the R in the Open Source Revolution
With big data, of course, comes big data analytics. R is the statistical and data science programming language of choice. It is capable of solving complex statistical problems, applying machine learning techniques and creating very rich data visualizations, and it doesn’t care how big the data is. As an open source language, R has seen its share of development and distributions. Its thriving user community has been steadily creating packages to perform specialized techniques and reporting tools. R is perceived by some as being far more flexible and extensible than its legacy counterparts, namely SPSS and SAS. And the college kids are learning it, so it must be cool.


Isolationism, Globalization and the Role of the Colocation Provider
The UK Data Protection Act’s eighth principle states that “personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.” When you read the interpretation of the principle, it suggests that a colocation provider could be subject to “the law in force in the country or territory in question.” Does this mean that despite many colocation providers not knowing what is on a client’s server, they could be unwittingly contravening an international law and in doing so also contravening the UK Data Protection Act?


10 areas of IT risk you could be overlooking
CIOs spend hours reviewing risk management. Prominent areas of concern include disaster recovery, data breaches, and the financial viability of certain technology strategies. But there are a number of less obvious issues that IT typically overlooks -- and the negative consequences of doing so can be significant. Here are some of those under-the-radar risks.


Intel preps new technology to secure credit card transactions
"We need to make sure retailers have the tools they need to collect data from the end point and hold onto it securely," Corrion said. Consumers are also using new forms of payment, including Google Wallet and Apple Pay, which use NFC (Near Field Communication). Intel's technology can protect NFC transactions, and can create a secure layer so payment data is securely transmitted. The Intel system handles every step of a transaction, making it easier for retailers to deploy, Corrion said. Other systems use separate payment peripherals and encryption technologies, which are difficult to manage centrally, he said.


Continuous monitoring demystified
Even though continuous monitoring has been a part of the information security lexicon for several years now, many security professionals are still wondering how to get started: What technologies typically make up continuous monitoring infrastructure? What steps should you take to successfully implement these types of security controls organization-wide? Before implementing a model with specific technologies, you and your team should set high-level goals and plan to achieve the following objectives with your continuous monitoring approach:


Living With 1990 Tech for a Day – Part 1
Since my music collection is in digital form, I have no choice but to rely on the radio. Here I'm in luck. Large swathes of the New Zealand population are conservative in their musical tastes: they like what they know and they know what they like. Within moments, Fleetwood Mac's Seven Wonders drifts over the airwaves, Stevie Nicks' dulcet tones providing the perfect backdrop to my retro computing experience. Then doubt strikes me as I seem to recall that the song was from the late 80s, not 1990. The doubt vanishes when I realise that without the internet I have no easy way to check.


Why SOA Should Be Viewed As “Dependency-Oriented Thinking”
If you had to reduce the principles of SOA to one practical rule of thumb for designers, what would it be? I’m willing to bet it will be “Avoid point-to-point connections”. That’s the rule of thumb I’ve heard dozens of SOA experts provide as advice at more than a few organizations I’ve worked for. On the face of it, that sounds like perfectly reasonable advice, because everyone knows that point-to-point connections cause rigidity and brittleness, and SOA is all about flexibility and agility, right?



Quote for the day:

"One measure of leadership is the caliber of people who choose to follow you." -- Dennis A. Peer