May 08 26
You're not on the (white)list, you can't come in
Posted by Munir Kotadia @ 16:54 7 comments
At this year's AusCERT conference, whitelists were a hot topic — but is anyone going to use them?
Whitelists, which stop unknown and unwanted applications from executing on corporate networks, work in the opposite way to our current blacklist-based computing model. Under blacklists, any application can run unless it's been nominated to be blocked.
Whitelists provide better protection than blacklists by stopping unknown applications — and therefore malware — by default.
Whitelisting: The future of corporate security?
One problem with whitelisting though is that, as with any security measure, it compromises flexibility and functionality in favour of safety. However, with the present state of the IT industry, a little less flexibility will have a positive effect.
I asked James Stewart, chief security officer at Cisco if the whitelisting approach was too inflexible for today's enterprise. He didn't think so and went as far as saying the technology was vital: "I'm not sure we can get to the place of feeling confident in our infrastructure without whitelisting."
AusCERT's general manager Graham Ingram also believes whitelists are the way forward: "I think [whitelists] are a natural progression. Blacklisting only had a limited life and we are getting to the end of that."
We have to face it. Desktop security is broken — it has been ever since computers were no longer confined to large, well-guarded buildings. Back then, there was no way of processing data (good or bad) unless someone fed a computer with punch cards, which is a far cry from the connected Web 2.0 world — and yet we still use the same basic architecture.
If we are serious about fixing security then let's embrace whitelists and move on.
While security experts appear to be in favour of whitelisting, I'm curious to know what ZDNet.com.au readers think of it and when, if at all, you plan implementing the technology. Take part in our reader poll and leave your feedback below.
May 08 2
Microsoft: Don't kill our old friend XP
Posted by Munir Kotadia @ 14:06 35 comments
It's just two months until Microsoft plans to pull the plug on Windows XP — arguably its best operating system to date.
At present, Microsoft finds itself in an unenviable position — its customers want to continue buying and using Windows XP, while its stockholders demand it makes those customers upgrade to Vista.
In an attempt to please both camps, Microsoft has created a licensing loophole — it sells its customers Vista but allows them to continue using XP using so called "downgrade rights". ...Read more
Apr 08 24
When dumping your old PCs sounds a bit fishy
Posted by Munir Kotadia @ 16:18 1 comments
It seems that the IT industry is missing out on an opportunity to 'help' sea creatures by dumping old computers into the ocean and creating an 'artificial reef'.
Every now and again I read a news article that sends so many bells ringing, I feel like Quasimodo. One that recently had this affect was in the New York Times, which explained how New York State had kindly donated hundreds of its old subway carriages to be used as an 'artificial reef'.
These old carriages — of which at least 666 have already been used to create an artificial reef (insert your own puns) — are "basically luxury condominiums for fish," according to the bloke in charge of the artificial reef program, who was quoted in the story. ...Read more
Mar 08 17
Tax Office needs to rethink open source objections
Posted by Munir Kotadia @ 12:58 4 comments
The Australian Tax Office CIO Bill Gibson claims that one of the reasons he hasn't deployed much open source software is due to security fears, with the code not subject to enough "technical scrutiny".
"We are very, very focused on security and privacy and the obligations we have ... We would need to make sure that we are very comfortable through some form of technical scrutiny of what is inside such a product so that there is nothing unforeseen there," he told ZDNet.com.au in a video interview.
Will open source software ever become ubiquitous in government?
I find it interesting that Gibson trusts software from proprietary vendors who keep their code a secret but distrusts open source vendors, who lay out their code for anyone to see. ...Read more
