ITNews

The Organisation for Economic Co-operation and Development (OECD) report Malicious Software (malware): a Security Threat to the Internet Economy (PDF file) says malware infects more than 25 per cent of US computers.

Malware is a general term for a piece of software inserted into an information system to cause harm to that system or other systems, or to subvert them for use other than that intended by their owners.

Malware can gain remote access to an information system, record and send data from that system to a third party without the user‟s permission or knowledge, conceal that the information system has been compromised, disable security measures, damage the information system, or otherwise affect the data and system integrity.

Different types of malware are commonly described as viruses, worms, trojan horses, backdoors, keystroke
loggers, rootkits or spyware. These terms correspond to the functionality and behaviour of the malware (e.g. a virus is self propagating, a worm is self replicating).
Experts usually group malware into two categories: family and variant. “Family” refers to the distinct or original piece of malware; “variant” refers to a different version of the original malicious code, or family, with minor changes.

Reading the report is a relatively quick way to get up to speed on the realities of malware and botnets.

(Credit for Graphics: Organisation for Economic Co-operation and Development)

Read the report for all the details.

…John

Proofpoint’s 2008 survey on outbound email report is summed up by Help Net Security posting U.S. corporations massively read employee e-mail.

Some of the findings are

40% of companies surveyed investigated an e-mail-based violation of privacy or data protection regulations in the past 12 months.

26% of companies surveyed terminated an employee for violating e-mail policies in the last 12 months.

23% of U.S. companies surveyed said their business was impacted by the exposure of sensitive or embarrassing information in the last 12 months.

34% of the largest companies (20,000 employees or more) reported that employee e-mail was subpoenaed in the last 12 months.

Some of the other risks are:

27% of companies surveyed had investigated the exposure of confidential, sensitive or private information from lost or stolen mobile devices in the past 12 months.

11% of U.S. companies surveyed disciplined employees for improper use of blogs/message boards in the past 12 months.

13% of surveyed companies disciplined employees for social network violations and 14% for improper use of media sharing sites in the past 12 months.

14% of publicly traded companies surveyed had investigated the exposure of material financial information (such as unannounced financial results) on blogs or message board postings in the last 12 months.

So, be aware the Big Boss is watching.

…John

The Business Week posting The Sad State of U.S. Broadband tells the story

The U.S. has a dismal showing among nations in terms of broadband availability, with no easy solution to bridge the gap

For the second year running, the U.S. ranked 15th among the 30 members of the Organization for Economic Cooperation & Development in terms of broadband availability. Denmark ranked first again in the annual OECD survey, followed by a host of European and Asian nations. Indeed, while the number of Americans with access to broadband service rose 20% last year, to nearly 70 million people, the most in the OECD, that amounted to just 23 of every 100 residents. By contrast, the top five countries in the OECD ranking all sport per-capita penetration rates of better than 30%.

The U.S. Federal Communications Commission seems to playing the Telecom industry lap dog role when it quickly points out differences in population and geography that have made it more difficult for the nation to catch up with smaller countries.

Yea, right, sure. Lame excuse. My take on this situation is control is paramount for the telecom industry. The Telecom greed mongers will increase broadband speeds once they have stifled any and all Internet video on-demand competition, and the Telecom industry is firmly in control. This business model has worked well for the Hollywood greed mongers for decades, so why not for the Telecom greed mongers.

…John

The ZDNet Australia posting Antivirus is ‘completely wasted money’: Cisco CSO says

Companies are wasting money on security processes — such as applying patches and using antivirus software — which just don’t work, according to Cisco’s chief security officer John Stewart.

“If patching and antivirus is where I spend my money, and I’m still getting infected and I still have to clean up computers and I still need to reload them and still have to recover the user’s data and I still have to reinstall it, the entire cost equation of that is a waste.

“It’s completely wasted money,” Stewart told delegates.

He said infections have become so common that most companies have learned to live with them.

“There are too many companies in the world that actually believe infection is just a cost of doing business and are getting used to doing it — as opposed to stopping it completely. That’s dangerous,” he said.

I have worked with companies that also believe infection is just a cost of doing business. My experience is it takes some pain like a security breach to get their attention.

Mr. Stewart thinks a better way of dealing with the unknown is using whitelists.

Of course some antivirus vendors such as McAfee and CA don’t agree with Mr. Stewart views. After all, he is questioning their business models.

…John

Mrvirtualization at ITComparision commented on my Hyper-V Hype posting

“If you are looking for a good comparison between Hyper-V & Vmware you might want to take a look at Microsoft Windows Hyper-V (WSV) VS VMware Virtual Infrastructure 3.5

its very detailed and healthy.

Enjoy,
Mrvirtualization.”

Other site related comparisons are:

Xen Server Enterprise VS VMware Virtual Infrastructure 3

Microsoft Virtual Server 2005 R2 VS Xen Server Enterprise

Microsoft Virtual Server 2005 R2 VS VMware Virtual Infrastructure 3

Thanks for the info Mrvirtualization.

…John