Security News Letter

February 16, 2004

 
 
   Download ZoneAlarm Pro

 Download ZoneAlarm Pro Here

Download eEye's Retina Vulnerability Scanner Here
 Jumpline.com VDS Web Hosting

 

 Kaspersky Anti-Virus: Install & Feel Safe!

Outlook: Security breaches threaten Microsoft monopoly
Jeremy Warner Independent.co.uk
14 February 2004

By any standards, Microsoft has had a terrible week. In what has become a regular occurrence, the company has been forced to issue yet another critical update to repair a flaw in its Windows operating system. Left unaddressed, the flaw might have enabled hackers to breach security and gain access to company and personal computer systems across the world.
The latest patching exercise is only the most high profile in a long line of similar updates, which is forcing Microsoft to repair its operating system on a sometimes weekly basis. As if this were not bad enough, Microsoft yesterday announced that portions of its Windows 2000 and NT 4.0 code have been made available on the internet illegally.
All this may seem to belong more to the annual convention of geeks and nerds anonymous than the business pages, yet their significance is hard to overestimate. Only a tiny fraction of the source code has been revealed, but if Microsoft cannot protect its core intellectual property, then it lowers public trust in the security of its software, and may in the long run further undermine the supposed advantages of Microsoft over alternative, open source operating systems.
The global economy has become almost wholly dependent on computing and communications infrastructure, which in turn is highly exposed to Microsoft software. Every time Microsoft is forced to patch up its Windows operating system because another security flaw has been exposed, it further encourages companies to think about the alternatives. So far, Microsoft has been extraordinarily successful in defending its operating system monopoly both in the market place and the anti-trust courts. These latest incidents again raise the question of how long this can continue to be the case. Linux and other open source operating systems have already begun to mount a serious challenge to Microsoft in the server market. Even in desktop operating systems, where Microsoft has more than 90 per cent of the market, Microsoft's position is under growing bombardment.
The advantage of an open source system over a proprietary one is that it is perpetually subject to peer review, so that bugs are quickly identified and swatted. Companies and individuals can build their own security around the open access. The Microsoft code by contrast is a secret one, which is why it is sometimes referred to in the market place as "security by obscurity".
As a consequence it relies on Microsoft's own internal technical department to identify the flaws, which is necessarily slow and inexact. Updates are free, but for IT departments they are costly and time consuming to install. Their growing regularity is causing IT directors to question whether Microsoft is really worth the price. If hackers gain access to elements of the source code, it makes the situation potentially much worse, as they would then have the opportunity to find the flaws themselves, causing a mass break down in security.
The chances of that happening grow stronger by the month. Indeed Microsoft is being steadily hoisted by its own petard. Post September 11, there was growing concern in the US and overseas over the security implications of a closed system product. Microsoft responded with its Government Security Program, which released parts of its source code with tight security to a select group of government agencies and connected educational establishments. Some large corporations were also given access to chunks of the code. This may have helped reassure elite customers, but it has almost certainly increased the chances of the code leaking more generally into the public domain.
Microsoft is one of the world's greatest ever entrepreneurial achievements, and likely to be a lasting one at that. In the little more than 25 years it has been in existence, its products have become hardwired into virtually all aspects of the world economy. Such a core infrastructure isn't easily challenged or dismantled. Yet when a tipping point is reached, it tends to happen quite quickly. In growing numbers, corporations and government agencies are voting with their feet and quitting for less expensive and perhaps ultimately more trustworthy open source software. Microsoft will be with us for many years to come, but its glory years are already behind us.

 

 

 

Security Products:

 

PestPatrol is a powerful security and personal privacy tool that detects and eliminates destructive pests like trojans, spyware, adware and hacker tools. It complements your anti-virus and firewall software, extending your protection against non-viral malicious software that can evade your existing security and invade your personal privacy. These pests often lurk silently on your computer until something – or someone – sets them off. When that happens, you could lose passwords, personal data, credit card numbers, and - if you telecommute and connect to your office via a VPN - open up a back door for the hacker into your entire company network. Click here for Pest Patrol

 

Intrusion Detection Systems

Vulnerability Scanners

Firewalls

  • Netscreen
  • Checkpoint

Management

Virus Control

  • Mail Marshall

Services

  • Security audit
  • Perimeter Vulnerability Scan
  • Router/ switch optimization for security
  • Firewall checking and configuration
  • VPN Design and Implementation
  • Network design
  • network based application analysis
  • Network Baselining
  • Security baselining

 

 
  BlackICE PC Protection

 

 

 

Copyright © 2003 Aavex Technology