Cyber-security as the next task for our military?

It is interesting how Cyber-security enters the defense agenda:

11:30-13:00 Session II: Shifting ‘smart defence’ from slogan to reality
The notion of Smart Defence has caught on quickly, no doubt because it offers a welcome solution to the intractable problems of capability shortcomings and defence cutbacks on both sides of the Atlantic. But what in practical terms does smart defence constitute, and how should it be benchmarked? Should NATO planners be creating a matrix that gives an at-a-glance guide to each member states’ capabilities in areas ranging from heavy airlift to tactical troop transport, UAVs to helicopters and battlefield communications to cyber-security? Above all, will smart defence be the making of a new eve in transatlantic defence cooperation with NATO, or the breaking of it?

Nice pattern “be the making …or the breaking of it”. Strange that the pitch includes a breaking scenario.

Advertisement

Read Full Post »

BSI warnt vor Gefahr durch den Browser Internet Explorer

Bis zum Schliessen einer höchst kritischen Sicherheitslücke warnt das Bundesamt für Sicherheit in der Informationstechnik (BSI) vor der Nutzung des Webbrowsers Internet Explorer.

Das Ausführen des Internet Explorer im „geschützen Modus“ sowie das Abschalten von Acitve Scripting erschwert zwar die Angriffe, kann sie jedoch nicht vollständig verhindern. Deshalb empfiehlt das BSI, bis zum Vorliegen eine Patches von Microsoft auf einen alternativen Browser umzusteigen.

Das dürfte für viele Bürger und Unternehmen sehr unangenehm sein. Als Alternativen bieten sich u.a. an:

• Google Chrome, oder Srware Iron
• Mozilla Firefox
• Opera

Vor einigen Jahren gab es zwischenzeitlich keine echten Alternativen zum Internet Explorer, das hat sich nun geändert. Doch gibt es immer noch Webdienste, die einzig mit dem IE benutzbar sind. Die BSI Warnung zeigt wie wichtig es für unsere Sicherheit ist, diese Abhängigkeiten zu reduzieren.

Read Full Post »

ePractice members spammed without security breach

Here is the message from EU ePractice:

Dear ePractice members,

We take this opportunity to thank you once more for your membership and continuous support to the portal.

It has come to our attention that many users have been receiving a “date” spamming to their personal email account.

Please, be informed that we are currently scrutinizing this issue and despite this incident, there is no security breach. However, we kindly call for your collaboration to report any such spamming and refrain from any replies.

Many thanks for your cooperation in this respect.

Kind regards,

The ePractice Information and Communication team

Read Full Post »

Does the EU-Commission use Google Analytics?

From a European Union Commission website:


$(document).ready(function() {
// If Google Analytics used, also track document downloads as Pageviews
$("a[href*='document.cfm']").bind('click',function(){
try {
var pageTracker = _gat._getTracker("UA-3076907-3");
pageTracker._trackPageview(this.pathname + this.search);
//console.log('tracked ' + this.href);
} catch (err) {
//console.log(err)
}
});
if (location.hash == '') {
$('form[name!=commentform][name!=searchForm][name!=itemcall]:not(form[name^=rating]):first *:input[type=text]:first').focus();
}
$('form[name=identification] *:input[type!=hidden]:first').focus();
/* REVIEW: DOES NOT WORK IN IE6 (no form submission at all!!)
$('input[type=submit]').click(function() {
var self = this;
$(self).attr('disabled','disabled');
setTimeout(function() {$(self).removeAttr('disabled')},5000);
});
*/

And if so, does this constitute a national security risk? I am just asking because even in private sector operations often passionate citizens approach us with concerns when we use Google Analytics. I am curious if the European Data Protection Supervisor website also uses Google Analytics…

Read Full Post »

downloads-microsoft.de

This email I received recommends me to download the “security update” http://downloads-microsoft.de/MS_bugfix_270509.exe from an alleged Microsoft website downloads-microsoft.de, according to denic the domain is owned by a German citizen from Riedering who put his contact data online.

It is much more professional than those spoof scam attacks I am used to, despite the link to the “security update” all other download links point at original Microsoft’s website and the website downloads-microsoft follows their corporate design.

Sehr geehrter Microsoft Kunde,

hiermit unterrichten wir Sie über die Veröffentlichung eines neuen Sicherheits-Updates zu Ihrem verwendeten Produkt.

Wir empfehlen Ihnen ausdrücklich jenes zu installieren, um weiterhin die Sicherheit Ihres Systems gewährleisten zu können.

Sie können sich Ihren Sicherheitspatch unter folgendem Link downloaden

http://downloads-microsoft.de/MS_bugfix_270509.exe

oder unter http://downloads-microsoft.de unter Topdownloads 1. Windows Sicherheits-Update 27. Mai 2009 für Windows XP/Vista.

Wir wünschen Ihnen weiterhin viel Spaß mit Ihrem Microsoft-Produkt.

Security-Service
Microsoft Corporation

Read Full Post »

National Operating System in Cuba?

Apparently also Cuba develops its own national operating system, Reuters reports.

The government views the use of Microsoft systems, developed by U.S.-based Microsoft Corp, as a potential threat because it says U.S. security agencies have access to Microsoft codes.

The remarkable aspect about the move is the domino effect. More an more nations develop their own national operating systems. Other nations in Latin America can be expected to follow the fashionable national operating system plans. It can be disputed that the security concerns are justified but software is just another new means of confrontation with the United States for the Island.

Read Full Post »