ComputerWorld – Page 156 – Computer Security Articles

Credit to Author: Lucas Mearian| Date: Fri, 09 Jun 2017 03:06:00 -0700

As the blockchain continues to mature and find adoption in areas other than cryptocurrency, ERP vendors are working to integrate the distributed ledger technology as a trackable, immutable record for everything from shipping manifests and supply chains to equipment maintenance and dispute-resolution systems.

“This is very real and something we’re aggressively excited about,” said Brigid McDermott, vice president of Blockchain Business Development at IBM. “What blockchain does is provide a trust system of record between disparate companies.”

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

June 8, 2017 admin

How to fix Android's Smart Lock Trusted Places feature

Credit to Author: JR Raphael| Date: Thu, 08 Jun 2017 09:33:00 -0700

Android’s Smart Lock feature is spectacular — that is, when it actually works.

Smart Lock has been around since 2014’s Android 5.0 era. The basic idea behind it is to make securing your smartphone less inconvenient, thus making it more likely that you’ll actually use a pattern, PIN, or passcode to keep your data safe. The sensational headlines about big, bad malware monsters lurking in the dark and waiting to pounce on unsuspecting victims may be scary, after all — but here in the real world, you’re far more likely to suffer from your own self-made security shortcomings than from any sort of theoretical threat.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

June 7, 2017 admin

Mingis on Tech: The alphabet soup of mobile device management

Do you know your MDM from MAM and EMM? It's all about BYOD, and how companies can keep data safe while making it easier for workers to be productive with their own devices.

ComputerWorld Independent

June 5, 2017 admin

IDG Contributor Network: Dealing with NIST's about-face on password complexity

Credit to Author: Sandra Henry-Stocker| Date: Mon, 05 Jun 2017 11:13:00 -0700

In the last few years, we’ve been seeing some significant changes in the suggestions that security experts are making for password security. While previous guidance increasingly pushed complexity in terms of password length, the mix of characters used, controls over password reuse, and forced periodic changes, specialists have been questioning whether making passwords complex wasn’t actually working against security concerns rather than promoting them.

Security specialists have also argued that forcing complexity down users’ throats has led to them writing passwords down or forgetting them and having to get them reset. They argued that replacing a password character with a digit or an uppercase character might make a password look complicated, but does not actually make it any less vulnerable to compromise. In fact, when users are forced to include a variety of characters in their passwords, they generally do so in very predictable ways. Instead of “password”, they might use “Passw0rd” or even “P4ssw0rd!”, but the variations don’t make the passwords significantly less guessable. People are just not very good at generating anything that’s truly random.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

May 31, 2017 admin

Dual biometrics may just be the authentication answer we need

Credit to Author: Evan Schuman| Date: Wed, 31 May 2017 12:51:00 -0700

A major problem with biometric authentication is that, when it doesn’t work, there are few good options to proceed with the authentication. When the system says that’s not your eyeball, there’s no fallback akin to “Forgot your password?” You have to revert to some less discerning authentication method, such as a PIN.

Some vendors are trying to deal with this by using a simultaneous, multi-biometric method. “Simultaneous” is important because using two methods consecutively would take more time, resulting in end users’ resistance and lower participation rates.

One vendor, Sensory, is making serious headway in figuring out interesting ways to use dual biometrics.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

May 31, 2017 admin

Chrome bug that lets sites secretly record audio and video is not a flaw Google says

Credit to Author: Darlene Storm| Date: Wed, 31 May 2017 06:31:00 -0700

If your web browser was recording audio and video of you without any indication it was doing so, would you consider that invasion of privacy a security issue? Chrome doesn’t.

After AOL web developer Ran Bar-Zik discovered that a website can record audio and video without the red recording light appearing on the Chrome tab, he reported the bug.

But since users are the crux of problem, Google doesn’t classify it as a security flaw. That’s because before any audio or video recordings, a user has to give a site permission before it can access a user’s webcam or microphone.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

May 30, 2017 admin

Answering the WannaCry wake-up call

Credit to Author: Selena J. Linde, T. Markus Funk, Todd M. Hinnen and Jonathan G. Hardin| Date: Tue, 30 May 2017 04:35:00 -0700

The widespread WannaCry attack demonstrated the acute vulnerability of computer systems to ransomware attacks. There is no reason to think that larger, more sophisticated attacks aren’t already being planned — the perpetrators of WannaCry reportedly profited handsomely — and companies that have not assessed and addressed the risk posed to their systems by such attacks may remain vulnerable.

Companies can take prophylactic steps to protect their systems against ransomware, focusing on improving data security hygiene, establishing effective governance and raising employees’ awareness of the threat.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

May 29, 2017 admin

US 'might' ban laptops on all international flights & TSA may make you unpack carry-ons

Credit to Author: Darlene Storm| Date: Mon, 29 May 2017 06:54:00 -0700

The US “might” ban laptops from the cabin of all international flights into and out of the US and “likely will” require air travelers to unpack carry-on bags for TSA inspections.

Homeland Security Secretary John Kelly told Fox News Sunday anchor Chris Wallace that the US “might” ban laptops from the cabin of all international flights into and out of the US.

Pressed to reveal more, Kelly added, “There’s a real threat. Numerous threats against aviation, that’s really the thing that they are obsessed with, the terrorists, the idea of knocking down an airplane in flight, particularly if it’s a U.S. carrier, particularly if it’s full of mostly U.S. folks, people. It’s real.”

To read this article in full or to leave a comment, please click here