ComputerWorld – Page 76 – Computer Security Articles

Credit to Author: Jonny Evans| Date: Tue, 09 Jul 2019 07:06:00 -0700

Apple quite evidently plans many interesting improvements in its iCloud service this year. So, what’s going on?

What we know so far

Apple at WWDC made several announcements that will be reliant on iCloud – these include obvious things like new services and support for new functions, and less evident topics around sync, data and AI.

Most recently, the company began beta-testing Touch ID and Face ID access to iCloud.com online, meaning that if you happen to be using an Apple device (Mac, iPad, iPhone) you can access your online iCloud services with the touch of a finger or a quick eye scan.

This may also be Apple’s way of testing the privacy-protecting Sign-in with Apple service it intends launching later this year.

To read this article in full, please click here

ComputerWorld Independent

July 8, 2019 admin

The top 8 problems with blockchain

Credit to Author: Lucas Mearian| Date: Mon, 08 Jul 2019 03:00:00 -0700

While blockchain holds tremendous potential for creating new financial, supply chain and digital identity systems, it’s often erroneously seen as a panacea for business problems.

The myriad of pilots and proofs of concept by large corporations and government agencies are showing real promise, but those projects don’t always lead to obvious business cases that justify doing something differently. Sometimes a tried and true technology like a relational database can perform the task much more efficiently than a distributed ledger based on peer-to-peer technology that will require complex governance and rules.

To read this article in full, please click here

(Insider Story)

ComputerWorld Independent

July 4, 2019 admin

Throwback Thursday: Spoilsport

Credit to Author: Sharky| Date: Thu, 04 Jul 2019 03:00:00 -0700

This IT security pilot fish knows something about audits — and knows what he expects of auditors.

“I have more than 15 years of audit experience in IT,” fish says. “I have written and implemented policy and procedure, and developed incident response plans. I spent the better part of last year making sure that the external auditors could not find any inconsistencies in our control standards.”

Then the internal audit director decides to perform an audit of fish’s group — and sends a young auditor who thinks he knows everything IT.

After three weeks of research and testing, young auditor presents his results in a meeting with his boss the audit director and fish.

To read this article in full, please click here

ComputerWorld Independent

July 1, 2019 admin

Message to IT: Trusting Apple and Google for mobile app security is career suicide

Credit to Author: Evan Schuman| Date: Mon, 01 Jul 2019 05:47:00 -0700

Ready for the mobile security news that IT doesn’t want to hear about but needs to? When security firm Positive Technologies started pen-testing various mobile apps, security holes were rampant.

We’ll plunge into the details momentarily, but here’s the upshot: “High-risk vulnerabilities were found in 38 percent of mobile applications for iOS and in 43 percent of Android applications” and “most cases are caused by weaknesses in security mechanisms — 74 percent and 57 percent for iOS and Android apps, respectively, and 42 percent for server-side components — because such vulnerabilities creep in during the design stage, fixing them requires significant changes to code.”

To read this article in full, please click here

ComputerWorld Independent

July 1, 2019 admin

Microsoft Patch Alert: The Windows patching heavens buzz with silver bullets

Credit to Author: Woody Leonhard| Date: Mon, 01 Jul 2019 04:36:00 -0700

How many bugs could a WinPatcher patch, if a WinPatcher could patch bugs?

Ends up that June’s one of the buggiest patching months in recent memory – lots of pesky little critters, and the ones acknowledged by Microsoft led to even more patches later in the month.

In June, we saw eight single-purpose Windows patches whose sole mission is to fix bugs introduced in earlier Windows patches. I call them silver bullets – all they do is fix earlier screw-ups. If you install security patches only, these eight have to be installed manually to fix the bugs introduced earlier. It’s a congenital defect in the patching regimen – bugs introduced by security patches get fixed by non-security “optional” patches, while waiting for the next month’s cumulative updates to roll around.

To read this article in full, please click here

ComputerWorld Independent

June 27, 2019 admin

Mozilla takes swipe at Chrome with 'Track THIS' project

Credit to Author: Gregg Keizer| Date: Thu, 27 Jun 2019 04:28:00 -0700

Mozilla this week touted Firefox’s anti-ad tracking talents by urging users of other browsers to load 100 tabs to trick those trackers into offering goods and services suitable for someone in the 1%, an end-times devotee and other archetypes.

Tagged as “Track THIS,” the only-semi-tongue-in-cheek project lets users select from four personas – including “hypebeast,” “filthy rich,” “doomsday prepper,” and “influencer” – for illustrative purposes. Track THIS then opens 100 tabs “to fool trackers into thinking you’re someone else.”

To read this article in full, please click here

ComputerWorld Independent

June 26, 2019 admin

How updates to MongoDB work to prevent data breaches | TECH(talk)

CSO senior writer Lucian Constantin and Computerworld Executive Editor Ken Mingis talk database security and how MongoDB's new field-level encryption takes security to the next level.