IT’s Biggest Security Myths Exposed

Data loss epidemics. Linux and the Mac OS as Windows insurance policies. Anti-virus software is 100 percent effective. In an industry rife with paranoia, new kinds of threats, and overheated vendor marketing, small wonder that enterprise security is beset by myth and misunderstanding, according to a story posted today on CMP Media’s Dark Reading  Website. The “security epidemic” myth is one of ten prevailing myths identified in Dark Reading’s story, “Top Ten Myths of IT Security,” which debunks some of the conventional wisdom surrounding risks and practices in the IT security space.  To read the full story, please visit:

Novatix Releases Free Behavior-Based Consumer Security Software Cyberhawk; Novatix believes users should not have to pay a lot of money to be safe online

Novatix Corporation today announced the release of its new behavior-based consumer security software Cyberhawk. Cyberhawk provides comprehensive real-time protection against viruses, worms, trojans, hackers, rootkits, buffer overflows and certain types of spyware and adware, and is completely free to home users. Expands to Address Next Wave of Threats Spread Through Greynets, the popular public reference site for security research sponsored by FaceTime Communications, has expanded its tools, added new research blogs and broadened its reference database. The expanded database provides more in-depth information about spyware, adware and malware spread through the use of greynets including instant messaging (IM), chat rooms, P2P file sharing, web browsing and collaboration software. The site is highly ranked by most major search engines for spyware and adware keyword searches, and receives more than 1.5 million user sessions per month…… The Research Database on, is an extensive resource center with dynamic information on all types … Continue reading Expands to Address Next Wave of Threats Spread Through Greynets

Windows Principles – Twelve Tenets to Promote Competition

Microsoft Corp. recognizes the important role its Windows desktop operating system products play in the information economy and the responsibilities that come with that role. To promote competitive opportunities and otherwise enhance the appeal of Windows to developers and users, Microsoft is committed to running its Windows business in accordance with the following principles that address computer manufacturer and user choice, opportunities for developers, and interoperability for users. These principles will apply to Windows desktop development projects going forward. View the principles at

Dell: No Bloatware, Please

Michelle Pearcy, WW Client Software Manager of Dell blogged yesterday on how Dell respond on “no bloatware” request by Dell customers.  Of course, I can’t help not to respond: They should not count the number of icons or programs installed to measure the boot time and performance of a system.  What they should do is see which 3rd party program is using huge amount of memory – from there they can decide what to do.  They should note too that XP’s services will run by default if something triggered it to run.  Thinking that the security applications and operating system … Continue reading Dell: No Bloatware, Please

PayPal XSS Exploit available for two years?

The recent cross-site scripting exploit that affected the security of PayPal users may have been expoitable for more than 2 years. Full findings at

VMware Insecure SSL Key File Permissions

OS: VMware ESX Server 2.xVMware ESX Server 3.x Software: VMware GSX Server 3.xVMware Player 1.xVMware Server 1.xVMware Workstation 5.x A security issue has been reported in VMware, which potentially can be exploited by malicious, local users to gain knowledge of sensitive information. The problem is caused due to missing return code checks of the “chmod()” call in when setting permissions for SSL key files. This may potentially result in insecure read permissions being set on the key file. Solution: The vendor recommends to changing the file permissions (see vendor advisory). 

Simon Scatt

Alex and other blogs are being hit by Simon Scatt. That spammer is also hitting me here at Good thing this blog is in “moderation” state.  It’s a task for me to moderate but if that will block spammers in hitting search engines and/or annoying subscribers .. I’ll continue moderating. 

Survey Finds Consumers Balk at Updating Malware Protection

“Overall, the research shows that many consumers have a false sense of security while online,” ESET Chief Research Officer Andrew Lee said in a statement. “With the number of zero-day threats rapidly increasing, users need to be even more cautious and proactive in their own. While nearly 90 percent of computer users have software on their machines to protect them from malware like viruses, Trojans, worms and spyware, almost two-thirds of those users are reluctant to upgrade the software after it’s installed. That was the finding in a survey released Monday by security software maker ESET, of San Diego. … Continue reading Survey Finds Consumers Balk at Updating Malware Protection less secure than Microsoft Office? has been increasing in both popularity and visibility over the past several months. Version 2.0 has added a number of new features to bring it closer to feature parity with Microsoft Office, and it also offers full support for the Open Document format. However, a report just released by the French Ministry of Defense says that it still falls short of Microsoft’s office suite in one important area: security. Full article at