[SecurityRatty] tag: dell

Hardware Drive Encryption Becomes Manageable

Mon, 10 Nov 2008 06:51:53 +0000

Regulatory compliance requirements and other best security practices are driving enterprises more consistently towards use of hard drive encryption, but it's not always an easy decision., Software encryption products can impose a performance burden and key management can be problematic. The answer, argues Seagate, is hardware encryption built into the drive. Integration into McAfee's Endpoint Encryption products makes key management more organized and secure, and no CPUs are burdened in the encryption or decryption of the data. Seagate also has announced they are now shipping 320GB and 500GB self-encrypted drives up to 7200RPM. Dell will be shipping notebooks with these drives. The drives come factory pre-loaded with management software. Early this year headlines were had with the revelation, by researchers at Princeton, of a theoretical attack that could recover software encryption keys even from a notebook that had been shut off. It's actually silly James Bond stuff that real people shouldn't worry about, but it did demonstrate the real point that the keys exist in memory and there are ways they can be gotten. Attacks on the live system that gain control of it, through malware for example, could still gain access to any data to which the compromised user has access. With hardware-encrypted drives, at least the private key is secure and the Princeton attack is prevented. Notebooks with drives like these in a managed environment really do make it easier to feel secure about notebooks, even if they have sensitive data on them. Combine them with other best practices, like multi-factor authentication, and you've given yourself the best chance to succeed in security. One day we'll use products like this and nothing less will be acceptable.

Mafiaboy grows up; a hacker seeks redemption

Mon, 13 Oct 2008 00:00:00 +0000

Notorious for knocking offline sites such as Yahoo, Amazaon, Dell and CNN at the age of 15, hacker has served his time and is working as a legitimate security consultant while publicizing a tell-all book about his exploits.

Links List 10.10.08

Fri, 10 Oct 2008 17:15:00 +0000

You cannot turn around without bumping into another bad news story about the economy. From layoffs (10% of eBay’s workforce, 7.5% of HP’s) to the bailouts to the $7 billion loan the state of California needs to make payroll this month. Really, 7 beeeellllyon dollars? How many people shook their heads and felt sorry for the people working at financial services companies, all the while thinking that the tech sector was a pretty secure place to be (as long as you weren’t in the IT department at a financial services company)? Well, now apparently comes the wake up call for tech. Oh yeah, a bunch of those startups and not-so-young-anymore startups are FUNDED. They’re not making MONEY – or at least certainly not enough to actually be PROFITABLE, given the way they’ve been spending on payroll, sales and marketing to grow as quickly as possible. To get to that visibility and magic number of customers which means a big payoff for the investors and the founders. From the reports, it’s back to basics time, or at least that’s what the VCs are telling their portfolio companies. Cut costs. Layoff people. Focus on selling. And get profitable. Duh.

So can open source weather out the economic storm? Emerging from the dot-com bust, open source has matured, its legal framework and values are established, and serious players are in the game. But as this post on ZDNet points out, consolidation is on the way. “IDC renamed its LinuxWorld Show in San Francisco next year Open Source World – a clear shot across the bow at O’Reilly’s OSCON.” Will open source (from free to lower-cost alternatives to commercial software) flourish in a time of tightening budgets or will projects quietly go away for lack of funding (VC and that pesky business model thing) and, let’s face it, the “extra time” of IT pros tasked yet again to do more with less?

It’s October 2008 and Charles Babcock writes, “CA Embraces Virtualization As Future of Data Center Management”. Beyond keeping up with what competitors are doing, I enjoy this article for the masterful way it depicts the nightmare that is working with traditional frameworks. Too slow, too expensive, too complex, too many modules – it’s all in here. And somehow, I don’t think that was the point of it. So, $154,000 for CA Data Center Automation Manager – which can “consult” the CA CMDB (pricing starting at what do you think, something like $500K to a million – don’t forget those services) plus CA Wily APM (Introscope 8 and Wily Customer Experience Manager 4.2; pricing anyone?) metrics that get fed back into Data Center Automation Manager to help determine the virtual machine resources that are needed. Plus can also integrate info from CA Endeavor’s software change management tracking and CA SysView and in future with CA Management Suite for Mainframe Linux, potentially. I am not kidding about this list. And, we’ve been hearing this for a while – “Unicenter” the brand goes away and is replaced by “CA NSM”. The brand goes away. Why retire a successful brand? Ah.

I love this post on EMC, “Eleven Things You Didn’t Know About the World’s Largest External Disk Storage Company.” Although I guess I really don’t know much about Joe Tucci, since #11 says:

“Contrary to conventional thought, it is not true that the EMC President/CEO is the older, gentler brother of the fictional patriarch of HBO’s hit television series.” Hunh. I just googled him, thinking maybe it was a resemblance thing. Nope."

And on a much lighter note. A funny from Dell. 2 years later, I just stumbled across this Proprietaryville , Jibjab-ish video, called Dell the Journey. Legacy systems being escorted onto the Retirement Home bus. Michael Dell as knight in shining armor, singing no less. Joe Tucci and Larry Ellison showing up as heroes leading the charge against Proprietaryville (yes, funny in and of itself). And my favorite, “Now let’s go kick some proprietary apps.”

Is Vista hurting your business?

Tue, 23 Sep 2008 09:19:17 +0000

I know Ive lost sales due to the frequent BSOD.
And Im still waiting for Dell and Microsoft to make it right. Still waiting.

clipped from www.newsweek.com

A Gloomy Vista for Microsoft

For one thing, big corporations—Microsoft’s bread and butter—have been slow to migrate from XP to Vista and need to be convinced that it’s now safe to make the move. It’s the same with smaller customers like Mouli Ramani, vice president of business development at Lilliputian Systems, a tech company in Wilmington, Mass. He’s sticking with XP because he knows it won’t conk out on him. “I’m not willing to risk my career on Vista,” he says.

Dell System with Useless Memory

Sat, 20 Sep 2008 03:03:21 +0000

In my e-mail this morning was a flier from Costco. I have to go buy some stuff there this morning, so I read it and noticed a Dell desktop computer among the items. Note that the Costco links above probably have a short lifetime, so if you're reading this weeks after the posting date (9/20/2008), they won't work. What immediately struck me about the newsletter was that it said that the system had 4GB of RAM. As I discussed in my recent column on when Windows goes all 64-bit, in 32-bit versions of Windows at most 3.1GB to 3.5GB of RAM are usable, probably more like the 3.1 number. You need 64-bit Windows to use all of the memory. Was Costco selling a Win64 system? Nope, the ad says it has "Microsoft® Windows® Vista Home Premium 32-bit." Beware of this sort of thing. It's not a lot of wasted money, but it's still a waste. I suspect it will become more of an issue over time as vendors try, as they always do, to beef up computers and run up against this wall.

8 laptop bags that will speed you through airport security

Sat, 13 Sep 2008 20:00:00 +0000

While no one questions the need to properly scan laptops when going through airport security, the requirement to remove them from their protective cases is a different story. "Naked" notebooks can easily get dropped, damaged, forgotten and even stolen outright. One study done for Dell estimated that about 12,000 laptops are lost in U.S. airports every week -- a claim that has been challenged by the Transportation Security Administration (TSA) . Whatever the numbers are, you don't want your machine, with all its precious data, to become a statistic.

Intro to DD-WRT Firmware: Mod your wireless router to do more

Sat, 13 Sep 2008 09:31:07 +0000

New Video: Intro to DD-WRT: Mod your wireless router to do more
DD-WRT is a Linux firmware available for many Linksys, NetGear, Belkin, D-Link, Fon, Dell, Asus and other vendorâs wireless routers. DD-WRT is far more feature rich than the stock firmware that comes with most routers. This video covers the basics of installing and configuring DD-WRT.

Two side notes: My Nmap class will be held at Ivy Tech in Sellersburg Indiana at 1PM on Sat Sept 20th 2008 in room P5. If this one goes well the next presentation will be on sniffers. Also, thanks to all of the folks who have signed up for Dreamhost using my discount code, it's really helped support the site with extra revenue.

Intro to DD-WRT Firmware: Mod your wireless router to do more

Sat, 13 Sep 2008 09:31:07 +0000

New Video: Intro to DD-WRT: Mod your wireless router to do more
DD-WRT is a Linux firmware available for many Linksys, NetGear, Belkin, D-Link, Fon, Dell, Asus and other vendor's wireless routers. DD-WRT is far more feature rich than the stock firmware that comes with most routers. This video covers the basics of installing and configuring DD-WRT.

Intro to DD-WRT Firmware: Mod your wireless router to do more

Sat, 13 Sep 2008 09:31:07 +0000

New Video: Intro to DD-WRT: Mod your wireless router to do more
DD-WRT is a Linux firmware available for many Linksys, NetGear, Belkin, D-Link, Fon, Dell, Asus and other vendor's wireless routers. DD-WRT is far more feature rich than the stock firmware that comes with most routers. This video covers the basics of installing and configuring DD-WRT.

Gee Mike, Im sorry Im a unhappy customer

Thu, 11 Sep 2008 15:29:05 +0000

You see Mike, Im still waiting to hear back from Dell customer support about the Vista BSOD’s I experience with my new lappie.
But before that, I was a happy to use Dell customer.

clipped from money.cnn.com

Michael Dell ‘Friends’ his customers

Spooky? Well, this is a new Dell (DELL, Fortune 500): a little more attentive online, and a little more paranoid. When Michael Dell took back the reins of his company in early 2007, one of his first acts as CEO was to give its web strategy a kick in the pants. The computer maker had plenty of hairy business problems to deal with - financial irregularities, a stagnating stock, profits down 28% in a year - but perhaps the most embarrassing was the thrashing its brand had taken online. On tech blogs and consumer forums, Dell had become almost a byword for lousy customer service.