Posted by Xavier Ashe on March 25, 2008
Burton Group has specifically commented on HP’s struggle to succeed
in this competitive market. Burton Group’s Identity and Privacy
Strategies Report, “The Identity Management Market 2007: An Expanding Universe”, Our Catalyst 2007 Keynote “Identity Management Market Landscape 2007: Enabling Security and Control Objectives in the Enterprise”, and our “Vantage Point 2007: Trends in Identity Management” telebriefing, all noted that HP’s ability to compete, mindshare, and market momentum has been in sharp decline.
Burton Group has been contacted by HP customers who report that HP
is no longer going to seek new customers for its Identity Center
product. We have contacted HP and the company confirms that HP
Software has decided to focus its investment in identity management
products exclusively on existing customers and not on pursuing
additional customers or market share. HP is in the process of reaching
out to each customer regarding the change. Last week Burton Group spoke
to HP Software Vice President of Products Eric Vishria regarding this
development.
Vishria explained that the Identity Center product line was not
performing in this highly competitive market at a level that’s
acceptable to HP, but added that the product supports the operations of
a number of HP’s critical customers. HP has therefore made the
decision to focus research and development efforts on existing
customers only.
This was posted on the Burton's Group Identity Blog. Interesting stuff, read more:
Customers of other IdM vendors and customers considering new IdM
deployments should also be carefully scrutinizing this announcement. As
the market becomes increasingly competitive it is imperative that
customers evaluate the viability and long-term strategy of their
existing and potential IdM vendors. Burton Group predicts that the
market will see continued, or even increased, consolidation in coming
months.
Posted in Security | Leave a Comment »
Posted by Xavier Ashe on March 21, 2008
I am selling my Benz. Who wants it? $500 off the edmunds.com price by mentioning this blog.
2003 MERCEDES C320
Price:$18,268
Mileage:77,129
Color:Black
Doors:4
Features:
Air Bag, Air Conditioning, Anti-Lock Brakes, CD player, Heated Seats,
Leather Interior, Power Seats, Power Steering, Power Windows, Security
Features, Side Impact Air Bags, Sunroof, Traction Control
Additional Comments:
This car has served me well, but I am getting married and need to get a
bigger car (more kids!). It is priced to move. It's in near perfect
condition. This is a very fun drive. Give us a call to schedule a test
drive any time (we work from home). More details: AM/FM Stereo;
Multi-CD Changer; Cassette; Premium Audio System (Bose); 4-Wheel
Anti-Lock Brakes; Dual Control Air Conditioning; Alloy Wheels; Cruise
Control; Front And Rear Head Air Bags; Rear Window Defroster; Power
Seats; Leather Seats; Power Door Locks; Power Heated Mirrors; Power
Windows; Power Steering; Front And Rear Side Air Bags;
Sunroof/Moonroof; Tinted Glass; Power Tilt Wheel; Bucket Seats; Fog
Lights; Lighted Entry System; Automatic Climate Control; Memory Driver
And Passenger Seats; Power Telescopic Steering Wheel; Clock; Trip
Computer; Stability Control; Anti-Theft Alarm System; Rear Bench Seat;
Remote Trunk Release; Leather Steering Wheel Trim; Center Console;
Garage Door Opener; Keyless Entry System; Wood Interior Trim; 16 Inch
Wheels; 3.2L V6 SOHC 18V FI Engine; Tachometer; Traction Control; Audio
Steering Wheel Controls; Leather Shift Knob Trim; Intermittent Wipers;
Daytime Running Lights; Turn Signal Mirrors Contact Xavier Ashe
404-229-8905, xashe@digitribe.net
Posted in Main Page, Personal Note | Leave a Comment »
Posted by Xavier Ashe on March 9, 2008
Cult of the Dead Cow, or
cDc, an old-school hacking crew famous for its anti-censorship stance,
has shipped a new tool that turns the Google search engine into an
easy-to-use vulnerability scanner.
Taking its cue from Johnny Long's Google Dorks—search queries that reveal sensitive information—cDc's new Goolag Scan pushes the envelope even more, offering a stand-alone Windows GUI-based application to power the searchers.
The open-source program comes with about 1,500 custom Google search
queries embedded by default to run searches for vulnerable Web
applications, misconfigured Web servers with open backdoors, sensitive
user names and passwords, and other documents accidentally exposed on
the Internet.
“It's no big secret that the Web is the platform,” said Oxblood Ruffin,
a spokesperson for the hacker think tank. “This platform pretty much
sucks from a security perspective. Goolag Scanner provides one more
tool for Web site owners to patch up their online properties.
“We've seen some pretty scary holes through random tests with the
scanner in North America, Europe and the Middle East. If I were a
government, a large corporation, or anyone with a large Web site, I'd
be downloading this beast and aiming it at my site yesterday. The
vulnerabilities are that serious,” Ruffin said.
The utility ships as a .Net program that can be manually configured to
power Google queries for specific servers or for an entire set of
domains.
For example, a business can ask Goolag Scan to search for vulnerable
servers or “files containing juicy information” on all its Web sites,
turning the scanner into a useful auditing tool.
News report from eWeek. Try Goolag now.
Posted in Security | Leave a Comment »
Posted by Xavier Ashe on March 9, 2008
2003:
“IDSs [intrusion detection systems] have failed to provide value relative to its costs and will be obsolete by 2005.” (Gartner, “Gartner Information Security Hype Cycle Declares Intrusion Detection Systems a Market Failure”)
2008: “Our adversaries are very adept at hiding attacks in normal traffic. The only true way to protect our networks is to have an intrusion detection system.” (Robert Jamison, Under Secretary of the National Protection and Programs Directorate at DHS)
From TaoSecurity.
Posted in For Fun, Security | Leave a Comment »
Posted by Xavier Ashe on March 4, 2008
After a bit more back-and-forth about how he could “just answer any questions I had right now”, the sales rep pointed me to their sample ads, a 7mb PDF with sixteen pages of seemingly real companies, all with the same phone number (555-555-5555) and the same website (00000000000.com). Somehow, that didn't convince me to “invest” several hundred dollars, so the salesman faxed over some more inforation with a single, real ad.
As I eagerly waited for the follow-up call later that day, I thought I'd take a minute or two to check out their website. Almost immediately, I came across their Federal Procurement Officers Only page. Out of curiousity, I entered a username and password, and then clicked the Login button. Instantly, a JavaScript dialog popped-up…
Since there's really only one thing that could cause such a dialog to pop-up so fast, I checked the source code…
Entertaining story posted on The Daily WTF.
Posted in Security | Leave a Comment »
Posted by Xavier Ashe on March 3, 2008
A genuine crack for Windows Vista has just been released by pirate
group Pantheon, which allows a pirated, non-activated installation of
Vista (Home Basic/Premium and Ultimate) to be properly activated and
made fully-operational.
Unlike cracks which have been floating around since Vista RTM was
released in late November, this crack doesn’t simply get around product
activation with beta activation files or timestop cracks – it actually
makes use of the activation process. It seems that Microsoft has
allowed large OEMs like ASUS to ship their products with a
pre-installed version of Vista that doesn’t require product activation
– apparently because end users would find it too inconvenient.
Read More on APC.
Posted in Security | Leave a Comment »
