Draft Redpaper: Understanding IT Perimeter Security

This IBM® Redpaper takes a close look at the enterprise IT network perimeter, which has been diluted from a well defined set of ingress and egress points to a mesh of undetectable flows from devices capable of accessing and penetrating corporate resources. The time of keeping the bad guys out by attempting to build a well defined wall is definitely over. Buisnesses and organizations require collaboration with internal and external business partners, customers, and employees, which further removes walls and protective barriers.

In this Redpaper, we discuss how the variety of end-points that were once considered to be inside have now become the perimeter itself. With this idea in mind, we investigate how you can build a strong security solution in order to protect your valuable assets that are accessible through the IT infrastructure.

The target audience for this IBM Redpaper are IT architects, IT specialists, and security administrators.

Download the draft Redpaper here.  This IBM Redpaper I was not involved in, but looks to be a good doc.  Check it out.


Declassified NSA Document Reveals the Secret History of TEMPEST

It was 1943, and an engineer with Bell Telephone was working on one of the U.S. government’s most sensitive and important pieces of wartime machinery, a Bell Telephone model 131-B2. It was a top secret encrypted teletype terminal used by the Army and Navy to transmit wartime communications that could defy German and Japanese cryptanalysis.

Then he noticed something odd.

Far across the lab, a freestanding oscilloscope had developed a habit of spiking every time the teletype encrypted a letter. Upon closer inspection, the spikes could actually be translated into the plain message the machine was processing. Though he likely didn’t know it at the time, the engineer had just discovered that all information processing machines send their secrets into the electromagnetic ether.

Call it a TEMPEST in a teletype.

This story of how the United States first learned about the fundamental security vulnerability called “compromising emanations” is revealed for the first time in a newly-declassified 1972 paper TEMPEST: A Signal Problem (.pdf), from the National Security Agency’s secret in-house journal Cryptologic Spectrum.

Read the full article on Wired.

Cisco Security Response: Rootkits on Cisco IOS Devices

This is the Cisco PSIRT response to an issue that was disclosed by Mr. Sebastian Muniz of Core Security Technologies at the EUSecWest security conference on May 22, 2008.

No new vulnerability on the Cisco IOS software was disclosed during the presentation. To the best of our knowledge, no exploit code has been made publicly available, and Cisco has not received any customer reports of exploitation.

Cisco has analyzed the available information and recommends following industry best-practices to improve the security of all network devices. Specific recommendations are available in the Additional Information section of this Security Response.

Cisco PSIRT greatly appreciates the opportunity to work with researchers on security vulnerabilities and welcomes the opportunity to review and assist in product reports. We would like to thank Mr. Sebastian Muniz and Core Security Technologies for working with us towards the goal of keeping Cisco networks and the Internet, as a whole, secure.

Read more from Cisco.

Disguise your Surfing Traffic with AntiPhorm

AntiPhorm (Lite) is a surfing simulator that runs independently and silently in the background of your PC. It connects to the web and intelligently simulates natural surfing behavior across thousands of customizable topics while you surf the web for your own special interests, or while you do something else entirely. This creates a background of noise blurring, disguising and inverting your own online interests from prying eyes. We believe our technology is indistinguishable from that of a typical user engaging the internet. To support this claim we have introduced a preview mode that works with any of your preferred browsers, and together with a detailed reporting system and a host of custom options each AntiPhorm Lite user can appear unique.

If you suspect your data is being tracked and sold, a solution is to make the data they collect absolutely worthless. At least now you have that option.

Download AntiPhorm Lite.

Fraud-prevention pitchman becomes ID theft victim

Todd Davis has dared criminals for two years to try stealing his identity: Ads for his fraud-prevention company, LifeLock, even offer his Social Security number next to his smiling mug.

Now, Lifelock customers in Maryland, New Jersey and West Virginia are suing Davis, claiming his service didn’t work as promised and he knew it wouldn’t, because the service had failed even him.

Attorney David Paris said he found records of other people applying for or receiving driver’s licenses at least 20 times using Davis’ Social Security number, though some of the applications may have been rejected because data in them didn’t match what the Social Security Administration had on file.

Davis acknowledged in an interview with The Associated Press that his stunt has led to at least 87 instances in which people have tried to steal his identity, and one succeeded: a guy in Texas who duped an online payday loan operation last year into giving him $500 using Davis’ Social Security number.

Paris said the fact Davis’ records were compromised at all supports the claim that Tempe, Ariz.-based LifeLock doesn’t provide the comprehensive protection its advertisements say it does.

“It’s further evidence of the ineffectiveness of the services that LifeLock advertises,” said Paris, who is lead attorney on the three new lawsuits, the latest of which was filed this month.

Read the full article on CNN.com.

The Lazy Genius has been moved!

If you are reading this, then you have found the new home for The Lazy Genius.  I was using Blogware, and while I loved the software, I was getting too much traffic and too few ad clicks to justify paying for it.  So I am on the free version of Wordpad and so far so good.  My biggest gripe is that I cannot add any javascript widgets.  So chances are I will be make another move soon to my own server.  We’ll see.

This week I am at a customer site implementing TSOM 4.1.  I hope that anyone that is still using 3.1 considers upgrading.  The new features and robustness is worth it.