Security - Programming Blog

Posts Tagged ‘Security’

20 Jan 2010

When you’re ready to leave your job, it’s pretty normal to be completely paralyzed with fear. Life coach Dr. Sharon Lamm-Hartman says there comes a point when it’s time to just go ahead and take the plunge once and for all.

Image by pickinjim2006.

Lamm-Hartmann says once you’ve made up your mind, staying on in a job you’re checked out of emotionally will just stress you out even more. Her advice: Don’t let the fact we’re in a recession hold you back—the job market is more fluid than it appears as people leave jobs they’re dissatisfied with.

The ideal way to go would be to have something lined up [before quitting]. But that’s not always the case these days. If you are dissatisfied, and your company is laying off or downsizing, and you know you want to be doing something else, then go. It’s risky, it’s giving up job security, but there’s really no such thing as job security anymore anyway. And a lot of times companies are providing support, too, like outsourcing support where you can actually get some career counseling if you don’t know what you want to do next. There are lots of companies out there right now that are helping people connect with what they really want to do.

If you’re not ready to do something quite so drastic as walk out on a steady (albeit unhappy) job situation, then consider freelancing without quitting your current job. Have you walked away from your job recently to pursue another opportunity? What motivated you to jump ship? How did it work out? Let us know in the comments.

Resisting Temptation to Jump Ship? Get Over It Already (Google link) [Advertising Age]

Go to Source

No Comments
Tags: career counseling, Don, Dr. Sharon Lamm-, fear life, google, job, resisting temptation, Security, sharon lamm, ship, something, support

Firefox Soars on Germany’s Browser Warning

In: IT news

20 Jan 2010

Germans appear to be heeding the advice of their government and seeking out alternatives to Microsoft’s Internet Explorer Web browser.

Mozilla, creators of the Firefox browser, say they’ve seen a significant surge in downloads of the software in Germany in the days since a Germany government agency recommended people switch to browsers that compete with Internet Explorer because of a new security flaw in the Microsoft browser. A chart prepared by Mozilla shows that German downloads of Firefox spiked in the four days following the Friday posting of the recommendation by the German agency, which is called the Federal Office for Information Security (or, using its German initials, BSI).

Mozilla says it received about 300,000 incremental downloads above its typical downloading rate over that time period. Mozilla didn’t yet have download figures for France, where the French government has also advised people to try non-Microsoft browsers because of the security flaw.

The uptick echoes a download surge for another Microsoft rival, Norway’s Opera Software, which said the number of downloads in Germany of its Opera browser doubled to 18,000 a day over the weekend.

Both countries are responding to Microsoft’s confirmation of a security hole that is believed to have been exploited by hackers in a recent cyberattack on Google and other companies in China.

Microsoft, meanwhile, on Tuesday said it plans to release a software update soon that will help protect Internet Explorer users from the security vulnerability. The company said it will provide more details about the update on Wednesday.

Go to Source

No Comments
Tags: browser, China, France, Germany, germany government, government, internet explorer users, internet explorer web, Microsoft, microsoft rival, Mozilla, Norway, Security, security vulnerability

The Danger of Hackers Getting Into Airplanes’ Flight Computers [Rant]

In: gadgets

20 Jan 2010

As if we didn’t have enough with crotchbombs and the TSA, the FAA is now saying that “[passenger networking] may result in security vulnerabilities” exposing flight systems to hackers. But, how serious is this danger?

The FAA says that their airworthiness tests “do not contain adequate or appropriate safety standards for these design features.” So basically, it seems that there’s a grey area for now, leaving the responsibility to the airplane manufacturers. They gave these guidelines to Boeing, but that’s about it:

1. Boeing must ensure electronic system security protection for the aircraft control domain and airline information domain from access by unauthorized sources external to the airplane, including those possibly caused by maintenance activity.

2. Boeing must ensure that electronic system security threats from external sources are identified and assessed, and that effective electronic system security protection strategies are implemented to protect the airplane from all adverse impacts on safety, functionality, and continued airworthiness.

In theory, the flight systems and passenger networks on the Boeing 747-8 and the ever-delayed Dreamliner are separated. But Vijay Takanti, VP for Security for Exostar (which is partially owned by Boeing, according to Runway Girl Mary Kirby), says that “there is some crossover and [the industry] is trying very hard to make sure the number of crossover points are very limited.”

What does Takanti mean with “crossovers points”? And why don’t just keep both networks separated to avoid any potential hacking nightmares? That would fix any potential security breaches, right?

It seems that this may not be the case, which is what the FAA is hinting at in their guidelines: The mere existence of two networks in a plane—one accessible by the passengers—is a security hole in itself. The FAA says that Boeing should find a way to prevent “access by unauthorized sources external to the airplane, including those possibly caused by maintenance activity.“

That’s the key. While it could be quite difficult to do, tampering with the networking systems inside the plane is a possibility during the maintenance stage. And, if history has taught us anything, any security system can be broken, no matter how well engineered it is. Add to this the fact that planes are now being connected to the internet itself, and you have the potential ingredients for some remote hackers to do something bad.

As they admit themselves, the FAA doesn’t have regulations for these inflight networking systems. This makes me a bit nervous. It is not that their regulations or tests could make things hacker-proof—nothing is hacker-proof—but the idea of leaving this responsibility to private companies is not good enough, as demonstrated in recent times.

The only 100% secure option is this: Fly without any kind of passenger networking. But then again, would you live without your newly-acquired habit of viewing YouTube cat videos during flights? Would you sacrifice your inflight mail or your web browsing, like you have already sacrificed your dignity at the security checkpoint? Should we stop running our always-connected lives because of a remote security threat?

Maybe we need to update the True Odds of Airborne Terror Attack chart. Maybe there’s nothing to worry about. Do terrorist have the resources to coordinate a sophisticated attack like this, and take control of a plane in any meaningful or dangerous way? Given their crotchbomb plans, probably not. But I don’t want to find out, FAA. Let’s nail all these issues before they become a real problem. [Runway Girl — Photo by Jeff McNeill]