Technology tag:video1.washingtontimes.com,2008:/technology//15 2008-05-19T21:14:49Z Movable Type 3.33 Gas prices lead to Internet spam, expert says tag:video1.washingtontimes.com,2008:/technology//15.6158 2008-05-19T21:10:43Z 2008-05-19T21:14:49Z As if filling up at nearly $4 per gallon isn't bad enough… "The high gasoline prices are luring even the most savvy Internet users to click on spam," a publicist in the computer security field writes. "With the Memorial Day... "The high gasoline prices are luring even the most savvy Internet users to click on spam," a publicist in the computer security field writes. "With the Memorial Day weekend ahead… and gas prices at an all-time high, spammers have found yet another way to target unknowing victims for identity theft. MX Logic, an email security software company, has recorded an increase of fake email campaigns that promise discounted or free gasoline. Sam Masiello, director of threat management at MX Logic, said, 'These emails are phishing attacks and they should not be clicked on or opened. This is yet another way spammers are taking advantage of the economy.'" Strictly speaking, I don't know if the alleged spammers are "taking advantage of the economy" or of people's natural concerns about high gas prices. As always, caution is advised on too-good-to-be-true e-mail offers. At the same time, check out GasBuddy.com for a more reliable way to find lower gas prices in your area. — Mark Kellner, The Washington Times]]> CDW survey says businesses, Feds slowing IT spending tag:video1.washingtontimes.com,2008:/technology//15.6091 2008-05-13T20:38:03Z 2008-05-13T20:44:43Z Even without the "r" word, as in recession, there's an apparent slowdown in IT spending, a leading distributor reports: The lack of confidence in the momentum and direction of the IT marketplace has spread from small businesses to medium-sized firms,... The lack of confidence in the momentum and direction of the IT marketplace has spread from small businesses to medium-sized firms, according to the latest reading of the CDW IT Monitor, a bi-monthly indicator of sentiment in the U.S. IT industry. The overall CDW IT Monitor index dropped one point to 72, compared to February's reading of 73. In the medium business segment, the IT Growth Monitor, a sub-index measuring anticipated investment in IT, dropped seven points from February and posted a reading of 70. Additionally, 21 percent of medium size businesses expect to hire IT staff in the next six months, down 10 percentage points from two months ago. "There is a hesitancy on the part of IT decision makers to invest heavily in new staff or infrastructure in a volatile economic environment," said CDW Vice President Mark Gambill, the company's executive responsible for market insights. "This trend was first noticeable in the small business sector in the previous IT Monitor two months ago, and now the uncertainty is spreading to medium size businesses." The CDW IT Monitor is based on an online survey of at least 1000 IT decision makers from businesses of all sizes and all sectors of government. Data breakdowns for all corporate and government segments are available at www.cdwitmonitor.com. The previous CDW IT Monitor in February revealed a definitive gap between the small business sector and medium and large businesses with regard to confidence and prospects for growth. In the small business sector, the IT Growth Monitor registered at 51, compared to 77 for mid-size and 80 for large businesses. In contrast to the small and medium business sectors, the April IT Growth Monitor for large businesses remained steady at 80. "In the case of large businesses, many budgets have already been approved, and there is less volatility at the onset of changes in the economy," said Gambill. "However, if economic conditions continue to weaken, it will be interesting to see how this trend develops as we approach the second half of the year." While prospects for growth in IT investment have declined, the value that decision makers place on IT and its role within the organization remained steady. Eighty-two percent of overall IT decision makers (including 88 percent of medium size businesses) believe that IT is effective in helping to achieve the company's mission and goals. Additionally, the IT Value Monitor, which measures the perceived value of IT, registered a score of 76 — unchanged from the February 2008 IT Monitor. "Even in the midst of an economic downturn, the perceived value technology brings to an organization stayed strong," said Gambill. "It's also important to remember that not all IT spending has stopped. There's a barbell effect in which organizations are likely moving forward with investments at the ends of the IT spectrum. Projects such as large enterprise migration or small equipment replacement might be moving forward while mid-sized investments that are not absolutely necessary are being placed on hold until economic conditions improve."
  • Fewer than half (45 percent) of small businesses see IT investment as helping their bottom line, down seven percentage points from December 2007.
  • One in five companies (20 percent) report IT problems that disrupted customer needs on at least six days in the last six months, up from 14 percent in December 2007 and 16 percent in February 2008.
  • Medium size businesses registered a four point decline in the overall Monitor reading, from 77 in February 2008 to 73 in April
  • One in six (17 percent) of government organizations expect decreasing IT budgets over the next six months, and 8 percent expect to reduce staff. In the federal sector, the firm also reported, there's an apparent pull-back:
  • Forty percent of government organizations are planning on increasing their IT budgets in the next six months compared to 45 percent in February.
  • Fifteen percent of government organizations are planning on hiring additional IT staff in the next six months compared to 16 percent in February.
  • Fifty-five percent of government organizations had two or more days of IT outages that disrupted the needs of clientele.
    • These are the opinions of one firm, of course, and things can — and do — sometimes change rapidly in this field. But the numbers are something to ponder. — Mark Kellner, The Washington Times]]> A 'Plum' computing solution tag:video1.washingtontimes.com,2008:/technology//15.6082 2008-05-13T03:06:16Z 2008-05-13T20:50:19Z Their ads on XM Radio are a bit annoying — the repetition of the toll-free number and all — but the underlying message isn't a bad one: sometimes you need help in getting your computer to work, and the folks... PlumChoice.com are all too happy to help. I spent some time with their sales and marketing vice president, Fred King, at a Starbucks in Silver Spring Monday afternoon, and the story he told me was fascinating: the firm is growing, from around 300 employees on January 1 to a projected 550 technicians by the end of the year. These people don't all sit in the firm's offices; in fact, none do, Mr. King asserted. Instead, they're work-from-home types using broadband Internet connections and several layers of security, to reach out to customers' PCs and untangle problems. Right now, the firm only services Windows-based PCs, but Mr. King said they'll add Apple's Macintosh range in the third quarter of this year. The top service issue, as you might suspect, is spyware and viruses. Next, improving performance, which usually involves removing unneeded temporary and startup files, as well as making sure all the relevant Windows updates are properly installed. After that, the firm's customers — a mix of at-home and small business users — want to solve wireless and wired networking problems, as well as get training on software. Costs are varied, from a $24.95-a-month plan that offers unlimited calling and a free "PC Tune-Up," to one-time charges ranging from $129.95 on down. The firm will also help you set up your digital camera or your Logitech Harmony remote control for either $49.95 for the camera or $79.95 for the remote. Those prices may seem steep — and perhaps they are — but time, as the saying goes, is money, and Mr. King's company, covered in "On Computers" nearly four years ago, is saving users time and heartache. If I were working at home full time, and if I were PC-based, I'd grab this service and hold on, especially since they're including online backup and anti-virus software in the deal. Even without having (yet) tried the PlumChoice service, two things appeal to me: one, that the workforce is U.S.-based, or "home-shored," as Mr. King put it. No offence to our globalization friends, but it's nice to see a company create jobs in America for our tech workers. Second, I like their reliance on broadband, both for customer service and as a way to connect with their workforce. On the customer side, if I'm a person in a hurry, do I really want to set aside the time for someone to come to my home or office, and sit in front of my computer for a couple of hours? Do I really know who this person is? Can I trust them, or do I need to be vigilant every second? The remote connection eliminates those worries. According to Mr. King, PlumChoice is able to solve about 85 percent of users' issues via remote access. For the other 15 percent, if desired, a technician can be dispatched. That's fair enough, and, having contacted the firm earlier and worked with them online, I might feel better about the aforementioned stranger showing up. For the tech worker, it sounds like a real "win-win" proposition. The technician can work from home, saving time, gas, wear and tear on their vehicle and general aggravation. They're probably in a better mood, and are better able to focus on the problem and the solution. What's more, Mr. King said, the people PlumChoice hires tend to have certifications as Microsoft Certified Systems Engineers (MCSE), Certified Novell Administrators (CNA) and as Certified Novell Engineers (CNE). Of the two Novell certifications, which deal with the "guts" of computer networking, the CNA designation is a prelude to CNE certification, by the way. Along with the "alphabet soup" designations, Mr. King said, a PlumChoice tech also has to have the kind of people skills needed to make tech-speak comprehensible to the rest of us. Again, I have yet to put PlumChoice to the test, but I like the concept a lot. Use the "comments" space below to share your experiences, if you care to. — Mark Kellner, The Washington Times]]> Was Microsoft the real "winner," despite losing Yahoo? tag:video1.washingtontimes.com,2008:/technology//15.6025 2008-05-07T22:53:52Z 2008-05-07T22:59:52Z Much ink — and even more bits — has been spilled over the unsuccessful takeover bid attempt by Microsoft Corp. to grab Yahoo. When I heard the news, I recalled an incident from my youthful career in the stamp collecting... Microsoft 2.0, about the company from which co-founder Bill Gates retires in July, agrees, as she noted in an e-mail interview today:
    "I think [Microsoft CEO Steve] Ballmer and CFO Chris Liddell and Platforms/Services Chief Kevin Johnson initially thought of Yahoo as a quick fix for its search-share and ad-inventory problem. They really underestimated how much companies in the [Silicon] Valley hate Microsoft. They also underestimated how much their own shareholders and investors thought the deal was too expensive with too little potential payback.... Yahoo's infrastructure is based completely on open-source products; Microsoft's is based on Windows and.Net was it really going to be possible to combine these to leverage the economies of scale Ballmer promised. I think lots of Microsoft watchers were doubtful. … Microsoft came around to realize that they were not going to get $44 billion worth out of Yahoo. …"
    As to whether Dulles-based AOL — which sells a fair amount of advertising itself — would be a good target, as some have suggested, Ms. Foley has her doubts: "AOL is seen by many in the tech space as an also-ran, just like Yahoo. What would Microsoft get out of buying [them] — other than some more content and sites it could offer to advertisers as places to run online ads? AOL services overlap with many of the Windows Live/MSN services/sites." I have to agree with Ms. Foley, and I look forward to reading her book. Microsoft may be the company some users love to hate (and which Apple, Inc., likes to rib in their "I'm a Mac" ads), but there's little denying that Microsoft is a major tech influence, and one we'll be living with for years to come. Understanding them, I believe, is essential if you're a technology decision maker, or an end user. — Mark Kellner, The Washington Times ]]>     Sneak peeks are impressive tag:video1.washingtontimes.com,2008:/technology//15.6005 2008-05-07T02:53:26Z 2008-05-07T03:36:32Z One of the "perks" of writing about computer technology is that, from time to time, I get "sneak peek" briefings in advance of the launch of new products, as do many other journalists in the tech space. Today, I saw... — Mark Kellner, The Washington Times]]> Worms, viruses on the rise, security firm reports tag:video1.washingtontimes.com,2008:/technology//15.5918 2008-05-01T19:04:06Z 2008-05-01T22:55:53Z This won't come as a big surprise, but a news release (which I've edited somewhat for clarity) just in reports a rise in various, and nefarious, attacks on our computer security and online privacy: MessageLabs, [a] l... provider of messaging... MessageLabs, [a] l... provider of messaging and web security services to businesses worldwide, today announced the results of its MessageLabs Intelligence Report for April 2008. Analysis shows that during April, the Storm botnet has dramatically decreased to just five percent of its original size, whilst web-based malware has increased by 23.3 percent. The introduction of new malicious software removal tools, which are aimed at targeting and removing Storm infections, are deemed responsible for the sudden reduction in Storm-infected machines, now estimated at approximately 100,000 compromised computers. Previously estimated at two million, the decline in Storm's botnet size is evident by the 57 percent decrease in malware-laden emails distributed by the Storm botnet during April. Whilst the Storm botnet decreased in size, analysis of web-based malware identified that 36.1 percent of interceptions in April were new, an increase of 23.3 percent since March. MessageLabs also identified an average of 1,214 new websites per day harboring malware and other potentially unwanted programs such as spyware and adware, an increase of 619 per day compared with the previous month. "April was a month of unpredictability with the mighty Storm botnet losing all but five percent of its anonymous army and web-based malware reaching new levels," said Mark Sunner, Chief Security Analyst, MessageLabs. "This month we find ourselves fighting the cybercrime battle on many fronts, with the bad guys using an arsenal of weapons in order to detonate spam, viruses, phishing attacks and targeted Trojans, making it more important than ever to have a strong security shield in place." On the cusp of the 30th anniversary of the first spam message, MessageLabs identified a new spamming technique being used to send authenticated spam email via Yahoo!'s SMTP servers. This spam attack accounts for one percent of all spam intercepted in April and has been used to advertise services for Canadian Pharmacy, a well-known spam operation. By using the SMTP server and a DomainKeys Identified Mail (DKIM) authentication technique, the spammers can ensure that the email generated is harder to block based on traditional anti-spam methods. In addition, MessageLabs Intelligence reported targeted attacks reaching new heights this month, with MessageLabs intercepting approximately 70 targeted Trojans per day, an increase of 250 percent on the December 2007 levels of 28 per day. Leveraging interest in the Beijing 2008 Olympics Games, MessageLabs has intercepted 13 separate Olympic themed attacks over the past six months which use legitimate-sounding email subject titles, such as "The Beijing 2008 Torch Relay" and "National Olympic Committee and Ticket Sales Agents". Some attacks purported to be from the International Olympic Committee, based in Lausanne Switzerland, however in reality all of the attacks but one were sent from an IP address within [the] Asia Pacific [geographic region]. Finally, MessageLabs has uncovered a new way that scammers are abusing professional social networking sites like Linked-In. For the first time, they are taking advantage of these sites to lend legitimacy to Nigerian 419 advance fee fraud scams by creating profiles with false credentials that pertain to the business involved in the scam. While my tendency is to take such reports with a dash of salt — computer security firms are in the business of, well, selling computer security. However, some of the specifics, such as Olympic-related attacks, are worth noting. In a similar vein, I've run across (and deleted) e-mails purporting to be from the Internal Revenue Service purporting to having information about the economic stimulus checks that are starting to hit mailboxes and/or bank accounts. As the IRS says at the link referenced here, don't fall for such tricks. — Mark Kellner, The Washington Times]]> MacBook Air ad parodied tag:video1.washingtontimes.com,2008:/technology//15.5889 2008-04-30T12:23:08Z 2008-05-01T22:43:16Z A tip of the hat goes to veteran tech journalist Dan Farber of C-Net, whose blog entry notes a spoof of Apple's very nice MacBook Air advertisement. Noting some of the technical limitations of the MacBook Air, such as its... blog entry notes a spoof of Apple's very nice MacBook Air advertisement. Noting some of the technical limitations of the MacBook Air, such as its lack of a built-in optical media drive, Lenovo says their X300 ultra-thin is a better deal — albeit one whose list price is about $1,200 more than the MacBook Air. What Lenovo won't trumpet is that for the $3,000 you spend with them, you're still getting a notebook running a Microsoft Windows operating system. That's not terrible, but Mac enthusiasts will turn up their nose at such a notion. Also missing from the Lenovo parody — which is a bit clever — is a song as nice as Yael Naim's "New Soul" which accompanied the MacBook Air ad and which, by clicking on the link embedded in the song title, you can watch for free via YouTube. — Mark Kellner, The Washington Times]]> Will Qwest Qwit DIA? tag:video1.washingtontimes.com,2008:/technology//15.5686 2008-04-19T01:07:31Z 2008-05-07T22:56:10Z Just as I was ready to depart the Qwest Business Center at Denver International, a disturbing rumor: the telecom firm may disconnect its business center at the airport, since it isn't making money on high-speed Internet. (The free Wi-Fi mentioned... — Mark Kellner, The Washington Times]]> PayPal Freeze ahead for Safari Users? tag:video1.washingtontimes.com,2008:/technology//15.5685 2008-04-19T01:05:52Z 2008-05-01T22:42:13Z The always-interesting Apple Insider Web site — an independent news outlet for all sorts of Mac-themed speculations — has an interesting article about the possibility that new anti-Phishing measures being contemplated by the PayPal financial transaction network may — and... Apple Insider Web site — an independent news outlet for all sorts of Mac-themed speculations — has an interesting article about the possibility that new anti-Phishing measures being contemplated by the PayPal financial transaction network may — and I would emphasize may — block users of Safari, Apple's super-popular Web browser, from accessing the service. If that were to happen, it's anticipated that the Mozilla Org.'s Firefox could fill the bill. However, as the Apple Insider report indicates, this may become an issue for Mac users. My guess is that it won't, that Apple, Inc. — the "real" Apple, as it were — will figure out a way to work cooperatively with service providers such as PayPal. Eliminating phishing is, after all, in everyone's interest. — Mark Kellner, The Washington Times]]> Sitting in (not-)Stapleton tag:video1.washingtontimes.com,2008:/technology//15.5682 2008-04-18T23:22:42Z 2008-05-01T22:55:10Z Longtime travelers will recognize that Denver International Airport, or DIA, is not the legendary old Stapleton airport, which served Denver for many years. Having another 90 minutes before I can even think of boarding United 1189 to Spokane, I've been... not the legendary old Stapleton airport, which served Denver for many years. Having another 90 minutes before I can even think of boarding United 1189 to Spokane, I've been playing around with things. Some (possibly inconsequential) observations:
  • I'm pleasantly surprised to learn what, when using Google's Gmail in the Safari browser (and perhaps others), you can "pop out" a reply message, allowing you to edit the subject line. This, I hope, will help me get off one e-mail distribution, because I could put "remove" in the subject line this way. (Reducing e-mail is my new crusade; please read "On Computing" in The Washington Times next Tuesday to learn why.)
  • Gmail on the iPhone can be done one of two ways: either as part of regular e-mail, which is fine, or in the mobile Google-for-iPhone Web browser. The latter is a more Gmail-like experience. It's nice. I just never tried it before.
  • Wi-Fi at Denver International is also free, with a catch. You need to watch a 30-second commercial, after scrolling through (and agreeing to) an interminable list of usage conditions. (For all I know, I've agreed not to launch a first nuclear strike on Teheran from the DIA free Wi-Fi. Not that I could do that, but I think I agreed not to. I digress.) You can scroll and agree to the Wi-Fi terms on an iPhone, but the video doesn't come up, thus messing up attempts at Wi-Fi-icity on the handheld. This is one reason, I suppose, that Apple includes a switchover to regular wireless data when Wi-Fi isn't available.
  • I'm beginning to really, really like Qwest; especially after finding a more comfortable chair. I might even start a campaign to Free Joe Nacchio, who actually isn't in prison, but is awaiting retrial on insider trading charges related to his former tenure as Qwest chairman. (Full disclosure: I covered Mr. Nacchio's career at AT&T for two trade publications.) That aside, the free high-speed Internet clocks in at around 7 megabits per second for downloads and about half for uploads. Not bad for no charge! — Mark Kellner, The Washington Times]]> United Airlines: It's time to sit and wait (in Denver) tag:video1.washingtontimes.com,2008:/technology//15.5680 2008-04-18T22:27:28Z 2008-04-18T22:31:48Z I'm sitting in the Qwest Business Center at Denver International Airport. And I'm thinking of a new slogan for United Airlines. Instead of "It's time to fly," the slogan should be "It's time to sit and wait." That's because United... am landing instead of the nearer one where I wanted to land. The only good aspect of this is having the use of the business center, with free high-speed Internet, and electricity for my laptop and iPhone. The chair is a bit uncomfortable, but it beats propping up at a gate and hunting for an outlet. It must have been tough being a United customer service rep today; the triple cancellations brought all sorts of cranky people to the line, including this writer. If it weren't a Friday afternoon, I'd be more sanguine, but hustling around unfamiliar territory on a Friday night isn't my idea of fun. Add to that the option of "luggage roulette" — my suitcase is promised to join me, but who knows at this point! — and you can imagine the excitement. The positive addition of the business center makes things a tad more bearable. And, for its part, United is trying to make life easier by offering an outgoing voice mail, e-mail and text message service alert you to delays and changes. Too bad they couldn't keep the planes going, at least today. (Of course, those caught in the American Airlines fiasco last week have every right to sneer at my lesser travails. But I wonder if there isn't going to be a large hue and cry among the flying public, or at least a migration to carriers such as Southwest, which seem much more reliable, at least if recent experience is any guide.) — Mark Kellner, The Washington Times ]]> iPhone pix cleans up good tag:video1.washingtontimes.com,2008:/technology//15.5539 2008-04-14T04:39:55Z 2008-04-14T04:50:35Z If you'll pardon my poor grammar about how the attached image "cleans up good," I'd like to make a small point: the Apple Inc. iPhone really does take decent pictures. The image, of a piece of furniture I wanted to... — Mark Kellner, The Washington Times]]> What 'phishing' looks like tag:video1.washingtontimes.com,2008:/technology//15.5480 2008-04-10T14:57:46Z 2008-05-01T23:06:37Z Take a look at the screen below: You would think this is a legitimate login site for Western Union, and you would have come to this by clicking on an e-mail link promising you $30 for taking a survey, and... Union.tif
    You would think this is a legitimate login site for Western Union, and you would have come to this by clicking on an e-mail link promising you $30 for taking a survey, and a chance to win $600. There's even a security verification code for you to type in, to make sure you're a legitimate user! Now, take a closer look, specifically at the page heading and the Web address:
    WesternUnionon.tiff
    It doesn't read "www.westernunion.com," but rather "www.westernunionon.com." If you weren't careful, you might not notice the extra "on" in the Web address. This is what's known as a "spoof" Web site, designed to collect your personal information for identity thieves. It's totally fraudulent, but slick enough to trap the unwary. President Reagan used the phrase "trust but verify" so many times, I recall hearing, that former Soviet premier Mikhail S. Gorbachev would gag on hearing the words. Well, my apologies to Gorbachev, but Reagan was right then — and he leaves us an important lesson for cybersurfing today, except that I would turn it around: Verify, then trust. — Mark Kellner, The Washington Times]]>     Symantec Reports surge in trusted Web site attacks tag:video1.washingtontimes.com,2008:/technology//15.5428 2008-04-08T16:13:54Z 2008-04-08T16:19:51Z This just in, from the folks at Symantec Corp., underscores the need for vigilence online, as well as off-line! The latest Internet Security Threat Report (ISTR), Volume XIII released today by Symantec Corp. (Nasdaq: SYMC) concludes that the Web is... The latest Internet Security Threat Report (ISTR), Volume XIII released today by Symantec Corp. (Nasdaq: SYMC) concludes that the Web is now the primary conduit of attack activity, as opposed to network attacks, and that online users can increasingly be infected simply by visiting everyday Web sites. The report is derived from data collected by millions of Internet sensors, first-hand research and active monitoring of hacker communications and provides a global view of the state of Internet security. In the past, users had to visit intentionally malicious sites or click on malicious email attachments to become a victim of a security threat. Today, hackers are compromising legitimate Web sites and using them as a distribution medium to attack home and enterprise computers. Symantec noticed that attackers are particularly targeting sites that are likely to be trusted by end users, such as social networking sites. Attackers are leveraging site-specific vulnerabilities that can then be used as a means for launching other attacks. During the last six months of 2007, there were 11,253 site specific cross-site scripting vulnerabilities reported on the Internet; these represent vulnerabilities in individual Web sites. However, only 473 (about 4 percent) of them had been patched by the administrator of the affected Web site during the same period, representing an enormous window of opportunity for hackers looking to launch attacks. Phishing also continues to be a problem. In the last six months of 2007, Symantec observed 87,963 phishing hosts — computers that can host one or more phishing Web sites. This is an increase of 167 percent from the first half of 2007. Eighty percent of brands targeted by phishing attacks during the study period were in the financial sector. The report also found that attackers are seeking confidential end-user information that can be fraudulently used for financial gain and are less focused on the computer or device containing the information. In the last six months of 2007, 68 percent of the most prevalent malicious threats reported to Symantec attempt to compromise confidential information. Finally, attackers are leveraging a maturing underground economy to buy, sell and trade stolen information. This economy is now characterized by a number of traits common in traditional economies. For example, market forces of supply and demand have a direct impact on pricing. Credit card information, which has become plentiful in this environment, accounted for 13 percent of all advertised goods — down from 22 percent in the previous period and sold for as low as $0.40. The price of a credit card in this underground market is determined by factors such as the location of the issuing bank. Credit cards from the European Union, for example, cost more than those from the United States; this is most likely due to the smaller supply of cards circulating in the E.U which makes the card more valuable to a criminal. Bank account credentials have become the most frequently advertised item making up 22 percent of all goods and selling for as little as $10. ADDITIONAL KEY FINDINGS In 2007, Symantec detected 711,912 new threats compared to 125,243 in 2006 — an increase of 468 percent; this brings the total number of malicious code threats detected by Symantec to 1,122,311 as of the end of 2007. Symantec measured the release of both legitimate and malicious software during a portion of the reporting period and found that 65 percent of the 54,609 unique applications released to the public were categorized as malicious. This is the first time Symantec observed malicious software outpacing legitimate applications. Theft or loss of a computer or other device made up 57 percent of all data breaches during the last half of 2007 and accounted for 46 percent of all reported breaches in the previous reporting period. Government was the top industry sector for identities exposed, accounting for 60 percent of the total, an increase from 12 percent in the previous reporting period. A full identity can be purchased in the underground economy for as little as $1. The bottom line: You need to be careful on the Internet, today and every day! — Mark Kellner, The Washington Times]]> Safe or not? tag:video1.washingtontimes.com,2008:/technology//15.5427 2008-04-08T16:12:48Z 2008-04-08T23:17:42Z Just when you thought it was safe... As Americans do their taxes, a majority are unaware that they may be putting personal and financial information required on tax returns in jeopardy. According to a recent survey by Sharp Electronics Corporation,... As Americans do their taxes, a majority are unaware that they may be putting personal and financial information required on tax returns in jeopardy. According to a recent survey by Sharp Electronics Corporation, almost half of all Americans are unaware of the danger of using insecure public copiers and printers, leaving themselves at risk for data theft if a copier is not equipped with data security measures. The survey, conducted by Roper on behalf of Sharp in February, polled 1,004 adults regarding their perceptions of digital copier security. Another survey item of note indicated that 60 percent of Americans don't know about the ability of a digital photocopier to store a document image on the hard drive, which could be later retrieved by a hacker. "Tax season is here and many Americans appear not to be aware of the risk they take when making copies in public or at their office," said Ed McLaughlin, president, Sharp Imaging and Information Company of America. "Secure copiers can scramble data after every image is copied. We take pride in offering one of the most comprehensive approaches to MFP security across the widest range of products, and the more we educate consumers and businesses to the risks, the more likely they will be to protect themselves against data theft." Personal and financial information is at risk when highly confidential forms containing Social Security numbers, Employer Identification Numbers, personal finance and even sensitive health information are duplicated on a copier that is not equipped with appropriate data security measures. Images of the documents can remain on the unit's hard drive indefinitely. This practice puts personal financial information at risk of theft by anyone with access to the copier's hard drive, or anyone with basic hacking abilities. When leased copiers are replaced and re-sold, they are an easy target for hackers. Additionally, in many businesses, a security breach can also occur via network connections, since MFPs are often linked to the network. According to Paul DeMatteis, senior adviser on Corporate Security Programs, Office of Continuing and Professional Studies at John Jay College of Criminal Justice, information can be retrieved after equipment is traded in or discarded. "Companies purchasing secondhand equipment have reported finding considerable amounts of confidential data on their new machines," he says. "The same information can be obtained from your local network or the Internet if the unit sits on a network and is not appropriately protected." The Sharp survey showed that a large majority of Americans feel their tax professional should secure their personal tax information when it is copied or printed. Nearly all respondents — nine in ten Americans — felt their tax preparer should be required to protect their personal information. And three in four Americans who have their taxes prepared by a professional feel their tax preparer's copier or printer should be secure.  Now, to be sure, there's a lot behind this: Sharp wants to promote its copiers, which presumably have anti-hacker data protections. And, I imagine it would take some dedication and ingenuity to break into a copier's hard drive and get all the images, then sort them and find your tax return. But, still, it's something to think about, and perhaps query your accountant about. — Mark Kellner, The Washington Times]]>