|
|
|
| Related Articles |
| Begg: I'll be off to the third world |
28 November 2007 |
| ABTA Travel Convention special report: Global founder plans to swap business for charity |
| |
| QinetiQ to cut 400 despite profit jump |
29 November 2007 |
| QinetiQ, the defence research business in which the chairman and chief
executive made more than £35 million on the flotation of the business, will
eliminate 400 jobs across the UK. |
| |
| It was right to extradite NatWest Three |
28 November 2007 |
| ANDREW FASTOW’S allegation that the NatWest Three were involved in the
financial deceits which brought down Enron does not mean the men are guilty.
But it does mean that they have a case to answer — a case which is rightly
being tried in the US. <br/>
<br/>
The US has had no particular beef with British businessmen. It seeks out
suspects of white-collar crime whoever they are, wherever they are. Kobi
Alexander, the chief executive of Comverse Technology, was apprehended this
week in Namibia, ending his two-month flight from American law enforcers
seeking to prosecute him for the back-dating of stock options. The “perp
walk” — the US practice of hand-cuffing and frog-marching a
multi-millionaire American executive out of his office and into a waiting
police car in full view of the waiting, tipped-off camera crews — has become
a regular feature of the nightly news in the US. Foreigners who do business
in America know full well that the Land of the Free is not nice to
criminals, nor even criminal suspects. <br/>
<br/>
The public outcry over the extradition of the NatWest Three — Gary Mulgrew,
David Bermingham and Giles Darby — has from the outset felt like a
misplaced, sometimes mendacious venting of national frustration at
Washington. <br/>
<br/>
The fact is that this case has nothing to do with the war in Iraq, with the
presidency of George W. Bush, with Tony Blair’s Atlanticist inclinations.
Even the esteemed British chief executives and chairmen who signed up to the
letter calling for fair trials abroad looked like suckers: their campaign
seemed to put patriotism, even a huffy anti-Americanism, before the due
process of law. <br/>
<br/>
Certainly, they had a just complaint: the British Government agreed an
extradition treaty without securing reciprocity from the US. But, for that,
more fool the British Government. It knows a pledge from the Administration
will not necessarily be honoured by Congress, particularly involving the
issue of extradition. <br/>
<br/>
Fastow’s claims against the three British men may be suspect. The quiet chief
financial officer of Enron has made a second career for himself shopping his
old acquaintances. In 2002, he was indicted on 78 counts of fraud,
money-laundering and conspiracy. Thanks to his “co-operation with the
authorities”, he has been sentenced to six years in prison. <br/>
<br/>
Nonetheless, Fastow’s legal deposition describes a “close, personal
relationship” with Mulgrew. Enron collapsed in 2001, undone by an intricate,
ingenious web of financial fraud. Fastow claims that, in his financial
dealings with the men as late as 2000, they “knew what I expected”. The
deposition seems to skewer the argument that the men should be tried in
Britain. They may have to face allegations of defrauding their former
British employers too, but if they played a part in Enron’s downfall, then
they have a case to answer in America as well. There is a principle at
stake, one which underpins global capitalism and one which is as dear to
every Briton as it is to every American: respect for the due process of law. |
| |
| Yard owner 'shot in face' |
28 November 2007 |
| A trial at the High Court in Edinburgh hears allegations that a Lanarkshire business man was shot in the face. |
| |
| Chef supplier waits for payment |
28 November 2007 |
| A Devon supplier to celebrity chef John Burton Race's Devon restaurant says he has been left out of pocket after the business closed. |
| |
| Cameron attacks CGT tax plan |
27 November 2007 |
| David Cameron calls for a simpler tax regime to help business and pledges to fight a capital gains tax hike. |
| |
| London Geek Dinner, December 7, 7:30PM |
28 November 2007 |
| I'll be in London on Dec 7, as will Robert Scoble, so Hugh MacLeod, the blogger who does those outrageously funny business card size cartoons, is kindly hosting a dinner that evening.
There's only room for 50 people, and already 40 people have signed up (sorry about that), so if you want to come, please quickly send an email to Hugh.
The details are on this page...
http://www.gapingvoid.com/Moveable_Type/archives/004358.html
Looking forward to visiting London!!
Dave |
| |
| Client-side vulnerabilities loom large |
28 November 2007 |
| Critical vulnerabilities in common PC software, including both applications and operating systems, continue to grow in number and stand as the leading cause for concern in the IT security landscape today, according to training experts at the SANS Institute.Holes in so-called client-side applications, including Web browsers, e-mail clients, productivity suites, and media players, have become particularly worrisome over the last year, according to SANS, which highlighted the issue as part of its annual report on the top 20 Internet security risks for 2007.As hackers have shifted their attention further away from operating system flaws and drilled down to applications-layer vulnerabilities they have found a seemingly endless wealth of possibilities for infecting PCs with everything from spyware to botnet programs, SANS researchers contend.Unless something can be done to improve software developers' coding habits or better test popular applications for such issues before they land on end-users' machines, attackers will be able to continue their successful assaults against enterprise networks and devices for the foreseeable future, said Rohit Dhamankar, project manager for the Top 20 report at SANS and a senior manager of security research for TippingPoint.?"There's just been such a dramatic rise in the numbers of vulnerabilities found in applications like Internet Explorer and Microsoft Office and a number of media players that attackers are having their way," said Dhamankar. "Enterprises are bolstering security, but desktop users still pose a massive risk if they can download anything they want from the Web; the attacks are also growing in sophistication to the extent that many can defeat antivirus and other security systems primarily by obfuscating their code."Some of the most powerful tools that hackers have adopted in hunting for potential targets are the same industrial-strength applications fuzzing tools that software vendors themselves are using to search for holes in their products, said the expert.Enterprises could do themselves a favor by enforcing stricter policies that dictate the types of applications that end-users are allowed to put on their work machines and using technical means to ensure that those rules are being followed, Dhamankar said.Other SANS researchers noted that while companies may not want to tell end-users that they cannot utilize media players, messaging clients, and other applications that have moved into the business world from the consumer sector, they could help themselves out by limiting the variety of client-side applications that people may choose from."IT departments can't focus on all the applications of the world, but they can choose several and keep their eye on those while allowing end-users some freedom," said Amol Sarwate, research manager at Qualys who studies vulnerability patterns for SANS. "What companies need to do is enforce standards for applications usage and utilize technical means to block unwanted software, devices, and even wireless access points."While many businesses have already realized that they need to shift more of their efforts toward defending client-side vulnerabilities, most have failed to embrace a proactive approach versus simply keeping track of publicly-reported flaws and patching those issues said Sarwate.Enterprises need to think about future security issues
It will be particularly important for firms to examine the additional security issues that will be introduced in the coming years with broader adoption of technologies including VoIP (Voice over IP), according to the expert."The key is for people to start thinking ahead of these client-side vulnerabilities to understand what the next big thing may be. Things like VoIP need to be examined for their security implications," said Sarwate. "Many companies are already adopting these tools because of all the advantages they offer, but there will be many attacks carried out against these systems as well."Among the advice that SANS is offering organizations hoping to improve their client-side security coverage is to mandate secure configurations at installation time for all applications, to constantly verify patching and upgrading of both applications and system software, to scan for new vulnerabilities frequently, and to keep their security systems up to date.Other leading areas of concern highlighted by SANS in its report included critical vulnerabilities in Web applications that allow for cross-site scripting attacks or for computers to be otherwise compromised simply by pointing their browsers at poisoned URLs."Gullible, busy, accommodating computer users," including executives, IT staff, and others with privileged access also remain a major weak point for enterprise security, according to SANS, as these seemingly more seasoned users of computers and software are still falling for increasingly targeted spear-phishing campaigns in large numbers.One of the best ways to educate users about the problem is for organizations to create fake spear-phishing threats and send them out to internal users to determine which individuals might be most likely to fall for the schemes and follow up with additional training, the group said.Critical vulnerabilities in the software and systems that provide the operating environment and primary services to computer users, or server-side software, remain another area of leading concern, according to SANS.Problems in Microsoft Windows services, Unix and Mac OS services, back-up and AV programs, management servers, database software, and VoIP technologies in particular are proving troublesome, according to the report.Many of those issues can be addressed by following the same advice offered for solving client-side vulnerabilities, SANS said in the research. |
| |
 |
|
|
|