Security Around Off The Shelf Softwares

IT Security consultants are very often asked to validate or scrutinize a ready to use software available in the market. Now, as everyone knows, not all softwares would be equally useful in each and every organization. Similarly, not all softwares would be equally secure in all organizations. Hence, here is a very useful and handy checklist for evaluating any off the shelf software.

An IT security expert’s checklist to buying commercial off-the-shelf software

Reduce Security Risk in Organizations

It is (and will always remain) an open debate around which are the most useful security steps to take.

Here is a very interesting article around the top 10 rules to always try and adhere to.

Pwn2Own Contest

To know more about this "one of its kind" hacking contest, go over my article in the April issue of the CH Magazine (on page 17).

http://chmag.in/issue/apr2010.pdf

Why Google Wants To Breakup With China?

Are you guys are as confused as me, over why Google wants to quit China? Is it only because of one attack, which compromised access to some of its email accounts?

Really?? Is that it? Is this a good enough reason to quit from a country like China?

Here is any interesting article that gives out some more details. Not surprisingly, this one comes from a Non-IT website:

Hindustan Times



Update: Hmmm... I guess there is more to this story. Attackers also took Gaia (which is Google's single sign on authentication system) with them. Well not literally, they stole the program's source code.

What that means, is best left to anyone and everyone's imagination. If the program is not secure enough, well hackers could break in now. Even worse, I hope the system did not have an actual backdoor, which gave Google's executives a direct entry into the system..!

http://www.nytimes.com/2010/04/20/technology/20google.html