How CAPTCHA got trashed; Security Manager's Journal

Computerworld Security: Issues and Trends
July 14, 2008
___________________________________________________________

***************SPONSOR**************************************

Not All QSAs Are Created Equal

The Payment Card Industry Data Security Standard (PCI DSS) requires an annual assessment of security systems and procedures, which must be performed by a QSA and is designed to verify that an entity is complying with all requirements of the PCI DSS. Many companies equate passing the assessment with actually being in compliance. However, recent security breaches highlight the danger of this assumption. True compliance and sound security are part of an ongoing commitment best serviced by QSAs with expertise in security as a whole. This whitepaper helps choose the best QSA for the annual assessment by highlighting key differentiators among QSAs and QSA vendors.

http://cwflyris.computerworld.com/t/3354932/132809451/125727/0/

************************************************************
In this issue:

* How CAPTCHA got trashed
* Seven years and counting: National disease-tracking system still unfinished
* Outsourcing deal, layoffs lead to end of tax breaks
* Off the record
* Study: Electronic voting increased tabulation errors
* ACLU and allies file lawsuit to challenge surveillance law
* Security Manager's Journal: Frustrations mount from lack of resources
* DNS Hole Doesn't Go Unnoticed
* Q&A: Iowa's tragic lesson in business continuity
* Feds moving ahead on effort to reduce Internet connections, but with adjusted target
* The dangers of cloud computing
* Don't give Google a free pass on data collection, privacy advocates say after YouTube ruling
* Criminal prosecutions eyed for passport snoopers
* $90,169 buys a lot of iPhones


Computerworld Blogs:

* IT Blogwatch: Sizable spammer Soloway's sentencing story
* Tech Dispenser: WordPress for iPhone App
* Shark Bait: On my life, I swear...



OTHER RESOURCES
_______________

Computerworld presents a 100% online trade show on security. Learn from industry experts and network with your peers. Get more information:
http://cwflyris.computerworld.com/t/3354932/132809451/112247/0/



Messagelabs Web Cast - Avoid the Latest Phishing Attacks
http://cwflyris.computerworld.com/t/3354932/132809451/117938/0/



White Paper: Deliver Integrated Security Protection with Symantec.
http://cwflyris.computerworld.com/t/3354932/132809451/121456/0/




_________________________________________________________
How CAPTCHA got trashed

CAPTCHA -- the wiggly words meant to keep honest those seeking a new e-mail account or access to an online discussion thread -- is now more useful to malware authors than as a security measure. Steven J. Vaughan-Nichols is the bearer of bad news.


http://cwflyris.computerworld.com/t/3354932/132809451/125728/2/


_________________________________________________________
Seven years and counting: National disease-tracking system still unfinished

For the past seven years, the federal government has been pushing the adoption of a Web-based system that public health agencies nationwide could use to report and track infectious disease outbreaks. But even now, only 38 of the 50 states are fully compliant with the system's technical requirements.


http://cwflyris.computerworld.com/t/3354932/132809451/125729/2/


_________________________________________________________
Outsourcing deal, layoffs lead to end of tax breaks

The Nielsen Co. has given up tens of thousands of dollars in property tax breaks this year after signing an IT offshoring deal that led to layoffs at its global technology center in Oldsmar, Fla.


http://cwflyris.computerworld.com/t/3354932/132809451/125730/2/


_________________________________________________________
Off the record

While standards are finally getting some traction with vendors and providers, there's still a long way to go before broad interoperability is achieved.


http://cwflyris.computerworld.com/t/3354932/132809451/125731/2/


_________________________________________________________
Study: Electronic voting increased tabulation errors

Comparison of results in for recent French elections revealed that polling stations using electronic voting systems suffered more voting discrepancies than polling stations using traditional paper votes.


http://cwflyris.computerworld.com/t/3354932/132809451/125732/2/


_________________________________________________________
ACLU and allies file lawsuit to challenge surveillance law

Making good on an earlier promise, the ACLU, Amnesty International, Human Rights Watch and allied organizations filed suit Thursday to combat the Foreign Intelligence Surveillance Act (FISA) Amendments Act.


http://cwflyris.computerworld.com/t/3354932/132809451/125733/2/


_________________________________________________________


***************SPONSOR**************************************

Disaster Preparedness: How to Develop a Business Continuity Plan

Review a five-step process to develop a comprehensive business continuity plan.

http://cwflyris.computerworld.com/t/3354932/132809451/120468/0/

************************************************************

_________________________________________________________
Security Manager's Journal: Frustrations mount from lack of resources

The frustrations of slashed budgets and inadequate manpower come to a head. Is it time for a change?


http://cwflyris.computerworld.com/t/3354932/132809451/125734/2/


_________________________________________________________
DNS Hole Doesn't Go Unnoticed

A security flaw in the DNS protocol didn't get Microsoft's top severity rating when the company and other vendors issued patches for it. But that belies the amount of attention being paid to the cache-poisoning vulnerability.


http://cwflyris.computerworld.com/t/3354932/132809451/125735/2/


_________________________________________________________
Q&A: Iowa's tragic lesson in business continuity

Deb Hale, security administrator at Iowa-based telecommunications provider Long Lines, discusses the most important things a company can do to survive what Mother Nature decides to unleash.


http://cwflyris.computerworld.com/t/3354932/132809451/125736/2/


_________________________________________________________
Feds moving ahead on effort to reduce Internet connections, but with adjusted target

Karen Evans, the de facto federal CIO, said that a security initiative to downsize the number of external Internet connections at government agencies is progressing, although the number of links left in the end will be larger than initially planned.


http://cwflyris.computerworld.com/t/3354932/132809451/125737/2/


_________________________________________________________
The dangers of cloud computing

On-demand apps and services bring several security risks that IT should address upfront.


http://cwflyris.computerworld.com/t/3354932/132809451/125738/2/


_________________________________________________________
Don't give Google a free pass on data collection, privacy advocates say after YouTube ruling

A judge's order that Google turn over YouTube user data to Viacom is raising privacy concerns. But some privacy advocates question why Google is collecting the data in the first place.


http://cwflyris.computerworld.com/t/3354932/132809451/125739/2/


_________________________________________________________
Criminal prosecutions eyed for passport snoopers

Senators last week grilled State Department officials about unauthorized access of passport files and called for more criminal prosecutions to try and stop government employees from snooping.


http://cwflyris.computerworld.com/t/3354932/132809451/125740/2/


_________________________________________________________
$90,169 buys a lot of iPhones

$90,169 was the average total compensation for the respondents of our 2007 Salary Survey. How does that compare with what you're making this year? Take Computerworld's 2008 Salary Survey and let us know:
http://www.computerworld.com/salary2008?I.Project=S0063244&i.User1=N
You could win one of 10 Sony 8" portable DVD players!



_________________________________________________________
***************SPONSOR**************************************

White Paper - What do consumers expect from online sales and support interactions—and how can enterprises exceed these expectations? This independent report draws from hundreds of interviews to
provide authoritative answers.

http://cwflyris.computerworld.com/t/3354932/132809451/125741/0/

************************************************************


COMPUTERWORLD BLOGS
___________________

Sizable spammer Soloway's sentencing story

It's IT Blogwatch: in which a major convicted spammer, Robert Soloway, is facing sentence in federal court. Not to mention more fun times ahoy!...

To view the rest of the blog post, click the following link.
http://cwflyris.computerworld.com/t/3354932/132809451/125742/2/



Tech Dispenser: WordPress for iPhone App

WordPress for iPhone: Big news from the Automattic team yesterday. They released a first look at their iPhone App that works on both WordPress.com and WordPress.org blogs ...

http://cwflyris.computerworld.com/t/3354932/132809451/125519/2/



Shark Bait: On my life, I swear...

Pilot Fish; So I am standing around by someone's cube, waiting to get access to a small office (the lady was in there talking to someone). I am glancing around and I notice a pull-out tab thingy on one of the staplers that is a little more heavy-duty ...

http://cwflyris.computerworld.com/t/3354932/132809451/125518/2/