plover - Slashdot User

Submission + - Do your developers have local admin rights? 6

Submitted by plover on Wednesday December 30, 2009 @11:19AM

plover writes: I work as a developer for a Very Large American Corporation. We are not an IT company, but have a large IT organization that does a lot of internal development. In my area, we do Windows development, which includes writing and maintaining code for various services and executables. A few years ago the Info Security group removed local administrator rights from most accounts and machines, but our area was granted exceptions for developers. My question is: do other developers in other large companies have local admin rights to their development environment? If not, how do you handle tasks like debugging, testing installations, or installing updated development tools that aren't a part of the standard corporate workstation?

Submission + - Wal-mart Hacked in 2006, Details in Wired

Submitted by plover on Tuesday October 13, 2009 @05:43PM

plover writes: Kim Zetter of Wired documents an extensive hack of Wal-Mart that took place in 2005-2006. She goes into great detail about the investigation and what the investigators found, including that the hackers made copies of their point-of-sale source code, and that they ran l0phtCrack on a Wal-Mart server.
Wal-Mart uncovered the breach in November 2006, after a fortuitous server crash led administrators to a password-cracking tool that had been surreptitiously installed on one of its servers. Wal-Mart’s initial probe traced the intrusion to a compromised VPN account, and from there to a computer in Minsk, Belarus.

Wal-mart has long since fixed the flaws that allowed the compromise, and confirmed that no customer data was lost in the hack.

Submission + - PC Invader Costs Ky. County $415,000 (washingtonpost.com) 1

Submitted by plover on Monday July 06, 2009 @07:40PM

plover writes: Brian Krebs, author of the computer security column Security Fix at the Washington Post, is reporting a complex hack and con job resulting in the theft of $415,000 from Bullitt County, Kentucky. The story is fascinating, and is filled with detailed information regarding the theft.

Submission + - Ex-CIO Blames Microsoft For Security Breach

Submitted by plover on Monday July 14, 2008 @11:23AM

plover writes: Hannaford is a grocery store chain who lost 4.2 million credit card numbers earlier this year as a result of a security breach. Their former CIO is directly blaming their use of Microsoft as the reason they were breached.

"None of the breach was anything related to Linux. All of it was Microsoft."

Asked whether he believed that Microsoft is less secure because it's truly less secure software or whether its overwhelming marketshare makes it a cyber thief target, Homa said it was the other way around. Microsoft's marketshare is not what attracts so many attackers. "Microsoft is so full of holes. That's why it's still a target," he said.

Submission + - Hannaford's CIO Blames Data Breach on Microsoft (storefrontbacktalk.com)

Submitted by plover on Friday July 11, 2008 @10:22AM

plover writes: Hannaford is a grocery store chain who lost 4.5 million credit card numbers as a result of a security breach. Their former CIO is directly blaming their use of Microsoft as the reason they were breached.

Homa has become a fan of simplification in battling security. "We used a lot of Linux," Homa said. "None of the breach was anything related to Linux. All of it was Microsoft."

Asked whether he believed that Microsoft is less secure because it's truly less secure software or whether its overwhelming marketshare makes it a cyber thief target, Homa said it was the other way around. Microsoft's marketshare is not what attracts so many attackers. "Microsoft is so full of holes. That's why it's still a target," he said.

Would he counsel other CIOs to avoid Microsoft like the plague? "That's what I'd do. If you limit your exposure to Microsoft, you're going to be in a more secure environment," he said, adding that Microsoft's philosophy is decentralized, forcing IT to manage more points. That means more license fees for Microsoft and more potential security gotchas for the CIO. "Hence, you see my aversion to Microsoft."

Submission + - To Catch A Thief (Use GPS)

Submitted by plover on Tuesday September 26, 2006 @10:20PM

plover writes: According to this Star Tribune story, police, with the court's permission, attached a GPS tracking device to a suspect's motorcycle and tracked his activity to the site of a theft. On Monday the thief pled guilty and was sentenced to five years.

Submission + - 'Pre-teens' are now 'pre-criminals'

Submitted by plover on Wednesday September 13, 2006 @08:42AM

plover writes: Wearing a blue suit and a tight smile, the fed faced his audience.
And this wasn't just any audience. It consisted of 300 potential offenders, rounded up on Tuesday so Jon Dudas could lay down the law to them.
In this Star Tribune story, Jon Dudas, the director of the USPTO was speaking to an elementary school assembly of second through fifth graders. So instead of "students" or "kids", it's now acceptable for reporters to refer to them as "potential offenders"? This is plus ungood.

Slashdot Top Deals