Internet fraud has become a multi-billion dollar business with thieves stealing bank account information and credit card numbers and then selling them online.

Hi-tech thieves who specialize in card fraud have a credit line in excess of $5bn, research by the world’s largest maker of security software, Symantec, suggests.

Symantec calculated the figure to quantify the scale of fraud it found during a year-long look at the internet’s underground economy, BBC News website reported.

FAVORITE TARGETS

1. Credit card data 31%
2. Financial accounts 20%
3. Spam & phishing info 19%
4. Withdrawal service 7%
5. Identity theft data 7%
6. Server accounts 5%
7. Compromised PCs 4%
8. Website accounts 3%
9. Malicious application 2%
10. Retail accounts 1%

Credit card numbers were the most popular item on sale and made up 31% of all the goods on offer. Coming in second were bank details which made up 20% of the items being offered on criminal chat channels. The $5.3bn figure was reached by multiplying the average amount of fraud perpetrated on a stolen card, $350, by the many millions Symantec observed being offered for sale. Similarly, the report said, if hi-tech thieves plundered all the bank accounts offered for sale they could net up to $1.7bn.

Symnatec said it was likely that many of the cards offered for sale were invalid or cancelled and bank accounts closed but it added: “These figures are indicative of the value of the underground economy and the potential worth of the market.”

Credit card numbers have proved so popular among hi-tech thieves because they are easy to obtain and use for fraudulent purpose. Many of the methods favoured by cyber criminals, such as phishing schemes, database attacks and magnetic strip skimmer, are designed to steal credit card information, it said.

The existence of a ready market for any stolen data the growing use of credit cards also helped maintain their popularity, it said.

“High frequency use and the range of available methods for capturing credit cards data would generate more opportunities for theft and compromise and, thus, lead to an increased supply on underground economy servers, ” said the report.

The price card thieves can expect for the numbers they offer for sale also varied by the country of origin. US card numbers were the cheapest because they were so ubiquitous – 74% of all cards offered for sale were from the US. By contrast numbers from cards issued in Europe and the middle East commanded a premium because they were relatively rare.

Courtesy Times of India

The number of unwanted, offensive and misleading emails sent across the globe went down by 75% to a mere 60 billion or so a day, according to spam filtering companies.

And the billions of dollars pumped into the fight through anti-spam software or legal battles have nothing to do with the breakthrough.

Instead, a ragtag band of researchers pulled off the unprecedented coup of drastically cutting the spam volume by  adopting a new strategy: going after mainstream US companies that can unknowingly help spammers, identity thieves and child porn purveyors by carrying their traffic on the internet, the Los Angels Times Reported.

McColo, a californian-based company played house to some of the world’s worst online victory criminal gangs and was booted off the internet following an investigation by Washington Post security researcher Brian Krebs.

The company’s online presence was extinguished after Krebs alerted McColo’s access providers Global Crossing and Hurricane Electric earlier this week to the criminal material it was pumping out over their networks.

Few expect the relief to last. The major anti-virus firm Symantec predicted a return to the previous level by Christmas. But the rare victory gives hope to those combating spam and other “malware” by showing that even as the bad guys get smarter, new strategies can make a difference.

Courtesy Times of India November 18, 2008

The growth of IT sector in India has propelled the growth of the hardware industry too, which has even rubbed off onto the telecom infrastructure and equipment industry. India and China are the fastest growing IT hardware products markets in the Asia Pacific region. With the efforts to increase broadband offerings and internet and PC penetration, other related hardware products too will be at an advantage.

The computer hardware industry is continuously growing over 30% annually and is expected to do so till 2012. But this might face some slowdown with the current situation - inflation, rupee fluctuations and economic turmoil. As per MAIT, Indian consumers and businesses bought 7.34 million units during the previous fiscal and the industry association forecasts that they will consume 8.5 million in fiscal 2008-09. The front runners, who are the huge buyers of hardware products, are the small and medium businesses (SMBs). This market is estimated to be $11.5 billion for 2007-08, of which the SMB contribution is expected to be $4.3 billion. At the same time, PCs, printers and peripherals will together account for more than 50% of SMB hardware revenues, predicts research firm Zinnov.

As per research firm BMI, the hardware industry (including telecom hardware), has seen investments of more than $18 billion in hardware manufacturing in India. However, a high tax regime means that around 25% of the retail price of an average computer goes to the government, and there are fears that this may delay growth.

According to Gartner, PC sales in the first half of 2008 was 4.7 million units, 11.25% higher than in H1 2007; notebook sales were 1.25 million units in H1 2008 up by 94.5%. Hardware sales in India are $11.6 billion at present; this includes strategic electronic with $4.87 billion, computer electronics with $4.87 billion, computer electronics with $4.87 billion, and communication and broadband equipment with $2.32 billion.

The computer hardware peripherals and accessories include the CPU, mother boards, hard disk, RAM(memory), floppy drives, display adaptors, monitors, keyboards, mouse, CD ROM/CD writers/external drive to DVD ROM/DVD writer, sound cards, speakers, modems, UPS, printers, scanners, softwares, TV tuner/FM cards, tape / pen drives, cartridges, networking products, wireless networking products, cables and connectors, memory cards, laptop products and accessories. The PC penetration amongst SMBs was 15.7% in 2007-08. This experts think, will hit 38% by 2012.

Internet laptops

While laptops are growing rapidly, the newest area of growth within that segment is expected to be basic internet access laptops. Some of these have been designed specifically for Indian consumers. Industry experts say that vendors are moving towards the low-price ultra portable notebook. It is said to be seeing great potential with certain demographics.

HCL has been promoting its MiLeap laptops, which are priced Rs 13,990 upwards. HP and Dell are both scheduled to launch ultra portables in 2008, both priced at below $500.

The ultra portable laptop are powered by the Intel celeron M ULV processor with 2-GB flash drive storage.

The laptops are rugged, eco-friendly and come with an Intel chipset that reduces power usage. These laptops come with a 7 inch screen and have an integrated WiFi 802.11a/b/g LAN connection.

Courtesy Times of India October 25, 2008

Berlin : Across the consumer electronics industry, leading players are revamping their audio and video equipment for a future centered around the internet, a world in which televisions, stereos and computers - even dishwashers and refrigerators - can communicate with each other over a wireless home network.

Expanded lines of networked entertainment equipment will take center stage this week at the Internationale Funkausstellung in Berlin, the largest consumer electronics convention in Europe, with 1,200 exhibitors and 200,000 visitors.

Sony plans to introduce plug-in adapters to enable some of its Bravia television sets to connect to the internet wirelessly. The dutch consumer electronics makes Philips will demonstrate a line of stereo systems that can wirelessly tap into music stored on personal computers or laptops in other rooms, streaming music through the house.

Pioneer, Samsung and Sharp will present flat -panel TV’s that hook up to the internet, some with wires, some without. Hewlett Packward’s MediaSmart LCD TV will wirelessly stream high-definition video.

Some industry executives say the new focus on internet content and wireless networks reflects a fundamental shift in home entertainment.

“The internet is massive”, said Tim Page, technology marketing manager at Sony Europe. “So are the opportunities for electronics makers, content providers and consumers to get connected.”

The convergence of telecommunications, consumer electronics and computing is bringing together a new set of competitors. Telecommunication operators, seeking to increase their revenue from data traffic, are actively promoting home internet access that is both easier and more sophisticated.

One way is through so-called residential gateways, boxes that combine an internet router with a modem and software than can wirelessly shuttle video and audio among devices in a home.

Major online businesses also view the living room as a potentially lucrative new location for their services, with consumers turning to their TV’s instead of PC’s to reach the internet. Google and Yahoo have said they will jointly produce software to make it easier to display content on TV screens.

“Consumers really aren’t driving the trend toward networked devices, the device makers are,” said Steve Wilson, an analyst at ABI Research in New York. “The companies are pushing this to try to build a new business to offer new services. It is really a matter of getting the infrastructure in place.”

While networked devices like internet -ready TV’s, set-top boxes, residential gateways and game consoles are increasingly common, the truly networked wireless home is still a few years off, industry experts say.

The technology already exists to enable many home electronic devices, including kitchen appliances, to communicate over a wireless network said Alon Ironi, the chief executive of Siano, an Israeli company that makes video receivers for devices like digital picture frames. The problem, Ironi said is that most devices are unable to communicate with other manufacturer’s products because of different technological standards.

Although most major consumer electronics makers - Samsung, Sony, Philips, Panasonic, Pioneer, Sharp, Toshiba - belong to the Digital Living Network Alliance, a consortium whose commom protocols ensure that their devices communicate with one another, that has not stopped from hedging their bets. in July, Sony, Samsung, Sharp, Hitachi and Motorola joined the Israeli company Amimon in a new standards group for wireless communication, called Wireless High Definition Interface, which is working to produce a new HD video standard.

“What this means for consumers is that some people may bring products home and discover that they can’t communicate with others on their networks,” said Kurt Scherf, a senior analyst at Parks Associates.

Still, manufacturers clearly think the appeal of a new information age centered on the living room couch will be strong enough to win over consumers who may be impressed by the early results. That is one reason that the former cordless telephone business of Siemens is starting to think about combining its phones with the internet.

Courtesy : The Times of India

Google Inc has stepped up efforts to digitize dozens of historical newspapers and make scanned images of the original papers available online, the internet search leader said on Monday.

In a blog post on the Silicon Valley-based company’s website, Google said it is looking to make old newspapers searchable online by partenering with newspaper publishers to digitize millions of pages of news archives.

The effort involves the archieves of dozens of newspaper titles and expands on a two year old effort by Google to work on a two major US newspapers – The Newyork Times and Washington Post – to index old papers in Google News Archive.

“Not only will you be able to search these newspapers, you’ll also be able to browse through them exactly as they were printed – photographs, headlines, articles, advertisements and all”.

The additional newspapers allow readers to see how newspapers of bygone days covered historical events. For example, the Pittsburg Post-Gazette’s coverage of Neil Armstrong’s (and Edwin Aldrin’s) 1969 moon walk can be found at http://tinyurl.com/man-on-the-moon/

“Not every search will trigger this new content, but you can start by trying queries like ( Nixon space shuttle) or (Titanic located). Stories we’ve scanned under this initiative will appear alongside already- digitized material from publications like the New York Times as well as from archive aggregators. Over time, as we scan more articles and our index grows, we’ll also start blending these archives into our main search results so that when you search Google, you’ll be searching the full text of these newspapers as well”.

Small Businesses-All businesses, and consumers too, for that matter-face a miasma of threats every day.

There are direct attacks, such as drive-by downloads and application exploits, and indirect attacks, such as phishing-and while I’m mentioning one type of e-mail attack I’ll throw in spam for good measure, If you can defend against all that, then start thinking about internal threats: podslurping, users running unauthorized applications, and data theft. It’s no picnic out there for security admins.

What You can Do

Start by educating staff about high-risk behaviors. Explain the dangers of phishing and identity theft. Discourage downloads and installation of unsupported applications. Explain how dangerous various plug-ins and ActiveX components can be. Teach staff not to open unexpected attachment, and not to click on the links in spam.

Inside  Threats

USB memory keys and other writable media-notably iPods- are well-known threats, enabling extremely easy theft of data. Despite this, nearly 50 percent of IT staff surveyed take no preventive measures against iPod use in the office.

86% of IT workers surveyed cited USB flash drive as the device most often used to store and move data.

61% use an iPod.

67% believe that iPods are a security risk.

49% stated they would not use preventive measures.

Keep the following in mind when evaluating endpoint security solutions:

• Centralized management features are critical. Maintaining policy (and malware definitions) in one place through a single interface and pushing to workstation agents is many times more efficient than having to install, configure, and update software on every workstation manually.
• Look for an intuitive interface where all functionality (firewall, HIPS, anti-malware, and policy management ) is integrated. Symantec Client Security 10 was an unfortunate example of how difficult it can be to manage a nonintegrated interface. And the company has completely reworked the interface for the better with End Point Protection 11.
• Along with centralized management, accurate and timely reports and alerts are key. You can start your day with an e-mail telling you whether all your workstations are protected. If a malware scan finds something, you’ll get an alert (e-mail or SMS) immediately so you can take action.
• Integration with directory services such as Active Directory and LDAP will save time, because you can import users and groups in the security management console without having to recreate them.
• Make sure you can prevent data loss (or theft) by controlling access to removable media such as USB memory keys or writable CDs and DVDs. This is something that SkyRecon Storm Shield does very well, regulating reads and writes by device type, user, and file extension. For our roundup of data theft-prevention software, see go.pcmag.com/datasnatcher

Courtesy PC Magazine May 08

According to Netcraft’s January 2008 web server survey, a whopping 156 million websites (about 25 billion pages) are functioning on the internet. That provides a pointer towards intricacies involved in maintaining digital identities by the users and service providers as well.
“These companies will help bring OpenID into the main-stream market”

OpenID eliminates the need of multiple user accounts across different websites; that is, it will give access to different websites (if the website supports OpenID). But will OpenID really help in easing our digital lives? At present, there are various websites or service providers allotting free OpenIDs to the users, and that’s where the glitch lies. And as many would have anticipated, security is not the stumbling block, thanks to the back up by VeriSign, rather the purpose of ease of use stands unfulfulled. First, you need to create an OpenID with one of the service providers (one more identity added to the clutter!), which will enable the user to use it on another OpenID supported website. Since OpenID has arisen from open source community, nobody owns it or stands to gain from it, which deprives the technology of having a uniform structure. Moreover Yahoo, which has already started using OpenID, does not support third party OpenID, instead the user has to create a new OpenID with Yahoo, which can be used on other supporting sites, If Google, Microsoft (which already has MSN Passport), IBM and others decide to do it the same way than it will only add to clutter and confusion among users.

A pointer to better solution could be spotted few years back when users could use software like cheetah for using chat services offered by Yahoo, mIRC and MSN. The user had to log in using his Yahoo, mIRC or MNC ID and could experience a much better service without having to register with anyone. Hopefully, the players, rather than seeing it as a game of one upmanship, will see the larger good now, to enable OpenID to live up to its stated promise.

Introduction :

Database Management System built from open source code are gaining more popularity among developers community. The reason is obvious-it is free, whether your purpose of use is commercial or non-commercial. Open source movement that started long ago as a group collaboration and intellectual exchange to meet Information Technology challenges and opportunities has become a viable alternative for developing software products. The major breakthrough that resulted from Linux operating system was that it instilled greater confidence in open source community to adopt the Linux model for other type of software products. As a result a large number of open source software products are available for use today. Hundreds of open source projects are underway at different community sites like Source-forge, Tigris, etc.

Open source databases have proved themselves as competitors to enterprise databases like Oracle, SQL Server, DB2, etc. They have made deep inroads into medium and large enterprise applications due to their enterprise-level features and capabilities. In the past few years database adoption pattern of companies has shifted significantly. It has moved sharply from sophistication to cost-effectiveness. High profile companies like Yahoo are using open source databases. Most of the web hosting companies are providing open source database as an inexpensive option, understanding that web applications evolve gradually.

A recent study by Evans Data Corporation reveals that there is growing acceptance of open source database in the enterprise and it is surging in popularity. Over a period of three the usage has gone form 12% to 60%, the survey reports. The overall popularity goes to MySQL and Fire bird, which account for 34%.

Due to maturity in database technology, there is a substantial improvement in database security and robustness. “When you have a fairly robust database that has liberal licensing terms (such as Firebird), you don’t have to pay to replicate and install it on servers where you need it, ad it’s a very appealing proposition” said Mr.Mckendrick, an analyst or Evans, who is based in SantaCruz, California.

Popular Products

A number of open souce databases are available today. They are of different sizes and of different maturity levels. Most popular among them with stable production versions are MySQL, Firebird, PostgreSQL, Ingres, and Cloudscape. Choosing a database from all of these is not so easy, but it all depends on what you want to do. Brief overviews of each of them are as follows:

MySQL

This database is the most popular open source database system. It provides higher level of speed, scalability and reliability, It is the best alternative to higher-cost and more complex database systems today. This is the reason why it is the right choice for most enterprise IT departments, web developers and packaged software vendors for a low-cost and highly reliable database-driven applications. It is available for major OS platforms including RedHat enterprise Linux, Microsoft Windows Server, Sun Solaris, and HP-UX. It supports advanced DBMS features like stored procedures, triggers, and views.

Firebird

Firebird has been in use in production system for the past two decades. It offer excellent concurrency, high performance, reliability and powerful language support for stored procedures and triggers. It is available for Linux, Windows and a mixture of Unix plat forms with support for ANSISQL-99. Thus it has tied in popularity with MYSQL.

Postgre SQL
It is the by-product of the database research at the university of California at Berkeley. It is a highly scalable, SQL complaint, object-relational database system, having over 15 years of development history. It is available for major OS platforms, including Linux, Windows and Unix McOS.

Ingres
Ingres is high performance relational database solution for mission critical applications in small to medium size enterprises. It is also suitable for development in large enterprises having high-volume transactions. Its scalability, reliability and high-performance make it a good choice for cost-effective data-driven applications in the enterprise. It is flexible to leverage information resources across a wide range of platforms including linux, Unix, Windows and Ipen VMS. It supports language platforms like Java and Microsoft .NET making it suitable for integration.

Cloudscape
Originally developed by a company called Cloudscape, the database product came to Informix later and then to IBM in 2001. IBM refreshed the product and put it on the track to make it the most popular Java database. Cloudscape database is 100% pure Java database which runs in 4 MB of space on the J2SE or J2EE platform. Despite its small core, the database is capacious as its table size is limited to available disk space. It supports advanced SQL features like stored procedures, triggers and good transaction management and security. Since it is designed as Java embedded database, it provides zero-adminstration. Cloudscape data can be imported into zero-administration. Cloudscape data can be imported into DB2 enterprise database without any diffiulty.

Advantages of Open Source
Usually, the first seeming advantage of open source models is the fact that open source software is made available free or at a low cost. But this characteristic is not exclusive to open source software, and several proprietary software product are made available in similar ways (a well-known case could be Microsoft’s Internet Explorer). What really distinguishes open source software from software available without fee is the combination of effects due to the characteristics. How these characteristics turn into advantages are mentioned below.

• The availability of the source code and the right to modify it are very important. It enables the unlimited alteration and enhancement of a software product. It also makes it possible to port the code to new hardware, to adapt it to changing conditions, and to reach a detailed understanding of how the system works. This is why many experts are reaching the conclusion that to really extend the lifetime of an application; it must be available in source form. Source code availability also makes it much easier to isolate bugs, and (for a programmer) to fix them.
• The right to redistribute modifications and improvements to the code, and reusing other open source codes permits all the advantages due to the modifiability of the software to be shared by large communities. This is usually the point that differentiates open source software licenses from “nearly free” ones. In substance, the fact that redistribution rights cannot be revoked, and that they are universal, is what attracts a substantial crowd of developers to work around open source software projects.
• The right to use the software in any form. This, combined with redistribution rights, ensures (if the software is useful enough), a large population of user, which helps in turn to build up a market for support and customization of the software, which can only attract more and more developers to work in the project. This, in turn, helps to improve the quality of the product, and to improve its functionality. This will cause more and more users to give the product a try, and probably to use it regularly.
• Lincense management will not be necessary. For some companies, keeping track of legal software licenses and verifying that every thing stays legal is a full-time job, Open source licenses give you permission to use them for any purpose on any number of computer or period. You only need to worry about license management while modifying and/or distributing
  the software outside your company, and even then it’s fairly straightforward.

Conclusion
Currently the leading product is MySQL, and the recent survey with some of the developers has showed Firebird as the most used open source database for enterprise applications and also the most used for single purpose applications. Indeed MySQL and FireBird are now roughly equal amongst open source users.
Developers have been using open source database for many years, since they’re free and don’t add to the expense of early trial projects. Such trialing has laid the foundation for open source databases to follow in the footsteps of Apache and Linux, two open source code products that have penetrated the enterprise wall.

Now the question is “can so many open source database products survive?” Yes, all these products can produce a strong market that justifies their survival and, with open source products, what really matters is how it is going to produce the support required to keep the product evolving and appropriate.
With such a range of free database products available, many organizations are going to think twice about paying big database license fee- and having thought twice, choose not to pay them. (A courtesy from ICFAI Journal of IT.)

The words software update and software upgrade are often confused to be one and the same.  The difference needs understanding.  Updates are also know as patches.  Updates often means small changes / corrections / bug fixing done to software.   Updates just gets added on to the existing software.  No new installation will be required.  Updates come totally free of cost.

On the other hand upgrades are major changes, new functions etc added to a software. Updates requires new installation and generally comes with a cost.   Upgrades can also be a number of patches bundled together.  Upgrades are also know as releases.

It becomes critical to understand the update / upgrade policy attached to a software at the time of procurement decision.

Software procurement requires some understanding on the type of software to be purchased. Broadly we can classify softwares to be of 4 types. Stand alone applications, Client server applications, Web applications and the latest SaAS. Knowing how each type functions is very critical for procurement decision. More important is to know if the software has the capability to be upgraded from one type to another.

Lets say you have a requirement for a stand alone software now, you go ahead buying it. It works on one system and all is well. Six months down the line you realize you have to have the software working on more than one system. What then? If you are lucky and if the software has the capability to be client-server application, you can enhance it and it works fine on all your systems. But if the software cannot work on multiple systems, does not have a client server version, what then? You have two choices - dump the software get a new one or just live with it.

Read the rest of this entry »