Internet fraud has become a multi-billion dollar business with thieves stealing bank account information and credit card numbers and then selling them online.

Hi-tech thieves who specialize in card fraud have a credit line in excess of $5bn, research by the world’s largest maker of security software, Symantec, suggests.

Symantec calculated the figure to quantify the scale of fraud it found during a year-long look at the internet’s underground economy, BBC News website reported.

FAVORITE TARGETS

1. Credit card data 31%
2. Financial accounts 20%
3. Spam & phishing info 19%
4. Withdrawal service 7%
5. Identity theft data 7%
6. Server accounts 5%
7. Compromised PCs 4%
8. Website accounts 3%
9. Malicious application 2%
10. Retail accounts 1%

Credit card numbers were the most popular item on sale and made up 31% of all the goods on offer. Coming in second were bank details which made up 20% of the items being offered on criminal chat channels. The $5.3bn figure was reached by multiplying the average amount of fraud perpetrated on a stolen card, $350, by the many millions Symantec observed being offered for sale. Similarly, the report said, if hi-tech thieves plundered all the bank accounts offered for sale they could net up to $1.7bn.

Symnatec said it was likely that many of the cards offered for sale were invalid or cancelled and bank accounts closed but it added: “These figures are indicative of the value of the underground economy and the potential worth of the market.”

Credit card numbers have proved so popular among hi-tech thieves because they are easy to obtain and use for fraudulent purpose. Many of the methods favoured by cyber criminals, such as phishing schemes, database attacks and magnetic strip skimmer, are designed to steal credit card information, it said.

The existence of a ready market for any stolen data the growing use of credit cards also helped maintain their popularity, it said.

“High frequency use and the range of available methods for capturing credit cards data would generate more opportunities for theft and compromise and, thus, lead to an increased supply on underground economy servers, ” said the report.

The price card thieves can expect for the numbers they offer for sale also varied by the country of origin. US card numbers were the cheapest because they were so ubiquitous – 74% of all cards offered for sale were from the US. By contrast numbers from cards issued in Europe and the middle East commanded a premium because they were relatively rare.

Courtesy Times of India

The number of unwanted, offensive and misleading emails sent across the globe went down by 75% to a mere 60 billion or so a day, according to spam filtering companies.

And the billions of dollars pumped into the fight through anti-spam software or legal battles have nothing to do with the breakthrough.

Instead, a ragtag band of researchers pulled off the unprecedented coup of drastically cutting the spam volume by  adopting a new strategy: going after mainstream US companies that can unknowingly help spammers, identity thieves and child porn purveyors by carrying their traffic on the internet, the Los Angels Times Reported.

McColo, a californian-based company played house to some of the world’s worst online victory criminal gangs and was booted off the internet following an investigation by Washington Post security researcher Brian Krebs.

The company’s online presence was extinguished after Krebs alerted McColo’s access providers Global Crossing and Hurricane Electric earlier this week to the criminal material it was pumping out over their networks.

Few expect the relief to last. The major anti-virus firm Symantec predicted a return to the previous level by Christmas. But the rare victory gives hope to those combating spam and other “malware” by showing that even as the bad guys get smarter, new strategies can make a difference.

Courtesy Times of India November 18, 2008

The growth of IT sector in India has propelled the growth of the hardware industry too, which has even rubbed off onto the telecom infrastructure and equipment industry. India and China are the fastest growing IT hardware products markets in the Asia Pacific region. With the efforts to increase broadband offerings and internet and PC penetration, other related hardware products too will be at an advantage.

The computer hardware industry is continuously growing over 30% annually and is expected to do so till 2012. But this might face some slowdown with the current situation - inflation, rupee fluctuations and economic turmoil. As per MAIT, Indian consumers and businesses bought 7.34 million units during the previous fiscal and the industry association forecasts that they will consume 8.5 million in fiscal 2008-09. The front runners, who are the huge buyers of hardware products, are the small and medium businesses (SMBs). This market is estimated to be $11.5 billion for 2007-08, of which the SMB contribution is expected to be $4.3 billion. At the same time, PCs, printers and peripherals will together account for more than 50% of SMB hardware revenues, predicts research firm Zinnov.

As per research firm BMI, the hardware industry (including telecom hardware), has seen investments of more than $18 billion in hardware manufacturing in India. However, a high tax regime means that around 25% of the retail price of an average computer goes to the government, and there are fears that this may delay growth.

According to Gartner, PC sales in the first half of 2008 was 4.7 million units, 11.25% higher than in H1 2007; notebook sales were 1.25 million units in H1 2008 up by 94.5%. Hardware sales in India are $11.6 billion at present; this includes strategic electronic with $4.87 billion, computer electronics with $4.87 billion, computer electronics with $4.87 billion, and communication and broadband equipment with $2.32 billion.

The computer hardware peripherals and accessories include the CPU, mother boards, hard disk, RAM(memory), floppy drives, display adaptors, monitors, keyboards, mouse, CD ROM/CD writers/external drive to DVD ROM/DVD writer, sound cards, speakers, modems, UPS, printers, scanners, softwares, TV tuner/FM cards, tape / pen drives, cartridges, networking products, wireless networking products, cables and connectors, memory cards, laptop products and accessories. The PC penetration amongst SMBs was 15.7% in 2007-08. This experts think, will hit 38% by 2012.

Internet laptops

While laptops are growing rapidly, the newest area of growth within that segment is expected to be basic internet access laptops. Some of these have been designed specifically for Indian consumers. Industry experts say that vendors are moving towards the low-price ultra portable notebook. It is said to be seeing great potential with certain demographics.

HCL has been promoting its MiLeap laptops, which are priced Rs 13,990 upwards. HP and Dell are both scheduled to launch ultra portables in 2008, both priced at below $500.

The ultra portable laptop are powered by the Intel celeron M ULV processor with 2-GB flash drive storage.

The laptops are rugged, eco-friendly and come with an Intel chipset that reduces power usage. These laptops come with a 7 inch screen and have an integrated WiFi 802.11a/b/g LAN connection.

Courtesy Times of India October 25, 2008

Small Businesses-All businesses, and consumers too, for that matter-face a miasma of threats every day.

There are direct attacks, such as drive-by downloads and application exploits, and indirect attacks, such as phishing-and while I’m mentioning one type of e-mail attack I’ll throw in spam for good measure, If you can defend against all that, then start thinking about internal threats: podslurping, users running unauthorized applications, and data theft. It’s no picnic out there for security admins.

What You can Do

Start by educating staff about high-risk behaviors. Explain the dangers of phishing and identity theft. Discourage downloads and installation of unsupported applications. Explain how dangerous various plug-ins and ActiveX components can be. Teach staff not to open unexpected attachment, and not to click on the links in spam.

Inside  Threats

USB memory keys and other writable media-notably iPods- are well-known threats, enabling extremely easy theft of data. Despite this, nearly 50 percent of IT staff surveyed take no preventive measures against iPod use in the office.

86% of IT workers surveyed cited USB flash drive as the device most often used to store and move data.

61% use an iPod.

67% believe that iPods are a security risk.

49% stated they would not use preventive measures.

Keep the following in mind when evaluating endpoint security solutions:

• Centralized management features are critical. Maintaining policy (and malware definitions) in one place through a single interface and pushing to workstation agents is many times more efficient than having to install, configure, and update software on every workstation manually.
• Look for an intuitive interface where all functionality (firewall, HIPS, anti-malware, and policy management ) is integrated. Symantec Client Security 10 was an unfortunate example of how difficult it can be to manage a nonintegrated interface. And the company has completely reworked the interface for the better with End Point Protection 11.
• Along with centralized management, accurate and timely reports and alerts are key. You can start your day with an e-mail telling you whether all your workstations are protected. If a malware scan finds something, you’ll get an alert (e-mail or SMS) immediately so you can take action.
• Integration with directory services such as Active Directory and LDAP will save time, because you can import users and groups in the security management console without having to recreate them.
• Make sure you can prevent data loss (or theft) by controlling access to removable media such as USB memory keys or writable CDs and DVDs. This is something that SkyRecon Storm Shield does very well, regulating reads and writes by device type, user, and file extension. For our roundup of data theft-prevention software, see go.pcmag.com/datasnatcher

Courtesy PC Magazine May 08

According to Netcraft’s January 2008 web server survey, a whopping 156 million websites (about 25 billion pages) are functioning on the internet. That provides a pointer towards intricacies involved in maintaining digital identities by the users and service providers as well.
“These companies will help bring OpenID into the main-stream market”

OpenID eliminates the need of multiple user accounts across different websites; that is, it will give access to different websites (if the website supports OpenID). But will OpenID really help in easing our digital lives? At present, there are various websites or service providers allotting free OpenIDs to the users, and that’s where the glitch lies. And as many would have anticipated, security is not the stumbling block, thanks to the back up by VeriSign, rather the purpose of ease of use stands unfulfulled. First, you need to create an OpenID with one of the service providers (one more identity added to the clutter!), which will enable the user to use it on another OpenID supported website. Since OpenID has arisen from open source community, nobody owns it or stands to gain from it, which deprives the technology of having a uniform structure. Moreover Yahoo, which has already started using OpenID, does not support third party OpenID, instead the user has to create a new OpenID with Yahoo, which can be used on other supporting sites, If Google, Microsoft (which already has MSN Passport), IBM and others decide to do it the same way than it will only add to clutter and confusion among users.

A pointer to better solution could be spotted few years back when users could use software like cheetah for using chat services offered by Yahoo, mIRC and MSN. The user had to log in using his Yahoo, mIRC or MNC ID and could experience a much better service without having to register with anyone. Hopefully, the players, rather than seeing it as a game of one upmanship, will see the larger good now, to enable OpenID to live up to its stated promise.

Introduction :

Database Management System built from open source code are gaining more popularity among developers community. The reason is obvious-it is free, whether your purpose of use is commercial or non-commercial. Open source movement that started long ago as a group collaboration and intellectual exchange to meet Information Technology challenges and opportunities has become a viable alternative for developing software products. The major breakthrough that resulted from Linux operating system was that it instilled greater confidence in open source community to adopt the Linux model for other type of software products. As a result a large number of open source software products are available for use today. Hundreds of open source projects are underway at different community sites like Source-forge, Tigris, etc.

Open source databases have proved themselves as competitors to enterprise databases like Oracle, SQL Server, DB2, etc. They have made deep inroads into medium and large enterprise applications due to their enterprise-level features and capabilities. In the past few years database adoption pattern of companies has shifted significantly. It has moved sharply from sophistication to cost-effectiveness. High profile companies like Yahoo are using open source databases. Most of the web hosting companies are providing open source database as an inexpensive option, understanding that web applications evolve gradually.

A recent study by Evans Data Corporation reveals that there is growing acceptance of open source database in the enterprise and it is surging in popularity. Over a period of three the usage has gone form 12% to 60%, the survey reports. The overall popularity goes to MySQL and Fire bird, which account for 34%.

Due to maturity in database technology, there is a substantial improvement in database security and robustness. “When you have a fairly robust database that has liberal licensing terms (such as Firebird), you don’t have to pay to replicate and install it on servers where you need it, ad it’s a very appealing proposition” said Mr.Mckendrick, an analyst or Evans, who is based in SantaCruz, California.

Popular Products

A number of open souce databases are available today. They are of different sizes and of different maturity levels. Most popular among them with stable production versions are MySQL, Firebird, PostgreSQL, Ingres, and Cloudscape. Choosing a database from all of these is not so easy, but it all depends on what you want to do. Brief overviews of each of them are as follows:

MySQL

This database is the most popular open source database system. It provides higher level of speed, scalability and reliability, It is the best alternative to higher-cost and more complex database systems today. This is the reason why it is the right choice for most enterprise IT departments, web developers and packaged software vendors for a low-cost and highly reliable database-driven applications. It is available for major OS platforms including RedHat enterprise Linux, Microsoft Windows Server, Sun Solaris, and HP-UX. It supports advanced DBMS features like stored procedures, triggers, and views.

Firebird

Firebird has been in use in production system for the past two decades. It offer excellent concurrency, high performance, reliability and powerful language support for stored procedures and triggers. It is available for Linux, Windows and a mixture of Unix plat forms with support for ANSISQL-99. Thus it has tied in popularity with MYSQL.

Postgre SQL
It is the by-product of the database research at the university of California at Berkeley. It is a highly scalable, SQL complaint, object-relational database system, having over 15 years of development history. It is available for major OS platforms, including Linux, Windows and Unix McOS.

Ingres
Ingres is high performance relational database solution for mission critical applications in small to medium size enterprises. It is also suitable for development in large enterprises having high-volume transactions. Its scalability, reliability and high-performance make it a good choice for cost-effective data-driven applications in the enterprise. It is flexible to leverage information resources across a wide range of platforms including linux, Unix, Windows and Ipen VMS. It supports language platforms like Java and Microsoft .NET making it suitable for integration.

Cloudscape
Originally developed by a company called Cloudscape, the database product came to Informix later and then to IBM in 2001. IBM refreshed the product and put it on the track to make it the most popular Java database. Cloudscape database is 100% pure Java database which runs in 4 MB of space on the J2SE or J2EE platform. Despite its small core, the database is capacious as its table size is limited to available disk space. It supports advanced SQL features like stored procedures, triggers and good transaction management and security. Since it is designed as Java embedded database, it provides zero-adminstration. Cloudscape data can be imported into zero-administration. Cloudscape data can be imported into DB2 enterprise database without any diffiulty.

Advantages of Open Source
Usually, the first seeming advantage of open source models is the fact that open source software is made available free or at a low cost. But this characteristic is not exclusive to open source software, and several proprietary software product are made available in similar ways (a well-known case could be Microsoft’s Internet Explorer). What really distinguishes open source software from software available without fee is the combination of effects due to the characteristics. How these characteristics turn into advantages are mentioned below.

• The availability of the source code and the right to modify it are very important. It enables the unlimited alteration and enhancement of a software product. It also makes it possible to port the code to new hardware, to adapt it to changing conditions, and to reach a detailed understanding of how the system works. This is why many experts are reaching the conclusion that to really extend the lifetime of an application; it must be available in source form. Source code availability also makes it much easier to isolate bugs, and (for a programmer) to fix them.
• The right to redistribute modifications and improvements to the code, and reusing other open source codes permits all the advantages due to the modifiability of the software to be shared by large communities. This is usually the point that differentiates open source software licenses from “nearly free” ones. In substance, the fact that redistribution rights cannot be revoked, and that they are universal, is what attracts a substantial crowd of developers to work around open source software projects.
• The right to use the software in any form. This, combined with redistribution rights, ensures (if the software is useful enough), a large population of user, which helps in turn to build up a market for support and customization of the software, which can only attract more and more developers to work in the project. This, in turn, helps to improve the quality of the product, and to improve its functionality. This will cause more and more users to give the product a try, and probably to use it regularly.
• Lincense management will not be necessary. For some companies, keeping track of legal software licenses and verifying that every thing stays legal is a full-time job, Open source licenses give you permission to use them for any purpose on any number of computer or period. You only need to worry about license management while modifying and/or distributing
  the software outside your company, and even then it’s fairly straightforward.

Conclusion
Currently the leading product is MySQL, and the recent survey with some of the developers has showed Firebird as the most used open source database for enterprise applications and also the most used for single purpose applications. Indeed MySQL and FireBird are now roughly equal amongst open source users.
Developers have been using open source database for many years, since they’re free and don’t add to the expense of early trial projects. Such trialing has laid the foundation for open source databases to follow in the footsteps of Apache and Linux, two open source code products that have penetrated the enterprise wall.

Now the question is “can so many open source database products survive?” Yes, all these products can produce a strong market that justifies their survival and, with open source products, what really matters is how it is going to produce the support required to keep the product evolving and appropriate.
With such a range of free database products available, many organizations are going to think twice about paying big database license fee- and having thought twice, choose not to pay them. (A courtesy from ICFAI Journal of IT.)