Delmarva Group, LLC

Agencies find that fusing webs of remote sensors with geospatial management systems is the next best thing to being there

Last year, the southern African nation of Namibia experienced its worst flooding in decades as the Zambesi and other rain-swollen rivers rose more than 25 feet and inundated several regions of the continent. The flooding caused large-scale destruction to homes, schools, health facilities, mahangu and maize fields, and infrastructure.

A result of heavy rains in neighboring Angola and parts of Zambia’s Western Province, the flood also displaced more than 300,000 people and contributed to cholera and other disease outbreaks. The disaster in March 2009 followed a similar season of flooding in 2008.

This year, Namibian officials hope to get a head start against catastrophic weather situations. Their approach is to create a geospatial application that taps satellite imagery and river-height sensors and get an early read on when and where the flood waters are coming — helping them decide where to deploy the right resources. An international team of experts, including representatives from NASA and the National Oceanic and Atmospheric Administration, are contributing their expertise in satellite mapping and sensor technology.

The 75 Microsoft and third-party patch events each year are a burden most users can't bear, says Secunia

The typical home user running Windows faces the "unreasonable" task of patching software an average of every five days, a security and vulnerability research company said today.

"It's completely unreasonable to expect users to master so many different patch mechanisms and spend so much time patching," said Thomas Kristensen, the chief security officer of Secunia. The result is that few consumers devote the time and attention necessary to stay atop the patching job, which leaves them open to attack.

According to Secunia, of the users who ran the company's Personal Software Inspector (PSI) the last week of January, half had 66 or more programs from 22 or more different vendors on their machines. PSI is a free tool that scans PCs to produce a list of vulnerable software, but does not itself initiate updates. Instead, users are directed to the approprite vendor patch site. Nearly 2 million copies of the tool have been downloaded since Secunia debuted it in 2007.

(CNN) -- This week's arrests of three men in connection with one of the world's largest computer-virus networks may seem like great news -- perhaps even a sign authorities are starting to win the war against cyberthieves.

But the real situation is more complicated.

Internet crime is up, but arrests of "mastermind" hackers are rare. And the whole get-the-bad-guys effort, while it makes for good drama, is a futile way to secure the Internet, some computer security experts say.

"The virus writers and the Trojan [horse] writers, they're still out there," said Tom Karygiannis, a computer scientist and senior researcher at the National Institute of Standards and Technology. "So I don't think they've deterred anyone by prosecuting these people."

A Trojan horse is a seemingly innocuous piece of software that, once installed, gives malicious users access to a computer system.

Despite its desktop-oriented reputation, Ubuntu is making serious inroads as a business server that can compete with Red Hat

By all accounts, Red Hat is the undisputed leader in enterprise Linux, but Ubuntu is proving its up to the challenge. Is it time to evaluate Ubuntu in your enterprise?

Like many of you, I haven't given the Linux market too much thought beyond Red Hat Enterprise Linux (RHEL) being the leaders and Novell Suse running a distant second. Last May, while reading the Eclipse Survey 2009 results (see the chart below), I came across two very interesting pieces of data about Linux adoption that made me reconsider this point of view.

(02-26) 07:55 PST -- As cloud computing adoption climbs, hosting providers are inking deals with security vendors to provide security-as-a-service options to customers. But will enterprise IT managers buy into these often novel forms of security woven into a cloud computing environment?

Are security issues delaying adoption of cloud computing?

There's definitely some resistance as IT and security managers struggle to sort out risk factors and compliance issues.

"A good number of organizations are now using what they consider to be cloud services," says Bill Trussell, managing director of security research at TheInfoPro, which just published its semi-annual survey of information security professionals at large and midsize firms in North America. But when TheInfoPro asked respondents about whether they'd use cloud-based security services in cloud computing environments, less than 15% cited that as being very likely.

"When asked whether organizations would extend functions such as user access and provisioning, or two-factor authentication, to cloud providers, it wasn't too popular," Trussell says. Enterprise security professionals are still nervous about something largely unfamiliar that doesn't sit on their premises and isn't under their direct control - or even under the direct control of the cloud-computing provider they use, since the security service is controlled by a third-party vendor with security expertise.

No change in spam volume after Microsoft claims it crippled Waledac

Computerworld - A prominent security researcher today said he doubts Microsoft's take-down of the Waledac botnet would have any impact on spam levels, as the company claimed.

"Waledac just is not a hugely prolific spammer," said Joe Stewart, director of malware analysis at SecureWorks and a noted botnet researcher. "So I don't think it's going to affect spam [volume]. What it does do lately..., what it's used for, is to install rogue antivirus software."

The U.K.-based anti-spam service Spamhaus echoed Stewart today. "If [Microsoft's take-down] did affect spam, we haven't noticed," said Richard Cox, the chief information officer at Spamhaus. Like Stewart, Cox also dismissed Waledac's threat as a spam engine.

"Waledac was not a high threat, it's less than 1% of the spam traffic," Cox said. "What we're worried about is Zeus, which is a far more damaging botnet, which is creating a substantial amount of spam."

Postini, the message security and filtering firm owned by Google, also said it had not detected any drop in spam. "The team hasn't seen any change so far," said Google spokesman Jay Nancarrow.

Legal issues such as data privacy and compliance regs may have you considering where the clouds actually reside

Clouds are everywhere and can be used from anywhere, right? Wrong. The fact is that when considering national laws, you may find that your data is legally not able to leave the border.

That's the case in many parts of Europe that forbid some data from being transmitted or stored outside of the country. Canada also has some rules that prohibit some data being stored in the United States due to the U.S. Patriot Act's provisions that let the federal government examine corporate records.

To get around this issue, several cloud computing providers, such as Amazon.com and Salesforce.com, have points of presence in many developed countries. There's a performance argument for this distribution of systems, but another reason is to adhere to many laws directing where some data can legally reside.

Microsoft is intent on eliminating the Waledac botnet and is using the legal system to help.

Tim Cranton, Microsoft's associate general counsel, wrote Thursday on the company's blog that Microsoft has been shutting down Waledac by working with technology partners and taking legal action.

In response to a complaint filed by Microsoft, a federal judge issued on Monday a temporary restraining order to shut down 227 Internet domains believed to be run by cybercriminals spreading the Waledac spambot.

It’s time for IE6 to die. Seriously. The funeral’s been arranged for March 1st, yet about 20% of the web still use this wretched browser.

Internet Explorer Six, resident of the interwebs for over 8 years, died the morning of March 1, 2010 in Mountain View, California, as a result of a workplace injury sustained at the headquarters of Google, Inc. Internet Explorer Six, known to friends and family as “IE6,” is survived by son Internet Explorer Seven, and grand-daughter Internet Explorer Eight.

As much as I’d like March 1st to be the last day that people browse the web with this browser, that’s not how it’s going to be. Despite being horribly out of date, people still use it.

Dell's EqualLogic PS6010XV 10G iSCSI array delivers big time performance, offering an easier and lower cost option to Fibre Channel

EqualLogic iSCSI storage arrays have always been fast, but they've recently gotten even faster. The new EqualLogic PS6010XV traded the four Gigabit Ethernet ports per controller in the PS6000 series in favor of two 10G Ethernet ports on each of the redundant controllers in the array. The result? Lower latency and snappier storage.

On one hand, bringing 10G to iSCSI arrays is a no-brainer. The per-port costs are still quite considerable, but in highly transactional roles, there's a tangible difference in storage access times. Suffice it to say, if you're bumping up against a 4Gb ceiling, 10G is very attractive.

As with all EqualLogic iSCSI arrays, the PS6010XV is a self-contained, 4U, 16-drive unit available with 15K RPM SAS disks. The rear sports two redundant controllers and two redundant power supplies. The 10G connections are SFP+ -- no muss, no fuss. Firing up the array takes only a few minutes with a serial console, and subsequent configuration is handled through the well-appointed Java-based management app. All in all, it's almost faster and easier to set up a PS6010XV than it is to write about the process.