Dennis Fisher

Microsoft Corp. fired final parting shots at Sun Microsystems Inc. and Java by dropping its Java Virtual Machine from the forthcoming Windows XP operating system. In addition, it has moved to block the ability for Java applets to run by default within the Outlook client. The moves crystallize the ongoing separation between Microsofts .Net and […]

As PKI vendors struggle to find new applications and markets for their technology, debate is brewing around one of the nascent standards they hope will help spur widespread implementation of public-key infrastructure in handheld devices. While both sides contend they have users interests in mind, a protracted debate on the Extensible Markup Language Key Management […]

For Brooks Martin, patching and maintaining his Microsoft Corp. IIS Web servers is almost a full-time job. With so many vulnerabilities—and with a new patch appearing seemingly every week—Martin said its a struggle keeping his head above water. “We stay on top of what we do, but you never know,” said Martin, CEO of isObject […]

Public-key infrastructure has taken its lumps for years, as have its users. But when CEO Fran Rooney walked out the door of PKI vendor Baltimore Technologies plc., in Dublin, Ireland, last week, many saw it as the beginning of the end for the technology. Now more than ever, customers—who have watched Baltimore and other PKI […]

Several serious vulnerabilities in Cisco Systems Inc.s Internetwork Operating System could catch unawares some enterprises that run the companys popular lines of routers and switches. The networking company last week revealed several security holes that could allow attackers to gain control of devices running IOS or recover a secured session key. The most serious vulnerability […]

Best known for its networking software and frequent strategy shifts, Novell Inc. is set to roll out this summer new products in an effort to reshape itself as a security company. The Provo, Utah, vendor last week spelled out the details of its forthcoming iChain 2.0 access-control software, which will include a host of enhanced […]

System administrators and CIOs have little concept of the top threat to security, according to a survey released last week by eWeek and security vendor Camelot IT Ltd. Despite personal experience and empirical evidence to the contrary, 57 percent of respondents who listed themselves as very concerned about network and privacy security issues said that […]

Two security incidents last week have polarized the parties debating the thorny issue of reporting vulnerabilities and exploits, but help may be on the way in the form of an industry group with established protocols. An ad hoc association of security and general-purpose software vendors headed by Russ Cooper, moderator of the NTBugtraq mailing list […]

Distributed denial-of-service attacks—which by some estimates total more than 4,000 a week—are likely to get much worse as the perpetrators hone their skills and new weaknesses in popular platforms are discovered and exploited. As vendors such as Asta Networks Inc. and Mazu Networks Inc. prepare to launch their anti-DDoS solutions in the coming weeks, attackers […]

In what amounts to a 180-degree reversal, the mobile computing industry is starting to take security seriously. Certicom Corp. and F-Secure Corp. are each preparing to launch file encryption products for the ever-growing number of PDAs (personal digital assistants) on the market, devices that at present have few security features. Standard security on the Palm […]