-----------------------------------------------------------------
I-Search Discussion List
"Social Search Marketing and Technology"
-----------------------------------------------------------------
Moderator: Published by:
Detlef Johnson Search Return
http://www.searchreturn.com
-----------------------------------------------------------------
February 26, 2013 I-Search #160
-----------------------------------------------------------------
SEND POSTS:
-----------------------------------------------------------------
Refer a friend: http://www.searchreturn.com/subscribe.shtml
-----------------------------------------------------------------
.....IN THIS DIGEST.....
// -- NEW DISCUSSION -- //
"Zero Day Down"
~ I-Search
-----------------------------------------------------------------
// -- NEW DISCUSSION -- //
-----------------------------------------------------------------
==> Zero Day Down
From: I-Search <>
The Burger King ‘hack’ from last week made the New York Times on
Monday. The thing about password systems these days is that the
Internet presents some headache for web designers, and exposes
brands to service breaches. Why make users go through complicated
pass routines? Imagine if your Facebook password was compromised.
Think about how many services you use which are connected to
Facebook authentication, used to log you in. When authenticated
via Facebook, a saboteur can run around the Web to see what else
that gets them access to. Trolls Gone Wild.
To avoid havoc for your brand make sure you have a good password
routine yourself, and don't rely on services to provide 2-step
authentication or perfect security. Breaches are bound to happen
and this is the year that security comes up on everyone's radar.
This is the year that in social media, and even in search, issues
surrounding security come to the fore. It's not new. Breaches of
accounts have happened, including, by example, the White House
Google Webmaster Tools account. What I'm saying is the frequency
with which these attacks are going to surface will increase this
year. Hacking has gotten far more sophisticated than defense.
The thing that is crucial to understand about software meant to
protect your computer or network, is that it is always out of
date, even when it is kept up to date. There is a market for
software vulnerabilities that fetch high bids from all manner of
organizations when an exploit goes unnoticed and unattended. The
US government even makes use of such exploits, known as zero day
for the amount of time manufacturers have an awareness about the
security hole. It's virtually impossible to work on a computer
without software, and software will have vulnerabilities. All
security manufacturers want to find their vulnerabilities first.
Sometimes, there is a software that is unnecessary in your world.
That is why I recommend not having software installed that you
aren't sure you absolutely need. I've written about not having
blog plugins that you don't fully know, since they can contain
nefarious code payloads (for being free). Software is the same
way. When a software goes unused, why keep it around? There are
strategies for doing this for middleware software you might use
but only part of the time. An example of that is the recent rash
of Java security bulletins have given rise to a lot of removal
and strategies for running Java.
-----------------------------------------------------------------
Stay Tuned.
Got feedback?: http://www.searchreturn.com/feedback.shtml
Archives: http://www.searchreturn.com/digest-archive.shtml
Alternate formats:
http://www.searchreturn.com/info-formats.shtml
Manage Subscriptions:
http://www.searchreturn.com/help/manage-subs.shtml
Problems unsubscribing? Contact the postmaster:
mailto:postmaster@searchreturn.com
Information on how to sponsor this publication:
http://www.searchreturn.com/help/advertise.shtml
Published by Search Return
http://www.searchreturn.com
Website Membership:
http://www.searchreturn.com/register.shtml
The contents of the digest do not necessarily reflect the
opinions of Search Return LLC or Detlef Johnson. Search Return LLC
and Detlef Johnson make no warranties, either expressed or implied,
about the truth or accuracy of the contents of the Search Return
Digest.
Copyright © 2005-2013 Detlef Johnson. All Rights Reserved.
-----------------------------------------------------------------