Skip to Content PC News & Hardware Reviews


How Hardware-Based Security Protects PCs

How Hardware-Based Security Protects PCs
Secure online banking, password protected documents, secure remote access to your work PC – they all rely on encryption at some point. But running that whole security process in software is like leaving a spare front door key somewhere in your yard – you’re relying on being able to think of a key-sized hiding place that a burglar won’t find. Random numbers, traditionally stored on disk or in standard memory, are used to encrypt the private keys, also stored on disk or in memory, that secure documents and connections. Back in 2000, encryption specialist nCipher showed that a Trojan like Back Orifice could easily find those random numbers and the private keys they protect.
(Full article ‘How Hardware-Based Security Protects PCs’)

VMware bugs shine spotlight on virtualization security

A set of newly discovered flaws in components of VMware Inc.’s virtual machine software has called attention to some of the security risks associated with the practice of running virtual computers on a single system.

VMware has updated its products to fix the security bugs, disclosed yesterday, but users who have not updated their software could face serious security risks thanks to a trio of flaws in the DHCP (Dynamic Host Configuration Protocol) server that ships with VMware.

The DHCP software is used to assign IP addresses to the different virtual machines running within VMware, but IBM Corp. researchers discovered that it can be exploited to gain control of the computer. That could be very bad news for someone running a lot of applications on the same VMware box, said Tom Cross, a researcher with IBM’s Internet Security Systems group.

(Full article ‘VMware bugs shine spotlight on virtualization security’)

Security Crashes Into Productivity

Trouble Ticket At issue: A department is letting some staffers use wireless laptops. Action plan: Pull them back, explain why, and get on the stick to address security concerns. Security can sometimes come crashing up against productivity, and when it does, security must prevail. That’s because my state agency is a maintainer of records covered by HIPAA rules. One blunder, and we’re front-page news. Not on my watch, thanks. Given the consequences of jeopardizing client data, I think my obsession with security is good for the agency. But for our users, it can seem as if we’re living in the Dark Ages. Many technologies that are commonplace in the corporate world and even in other government agencies haven’t won my approval yet, and they won’t until I am thoroughly convinced that they won’t undermine our security efforts. Still, things can slip

(Full article ‘Security Crashes Into Productivity’)