Globalize Networks blog

Fatal System Error on Amazon

I recently read the book “Fatal System Error” which paints a pretty harrowing picture of world-wide computer security.  According to a 2008 study of 20,000 machines by security firm Secunia, 98 percent of Windows machines run at least one piece of software with a well-publicized, un-patched security vulnerability.  So this leads me to think we should consider using more Mac’s in the enterprise.  As Walt Mossberg recently pointed out, Macs are not inherently more secure, it’s just that there are far fewer exploits targeting them.  Attacking Windows is the most efficient use of a hacker’s time apparently.  Maybe use a Mac as the dedicated machine to talk to the bank that I proposed last week?

As I ponder switching to a Mac myself, I am using the NoScript Mozilla addon to help protect my poor, vulnerable Windows 7 box.   Just visiting a compromised website is one of the most common ways that machines are getting hacked these days.  Even totally legitimate sites are getting hacked all the time and inadvertently spreading malware.  NoScript helps by preventing any scripts from running unless you explicitly allow them.  It’s a bit of a bother, but then again so is identity theft…

We often need to help clients get rid of older computer equipment that has piled up over the years.  One great solution to this is a non-profit called OTX West (see contact info below).  They refurbish used computer equipment and make it available to the Oakland Unified School District and the families of students.  For corporate donors with  15 or more machines, they will even pick up the donations free of charge.  This is a tax deductible donation.

I talked with the founder of OTX West, Bruce Buckelew, a couple of months ago while dropping off some stuff.  I was impressed by his ingenuity and his compassion.  He pointed out that it’s a good life lesson for kids to learn that you don’t need the latest and greatest model of computer to do a lot of useful activities.   Most of the machines OTX West hands out are Pentium III’s & IV’s.  But he has refurbished old Pentium I laptops so that they can surf the web and even handle streaming video.  (Apparently the audio stream is unaffected, but the images form a sort of slideshow effect that he claims is very watchable.)

I love the idea of extracting value from seemingly useless items and helping narrow the digital divide at the same time.

OTX West - click image to visit their site

There have been many articles over the past year about hackers using “Automated Clearing House” fraud to steal money from small and medium sized businesses. The basic premise is that a hacker will compromise the machine that handles bank transactions for your company and steal money directly from your business account.

ACH Fraud digram

This graphic is from “Fraud Advisory for Businesses: Corporate Account Take Over” created as part of a joint effort between the United States Secret Service, the Federal Bureau of Investigation, the Internet Crime Complaint Center (IC3) and the Financial Services Information Sharing and Analysis Center (FS?ISAC).

This document has some great recommendations, and everyone involved with corporate online bank transactions should check it out.

I would distill the advice down to one key step:  Designate a secure machine to do bank transactions that isn’t used for anything else. Don’t use this machine to browse the internet, check e-mail, or open any documents  not necessary to complete transactions.  When we talk about a secure machine, it should of course have all updates, anti-virus, etc.   It would also be preferable to have this machine on an isolated network.  Putting it behind a simple broadband router would provide a lot of benefit for little cost.   Even internal networks should be considered suspect in this sort of situation.

Here is another article for further reading:

http://www.computerworld.com/s/article/9205562/Hackers_steal_150_000_with_malicious_job_application