Wednesday, June 28, 2006

Quick Redesign

I've just selected a new template and started to make some edits, with the good intentions, as always of starting to write a few more posts. Hopefully over the next few weeks i'll finish customising the template and at least have this blog looking the way i want.

Social Engineering

An article recently published, Social Engineering, The USB way shows again how critical the human element is in any data security environment. Social engineering, as practised by Kevin Mitnick refers to the technique of tricking or persuading users into giving access to sensitive resources, usually by providing passwords and login details to hackers who pose as company IT support on the phone. There are methods to mitigate the risk of social engineering, such as providing employees with rolling code devices such as those provided by RSA which goes some way towards removing the ability for a user to effectively 'delegate' their access to an unauthorised party. However, such methods are expensive, can require software redevelopment and may be resisted by users. The best security system in the world is worthless if you give away the key, but until business owners and users truely understand and appreciate the importance of IT security and their role in it, Social engineering will remain a serious threat.

WinFS is dead

Over on the microsoft blogs, there was a bombshell dropped last friday. The long awaited (it's been promised since NT4.0) winFS relational file system is no more. This may sink below the radar of the average windows user, but from a software development perspective, this was the single biggest cherry on the microsoft tree. Providing the ability to integrate unstructured binary files and relational meta data within a core OS filesystem, providing advanced features like folder truncation (delete a million files in a heartbeat rather than a lifetime), this was a developers dream. But, Like so many other dreams from redmond, it has faded with the morning light. The microsoft blog entries skirt the issue and wax lyrical about new features added into SQL Server and ADO.NET, and these are features i will certainly be happy to see, but they are not WinFS. A sad day for microsoft developers.