Security Flaw In MD5 Algorithm

Security Flaw In MD5 Algorithm

Author ColGlobe | 06.01.2009 | Category IT Security, Networking, World Wide Web

Independent researcher in both California and the Netherlands have discovered a weakness the Internet digital certificate infrastructure, which poses a threat of hackers impersonating site identifications trusted by most web browsers. In essence, hackers could make your browser believe it is on a secure website or email server while virtually undetectable phishing of your system is in progress.

The problem arises from one of several algorithms used to establish a secure https connection, known as MD5. This is not the first weakness discovered in MD5, either. A team of Chinese researchers presented the first one at a 2004 cryptology conference. In that case, they wee able to create a “collision attack, and generate two messages with the same digital signature.

The new discovery makes use of the collision method, but allows the hacker almost complete freedom in creating a rogue certification authority (CA) that will be verified by most commonly used web browsers, including both Microsoft and Mozilla. The team hopes to draw attention to this security weakness, and drive the industry to use stronger encryption methods.

University of Michigan Introduces “Cloud Security”

Author ColGlobe | 08.10.2008 | Category Computers, IT Security, World Wide Web

A new twist on Open Communication - Cloud AntiVirus

Research recently done by the University of Michigan introduces a better solution to virus detection and computer protection – “the cloud”. This is a method where a series of servers are connected to act as large anti-virus software.

The concept is behind the “cloud”, which actually refers to the servers that work together by facilitating the different anti-virus software installed on each of the computers. Through network, the respective anti-virus software has been found to be capable of detecting over 35 percent more viruses than just one anti-virus which clutters up the desktop and takes up memory.

This new technology is said to be a response to the many viruses that can be reproduced in other mediums despite having the best and most updated anti-virus software installed. This kind of approach, however, is still being questioned as to its effectiveness on the internet as well as matters of security, since the anti-viruses severely rely on the need to have accessible computers.

And the best is yet to come.  Cloud security doesn’t alienate other antivirus programs, but incorporates many.  At this writing, Cloud Security is compatible with 12 popular security applications.

Information Technology

Author JoeDigital | 10.01.2008 | Category IT Security

A study has revealed that patients have better outcome of health when they are all treated with Information Technology systems at hospitals.

This study made a comparison of all IT adoption along with discharge data of patients across Florida among 98 hospitals. This study provides a very comprehensive analysis on the relationship between outcome of health and use of information technology. Medical errors are prevented which directly resulted in the improvement of patient safety and considered very important advantages of use of Information technology in health care. Apart from these advantages, order entry is computerized, support system for clinical decisions are some more advantages. This study also analyzed on three more categories of Information technology and its use that influences various aspects among operations at hospitals. These three categories will be Administration, Strategic and Clinical. Administrative operations included Information technology used while billing, payroll along with supply chain management. Clinical operations include laboratory and pharmacy where physician order entry and health records are computerized. Strategic operations include nurse staffing, managed care along with executive information where systems are used.

Architecture - Role Based

Author JoeDigital | 11.12.2007 | Category IT Security

A new technology that Cisco announced, Trusted Security which integrates role based and identity measures of security for all networks and in particular enterprise ones. In order to take care of the compliance requirements as they have increased in number for a mobile and global workforce. This will help enabling a secure infrastructure and more agile infrastructure. In order to expand their compliance policies and their businesses, demand for highly secured way is high from customers. Architecture of Cisco TrustSec delivers completely new epitome for security without business velocity compromises and to applications in user access that is role based. TrustSec from Cisco taps into plenty of components to create a enterprise network that is completed trusted from the Cisco lineup. Solution is completely dependent on switches and routers from Cisco. Wireless network controllers from Cisco also hold a key in the solution for user authentication, enforcing policies of access, integrity delivery, roles assigning and network traffic confidentiality.