13:53 Ibm against cheating | |
| Chris Rowland (Chris Rouland), one of the leaders of IBM Internet Security Systems, division of Blue Giant, is looking for and combating threats to information security, said that his colleagues from other companies of the same profile of deliberately hiding information about the vulnerabilities they found. He shares his findings strange statistics have revealed in the preparation of the annual report of X-Force. In 2007, the report said, for the first time in 10 years was found in 5.4% fewer gaps in the protection of computer systems than in the previous year. Rowland believes that there are developed a black market for vulnerabilities that computer security experts are sold as criminals, and by the authors of the software. And the last goal as clear as in the first place: no one wants to risk their reputation and do not want to draw attention to their miscalculations, preferring to quietly fix them. High profitability of such a "business model" for research firms makes it virtually impossible to assess the actual number of holes that they are every year. Third-party experts, however, do not understand what the reasons for the unrest on the part of the distinguished Rowland: together with a decrease in the total number of vulnerabilities, the number of critical flaws, according to the same X-Force, jumped last year by almost a third. And the very fact of vulnerability discovery and publication does not guarantee prompt response to his software company, which often makes the work of researchers is almost meaningless. | |
|
| |
| Total comments: 0 | |