As you may have noticed Ipswitch maintains a robust network of qualified partners and distributors (including GSA providers) from which you can buy our technology.

There are also a number of web sites and other “grey” operations that sell old or “backup” WS_FTP products, dispensing license keys from old lists Ipswitch provided to resellers, dispensing copies of product that should be free (e.g., WS_FTP LE) or dispensing dead copies of the software.

From a technical point of view, there have always been risks from accepting these software packages, from installing software that may have been tampered with to add spyware to getting old product that may not work with Windows Vista and Windows 7 because it was developed before those OS’s existed.

However, you also take a risk against your credit history when you do business with these “grey” reseller firms, as they often use dubious financial services to convert your credit card information into cash.  Assuming these services aren’t stooping to the level of unabashed credit card harvesting, a recent security incident demonstrates why doing these transactions is still unsafe.

One of these “grey” financial services, Amsterdam-based, Russian-run Fethard, was recently reported as hacked, possibly by a rival.  This hack exposed shady internal processes and personally identifiable customer data to the entire Internet – information that criminals could use to impersonate and then draw on the credit of customers of sites that use Fethard.

Do you have any experiences with “grey” software vendors or the financial services that enable them (whether you used them for WS_FTP or not)?  If so I’d like to hear them.

Reports are appearing this morning about a major security hole in iTunes accounts linked to PayPal. At least one group of scammers has found a way to charge thousands of dollars to iTunes accounts through PayPal.”

Erick Schonfeld, on TechCrunch.com, gives us this breaking news on the latest iTunes security breach: “Fraudsters Drain PayPal Accounts Through iTunes“.

We just dealt with something similar back in July.

So, what is Apple doing about it?

In a related article by Dennis Rockstroh on MercuryNews.com, Rockstroh reports that Jason Roth, an Apple spokesman, has said:

Among other new security measures iTunes now requires more frequent re-entry of a customer’s credit card security code. But if your credit card or iTunes password is stolen and used on iTunes, we recommend that you contact your financial institution and inquire about canceling the card and issuing a charge-back for any unauthorized transactions. We also recommend that you change your iTunes account password immediately.”

As we asked back in July, we’d love to hear your thoughts on this and I hate to be the one to say it, but it seems that this summer has been … Apple picking season.

Did you kill the web?

Let’s check your alibi. Think of how you spent your morning. Normally, I’d share my morning with you here, what websites I’ve visited and what apps I’ve used, but my boss reads my blog posts, and if she knew how much time I spent on … well, let’s let Chris Anderson illustrate the point I’m trying to make:

You wake up and check your email on your bedside iPad — that’s one app. During breakfast you browse Facebook, Twitter, and The New York Times  — three more apps. On the way to the office, you listen to a podcast on your smartphone. Another app. At work, you scroll through RSS feeds in a reader and have Skype and IM conversations. More apps. At the end of the day, you come home, make dinner while listening to Pandora, play some games on Xbox Live, and watch a movie on Netflix’s streaming service. You’ve spent the day on the Internet — but not on the Web. And you are not alone.”

Chris Anderson and Michael Wolff, in an article on Wired.com titled “The Web Is Dead. Long Live the Internet“, present a compelling argument for the demise of the World Wide Web and how “simpler, sleeker services“, like apps, “are less about the searching and more about the getting.”

Peer to peer file transfers are among the suspects at the crime scene:

The applications that account for more of the Internet’s traffic include peer-to-peer file transfers, email, company VPNs, the machine-to-machine communications of APIs, Skype calls, World of Warcraft and other online games, Xbox Live, iTunes, voice-over-IP phones, iChat, and Netflix movie streaming. Many of the newer Net applications are closed, often proprietary, networks.”

This is one of the most interesting articles I’ve read in a while, give it a read and feel free to share your thoughts and whether or not you’re placing any yellow crime scene tape over your PC.

Facebook helpfully informs you that “[a]nyone can opt out of appearing here by changing their Search privacy settings” — but that doesn’t help much anymore considering I already have them all (and you will too, when you download the torrent). Suckers!
Ron Bowes | SkullSecurity.org

It seems lately that when it comes to Facebook I’m noticing two big problems:

(1) My friend Robin is obsessed with Farmville, and every 5 minutes with the updates.
(2) Facebook has no respect for people’s privacy, and 100 million Facebook users information has published online.

Let’s discuss the latter.

Ron Bowes used code to scan the 500 million Facebook profiles for information not hidden by privacy settings. He collected the personal information of 100 million, and posted the information online.

Once I have the name and URL of a user, I can view, by default, their picture, friends, information about them, and some other details,” Bowes goes on to say that “If the user has set their privacy higher, at the very least I can view their name and picture. So, if any searchable user has friends that are non-searchable, those friends just opted into being searched, like it or not! Oops :)

Check out this article on MSNBC.com for the full story.

Also, there’s some interesting results from a survey by the University of Michigan and Foresee Results, where it’s revealed that Facebook has scored extremely low in the area of customer satisfaction.

According to the study, and this article on Epic.org, Facebook winds up “in the bottom 5% of all measured private sector companies and in the same range as airlines and cable companies.” Epic’s report states that the low scores can be contributed to “privacy concerns, frequent changes to the website, and commercialization and advertising.”

Both articles are interesting reads. Now, if anyone has any advice or thoughts on how to deal with Robin, that’d be greatly appreciated.

Right at the moment a Safari user visits a website, even if they’ve never been there before or entered any personal information, a malicious website can uncover their first name, last name, work place, city, state, and email address.”
Jeremiah Grossman, founder and CTO of WhiteHat Security

Here’s another new threat to your personal information, and another example how no company is exempt from security breaches.

According to an article written by Thomas Claburn of InformationWeek: “a flaw in the implementation of Safari’s AutoFill mechanism can be exploited to grab Mac users’ names, street addresses, and e-mail addresses.”

[The] entire process takes mere seconds and represents a major breach in online privacy,” says Jeremiah Grossman who believes that “the security flaw may reside in the open-source WebKit engine used by Safari and that the flaw may be present in older versions of Google’s Chrome browser, which also relies on the WebKit engine.”

The article and Grossman’s own blog are worth checking out as it was once all too rare to hear the words “Apple” and “security flaw” in the same sentence.

That’s right. Get ready to say goodbye to cloud computing.

Not the hosting and using of services over the Internet, oh no. I’m talking about the term “Cloud Computing.”

Well, that’s just one of John Soat’s “Five Predictions Concerning Cloud Computing

What are the five predictions?

  • All applications will move into the cloud.
  • Platform-as-a-service (PaaS) will supplant software-as-a-service (SaaS) as the most important form of cloud computing for small and, especially, mid-size businesses.
  • Private clouds will be the dominant form of cloud computing in large enterprises
  • Hybrid clouds eventually will dominate enterprise IT architectures
  • The term “cloud computing” will drop off the corporate lexicon.

This is a fun and engaging read, and the comments afterward are equally as interesting. Worth checking out.

Frank Kenney, VP of Global Strategy, Ipswitch

Frank Kenney, Ipswitch’s VP of Global Strategy, recently spoke in London at a press conference for InfoSecurity Europe, Europe’s leading information security event which take place on April 27-29, 2010.

Dan Raywood from SC Magazine UK attended this week’s press conference and his article can be seen below:

Problem with the professional consumer is leading to an information security headache
Dan Raywood  January 15, 2010

The culture of the professional consumer, or ‘prosumer’, is leading to increased problems within the workplace.

L. Frank Kenney, vice president global strategy at Ipswitch File Transfer, explained that a ‘prosumer’ is a consumer buyer who purchases an electronic device from personal funds but intends to use it primarily for business rather than consumer applications.

read more “Frank Kenney: Problem with the prosumer is leading to an information security headache”