Top 10 IT News Stories of the Week

New browser attack, the dangers of laser printers, Mass. and open documents formats, Dell's angry customers and more...

By
Fri, August 03, 2007

IDG News Service —

"Web Browser Attack Skirts Corporate Firewall,"
CIO.com, August 2

Amid all the news out of the annual Black Hat conference in Las Vegas this week, a decade-old security problem got attention. A researcher at IO Active detailed how problems in the way software works with the Internet Domain Name System could be exploited to penetrate corporate firewalls. The attack was detailed in a 1996 paper by Princeton University researchers, who showed how a Java applet could be used to access systems. Dan Kaminsky, director of penetration testing at IO Active, has been among those warning that flaws in the security model of Internet applications are vulnerable to exploit, with hackers getting into PC resources behind firewalls or Web sites visited by unsuspecting victims. "It's one of the few things that's actually come back from the dead," he said of the exploit.

2. "Warning: Laser Printers Could be Hazardous to Your Health,"
Computerworld, July 31

Certain home and office laser printers could release enough particulates into the air to cause serious health risks, according to an Australian air quality researcher. Seventeen of 62 printers were classified as "high particle emitters," with one of the 17 churning out particulates comparable to those from cigarette smoke, said Lidia Morawska, who conducted the study with a colleague at the Queensland University of Technology. Because the particles are small, they can be easily inhaled and lodge in the deepest and smallest passageways of the lungs, leading to simple irritations and more serious illnesses, including cardiovascular problems or cancer. Even the smallest concentrations can be hazardous, the researchers said.

3. "Evil Javascript Mutates to Evade Detection,"
Techworld, August 3, 2007

Hackers have figured out how to avoid antivirus detectors as they access desktop computers using compromised Web sites, the SANS Institute said. The exploit used to deploy malicious code via Javascript isn't new, but researchers found that the server sending out the malicious Javascript was "obfuscating" or heavily modifying it to sidestep detection. The obfuscation is generated randomly and on the fly, researchers said. The code takes advantage of known vulnerabilities in ADODB, QuickTime, WinZip and other software, some of it not as commonly used.

4. "Massachusetts Adds Open XML to Standards List,"
InfoWorld, August 2
"Massachusetts Remains Lightning Rod on Open Documents," Network World, August 2

Massachusetts is adding Open XML to the list of acceptable document formats used by government agencies, a decision viewed as a victory for Microsoft, which is trying to get its XML-based file format approved as a technology standard. The company submitted Open XML to a standards organization in November 2004, with the International Organization for Standardization set to vote on the matter later this year. Critics charge that Microsoft has tried to control a process that is supposed to be open. Some of them have wondered aloud how it is that Massachusetts wound up where it is with Open XML given that it started out with the intent of banning Microsoft Office and its proprietary lock-in. The Commonwealth went through two CIOs during that process, with one quitting because the debate was "disruptive" and "harmful." Others seem happy with the move, though, applauding Massachusetts for boldly going where others have feared to tread.

Continue Reading

As you know, everything is mobile, connected, interactive, and immediate. This is exactly why organizations need a highly agile IT infrastructure in order to keep pace with extreme fluctuations in business demand. This book will help you understand why infrastructure convergence has been widely accepted as the optimal approach for simplifying and accelerating your IT to deliver services at the speed of business while also shifting significantly more IT resources from operations to innovation.
For this white paper, IDC performed an in-depth analysis of the business value of VMware View, defined as the expected ROI associated with the use of the solution as a platform for the targeted deployment of a virtual desktop infrastructure.
This paper explains virtualization, its benefits for mid-sized business and how IBM's virtualization strategy can help these companies reduce costs, improve services and simplify management.
Forrester Research makes recommendations on best practices to optimize branch virtualization and consolidation initiatives. See how a "thin" branch architecture, with key servers, services and applications in the data center that relies on a high-performing WAN connection, can offer the greatest efficiencies.
When trying to achieve continuous compliance with internal policies and external regulations, organizations need to replace traditional processes with a new best practice approach and new innovative technology, such as that provided by IBM Tivoli Endpoint Manager.
IBM Tivoli Endpoint Manager helps organizations automatically manage patches for multiple operating systems and applications across hundreds of thousands of endpoints regardless of location, connection type or status.  
Download this webcast to learn about the design considerations for virtualizing SQL workloads, performance and scalability information and high-availability options, as well as support considerations
Many enterprises have discovered that the use of virtualization to support desktop workloads creates a range of significant benefits. These benefits include price efficiencies, improved IT management and greater agility and choice for end users.

This VMware sponsored webcast with IDC will provide both quantitative measurement of the business value -- defined as the expected ROI -- and qualitative analysis associated with the use of VMware View™. IDC will also provide an analysis of the View Composer and ThinApp™ features of VMware View, including the business value of these solutions and an overview of how they work.

Attend this webcast to learn about:
- Challenges and barriers that might impede the adoption of desktop virtualization
- Navigating roadblocks to facilitate a strategic implementation
- Optimizing qualitative and quantitative benefits to IT and your business
Applications are changing - they're increasingly web-oriented, global in nature and run from multiple device types. Additionally, the volume of data is growing exponentially every year. How do you ensure your applications have fast, accurate, up-to-date information in this new world? Modern applications are data-intensive; delivering data the old way using monolithic databases isn't working. What's needed is a modern approach to data. One that scales-out as needed and delivers predictable high performance, but without sacrificing data consistency or integrity.
VMware View™ 5 simplifies IT management while increasing end user freedom by delivering desktop services from your cloud. Building upon VMware's leadership in desktop virtualization, VMware View 5 delivers a high-performance user experience while giving IT greater policy control.

View this webcast and find out how VMware View 5 can help you:
- Deliver the highest fidelity experience of desktop services across any device and any network
- Simplify and automate IT management, security and control of desktop services
- Reduce the costs associated with your desktop environment
IT professionals are being asked to deliver faster "time-to-value" than ever before. An IDG Research survey found that CIOs are eager to invest in technologies that will enable them to get new applications and services up quickly, achieving faster time-to-value.
Learn how to reduce IT management overhead, ease revision control, guarantee data security, scale systems more quickly and reduce server and software costs.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  1. View all Newsletters | Privacy Policy
Resource Center