Web Security Journal: There's been a flurry of discussion this week among
Internet and Web standards heavy-hitters around WebSocket, the new
communications protocol supported in Chrome 4 and Safari 5. What was the main
issue? Is there some kind of fundamental security vulnerability with the
WebSocket (WS) protocol?
John Fallows: When surfing the Web, our browsers may communicate with Web
servers via HTTP proxies that deliver many benefits, such as providing
previously cached Web content more efficiently than repeatedly contacting the
target server. These proxies may be either explicitly configured at the
browser or they may form part of the general network topology to intercept
the communication path implicitly. Securely encrypted Web communication
cannot be intercepted by such proxies.
Members of the Hypertext Bidirectional (HyBi) IETF Working Group recently
comp... (more)
Tarantella's Secure Global Desktop Terminal Services Edition (TSE) 4, has
been shipped and will be making its way to distributors and clients.
A security layer for use as a companion to Windows Terminal Services, Secure
Global Desktop TSE 4 features support for cross-platform clients. With broad,
cross-platform RDP client support, TSE 4 offers built-in support for a
variety of client devices. In addition, it broadens the range of
Windows-based terminals, Linux clients, and Macintosh computers to access
applications on Microsoft Windows Terminal Servers via RDP.
Tarantella's TSE 4... (more)
"The IBM relationship with Network Appliance is a prime example of how two
industry-leading companies, both of whom actively support open standards, can
team to offer information on demand solutions," said Andy Monshaw, General
Manager, IBM Storage Systems, as IBM and NetApp yesterday announced a
strategic storage relationship to drive information on demand solutions and
to expand IBM's portfolio of storage solutions, already one of the largest
and most advanced sets of storage and information management products in the
industry.
As part of the relationship, IBM and NetApp will e... (more)
SoftTree Technologies, Inc. has announced immediate availability of DB Audit
Expert 2.7. This new version extends multi-vendor database support with
advanced security auditing solutions for Microsoft SQL Server and IBM DB2.
It is also packaged with the new Alert Center server capable in a real time
to detect anomalous database activities, discover database access patterns
and security vulnerabilities. DB Audit Expert solutions provide complete
access control and real-time actionable information required for effective
enterprise-wide database security operations and IT governance re... (more)
LiveVault Corporation , the leading provider of disk-based online backup and
recovery solutions for business servers,
launched LiveVault InSync Service for Microsoft DPM, which supports and
extends the capabilities of Microsoft System Center Data Protection Manager
(DPM).
LiveVault InSync for DPM automatically and securely transports Microsoft DPM
server data electronically offsite to a remote facility where it is available
for immediate recovery in the event of a system failure, virus, human error
or natural disaster. LiveVault InSync for DPM also enables companies to fully
prot... (more)
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.
David Lucas
Shaul Efraim
Terence Martin Breslin
Cory Marchand
David Hughes
James Carlini
John Iffert
Dan Stolts
Joe Zeto
