Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
Longtime readers know of my annual tradition of reviewing the improvements (or really, the lack of improvements) in the IT security world over the past year. This year had its share of good stats tempered by a hefty dose of stark reality.
Let's start with the good news: Most computing devices and software bec
[ Find out how to avoid Adobe's new Reader attack. | Take a break from security woes to check out 10 zany USB devices. ]
The bad news on patching? Well, the fact that it's still so frequently and desperately needed across all OSs, all browsers, across nearly every very popular program. No one is expecting perfect code with zero vulnerabilities found over time, but it would be nice for patching to become a less regular event.
The average end-user still has 12 unpatched programs on his or her machine, according to my security vulnerability-finder fav Secunia. The average end-user patches his or her OS and doesn't patch his or her browser add-ins, which are the ones most likely to allow malware onto a system.
Good browser news: Most browser developers started implementing (or strengthening) anti-phishing and anti-malware detectors. None of the implementations are perfect, but at least it gives another free defense-in-depth tool. All the popular browsers improved their cross-site scripting (XSS) defenses, along with a myriad of other browser defenses. Kudos to Firefox for looking for and warning users about older, unpatched popular add-ons.
Spam is a mixed bag. Spam, as a percentage of global e-mail, is as high as ever, at over 80 percent. However, most users are receiving less than a handful of spam messages in their inbox each day. If you're getting more than a handful, you don't have the right anti-spam tools implemented
"2009: Another Bad Year for Data Security" Comments