HP report: 80 percent of app vulnerabilities are really your fault

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Let's be clear: There is no such thing as an invulnerable application. Some have more critical vulnerabilities than others as we discovered this week with the Heartbleed bug, but any application can be exploited given a dedicated attacker. According to the HP 2013 Cyber Risk Report, though, the application itself is not to blame for most vulnerabilities—you are.

HP compiled data from 2,200 applications scanned by HP Fortify on Demand and reports that 80 percent of the vulnerabilities discovered were not the fault of the application code itself.

“Many vulnerabilities were related to server misconfiguration, improper file settings, sample content, outdated software versions, and other items related to insecure deployment,” the report states.

Read more »

2

Is open source to blame for the Heartbleed bug?

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

By now you've likely heard about the Heartbleed bug, a critical vulnerability that exposes potentially millions of passwords to attack and undermines the very security of the Internet. Because the flaw exists in OpenSSL—which is an open source implementation of SSL encryption—many will question whether the nature of open source development is in some way at fault. I touched based with security experts to get their thoughts. 

Closed vs. Open Source

First, let’s explain the distinction between closed source and open source. Source refers to the source code of a program—the actual text commands that make the application do whatever it does.

Read more »

10

Patch Tuesday: Last call for Windows XP

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

This Patch Tuesday has much more significance than most. With only four security bulletins from Microsoft, it's relatively tame as far as Patch Tuesdays go, but today also marks the final patches and updates from Microsoft for Windows XP.

“So this is it, the last hurrah for the once beloved XP, the last kick at the can for patching up the old boat,” says Ross Barrett, senior manager of security engineering for Rapid7. “Sure, by today’s standards it’s a leaky, indefensible, liability, but… hey, do you even remember Windows 98? Or (*gasp*) ME?”

There are two Critical bulletins and two Important. All of them are capable of enabling remote code execution if successfully exploited.

Read more »

9

Don’t waste your money trying to upgrade your Windows XP PC

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

With the end of Windows XP support from Microsoft imminent, perhaps you’ve finally made the (very wise) decision to stop using the venerable operating system. I commend you. However, if you’re planning to simply install a newer operating system on your existing hardware, you should reconsider.

Sure, there's a good chance that your existing hardware meets the minimum system requirements for either OS: a 1GHz or faster processor, 1GB of RAM (2GB for 64-bit), 16GB of hard drive space (20GB for 64-bit) and a DirectX 9 graphics device with WDDM 1.0 or higher.

Toasty Tech
Read more »

151

10 tips to protect your tax return from theft and fraud

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

As far as cyber criminals are concerned, tax season means open season. This time of year is a favorite for phishing scams and fraud, second only to the holidays. With a little awareness and common sense, though, you can avoid being a victim and make sure your tax refund ends up in your pocket.

Follow these tips to stay safe and secure online during tax season.

Fred Touchette, senior security analyst with AppRiver, shared some thoughts about common tax season threats and how to avoid them.

Read more »

1

Office for iPad establishes the tablet as a true PC

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Microsoft's announcement that it's bringing Office to the iPad is a game changer. Naysayers have belittled the tablet as a toy or a content consumption gadget since it launched. The argument has always been shaky, but with the world's most popular productivity suite now available for the iPad, you can no longer deny that the tablet is, in fact, just an evolution of the personal computer.

The debate is partially semantic. Diehards will tell you "PC" refers only to a traditional Wintel computer. But most of us extend the term to encompass Mac OS X, Linux, and Chrome OS, as well, and the defining characteristics have more to do with how we use them. 

For the vast majority of businesses and consumers, the primary activities on a PC boil down to email, social networking, Web surfing, and producing content—like Word docs, Excel spreadsheets, and PowerPoint presentations. There are still certain industries and specific applications that require a given platform or operating system, but for 80-plus percent of users a tablet like the iPad can do the job.

Read more »

12

A closer look at your Windows XP investment

Tony Bradley , PCWorld Follow me on Google+

Tony is principal analyst with the Bradley Strategy Group, providing analysis and insight on tech trends. He is a prolific writer on a range of technology topics, has authored a number of books, and is a frequent speaker at industry events.
More by

Nothing lasts forever. We expect that we'll get years of use out of our cars, refrigerators, and mattresses but that eventually they'll need to be replaced, usually with newer, better models. We’ve now reached that point with Windows XP PCs.

But as the clock winds down on Windows XP support, there is a growing clamor from many Windows XP users. They’re pretty sure Microsoft is just trying to squeeze money out of them by “forcing” them to upgrade their operating system or buy a whole new PC.

Dell XPS 15

With a little proactive preparation, the expense of a new PC won't be such a burden.

Read more »

18