Language Selection

English French German Italian Portuguese Spanish

Oversold Security Hype

Filed under
Security

A number of the most promoted security risks are nothing more than a load of hype, Gartner has said in an unexpected outbreak of sober assessment.

The analysis firm has decided to use its IT Security Summit in Washington, D.C., this week to name and shame the issues it sees as the most oversold. The top-five list comprises a number of favorites from the last year, namely the fear of mobile malware, the belief that Voice over IP (VoIP) is unsafe, concerns about wireless hotspots, the equation of regulatory compliance with security, and the idea of a superworm that could spread on the Internet in a matter of minutes.

Of mobile malware, company vice president John Pescatore put it bluntly: "Antivirus vendors see huge potential profit opportunities in selling security solutions to billions of cell phone and PDA users. In particular, the antiviral industry sees cell phones as the way to grow sales outside of a flat, commoditized PC market. However, device-side antiviruses for cell phones will be completely ineffective."

Of the obsession with regulatory compliance, his analyst colleague Lawrence Orans said: "The best way to increase enterprise IT security is to buy and build software that has fewer vulnerabilities, but there has been no regulatory focus on this area."

Similarly, attacks on VoIP systems are rare--which renders elaborate security measures unnecessary--and the danger to users of wireless hotspots could be greatly reduced with simple technology. The threat of what the company called the "Warhol worm," able to infect every unprotected PC on the Internet in 15 minutes, has been greatly exaggerated.

"Many businesses are delaying rolling out high-productivity technologies, such as wireless local-area networks [WLANs] and IP telephony systems, because they have seen so much hype about potential threats," continued Orans in the official statement.

Perhaps it is fair to point out that Gartner itself has sometimes sent out mixed messages on these issues. Only last year it produced a report titled "Voice over IP Communications Must Be Secured," which noted in the summary the unique attributes of the medium that made security important. Now Gartner appears to be playing down this issue. "Preventive measures for securing an IP telephony environment are very similar to securing a data-only environment," Orans is quoted as saying.

The company has also produced numerous paid-for reports in recent years on the subject of wireless and mobile security, which doesn't in itself invalidate its current stance but which has added to the general impression in the minds of IT professionals that these are areas of real anxiety.

Gartner publishes a Hype Cycle report on a variety of IT industries, accessible at its Web site.

Source.

More in Tux Machines

Raspberry Pi, Linux Devices, and LEDE 17.01

  • Mycroft Available as Raspberry Pi Image
    Mycroft now has a Raspberry Pi image that is ready to run. Developers, makers, hackers and enthusiasts can download the image to their Raspberry Pi and create their own Mycroft enabled projects. We have created the Picroft image so the community has access to a quick, easy to install artificial intelligence(AI). Our thinking is that having ready access to an out-of-the-box AI will inspire some crazy cool applications. We’re hoping our community proves us right.
  • New Raspberry Pi Release Targets Industry, IoT
    The Raspberry Pi Foundation on Monday launched its long-awaited industrial strength Compute Module 3. The latest version of the low-cost Raspberry Pi computer, it is designed for more robust manufacturing and technical demand uses than prior versions, which target consumer and basic business needs. The idea behind the new module is to provide a cost-effective way to produce customized products based on the Raspberry Pi 3, noted James Adams, chief operating officer and hardware lead.
  • Blobless Linux on Raspberry Pi (rpi-open-firmware).
  • COM runs Linux on Kaby Lake, supports Intel Optane
    Congatec’s Linux-ready “Conga-TS175” COM Express Basic Type 6 module supports 7th Gen Intel Core E/EQ and Xeon CPUs, Intel Optane SSDs, and up to 32GB DDR4. Congatec followed upon its earlier announcement of a Conga-TC175 COM Express Compact Type 6 module with a larger, 125 x 95mm Basic Type 6 module called the Conga-TS175. Both COMs support Intel’s latest 7th Generation “Kaby Lake” line of 14nm processors.
  • LEDE 17.01 branched
    this is just a heads-up to inform you that LEDE master has been branched into a new branch "lede-17.01" now.

today's howtos

FSF announces a major overhaul of free software High Priority Projects List

The HPP list highlights projects of great strategic importance to the goal of freedom for all computer users. A committee of free software activists, assembled in 2014, spent a year soliciting feedback from the free software community for the latest revision of the list. "As the technological landscape has shifted over the last decade since the first version of the list was published, threats to users' freedom to use their computers on their own terms have changed enormously," said Benjamin Mako Hill, who is part of the High Priority Projects committee and also a member of the FSF's board of directors. "The updated High Priority Projects list is a description of the most important threats, and most critical opportunities, that free software faces in the modern computing landscape." Launched in 2005, the first version of the HPP list contained only four projects, three of them related to Java. Eighteen months later, Sun began to free Java users. Read more Also: Meet Guix at FOSDEM

KDE Leftovers

  • Integrate Your Android Device With Ubuntu Using KDE Connect Indicator Fork
    KDE Connect is a tool which allows your Android device to integrate with your Linux desktop. With KDE Connect Indicator, you can use KDE Connect on desktop that support AppIndicators, like Unity, Xfce (Xubuntu), and so on.
  • FirstAid – PDF Help Viewer
    in the recent months, I didn’t find much time to spend on Kate/KTextEditor development. But at least I was now able to spend a bit more time on OpenSource & Qt things even during work time in our company. Normally I am stuck there with low level binary or source analysis work. [...] Therefore, as our GUIs are developed with Qt anyways, we did take a look at libpoppler (and its Qt 5 bindings), which is the base of Okular, too.
  • KBibTeX 0.6.1-rc2 released
    After quite some delay, I finally assembled a second release candidate for KBibTeX 0.6.1. Version 0.6.1 will be the last release in the 0.6.x series.
  • Meet KDE at FOSDEM Next Month
    Next month is FOSDEM, the largest gathering of free software developers anywhere in Europe. FOSDEM 2017 is being held at the ULB Campus Solbosch on Saturday 4th and Sunday 5th of February. Thousands of coders, designers, maintainers and managers from projects as popular as Linux and as obscure as Tcl/Tk will descend on the European capital Brussels to talk, present, show off and drink beer.