Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Doma....probably you´re right, but IF it´s a Seagate FDE.2, they have to store the passwords in a hidden partition on the HDD, they have to adress DriveTrust.
Still wondering.....(perhaps it´s not a FDE.2)
BR
ISPRO
TaxiVader.........Now that´s what I call a find!!!!!
Must be the FDEs, since these are the ONLY 128AES, 80, 120, 160 GB encrypting drives at the moment. With UPEK!Hmmmm
I´m wondering WHO´s software will provide the device authentification, since SKS mentioned to me at Cebit, that they are working on the USB issue....
Thanx and BR
ISPRO
Stopping Rootkits at the Network Edge By David Strom
Keeping your remote laptops healthy is not an easy task these days. Infections are everywhere, and once these PCs leave the shelter of your enterprise network, they can easily get filled with rootkits, malware and viruses.
Of the three types of infection, rootkits are the most troubling. A rootkit is a special software program that can be left on a PC without the user's knowledge or permission, and allow someone else to have remote control of the machine's operations. They often are used to assemble major botnet attacks, where a hacker controls groups of PCs to send out spam or more malware over the Internet. This can expose an enterprise to legal liability as well as potential data loss on the individual PCs that have been compromised.
First developed in the 1990s for Unix computers, rootkits became infamous for Windows PCs in 2005 when Sony Music used them in numerous music CDs to prevent users from making digital copies. Now they are quite common and basic prototypes are found on several Web sites that can be used by even inexperienced programmers to develop the most virulent rootkits.
What makes rootkits so insidious is that they are hard to detect and harder still to remove without doing a wholesale operating system re-installation or re-imaging of a computer's hard drive. They are designed to hide from normal view of the operating system, since they modify the operating system itself. They can disguise themselves as ordinary operating system utilities, replacing the file and process viewing commands with their own code, or modify the most basic parts of the operating system (the kernel) to conceal their presence. Most of them are designed to survive reboots of the PC, and can live undetected on a system for months. "Remember that a rootkit is not designed to help an intruder gain access to a system. A rootkit is designed to make the intruders feel at home and allow them work silently on your system without being disturbed," says web developer Oktay Altunergil.
Some of the nastier rootkits include key logging programs that will record username/passwords typed into a particular machine and send this information to a central repository that can be used to compromise or steal sensitive data.
Tools Are Available
There are a series of rootkit detection and removal tools, such as Microsoft's own Malicious Software Removal, Sophos Anti-Rootkit, PrevX, Tripwire, UnHackMe and F-Secure's Blacklight. However, using any of these tools requires users to be vigilant and spend a lot of time pro-actively doing regular hard disk scans, along with spending time interpreting the results of these scans and deleting the offending compromised files. In some cases, users will have to compare the current state of their systems with results from booting a known clean copy of their OS from a special CD, which is cumbersome at best.
"How often are you going to have your users reboot and scan their PCs," asks Steve Hanna, of Juniper Network's Architecture Technology Group. "This isn't really very practical on a continuous basis, since most users are only going to investigate a potential rootkit issue once in a while."
For example, users might be motivated to investigate a potential infection if some other symptom is observed on their PC, such as reduced performance or odd boot behavior. And even PCs running their own firewall software are at risk, since infections can be transmitted by browsing dangerous Web pages or by sending files via Instant Messenger applications, or even by inserting a music CD into their systems, as Sony has so aptly demonstrated.
A new breed of infections employ virtualization techniques similar to those used by EMC's VMware and Microsoft Virtual Server 2005. By silently creating a virtual environment in which the normal operating system runs, the rootkit gains access to all data processed by that operating system while evading detection. "Under these circumstances, a rootkit can run a clean copy of the OS and still get access to all the confidential data," says Hanna.
But there is some good news on the rootkit front. There are improvements in endpoint health assessment and remediation that can help to rid enterprises of rootkits by stopping them at their entry to a remote laptop. These measures take a combination of particular hardware and software and provide system administrators new ways to defend their PCs.
The developments center around a piece of added hardware called the Trusted Computing Module (TPM), a special hardware component that is now present in most new commercial-grade laptops and desktops sold by the major PC manufacturers, and according to IDC, are present in about 20 percent of all PCs operating today. Until relatively recently, the TPM chip wasn't used by many applications, but with these new products it can serve as a mechanism for stopping rootkit infections.
Here’s How It Works
Whenever the PC boots, the TPM measures the BIOS, boot loader, and all other critical software components in the operating system. These measurements are taken before the software runs and stored securely on the TPM so they can’t be modified. When the PC connects to the network, the measurements are sent to a server where they are checked against a list of known good configurations. If the software is not good, the PC can be quarantined and repaired.
One company that has already developed software that works with the TPM is Wave Systems of Lee, Mass. They sell a product called Embassy Endpoint Enforcer, which is designed for use in enterprise IT endpoint situations to support the TPM hardware and ensure that no rootkits are operating on a remote laptop.
Wave's software forms the foundation of a new series of standards from the Trusted Computing Group called the Platform Trust Services, which became public in November 2006.
"This defines how software can take advantage of the TPM and use it to determine how critical system components are measured and reported to the OS," says Brian Berger of Wave Systems. "This standardizes the work that we did on our product and makes it easier for other companies to make use of the TPM."
In addition to Wave, others are working on supporting the TPM, including Microsoft with its Vista operating system. Vista, which began shipping in December 2006, includes a feature called BitLocker that provides hard drive encryption. The key for the encryption can be stored on the TPM chip, making it easy and secure.
The TPM gets around the issue of doing frequent system scans, because the boot process is guaranteed and no software can make any unauthorized modifications to these files.
"The TPM becomes the first step in the boot sequence," says Hanna. "It serves as a secure foundation for the BIOS, the boot loader, the kernel, and the rest of the operating system. Since the TPM performs this check every time the PC boots, it provides a regular check for rootkit infections. This means it will be easily apparent when a PC has been tampered with. And that’s a good thing in today’s dangerous world.”
About the Author
David Strom is the former editor-in-chief of Tom's Hardware and Network Computing, the author of two computer books and thousands of magazine articles on Internet security, computer networking, and other technical topics. He can be reached at david@strom.com.
BR
ISPRO
Microsoft Vista: Trusted Platform Module Services
ATT: LONG pdf
http://www.syngress.com/book_catalog/431_Vista/sample.pdf
"...Windows Vista supports only version 1.2-compliant TPM devices natively,
although third-party software, such as Wave’s Embassy Trust Suite, is available that
you can use to support some functionality of version 1.1b TPM devices...." (page 2/124)
"...Some third-party applications that rely on the TPM have already begun to emerge.
Probably the best example of this is Wave Embassy Suites.This software package was
originally developed to take advantage of version 1.1 TPM chips, but it now supports
version 1.2 chips as well.This is a very popular application that OEMs are
deploying with devices they sell that include biometric hardware.The TPM will be
utilized by applications such as this which enable strong biometric authentication
measures by securing the biometric data that the application relies upon...." (page 58/180)
BR
ISPRO
Daemon Tools fixed problems with Dell systems with ETS
http://www.downloadsource.de/127/Daemon-Tools/
* Updated SPTD to version 1.43
* Support for StarForce 4.70
* Support for compressed and encrypted *.mds images which soon will be created by Alcohol and DAEMON Tools Pro
* Support for compressed and encrypted *.isz images created by UltraISO
* Fixed some minor issues with image autorun, autostart option etc. (also HKCU is used now instead of HKLM)
* Added "Check for updates" option (periodically checks for new version at each tray start)
* Internal virtual drive engine enhancements
* Fixed installation problems on Dell systems with Embassy Trust Suite
Looks like the problems were not caused by ETS, similar to the McAfee issue, since Daemon fixed the problem.
BR
ISPRO
Pickle Power......the TPM based hard drive security is plain and simple the Infineon File and folder encryption similar to Wave vaults. This features exists for years, but ONLY on Infineon based notebooks.
The drive lock is a´HP BIOS feature similar to the startup BIOS password every BIOS features. The drive lock password is not stores in the TPM, its in the BIOS chip, so switch the BIOS chip and you get access to the hard drive.
BR
ISPRO
Ramsey.....regarding the BIOS you are surley correct. I think in Dells case they had to touch the BIOS.
BR
ISPRO
Ramsey....why not the D520, you know FDE doesn´t require a TPM, BUT our software
BR
ISPRO
Genz2....what you are missing (and most of us here) is that day by day we see new OEMs and integrators deploying and using ESC, ETSL. Sure these are no gorillas, but they proof the usability of our software. Everything adds to the bottom line don´t forget this.
The market is just starting.....
BTW, re: new OEM and PP, I don´t know if we´ll see a new OEM, but be sure IF there is one, the costs for integrating ETSL in the OEMs solution would be huge. Imagine an ETSL integration in Protect Tools or Sony Protector suite or something else...
BR
ISPRO
Ramsey....Doma is right, it´s there since then...
http://www.investorshub.com/boards/read_msg.asp?message_id=19485755
BR
ISPRO
Mundo....I don´t have a premier account but from the tech spec I guess this is an old system..
TPM 1.1: could be an IFX 1.1b
Processor Intel Pentium M 778 / 1.6 GHz: OLD
Data Bus Speed 400 MHz: OLD
Display Type 12.1" TFT active matrix
Max Resolution 1024 x 768 ( XGA ) : OLD
Is this the NEW DELL tablet?
Don´t think so FWIW....
BR
ISPRO
just for testing the volume......
I´ve a sell order for a few k shares at 0.12 for hours. NOT executed!LOL
BR
ISPRO
Cosign.......in an existing market you need at least 6 month to close a minor deal. Think over a NEW security architecture without the infrastrucutre in place. Thats where we are and we have already closed business...
everything at ispro. country
BR
ISPRO
NW.....yup and not only the gov....
"Enterprise Business is Starting"
BR
ISPRO
Zen...OK fair enough, but don´t consider us as folks who would celebrate if SKS buys a bathroom with the PP money!LOL
BR
ISPRO
Zen...of course we can´t speak of bullish, but for me it´s THE signal of the LAST PP for surviving purposes.
What we all forgot is that MSFT has turned their strategy to the TNC approach and I would guess Cisco will follow. Consider WHO is sitting there?
We´ve seen MANY (TOO MANY) short term disappointments which weaken our long position, but in the end we´ve got the proof, that Trusted Computing is REAL and that WE ARE TRUSTED COMPUTING!
BR
ispro
Zen....I would agree with you, if there were not the statement of SKS, that we will see a new OEM in this Q. Further IF/WHEN enterprise sales pick up, you need staff to fullfill customer needs. FWIW; I think the amount is encouraging, the price not.....
BR
ISPRO
MMBG...if you´d follow OKNPVs posts you would consider another possibility.
With debt, another instance(bank) could tell you what to do....
BR
ISPRO
Intel now gets ETSL instead of the 4.3 full version/eom
BR
ISPRO
A nice shopping to all!eom
BR
ISPRO
AeA Micro-Cap Conference from 5/7/2007 (I guess I missed that one, sorry if posted)
http://www.wavesys.com/news/presentations/AEA_2007.pdf
Especially I like the slides 14-19.
BR
ISPRO
Ramsey....thanx for this report!Encouraging/eom
BR
ISPRO
WD.......you have to upload the image to a website and then refer this location like this
(chart]www.domain.com/name.gif(/chart]
...instead of ( use [
BR
ISPRO
AWK......I wouldn´t margin any stock, but I don´t expect a further decline in SP. All the latest news show Wave in the middle of TC with a product portfolio, which makes it nearly IMPOSSIBLE for ANY competition to catch up with.
I await further good news from our existing partners and hopefully new ones.
Nevertheless I´m absolutely with you on this (margin) issue....
BR
ISPRO
Genz2...I hope I got you right, but the MS link was embedded in the Intel link.
The important link is:
http://cache-www.intel.com/cd/00/00/34/24/342457_342457.pdf
BR
ISPRO
(edit)Genz2.....absolute correct, EVERYTHING related to a network NEEDS ETSPRO!
EAS and EKM server do two different things.
- Through the EAS you´ll get the RIGHT (via policies) to log onto the network(server).
- EKM manages, backups and restores the keys for your local machine.
(edit) vaults
With ETSL you can generate one vault (encrypted folder) for your own. To generate/share mulitple (network or local)vaults you need ETSPro AND EAS, EKM to get the RIGHT and MANAGE the KEYS, who have the right to log in in your vault..
BR
ISPRO
Genz2....not sure, but there was a time when Intel got the ETSpro, years ago. I believe Wave has changed this and delivers ETSL to Intel. Key backup and recovery is ALSO necessary for stand alone solutions. IMO ETSL can do this on local drives or USBs, but NOT on a network server. For enterprise wide key management you need ETSpro and EKM server.
Thats just a guess, FWIW
BR
ISPRO
24601......IMO NO!
SME will protect data at MOVE through the wires of the network. There are two(three) main risks for unencrypted data.
1. Storage: (FDE hardware and software based encryption)
2. Traffic: (Encrypted at one endpoint and submitted, decrypted by the other endpoint through software based solutions) Cisco tries to solve the Data at MOVE issue through hardware based SWITCH encryption for moving data.
(3. While processing: Remember the IBM SecureBlue thingy, when data is encrypted within the processor, to secure data on its way from the processor to the HD)
Mix all those encryption methods and ADD TPMs and TNC and you get a bullet proof environment.
BR
ISPRO
Solution Configuration Guide Improve Networked PC Security
with Intel® vPro™ Processor Technology
Revision 1.1, date April 2007
Embassy Trust Suite prominently described as PART of Intel/Vista SECURITY SOLUTION!
A MUST read pdf!
Components for Building the Security
Solution
The following components are required to build the Security Solution:
• Intel® vPro™ processor technology based PC with Intel® Core™2 Duo processor
and TCG compliant TPM
• Windows Vista* Enterprise edition operating system
• Wave Systems Embassy* Trust Suite
• APC Biometric Pod (BIOPOD)
• NTRU TCG Software Stack (TSS)
• McAfee* VirusScan Software
For detailed information about Windows Vista Enterprise, visit
http://www.microsoft.com/windows/products/windowsvista/default.mspx.
http://cache-www.intel.com/cd/00/00/34/24/342457_342457.pdf
and the Intel Q2/2007 product catalogue
http://cache-www.intel.com/cd/00/00/34/31/343131_343131.pdf
BR
ISPRO
Vickers2...thanx!eom
BR
ISPRO
Old and known, but a REALLY nice read for a slow day!
(about Bitlocker)
"I wouldn't lock any door if that meant having to carry around a 20-pound key. The deciding factor in the next battle on laptop encryption -- or more general data encryption -- will be easy management"
http://www.infoworld.com/article/07/03/16/12OPstorinside_1.html
I travel rather often, but I am not a BlackBerry person. When on the road, I need the same tools and computing power that I use at the office, and only a laptop can provide that. Those handhelds just won't cut it for me.
Do I have encryption on my laptop? I do not, but I should -- and you should too. Call me paranoid, but in my view, no laptop should travel unless there is some reliable data encryption mechanism in place.
Why is it then that my laptop and many others, of which we read in the news when they are lost or stolen, still carry data in clear? I can't answer for other people, but for me, it's because until now I haven't found an encryption system that works to my satisfaction.
My idea of a safe laptop is one that easily enforces full disk encryption and offers a safe two-stage authentication system with a key-ring gizmo to insert, plus a code to type. Or perhaps a fingerprint reader, which is a head-turner and doesn't add anything to my key ring.
My ideal encryption system would also allow centralized management of encryption keys, a must-have for corporate deployment.
Am I asking for the moon? Not quite. According to what I learned last week during a briefing with ASI Computer Technology, Seagate, and Wave Systems, the ASI C8015 laptop should make my encryption dream come true and will become available as soon as April. I didn't get any firm pricing information during that briefing (too many variables), but from what I'm told, a secure laptop such as this one should not cost an arm and a leg. Good to know.
The C8015 will mount the Momentus 5400 FDE.2, a Full Disk Encryption hard drive that Seagate has been trumpeting since 2005. As a quick recap, the Momentus FDE mounts a chip that does automatic AES (Advanced Encryption Standard) encryption of its data content, and its firmware stops the laptop at boot time until the user provides proper authentication credentials. Distinct access levels allow different capabilities; typically, users are able to unlock the drive only, while administrators can reassign the drive to a different person or add more users. The Momentus FDE will be available in 80GB, 120GB, and 160GB capacities, all with a SATA interface.
Obviously, encryption makes the disk content reasonably safe from disclosure, but another perhaps less-intuitive benefit is that erasing all the data content becomes as easy and quick as destroying the encryption key. It's a snap compared to alternatives, such as the long and tedious overwriting of each track on the drive, often repeated several times to be on the safe side.
The third ingredient is Wave Systems' Embassy Trust Suite, a package of applications that brings the security hardware mounted on the laptop under a common management umbrella. Embassy Trust Suite has more features than I have space to list, including the ability to manage multiple users and the use of administrative passwords to access the drive.
However, what captures more of my attention and is also one of the latest additions to the suite is Trusted Drive Manager, an application that enables local and remote management of the FDE drive and simplifies routine administrative tasks such as recovering a forgotten password.
"From a [central] server, an IT administrator can do all the setup administration and control of the drive remotely without ever having to physically touch the laptop," explains Lark Allen, executive vice president of corporate development for Wave Systems.
As for the laptop shell that will surround all this, here's one of the models that ASI plans to sell. Think of it as a Centrino Duo notebook with a 15.4-inch screen, a fingerprint reader, and TPM (Trusted Platform Module).
I like the rounded approach to a more secure computing platform, but many people will probably ask if simply deploying Windows Vista BitLocker on a TPM machine is an easier alternative. From what I have seen so far, BitLocker's approach to disk encryption is far from simple, which could scare people away.
I wouldn't lock any door if that meant having to carry around a 20-pound key. The deciding factor in the next battle on laptop encryption -- or more general data encryption -- will be easy management.
BR
ISPRO
I guess just a mistake!eom
BR
ISPRO
Alea...LOL!
I like the nearlythere.com but the problem here is, that they would have to pay a few 100k bucks to rename the company in alreadyhere.com within the next months.
BR
ISPRO
OKNPV....my point was that Nasdaq said
1. DeutscheBank sold out a few days ago (per 3/31/2007)
and now they say
2. Deutsche ´Bank INCREASED their position (also per 3/31/2007)
IF they sold out, they couldn´t have increased their position, it would have been a NEW entry. Probably other SOLDOUT positions didn´t happen as well....
BR
ISPRO
Doma....this could mean, that
D630, D531 and D830, D631 have DIFFERENT TPMs.
"Release Title: Security: Broadcom Trusted Platform Module (TPM) 1.2, UPEK TouchStrip Reader, Wave Systems Corp EMBASSY Trust Suite, Application, Windows Vista 32-bit, Multi Language, Latitude D631, D830, v.2.0.52.000, A15 "
For D630, D531 the drivers are not yet available...
BR
ISPRO
OKNPV et all RE: Institutions....
Something is wrong, even on Nasdaq!
(Please don´t delete this post even when I´m refering to another bo**d)
On 16th May there was a post on Ya*** where the poster reported a SELL OUT of Deutsche Bank. I looked on Nasdaq and he was right!
http://messages.finance.yahoo.com/Stocks_%28A_to_Z%29/Stocks_W/threadview?m=tm&bn=19716&tid=...
RBC DAIN RAUSCHER IN... 3/31/2007 0 (333) Sold Out $0
PNC FINANCIAL SERVIC... 3/31/2007 0 (2,333) Sold Out $0
SPARK LP /DE 3/31/2007 0 (16,800) Sold Out $0
DEUTSCHE BANK AG\ 3/31/2007 0 (69,486) Sold Out $0
GRUBER & MCBAINE CAP... 3/31/2007 0 (777,000) Sold Out $0
MARXE AUSTIN W & GRE... 3/31/2007 0 (837,802) Sold Out $0
Today (same Date 3/31/2007)we see on Nasdaq that Deutsche Bank INCREASED there holdings to 700937.
DEUTSCHE BANK AG\ 3/31/2007 700,937 631,451 908.75%
So obviously they NEVER sold their 69486, since Nasdaq would report a NEW not an increased position!
I guess we have to look each day on Nasdaq to see what´s about the other SOLD OUT institutions....
BR
ISPRO
4x...as always a triple A!
"PC encryption is the calm before the impending key management storm. Managing all of these keys in a formal and organized way is not a well-understood practice and many tools are pretty weak. Get ready for headlines about unrecoverable data or malicious key-management administrators."
...the impending key management storm....
Nice, very nice...
Thanx and BR
ISPRO
Dory/Bull...don´t worry about the PP.There are companies out there, getting money with absolutely NOTHING. This is the ugly financing, getting a 30-50% discount. I hope we get a financingt at market, that means at a closing price, beginning at 2.48, IMO
BR
ISPRO
Dutchbj.......MSFT likes proprietary solutions, hoping to own THIS market. They´ve already missed the train, if you remember!
BR
ISPRO
Awk...Yup!eom
BR
ISPRO