Replies to post #31767 on Wave Systems Corp. (fka WAVXQ)

[yayapapadoc]

Hackers are devising clever ways to sneak into personal and office computers. The security companies and experts gathering at the RSA Conference 2004 in San Francisco are working to stop them--but can they?




Gates emphasizes security in Windows update
Bill Gates, chairman, Microsoft

Gates predicts death of the password
Traditional password-based security is headed for extinction, says Microsoft's chairman, because it cannot "meet the challenge" of keeping critical information secure.
February 25, 2004


Security experts bemoan poor patching
Top security officers warn that patching software flaws is still far too difficult, with many companies left vulnerable because they are lagging behind on applying critical updates.
February 24, 2004


Gates: 'Everything' impacted by security concerns
During Chairman Bill Gates' speech, Microsoft shows off an update to Windows designed to make the operating system more secure.
February 24, 2004


Is security getting any easier?
Although companies are making headway on many security problems, don't expect headaches like spam to disappear anytime soon, experts say.
February 24, 2004


RSA polishes RFID shield
The security software maker announces a cloaking technology designed to protect information emitted by radio frequency identification tags.
February 24, 2004


Sun to boost Java ID plan for PCs
The company is modifying its Java software and working with mobile phone and credit card companies to better guarantee the identity of personal computer users.
February 23, 2004


Microsoft teams with RSA on password protection
The software giant and the security vendor will jointly release a new authentication technology using SecurID tokens.
February 23, 2004


HP has a plan to throttle Net threats
The computing giant plans to announce two services for slowing down fast-spreading viruses and immunizing networks against threats.
February 23, 2004


VeriSign aims to filter out the fakes
The company announces a method for authenticating corporate users, as it takes on RSA Security in the market for identifying who's who on a network.
February 23, 2004


Will IM be the next security culprit?
perspective Q1 Labs CTO Sandy Bird cautions that the number of instant messaging attacks is likely to worsen over time.
February 24, 2004

[SPIN]

SAN FRANCISCO--Microsoft Chairman Bill Gates predicted the demise of the traditional password because it cannot "meet the challenge" of keeping critical information secure.

Gates, speaking at the RSA Security conference here on Tuesday, said: "There is no doubt that over time, people are going to rely less and less on passwords. People use the same password on different systems, they write them down and they just don't meet the challenge for anything you really want to secure."

Gates emphasizes security in Windows update
Bill Gates, chairman, Microsoft RSA is working with Microsoft to develop a SecurID technology specifically for Windows. Both companies agreed there is a need to remove the vulnerabilities associated with employees using weak passwords.

SecurID is the best-known two-factor authentication system and is used by many large enterprises. It generates a constantly changing sequence of numbers that a user has to type in alongside their normal password or PIN. Creating a specific system for Windows could mean that rolling out strong authentication across an enterprise will be far easier and cheaper.

New organization helps companies measure security efforts against similar competitors

However, Gates said that Microsoft would not be using the SecurID system internally because it had opted for a smart-card system--with the help of RSA. "Microsoft recently moved to a smart card approach, and a key partner in this was RSA," he said.

Microsoft also demonstrated "tamper resistant" biometric ID-card software, developed by its own research arm, that can be used by both small and large companies to create ID cards using a digital camera, an inkjet printer and a business-card scanner.

To create an ID card, the software requires a photograph and some basic information about a person, such as name and date of birth. This information is processed by the software to create a digital signature in the form of a bar code, which is also printed onto the ID card. If any of the information on the ID card is altered, it will not correlate to the signature and the card is rejected, according to Microsoft.

Gavin Jancke, development manager at Microsoft Research, who demonstrated the software, said one of the key aspects of the system is that it does not require a database because all the information is already stored on the card.

"The authenticity ID is stored in the printed information in the card itself. There are no user privacy issues because we know that what is stored on this card is stuff that they can actually see," he said.

Jancke said the system could also be used to store fingerprints or an eye scan.

"This system is also extensible, so we can include other biometric information, such as iris or fingerprint. It will still maintain the same tamper resistancy on ordinary paper or plastic printed media," he said.

Microsoft did not indicate when or if the software would be available commercially.

Munir Kotadia of ZDNet UK reported from San Francisco.