XP copy-protection not foolproof

A controversial anti-piracy technology built into Microsoft Corp.’s Windows XP operating system has been cracked, a U.K. security firm has reported.

Within hours of the operating system’s glitzy launch on Oct. 25, malicious coders in Asia began distributing a software program over the Internet that allows users to bypass Microsoft’s Product Activation technology, which is designed to prevent users from installing a copy of Windows XP on multiple computers, according to BitArts Lab, a U.K. based digital rights management firm. The Microsoft technology requires all users to “activate” their copy of Windows XP soon after they purchase it. This process “locks” a product identification number assigned to each copy of Windows XP to the PC it is installed on, and then issues an activation code based on that configuration. But some users have managed to get around that process with a program authored recently by computer hackers which allows them to strip the activation technology from the software, BitArts said.

Neoteris secures LAN access with SSL

Start-up Neoteris Inc. is parlaying Web-browser technology that protects online credit card sales into a simple, secure way for employees and business partners to access your network.

Neoteris makes proxy server hardware devices and software called EmployeeAccess and PartnerAccess that mediate Secure Sockets Layer (SSL) sessions between users on the Internet and LAN servers that are protected by a corporate firewall. SSL is 168-bit encryption developed by Netscape that is used to set up secure Internet links between Web browsers and Web servers, and is considered the security standard for Internet money transactions.

Security group: Humans are weakest link

Humans may be the weakest link in securing information systems, according to a panel of experts at a recent conference organized by Computer Security Institute (CSI) in Washington.

A panel during one of the conference’s sessions was dedicated to examining the role that people play in securing digital information. CSI is a membership organization that provides training and events related to information security. said. Brett Hovington, council member and national coordinator for the U.S. Federal Bureau of Investigation (FBI)’s National IfraGard Group, said that understanding the human component, or identifying who is behind the keyboard, is essential to solving information security breaches. The FBI has begun profiling cyber-intruders, much as they do serial killers, to help them understand behaviour and motivations behind attacks and hopefully identify attackers.