John McKown wrote:
IMO, encrypting data is a very good defense. Another good defense is hiring competent people rather than inexpensive people and giving them the time to design, code, and test their solutions. I don't have statistics, but many attacks are based on coding errors such as the infamous "SQL Injection" attacks. On the almost hilarious attacks which succeed because "whomever" didn't bother to configure the security on some piece of equipment, and left the administrator credentials as "admin/admin". Of course, the people & time requirements that I mentioned "cost too much" and "delay time to market". Today's world is based on think up something in the morning, design over lunch, create before dinner, ship the next morning.
Did you mention admin/admin because of this news report, or just coincidence?
http://www.bbc.com/news/technology-41257576 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
