NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY 11/16/04 Today's focus: Something wiki this way comes
Dear [EMAIL PROTECTED], In this issue: * How Wikipedia is sparking a revolution * Links related to Security * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Radware Radware DefensePro 3Gbps Intrusion Prevention Switch Radware Intrusion Prevention Switch protects against worms, viruses, malicious intrusions, Denial of Service attacks and Trojans - securing networked applications at 3-Gbps. Featuring inline security switching and accelerated, stateful and deep-packet inspection, DefensePro isolates attacks and dynamically moderates bandwidth to stop propagation across the network. Download a free copy of the Radware DefensePro White Paper at http://www.fattail.com/redir/redirect.asp?CID=87839 _______________________________________________________________ IT SECURITY JOBS TO EXPLODE With an annual compound rate of nearly 14% from now until 2008, information security jobs are far outpacing IT jobs in general. For more results from this recent survey conducted by IDC of full-time security pros in 80 counties worldwide, click here: http://www.fattail.com/redir/redirect.asp?CID=88283 _______________________________________________________________ Today's focus: Something wiki this way comes By M. E. Kabay One of the online lookup resources I am fond of for network-related information is the Wikipedia. This free online encyclopedia has extensive listings of network and security entries that have been helpful to my students and me and that many readers may already be using. I recently ran across an interesting challenge to the integrity of Wikipedia; perhaps some of you will also be interested in the issue and others will be prompted to examine the resource for yourselves. The case also raises very general questions about the trustworthiness of collaborative documentation efforts on the Web - methods that may soon be applied to commercial software development. The issue arose when one of the instructors in the Master of Science in Information Assurance program at Norwich University recently came across this article: Librarian: Don't use Wikipedia as source <http://www.nwfusion.com/nlsec832> The article referenced is by Al Fasoldt of _The Post-Standard_ newspaper. He explained that a school librarian pointed out that Wikipedia < <http://en.wikipedia.org/wiki/Main_Page> > is "not the online version of an established, well-researched traditional encyclopedia. Instead, Wikipedia is a do-it-yourself encyclopedia, without any credentials." The librarian, Susan Stagnitta, wrote, "Anyone can change the content of an article in the Wikipedia, and there is no editorial review of the content." Fasoldt then goes on to dismiss the entire Wikipedia as untrustworthy. Not so fast. I looked at a range of entries concerning information assurance in the Wikipedia and, although I didn't agree with everything I read, I certainly found no cause for wholesale rejection of this resource. All the articles had cross-references and many had links to authoritative source materials. The overview article on "computer security" has a brief summary of key issues and includes many internal and external links: <http://en.wikipedia.org/wiki/Computer_security> In addition, although it is true that anyone can modify text, the FAQ has sections that discuss how changes are discussed and accepted or rejected: <http://en.wikipedia.org/wiki/Wikipedia:FAQ> The process is by no means random. Changes are flagged as major or minor; those who are interested in a particular page can find out when it has been changed and exactly what the changes are. Errors and vandalism can be corrected immediately by reversion to a previous state. Vandals can be blocked from further access to editing functions. I cannot discount Wikipedia simply because it lacks centralized control; neither does the Web as a whole. The Wikipedia project reports that as of early November, the contributors are working on 385,078 articles. It includes facilities for collaboration by people from around the world, including groups for serious discussion of articles, lists of open tasks and specific requests for help in active projects. >From a security standpoint, I have no particular complaints; the resource is at least as good a contribution as many a commercial site I have looked through. As always, _caveat emptor_: translating loosely here, "user beware." Far from dismissing this resource, I think it is a useful and exciting venture. My hope is that some among you will be sufficiently pleased to contribute to the work and thus improve a resource that can benefit network and security managers in the long run. Interestingly, the approach is also being used for software development. A start-up called JotSpot is using the wiki (Hawaiian for "quick") technology to create applications that users can change, just like Wikipedia pages can be changed: <http://www.nwfusion.com/news/2004/1028wikistart.html> RELATED EDITORIAL LINKS JotSpot to re-energize stagnant Intranets Network World Web Applications Newsletter, 11/03/04 http://www.nwfusion.com/newsletters/web/2004/1101web2.html How best to patch: a debate Network World Fusion, through 11/19/04 http://www.nwfusion.com/cgi-bin/forum/gforum.cgi?post=1964 Vendors back Web app security testing Network World, 11/15/04 http://www.nwfusion.com/news/2004/111504firewalls.html Tool fights wireless, wired worm outbreaks Network World, 11/15/04 http://www.nwfusion.com/news/2004/111504trendmicro.html The Extended Enterprise Issue Network World, 11/15/04 http://www.nwfusion.com/ee/2004/ _______________________________________________________________ To contact: M. E. Kabay M. E. Kabay, Ph.D., CISSP, is Associate Professor in the Division of Business and Management at Norwich University in Northfield, Vt. Mich can be reached by e-mail <mailto:[EMAIL PROTECTED]> and his Web site <http://www2.norwich.edu/mkabay/index.htm>. A Master's degree in the management of information assurance in 18 months of study online from a real university - see <http://www3.norwich.edu/msia> _______________________________________________________________ This newsletter is sponsored by Intel IT Productivity; Increasing ROI Learn how to effectively measure employee productivity, manage IT investments and reduce the Total Cost of Ownership in enterprise data management. Visit Intel's IT Productivity center. Click here to download white papers, books and IDC Research. http://www.fattail.com/redir/redirect.asp?CID=88386 _______________________________________________________________ ARCHIVE LINKS Archive of the Security newsletter: http://www.nwfusion.com/newsletters/sec/index.html Breaking security news: http://www.nwfusion.com/topics/security.html _______________________________________________________________ Mission critical-application security Tune in to learn how to protect your enterprise applications from direct targeted web attacks, targeted attacks, direct database breaches, and worm infections, both internally and externally. Watch this new webcast "Defending Your Business with Application Security"now. http://www.fattail.com/redir/redirect.asp?CID=88443 _______________________________________________________________ FEATURED READER RESOURCE NEW! Website dedicated to Networking for Small Business now available The editors of NW Fusion and PC World have combined all their expert advice, authority, and know-how into a powerful new tool for small businesses, the new Networking for Small Business website. Get news, how-to's, product reviews, and expert advice specifically tailored to your small business needs. Find help with Security, Broadband, Networking, Hardware, Software, and Wireless & Mobile technology at: <http://www.networkingsmallbusiness.com/> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
