SplashData Finds 25 Most Common Passwords of 2011
December 6, 2011
InfoWorld reported this week on the most commonly used passwords of 2011 in the article “Stop Using These 25 Passwords Today.”
According to the security and search application vendor SplashData, many people fall into the trap of using random nouns or numbers for their password.
The article states:
“Too many users still can’t resist the allure of using dangerously simple passwords, such as strings of sequential numbers (“123456” or “654321”), series of letters that sit side by side on keyboards (“qwerty” and “qazwsx”), or passwords that demonstrate little to no imagination (“password” and “111111”). Other users evidently attempt to avoid overly common words or strings of numbers and letters in favor of proper names, types of animals, interests, or short sentences.”
The article provides a list of the top 25 stolen passwords posted by hackers for you to peruse. Our personal favorite is 11111111.
Jasmine Ashton, December 6, 2011
Sponsored by Pandia.com
NASA and Google Refocus on Enterprise Search Project
November 30, 2011
Researchers at the NASA Langley Research Center helped make it possible for humans to land on the moon and robots to capture far-off worlds. Information giant Google has its roots in search. That was then.
Now NASA has lost the space program and Google lost focus on search. But that hasn’t stopped the two from teaming up to improve NASA’s Enterprise search capabilities. “NASA and Google tackle a major enterprise search project” explains:
“NASA researchers had become hindered by time-consuming and relatively labor-intensive searches that often returned questionable results. NASA workers usually had to log in to multiple systems to complete the searches, and there was no common search interface that could simultaneously display results from both internal and external sources.”
The two worked together closely to set up the Google Search Appliance that is currently up and running at NASA Langley. Both sides are satisfied with the final product for NASA’s research community.
But in the fast paced information world, you need to look to innovators focused specifically on enterprise search. You may want to check out Mindbreeze and their dynamic search technologies that bring together security, mobility, and information pairing.
Sara Wood, November 30, 2011
Spotlight: Mindbreeze Information Pairing
November 2, 2011
We wanted to continue our spotlight on Mindbreeze, a unit of the highly regarded Fabasoft. You will want to bookmark the Mindbreeze blog at this link and take note of “Information Pairing. Knowledge Match Making for Your Company.”
With companies flopping like caught trout in the bottom of a fishing boat, the ability to locate the person in your organization with information germane to your work is essential.
The challenge, according to Mindbreeze, is to locate the individual with the experience, information, and insight to assist in answering a business question. Walking around no longer works because many companies have employees who are at client locations, working from a different facility, or responding to email from an airport waiting lounge.
The blog article asserts:
Fabasoft Mindbreeze has the answer: Information pairing. This involves the boundless networking of company relevant information within an enterprise or organization and placing it in the Cloud. In my opinion acting in this way in all business issues is reliable, dynamic and profitable – the basis for competitive advantage.
The method relies on the Mindbreeze core technology which delivers information with pinpoint accuracy. The write up continues:
Existing identities and access rights to company-internal and Cloud data remain preserved. The user only receives information displayed for which he/she has access rights for. This ensures that Fabasoft Mindbreeze fulfills the strictest compliance requirements. Furthermore, Mindbreeze is certified according to all relevant security standards.
The Mindbreeze technology for “information pairing” allows in a unique way to enrich documents and information in a secure and highly efficient way with enterprise and even content from the Cloud. Information gets dynamically annotated with “knowledge” extracted and harvested from cloud services (public and private ones), e.g. like Wikipedia or Fabasoft Folio Cloud. This is a very innovative and impressive way to combine information effectively and annotate existing and preprocessed entities on the fly.
So for instance: You need to know everything about a lead? Mindbreeze combines every information in your enterprise, like your CRM and connects the information with suitable content from sources like Wikipedia, LinkedIn, social media like Facebook and even on your web analytics account and comes up with a unified view of all the information that’s available for this lead.
Unlike some search and content processing vendors, Fabasoft has taken care to ensure that privacy and security work as the organization intends. Fabasoft and Mindbreeze hold SAS70 and ISO 27001 certifications for their cloud services. This is unique in the enterprise search space. According the write up, the focus has been on putting “values” about these important norms in the firm’s software and systems.
Take a look at www.mindbreeze.com.
Stephen E. Arnold, November 2, 2011
Sponsored by Pandia.com
Google and LAPD Disagree on Security
November 1, 2011
Call me old fashioned, but I thought sophisticated enterprise cloud services were secure. Guess I was wrong. Looks like more security hassles for Google, this time centering around the city of Los Angeles.
In 2009, the city approved a $7.25 million deal to move its email and productivity infrastructure to Google Apps, yet the move hasn’t been completed yet. The reason? LAPD and other agencies in the city are not happy with Google’s security, particularly in the realm of criminal history data. The number of LA employees expected to move has been downed from 30,000 to 17,000 and the city is demanding a refund for the money it has paid Novell for a GroupWise System, Fire Department Arson Investigators, City Attorney Criminal Branch, and several other city groups concerning criminal history data.
Ars Technia’s article, “Google Apps Hasn’t Met LAPD’s Security Requirements, City Demands Refund,” tells us more:
Both CSC and Google released statements this week. According to Network World, CSC said it has ‘successfully migrated all of the City of Los Angeles’s employees, except those with the City law enforcement agencies, to the new Google Apps cloud computing solution,’ and ‘subsequent to the award of the original contract, the City identified significant new security requirements for the Police Department. CSC and Google worked closely with the City to evaluate and eventually implement the additional data security requirements, which are related to criminal justice services information, and we’re still working together on one final security requirement.’
I think the issue boils down to a a failure to communicate. Now the parties have to determine who said what and when but really meant another thing. Clear? If not, perhaps Google will sue Los Angeles as it did Fish & Wildlife. Clear?
Andrea Hayden,November 1, 2011
Sponsored by Pandia.com
Protected: Useful Claims-Based Authentication White Paper
October 28, 2011
Google and the Perils of Posting
October 21, 2011
I don’t want to make a big deal out of an simple human mistake from a button click. I just had eye surgery, and it is a miracle that I can [a] find my keyboard and [b] make any function on my computers work.
However, I did notice this item this morning and wanted to snag it before it magically disappeared due to mysterious computer gremlins. The item in question is “Last Week I Accidentally Posted”, via Google Plus at this url. I apologize for the notation style, but Google Plus posts come with the weird use of the “+” sign which is a killer when running queries on some search systems. Also, there is no title, which means this is more of a James Joyce type of writing than a standard news article or even a blog post from the addled goose in Harrod’s Creek.
To get some context you can read my original commentary in “Google Amazon Dust Bunnies.” My focus in that write up is squarely on the battle between Google and Amazon, which I think is more serious confrontation that the unemployed English teachers, aging hippies turned consultant, and the failed yet smarmy Web masters who have reinvented themselves as “search experts” think.
Believe me, Google versus Amazon is going to be interesting. If my research is on the money, the problems between Google and Amazon will escalate to and may surpass the tension that exists between Google and Oracle, Google and Apple, and Google and Viacom. (Well, Viacom may be different because that is a personal and business spat, not just big companies trying to grab the entire supply of apple pies in the cafeteria.)
In the Dust Bunnies write up, I focused on the management context of the information in the original post and the subsequent news stories. In this write up, I want to comment on four aspects of this second post about why Google and Amazon are both so good, so important, and so often misunderstood. If you want me to talk about the writer of these Google Plus essays, stop reading. The individual’s name which appears on the source documents is irrelevant.
1. Altering or Idealizing What Really Happened
I had a college professor, Dr. Philip Crane who told us in history class in 1963, “When Stalin wanted to change history, he ordered history textbooks to be rewritten.” I don’t know if the anecdote is true or not. Dr. Crane went on to become a US congressman, and you know how reliable those folks’ public statements are. What we have in the original document and this apologia is a rewriting of history. I find this interesting because the author could use other methods to make the content disappear. My question, “Why not?” And, “Why revisit what was a pretty sophomoric tirade involving a couple of big companies?”
2, Suppressing Content with New Content
One of the quirks of modern indexing systems such as Baidu, Jike, and Yandex is that once content is in the index, it can persist. As more content on a particular topic accretes “around” an anchor document, the document becomes more findable. What I find interesting is that despite the removal of the original post the secondary post continues to “hook” to discussions of that original post. In fact, the snippet I quoted in “Dust Bunnies” comes from a secondary source. I have noted and adapted to “good stuff” disappearing as a primary document. The only evidence of a document’s existence are secondary references. As these expand, then the original item becomes more visible and more difficult to suppress. In short, the author of the apologia is ensuring the findability of the gaffe. Fascinating to me.
3. Amazon: A Problem for Google
Paving Stones of Good Intentions
October 9, 2011
Even Orwell didn’t foresee this, not specifically. From Kindergarten through college, students are now subjected to more forms of monitoring than I could have conceived of when I was a little rabble rouser. From cameras to RFID badges, it’s an entirely different world.
Now Michael Morris, is a lieutenant with the University Police at California State University-Channel Islands, is calling on universities to take surveillance to a whole new level. NetworkWorld reports on this in “Privacy Nightmare: Data Mine & Analyze all College Students’ Online Activities.” That’s right, the good lieutenant recommends recording every little thing college students do online and analyzing the data to predict and prevent “large-scale acts of violence on campus.” What’s more, it would be easy enough to do with today’s data management tools. Wrote Morris,
Many campuses across the country . . . provide each student with an e-mail address, personal access to the university’s network, free use of campus computers, and wired and wireless Internet access for their Web-connected devices. Students use these campus resources for conducting research, communicating with others, and for other personal activities on the Internet, including social networking. University officials could potentially mine data from their students and analyze them, since the data are already under their control. The analysis could then be screened to predict behavior to identify when a student’s online activities tend to indicate a threat to the campus.
Take a moment to reflect on the side effects of such a large-scale invasion of privacy. What other behavior, unrelated to potential violence, will be “predicted?” And how will those predictions be acted upon? The possibilities are endless.
Look, I get it. I once attended Virginia Tech, after all, and now I have a child in college myself. Not much scares me more than visions of some nut-job with guns descending on that campus. But I also realize that throughout history, fear has been the key to gaining citizen acceptance of the unacceptable. And now we have technology that allows the unacceptable to reach heights like never before.
Cynthia Murrell October 9, 2011
IBM OmniFind Security Issue
September 29, 2011
Avoid the security vulnerability by removing seven imcd*.flt files from the /lib or /bin directories of the OmniFind Enterprise Edition installation root directory. Removing these files should prevent the security vulnerability without loss of function because OmniFind Enterprise Edition does not use the CorelDraw functions.
Jasmine Ashton, September 29, 2011
Sponsored by Pandia.com
Protected: Setting Up Custom Access Controls in SharePoint Search
September 29, 2011
Social Media: Is There a Scare Factor?
September 17, 2011
From the “Do You Need to Be Reminded” Desk: Social media mining is a growing field, one that deals with parsing meaning out of the big data generated by social networks. Valuable to advertisers, but potentially also to employers, law enforcement, and even criminals, this data can generate relevant information about individuals and groups. But how do we know if it’s accurate? Eric Naone explores in, “When Social Media Mining Gets it Wrong.”
…In Las Vegas, at the computer security conference Black Hat, Alessandro Acquisti, an associate professor of information technology and public policy at the Heinz College at Carnegie Mellon University, showed how a photograph of a person can be used to find his or her date of birth, social security number, and other information by using facial recognition technology to match the image to a profile on Facebook and other websites. Acquisti acknowledges the privacy implications of this work, but he warns that the biggest problem could be the inaccuracy of this and other data-mining techniques.
If the privacy aspect of social media mining doesn’t scare you, the inaccuracy of the technology should. Correlations made from individuals’ social “likes” and comments are weak at best. If companies try to implement usage of big data gleaned from social media, it will no doubt push the issue into political debate in order to prevent misuse and breaches of privacy. Now what about social search? Worth considering?
Emily Rae Aldridge, September 17, 2011
Sponsored by Pandia.com, publishers of The New Landscape of Enterprise Search
-
- Subscribe to Beyond Search
Feature archive
News archive
-
