Search
Browse by Topic
- Ferris Deliverables
- Topics
- Vendors and Products
- Attenex
- Autonomy/Zantaz
- AXS-One
- Blue Coat
- Borderware
- C2C
- CA/Ilumin
- CaseCentral
- Cetaphora
- Cisco/Ironport
- Clearswift
- Clearwell
- Code Green
- CommVault
- EMC
- Fortiva
- GFI
- Global Relay
- Google/Postini
- H&S
- HP/IAP
- IBM CommonStore
- IBM Notes/Domino
- IBM Quickplace
- Iron Mountain/Stratify
- Kazeon
- LiveOffice
- Marshal
- McAfee
- MessageLabs
- MessageOne
- Microsoft Exchange/Outlook
- Mimosa Systems
- Open Text/Hummingbird
- Oracle/Stellent
- Orchestria
- Other Products
- Permessa
- Proofpoint
- Quest
- Reconnex
- RPost
- Seagate/EVault/MetaLINCS
- Sherpa Software
- SonicWALL
- Symantec/Vault/Veritas/Vontu
- Tablus
- Titus Labs
- Trend Micro
- Vericept
- Waterford
- Websense/Port Authority/SurfControl
- ZL Technologies
Archives
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
- October 2005
- September 2005
- August 2005
- July 2005
- June 2005
- May 2005
- April 2005
- March 2005
- February 2005
- January 2005
- December 2004
- November 2004
- October 2004
- September 2004
- August 2004
- July 2004
- June 2004
- May 2004
- April 2004
- March 2004
- February 2004
- January 2004
- December 2003
- November 2003
- October 2003
- September 2003
- August 2003
- July 2003
- June 2003
- May 2003
- April 2003
- March 2003
- February 2003
- January 2003
- December 2002
- November 2002
- October 2002
- September 2002
- August 2002
- July 2002
- June 2002
- May 2002
- April 2002
- March 2002
- February 2002
- January 2002
- December 2001
- October 2001
- September 2001
- August 2001
- July 2001
- June 2001
- May 2001
- April 2001
- March 2001
- December 2000
- October 2000
- September 2000
- August 2000
- July 2000
- June 2000
- May 2000
- April 2000
- March 2000
- February 2000
- January 2000
- December 1999
- November 1999
- October 1999
- September 1999
- July 1999
- June 1999
- April 1999
- March 1999
- February 1999
- January 1999
June, 2006
Weblogs and Consumer Teamspaces Are PR, Advertising Targets 
Comment on this (0 comments)Jun 30, 2006
If you are a subscriber to our Analyzer Information Service, please log in to view subscriber attachments.
Weblogs and Consumer Teamspaces Are PR, Advertising Targets
There’s a new spam control feature planned for Outlook 2007 that hasn’t received much attention: the math puzzle. When Outlook 2007 tries to submit email to Exchange, Exchange will challenge Outlook with a puzzle, waiting for a correct answer before sending the message. The puzzle is designed to require a significant amount of time to solve — of the order of half a second.
The functionality will require Exchange 2007, or 2003 with a future service pack, according to Microsoft people we spoke to. (Apparently the functionality is already present in Exchange 2003, but disabled.)
The idea is twofold:
- It will severely throttle the speed of spam-sending malware that tries to use Outlook to send its spam, thus thwarting its ability to flood the Internet with advertisements for fake watches, pirated software, and herbal enlargement products.
- Messages that send using this puzzle can be passed through receiving spam filters, preventing them from becoming false positives.
The first point is interesting, but unlikely on its own to make a significant dent in the spam problem. The "botnet" or "zombie army" problem is most prevalent on consumer PCs, sending direct-to-MX via SMTP, not in corporate networks sending via Exchange RPCs.
The second point is intriguing, but it’s unclear how this can be made foolproof. The risk is that spammers will find a way to subvert the system, causing their spam to be delivered to users’ inboxes. For example, a spammer can solve a great many math puzzles using botnets.
This is essentially a hybrid hashcash, such as implemented by the Camram spam control project. Microsoft disclosed that it has a patent on the technology (despite its similarity to hashcash methods), and says it’s considering ways to make it more widespread.
Police states fear gatherings of large numbers of people, because they can unpredictably turn into a mob demanding the overthrow of an unpopular government. Internet-based collaboration will quickly make it very difficult to stop large, spontaneous gatherings.
Eritrea illustrates. The government is very unpopular with its people. The government refuses to hold elections, because it knows it will be voted out, and because it fears that once it’s out, the established government will likewise refuse to relinquish power at the hustings. This is a common situation throughout the world, especially in Africa.
In Eritrea, people are very religious, and the majority are Christian. Religious groups are the main nongovernmental organizations that can pull together a big crowd. So churches are closely monitored and controlled. Only three Christian groups are allowed: Eritrean Orthodox, Roman Catholic, and the Lutheran Church. These groups must follow the government’s rules and avoid meddling in politics. All other churches are illegal. Errant pastors who start gathering large crowds are quickly put in (appalling) prisons, or are thrown out of the country.
The Internet will grow in police states; competitive international pressures make governments unable to stop it. And as its use grows, collaborative technologies such as email, instant messaging, and teamspaces will let groups of people quickly organize meetings at very short notice. The London WTO riot in 1999 and flash mobs are examples. SMS text messaging also plays a big part.
Such gatherings will make life extremely difficult for dictatorships. What will they do when half of the population spontaneously gets together to demand the downfall of the government? There will be too many people involved, and doing nasty things to a few leaders won’t stop the gatherings from occurring. Collaborative technology is bad news for police states.
This report discusses what sender reputation services are, how they work, and how they supplement present and future spam management strategies
Exchange 2007 Enterprise Server Edition introduces new replication technology called Clustered Continuous Replication (CCR). This combines automatic management of redundancy and application-level data replication for Exchange.
CCR is important because it eliminates the requirement for a shared storage subsystem for your Exchange cluster. Using CCR you can build a geographically distributed cluster, provided you have enough bandwidth between the nodes.
CCR operates using an Exchange cluster with a minimum of three nodes. Two nodes in an active/passive configuration contain the matching mailbox servers. The third node — the votersplit brain syndrome. — is used to avoid an occurrence of network partition within the cluster, also known as
When enabled, the CCR volume is seeded automatically with an ESE Full backup and is updated continuously with new transaction log files. Once copied to the CCR volume, the log files are applied immediately to the replicated database. To help make this practical, transaction log files are now 1MB in size vs. 5MB for Exchange 2003.
CCR will be important for organizations that desire more disaster recovery flexibility for Exchange.
If you are a subscriber to our Analyzer Information Service, please log in to view subscriber attachments.
Interesting Sales Approach for Content Security
If you are a subscriber to our Analyzer Information Service, please log in to view subscriber attachments.
The Components of a Consumer Teamspace
When users send photos by email, they often create problems. For example:
- Slow download times of multimegabyte files over dialup
- Message store limits exceeded
CNET recently released a free service aptly named All You Can Upload. Essentially, it is a bare-bones image hosting service. The service is extremely simple to use. It’s therefore useful for sharing large images without the hassles of typical file transfer. In addition, many community sites, Web hosting services, weblogs, forums, auction sites, etc., either do not offer their own image hosting facilities or limit the number and size of images hosted.
There are many image hosting sites. However, All You Can Upload is as notable for the functions it doesn’t have as for the ones it does. The site has neither advertisements nor registration, and it does not have any premium services. Users can immediately begin uploading images from the main page. The service allows for unlimited uploading of images (GIF, JPEG, and PNG) of unlimited size. There are no bandwidth limitations. Images are uploaded via a Web form and can be resized at that time.
Upon uploading images, the user is presented with a set of URIs to the original images and to thumbnails. Users must record the URIs; otherwise they are forever lost. Since there are no accounts, All You Can Upload has no management features, photo albums, etc. Users who want these additional features are encouraged to sign up for CNET’s Webshots photo sharing community. Currently, there is no security other than the long identifier given to each image and no way to delete images. I suspect we will see external services built to use All You Can Upload as a back end and provide additional features.
The All You Can Upload service is built on Haystack, CNET’s new high-capacity and scalable storage back end. Webshots will migrate to the Haystack back end as well. Webshots has 19 million users who have uploaded more than 375 million photos.
Skills Inventory Is Side Benefit of Internal Mail Monitoring
Comment on this (0 comments)Jun 26, 2006Increasingly, organizations monitor the flow of internal email communications among functional groups, divisions, and international sites to detect noncompliant content and proprietary information breaches.
A side benefit of monitoring is finding out what the employees know about a particular subject, product, or technology. This knowledge can then be rolled into a skills database, creating a much more current and granular view of the human resources within the organization. The information gleaned can also feed contact and calendar information to help in locating the closest person with the needed skills.
One of the first content control vendors to recognize this benefit is Vericept. Vericept’s 360 Risk Management Platform combines three applications - Content 360, Email Control, and Stored Data Discovery - to monitor, detect, and analyze internal and external communications.
If you are a subscriber to our Analyzer Information Service, please log in to view subscriber attachments.
Social Aspects of Security Move Center Stage
It’s tough to implement email archiving. The main challenges are:
- Getting the product or service to work properly
- Working out what policies to implement, given the applicable laws and regulations
- Implementing and enforcing those policies
The trading floors of financial services organizations represent the only type of organization to have done all of the above. Most everyone else is still stuck on the first stage, getting the product or service to work properly.
Health-care businesses are perhaps the most glaring examples of limited compliance. Most health-care businesses are small or medium-size organizations, and only have limited implementation resources and skills.
… David Ferris and Scott Bolser
Recommended: Computerworld’s Mobile & Wireless World Conference 
Comment on this (0 comments)Jun 22, 2006
If you are a subscriber to our Analyzer Information Service, please log in to view subscriber attachments.
Recommended: Computerworld’s Mobile & Wireless World Conference
Please Wait