Apr 21

Computer Password Cracking Methods Conclusion (2)

Thirdly, crack some commonly used software

Currently, more users understand to use computer software to encrypt some information stored on computer, which makes unauthorized people unable to open the files. Now let’s see some commonly used software password cracking methods:

1. Crack Word document password

Microsoft Office is so famous that the password cracking software against it is much. You only need to download software that aims at cracking Microsoft Office password, and then run it on your computer. This kind of software mostly uses “dictionary” brute-force solution to crack password.

2. Crack Excel documents 

You can find a tool called AdvancedExcel197PasswordRecovery online, which is only 614K and is able to quickly crack password of excel documents. AdvancedExcel197PasswordRecovery needs installation after download. Open the main interface after installation, and open the excel documents that need to decrypt via browse button, choose password length, set password type and click on blue start button. After a while, the program will pop up the prompt menu of document password was cracked. 

3. Crack OICQ password

We use a tool called OICQ Terminator”. The using steps are as below: first set the installation directory of OICQ password Terminator; choose the character set used to search, for example choose the lowercase characters shown on the image, or check all the boxes below the basic settings; and then set password length, but you’re not advised to choose too long; finally, click the “Start ” button to crack OICQ password, now what you need is patience. According to people who used it, the exhaustive speed of OICQPASSOVCR can reach thousands of times per second. If you want to crack 4-5 digits password, it can finish within several minutes.

Fourthly, crack network password

Network is quietly and quickly stepping into our daily life. And as an ordinary network user, people all have a similar concern, namely the network security risks. Therefore, we have to take effective protective measures on personal network activities, such as add passwords. But once we forget the password, our works will be obstructed. Now there’re some network passwords cracking skills:

1. Crack IE Content Advisor password

IE browser provides content advisor feature, which can browse the site. If you forget the password of Content Advisor feature, you can not only access the limited sites but also change the existing restriction level, re-installation of IE is useless. In this situation, you can start the Registry Editor, locate the “HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ policies \ Ratings ” to find a key value named ” KEY “, it is the IE content advisor password the user set (encrypted data), the user only need to delete the key value, the content advisor will be canceled, and then reset the IE content advisor password. 

2. Crack OE password

There are three types of passwords in OE program: email password, newsgroups password and user identification code. Here we take the “password interception” program as an example. This software can be used to crack Web email password, POP3 reception password, FTP login password, and display, save or send the password to specified mailbox. Password interception process: password interception software can save the password (such as dial-up connection, OICQ, IE the password) in password input box into user-defined file in form of clear text; if it fails to intercept passwords, the password file will not exist. 

3. Crack Foxmail password

There are quite a number of users using a simple but powerful tool Foxmail to receive mail. However, due to Foxmail’s own security risks, some people simply create a new account, enter the Foxmail default installation directory, copy the “account.stg” under the new account directory and cover your account file and then the password of the original account will be removed.

Some solutions above may not work with you, as the vulnerabilities of the software and network are repaired when the time goes by. But anyway, the methods of password cracking can only be used to solve administrators’ urgent problems but not to breach other people’s account.

For more information about data security, please visit: www.kakasoft.com

Apr 01

How to avoid failure of network security equipments deployment? (1)

The enterprise network is rapidly developing! Some of the groups began to clean up phone and tablet and refuse the internet connections from coffee shops and train connections (as a WAN link).

The concept of the extended enterprise brings about more and more severe problems to IT security portfolio, because their sensitive data and valuable data frequently flow out of the traditional network boundaries. In order to protect enterprise from the persistent threats of diverse and low-end low-speed adaptability, IT enterprises are deploying various new network security devices: the next generation of firewalls, IDS and IPS devices, security information event management (SIEM) systems and advanced threat detection system. Ideally, these systems will focus on management, following a centralized security policy, as a part of a universal protection strategy.

However, when deploying these devices, some common mistakes in enterprise will seriously affect their ability of universal protection. This article will introduce some problems which should be noted in the planning and deployment of new network security equipment, and how to avoid related problems that may lead to the failure of defense in depth.

A maximum error is assuming that the security device itself is secure. It’s apparently easy to understand, but we must insist on this footing. How secure is the so-called “enhanced” operating system? What’s its latest status? And how secure is hyper stable “Web server”?

Before starting any job, you must create a testing plan to verify all network security devices are really secure. The first is to start from some basic tests: do you timely upgrade, install patches and fix bugs on each device and their supporting network, server and storage infrastructure? In accordance with the currently known vulnerability information clearing-house you must be sure to regularly upgrade and install equipment patch.

Then, turn to aspects that are more difficult to handle: periodically assess potential weaknesses on multiple device configurations. The inappropriate dement sequence of encryption system and application delivery optimization (ADO) will also cause data leakage, even if various devices can operate properly. This process can be carried out in conjunction with penetration test.

For any safety equipment, management/control channel is most prone to have vulnerabilities. Therefore, the most important thing to note is how you need to configure and modify secure devices and who are allowed to carry out these configurations. If you are ready to access the secure system via a Web browser, the security device will run a Web server and allows Web traffic in and out. Are these flows encrypted? Whether it needs to use a standard port? Whether all the devices need to use the same port (so the intruder can easily guess)? Is it accessed by a common network or a separate management network connection? If it belongs to compile the connection, then any host that send traffics through this port may attack this device. If it’s on a managed network, you only need to worry about other devices on the network.

Best scenario is that if you can’t directly access the device, you need to ensure that all configuration changes must use encryption and multi-factor authentication. Moreover, it’s necessary to closely track and control identity information of equipment management to ensure that only authorized users can gain administrative privileges.

For more information about network and computer security information, please visit: www.kakasoft.com

Mar 03

How Does NSA Almost Kill the Internet? (2)

The Silicon Valley is shaking, just like collated damage in the anti-terrorism war. But the things will get worse.

Technology companies don’t know the Prism project until June, they just know there’s a project with several-year history, namely for the national security, providing specific data and information to the government in the case of the absence of an official document. The legal justification of this project comes from a series of legal provisions and expanded addition. The “Foreign Intelligence Security Act” in 1978, referred to as FISA, created a secret court so as to obtain the requested information. Amendment of FISA in 2008 amendments a new part of the law, namely section 702. This amendment gives President Bush the monitoring plan that can be launched completely secretly without written permission. NSA cited the FISA admendment as specific legal basis of prism project. (Except Prism) more secretive surveillance operations are all based on the Executive Order 12333 of Reagan era, this order authorize NSA to collect the various information and data of foreigners who should be focused on.

Some companies seem to thinks that it’s properly to collect customers’ information to the NSA. Verizon has never refused to provide its tens of millions of users’ critical billing information, telephone numbers, call duration and other information for NSA. Because the telecom companies don’t need to promote itself to customers based on trust, customers rarely expect to get something from the monopoly. On catering to consumers and the government, telecom companies seem to give priority to their government regulators.

Compared to telecommunications companies, technology companies are in another situation. Technology Companies’ CEOs have been repeatedly claimed that without customers’ trust, they have no business. They rely on users’ willingness to share information. On the contrary, these users can get better services, while at the same time the customers expect technology companies will ensure their personal information security and safety. Users have no reason to think that their information can be given to the government without the written permission.

At least one company challenged the unconstitutional information request. Yahoo launched a secret battle on FIFA court to resist handing over users’ information. But the fight failed. In August 22, 2008, the court decided to support government means for national security and give procedural safeguards, achieving consistency with the law in some form and exclude user privacy concerns, therewith Yahoo has no place to appeal.

These queries may have violated a number of large technology companies, but it’s not enough to pose a challenge on its business. They weren’t forced to make obvious modification on infrastructure in order to deal with data query. Usually, they passed the data and information to government-owned special equipment.

For some small companies, compliance is not always easy. For example, Lavabit mailbox is a safe start-up company, which allows users including Snowden to encrypt e-mail messages, the government had asked them to hand over the important information that’s involved in Snowden event to government. Lavabit cannot do this, because if it obedient, all the users’ information will be fully exposed to the government which will lead the company closed.

Twitter’s legal counsel Vijaya Gadde said:”The government can request information, but they cannot force you to give information. You can make things easier or simpler.” Google also said that when a request is “very broad”, Google will push it back. These small things indicate a subtle resistance to government inquiries. FISA requires the government to compensate the enterprises that have been retrieved information. Google said they did not want to bother the government to ask for money. But one company said that it used this clause, in the hope of limiting the extent of government requests. The company’s executives said: “Initially, we thought we should not do this for money, but we recognize that this is a good thing, it could force the government to stop and think about it.”

But finally, the financial motivation of cooperation with the government exists.  A senior director of the company said: “Large companies have business with the government, these companies cannot tell government officials: ‘we are fighting against you – can we get the 400 million dollar contract?’ ”

After the shocks of Prism project, individuals and groups begin to enhance the awareness of information and data security, and the data and information protection has been paid more attention. For more information about data security and information protection, you can click here.

Feb 17

Anti-Monitoring Battle is A Protracted War

The outbreak of the American “Prism” makes us know that we are living in a “monitored” era, and this monitoring action is s desecration of free network and absolute violation of the public information security. Monitoring of the information age is different from the traditional monitoring; the traditional monitoring refers to the fact that for some purpose, someone monitors somebody else through video surveillance or other camera recording methods, while the monitoring activity of the information age is equal to data theft, data monitoring or even data control.

Traditional monitoring is mainly caused by the distrust of individuals, businesses, and even government to some certain persons or groups. For the interests of certain groups, this behavior is understandable. But today’s network is a free world, there’s no individual, enterprise or even country that’s allowed to imprison its freedom. Anti-monitoring is the first step to confrontation.

The anti-monitoring battle at information age is actually a protracted war on information security, which needs people to know more about information defend technology, or even take measures to deal with the deteriorating International information security situation.

On the network, a serious network security error people most likely to commit is: Connect the public Wi-Fi and log on to your e –mail, bank account and other sensitive account information. If this situation is unavoidable – after all, you are in most of time in cafes, hotels, airports. You can consider buying a virtual private network; hence you can significantly improve the privacy protection when accessing the public network.

VPN, as an encrypted tunnel, can prevent bad guys from stealing your login information and other sensitive information.

Don’t put personal information in the cloud, and it should be encrypted even you must. The online file synchronization service like Dropbox, Google Drive and SkyDrive can be described as the best innovation of the Internet. However, when you conveniently view the latest photos stored on Dropbox, or easily find relevant text files on iCloud, you need to know that the data you stored on the server’s data is not encrypted.

This means that the relevant government law enforcement officials can readily obtain these data you stored. The hackers can also find security vulnerabilities on server suppliers.

For some sensitive data and information you need to synchronize across devices, the better choice is to use an encrypted cloud storage services. Of course, there is a more simple way- to find a file synchronization service with built-in storage encryption.

To ensure your online service security, you need to set a unique, random, tem or more-character password for every account. Don’t forget store them in a good password manager. For better security, please use the double-factor authentication provided by Google, Facebook and all the other services.

Double-factor authentication requests you in addition to enter the password, also need to enter a short numeric code. This code is usually from a physical FOB or smart phone app.

Dropbox, Evernote, Google, LastPass and Microsoft accounts adopt validators automatic work. And Facebook provides it owm code generator on its social network app, meanwhile, you can add Facebook code validator through Facebook account settings. In Facebook news feed page, click on the gear-shaped setting button on the top-right, and select account settings.

For the files stored in own computer or external storage devices, you mustn’t ignorance their security. They may be stolen or leaked to others even though you set boot password for your computer. To prevent the data stored in local computer and flash drives, you’d better lock files with password so unauthorized users can’t access without permissions.

At Information age, the value of the data will still be rising. As long as the mainstream of this era is still information and the Internet, the scramble for information resource won’t stop, the monitoring and the anti-monitoring won’t stop. In order not to damage their data security, it’s necessary to adopt targeted encryption software to guard the security bottom line.

Dec 30

Please “KISS” in Information Leak Prevention

Einstein led us to have a taste of the simple beauty of the physical world; Steve Jobs was showing us the extraordinary minimalist design. At most of time, only simplicity can reach the essence of things. There is a very important principle in enterprise management-”Keep It Simple, Stupid”, because only simplicity can be accepted by majority and be more widely implemented. Enterprise information leak prevention often make people feel complicated and have no thread, which makes it need KISS principle.

So how to apply the KISS principle to corporate information leak prevention? In current enterprise information leakage protection projects, three aspects that most need simplification are security systems architecture, information using environment and security regulation.

1. Keep the system simple to realize easy operation.

If the security mechanism of enterprises is too cumbersome, employees will find any ways to circumvent them. For a suit of information leak protection system, no matter how powerful it is, it will be invalid if no one uses it.

Some companies will chose a system that stacks different brands of security systems together when purchasing the information leakage protection system. In fact, due to need to run multiple systems, administrators must log in multiple accounts, set policy on multiple platforms, and query data, which make the management more difficult. Coupled with compatibility and other issues, the company’s overall anti-phishing systems become more complex and practicability therefore becomes weaker.

2. Keep the environment clean so as to achieve an orderly control.

If compare a business to a planet, the information are lives on the planet, and the information ecological environment of the enterprise is very poor. For example, randomly placing important files, crossly using various U disks, randomly installation of various software, freely to modify the configuration of your computer, such kind of phenomenon that will harm information abound, which potentially increase the chance of data leakage. Meanwhile this chaotic environment will virtually give employees an expression that “company doesn’t attach importance to information leakage protection”, and gradually eroded employees’ security awareness.

Therefore enterprise information leak prevention can start from information using environment specification, such as to unify the registration and management of mobile storage device to ensure that admin can trace back to the owners of each device, every device usage has its operational records; such as to unify the applications installation and network configuration of external computers via desktop standardization. Clean information using environment can not only improve the enterprise anti- leak coefficient, improve safety awareness of users, but also help to shape corporate professional and trustworthy image.

3. Keep the system simple so as to achieve clear and feasibility.

At the mention of information security system, many people may come to mind is something out of a thick manual and the like, tedious, boring, soporific. Such kind of a system, although it takes a great deal of efforts, but few people like it.

Information security system should not be cold warning or even command, but a humanized communication between enterprise and users. Therefore, companies should take a variety of forms to communicate with employees, and with a reasonable incentive so as to achieve good results.

You may face core assets loss and heavy pressure from market, partners and the public if you don’t prevent information leakage; while you may feel difficult to promote, implement if you decide to prevent the information leakage. Those enterprises that worrying about information leak prevention project had better “KISS”!

For more information about data security and enterprise data leak prevention, please visit: Kakasoft.

Jun 04

Top Hot Ultra-book

In this rapidly developing mobile electronic age, who can firmly grasp hot point, break the convention, who can get caught the attention of consumers? Over most of the year, the direction of development will continue to be variability and touch function. This can already be seen in the last year, capacitive multi-touch screen from the original tablet PCs and smart phones, steps into the ultra book. A number of products have realized the 2-in -1 of tablet computer and ultra book through morphological changes.

Touch-screen laptop should make many changes in products form and design because of the change in interaction, so we see a lot of ultra-book which is able to flip, rotate, slide and even be detachable. The designer emphasizes on how to solve the convenience and safety of touch-screen interaction, which is not be considered before.

Now, I will introduce some types of hot ultra book as below.

LenovoYoga13-IFI

Lenovo Yoga13-IFI (daylight orange)

Operating system

Windows 8

Motherboard chipset

Intel QS77

CPU model

Intel Core i5 3317U

Memory Capacity

4GB

Hard drive capacity

128GB

Hard to describe

SSD Solid State Drive

Screen Size

13.3 inches

Screen Resolution

1600×900

Screen description

Capacitive multi-touch support ten-point touch, IPS wide viewing angle screen

Graphics chip

Intel GMA HD 4000

Webcam

Integrated 1.0 mega pixel camera

Wireless network card

802.11b/g/n wireless protocol

Bluetooth

Support, Bluetooth 4.0 module

Notebook Weight

1540g

Case Description

Sunlight Orange

 

Asus: TAICHI 21

Asus TAICHI 21

Deformation

Dual

Operating system

Windows 8

CPU model

Intel Core i5 3317U

CPU frequency

1.7GHz

Memory Capacity

4GB

Hard drive capacity

256GB

Hard to describe

SSD Solid State Drive

Screen Size

11.6 inches

Aspect Ratio

16:9

Screen Resolution

1920×1080

Screen description

Capacitive multi-touch support ten-point touch, IPS wide viewing angle screen

Graphics chip

Intel GMA HD 4000

Webcam

Integrated 5 megapixel camera

Data interface

2 × USB3.0

Battery Type

Polymer battery, 3500 mA

Notebook Weight

1250g

Shell material

Magnesium alloy

Case Description

Silver

Acer:S7

Acer S7-191-53334G12ass

CPU model

Intel Core i5 3337U

CPU frequency

1.8GHz

The Process

22nm

Memory Capacity

4GB

Hard drive capacity

128GB

Screen Size

11 inches

Screen Resolution

1920×1080

Backlight Technology

Backlit FHD

Screen description

Capacitive multi-touch

Graphics chip

Intel GMA HD 4000

Webcam

Integrated camera

Data interface

2 × USB3.0

Reader

Multi-in-1 card reader

Keyboard Description

Backlit keyboard

Battery Type

4 polymer battery, 4680 mA

Notebook Weight

1248g

Samsung : 700T

Samsung XE700T1C-A01

Operating system

Windows 8 (64bit)

CPU family

Intel Core i5 3-generation family (Ivy Bridge)

CPU model

Intel Core i5 3317U

CPU frequency

1.7GHz

Supreme Turbo

2600MHz

Bus Specifications

DMI 5 GT / s

Memory Capacity

4GB

Memory Type

DDR3

Hard drive capacity

64GB

Screen Size

11.6 inches

Aspect Ratio

16:9

Screen Resolution

1920×1080

Card type

Core Graphics

Graphics chip

Intel GMA HD 4000

Data interface

1 × USB3.0

Video Interface

Mini HDMI

Keyboard Description

Keyboard Dock

Shell material

Composite materials

Case Description

Black

Toshiba : U920t-T06B

Toshiba U920T

Operating system

Windows 8

CPU model

Intel Core i5 3317U

CPU frequency

1.7GHz

Memory Capacity

8GB

Hard drive capacity

256GB

Hard to describe

SSD Solid State Drive

Screen Size

12.5 inches

Screen Resolution

1366×768

Card type

Core Graphics

Graphics chip

Intel GMA HD 4000

Bluetooth

Support, Bluetooth 4.0 module

Data interface

USB2.0 + USB3.0

Video Interface

HDMI

Notebook Weight

1520g

 Lenovo :ThinkPad S230U

Lenovo ThinkPad S230u Twist (33473QC)

Operating system

Windows 8 Professional edition 64bit (64 of professional edition)

CPU model

Intel Core i5 3317U

CPU frequency

1.7GHz

Memory Capacity

4GB

Hard drive capacity

24GB +500 GB

Hard to describe

Hybrid hard drives (SSD +7200 rpm HDD)

Screen Size

12.5 inches

Aspect Ratio

16:9

Screen Resolution

1366×768

Screen description

Capacitive multi-touch, support for five-point touch, IPS wide viewing angle screen

Graphics chip

Intel GMA HD 4000

Data interface

2 × USB3.0

Video Interface

Mini HDMI, Mini DisplayPort

Notebook Weight

1580g

Sony : Duo 11

Sony D11217CCB (Metallic Grey)

Operating system

Simplified Chinese version of Windows 8

CPU model

Intel Core i3 3217U

CPU frequency

1.8GHz

Memory Capacity

4GB

Hard drive capacity

128GB

Hard to describe

SSD Solid State Drive

Screen Size

11.6 inches

Aspect Ratio

16:9

Screen Resolution

1920×1080

Backlight Technology

Backlit FHD

Graphics chip

Intel GMA HD 4000

Bluetooth

Support, Bluetooth 4.0 module

Data interface

2 × USB3.0 (one powered USB powered common interface)

Video Interface

HDMI

Notebook Weight

1305g

Thickness

17.85mm

Shell material

Magnesium alloy

Dell : XPS 12

Dell XPS 12 (XPS12D-1508)

CPU model

Intel Core i5 3317U

CPU frequency

1.7GHz

Memory Capacity

4GB

Hard drive capacity

128GB

Hard to describe

SSD Solid State Drive

Screen Size

12.5 inches

Aspect Ratio

16:9

Screen description

Capacitive multi-touch

Card type

Core Graphics

Graphics chip

Intel GMA HD 4000

Webcam

Integrated 1.3 megapixel camera

Audio System

Built-in audio chip

Speaker

Built-in speaker

Microphone

Built-in microphone

Wireless network card

Intel 6235 AGN

Bluetooth

Support, Bluetooth 3.0 module

Data interface

2 × USB3.0 (one powered USB powered common interface)

Video Interface

Mini DisplayPort

Audio Interface

Headphone / microphone combo interface

Other interfaces

RJ45 (network interface), power connector

Pointing device

Glass touchpad

Keyboard Description

Anti-leakage keyboard, backlit keyboard, full-size keyboard

Notebook Weight

1520g

Length

317mm

Width

215mm

Thickness

15-20mm

Shell material

Magnesium alloy

Case Description

Gray

 

As the rapid development of computer, we have to recognize that computer has become one important part of man’s life. We use it for work, entertainment, and living, we may take it as transfer media, storage devices, etc., and meanwhile, we should pay more attention to our information security in computer. You’d better lock files/folders to prevent someone else will access and view your sensitive and confidential data and information without your permission. 

May 27

How Much Do You Know About BYOD?

According to a new study of Cisco system inc., the so-called BYOD (Bring Your Own Device) policy saves cost for enterprise, while, at the same time, it increases the burden of employees.

Cisco’s report indicated, for the company that have high requirement of BYOD, they can save $1300 per year on each users. For users, they will take more money out of their own pocket.

This survey launched in six countries for 2,415 users reveals that after adopting the policy of BYOD, the average spending of per person on equipment is $965, and the data package fee of $ 734 will be paid per year.

The survey displays, employees bring their own device is happier than before, and perform a significant progress in efficiency. In American, staffs BYOD will shorten their working time of 81minutes per week, more than 70 hours a year.

However, this policy is not applicable for all countries, BYOD will produce negative impacts, for example, it will increase the difficulty of management and distract employees so as to reduce the working efficiency.

As for specific products, 81% BYOD staffs said they use the intelligence gathering, 56% said they would carry their tablet, 37% staffs carried laptop.

The report shows, the number of BYOD staffs is expected to increase to 406 million by 2016. At that time, this kind of employees in China will reach to 166 million, 106 million in U.S.A, and 76 million in India. At present, American has the largest number of BYOD staffs in the world.

We should be alert, the expansion of this policy will put our laptop and tablet into totally open environment, that’s to say, the private data and information stored in the device may be visited by others. If you don’t want your private information accessed by unauthorized person, you’d better take security measures to protect them, for example, you can password protect the folders and files on your computer.

 

With the help of folder protector, the data and information in your computer will be under encryption, so you can protect your private and confidential data from invasion and being stolen as well as enjoy your working time with your own devices.

May 20

Lenovo Want to Be Flourished in Table PC Market

In the morning on May 20(Beijing time), Liu Jun, senior vice-president of Lenovo group, president of Lenovo business group, discloses the development strategy of business of Lenovo smart phone, tablet computer and smart TV. Liu Jun said, Lenovo will be flourished in the areas of the tablet computer, and have confidence to fulfill the goals of the 100 million Lenovo brand terminal shipments.

Liu Jun, said the market of tablet computer will be splendid instead of being dominated by any one product. He further revealed that Lenovo will not only launch products covering high, middle, low price level, but also launch a new type of tablet computer in the second half of this year.

In the Lenovo internal staff meeting held in April this year, Liu Jun, as the president of Lenovo business group, came up with a rather challenging performance target: 100 million shipments of the Lenovo brand terminal this year. This number is twice that of last year.

As for this performance target, Liu Jun admitted is very challenging, but it is very possible. He said there are about forty million sets of one hundred million devices are PCs, and as PC products have deformed evolutionally, Lenovo will further expand the market share.

Market research firm Canalys published the intelligent terminal market of the first quarter of 2013, with quarterly 15.3 million shipments; Lenovo is ranked third in the world, next to Samsung and Apple. Liu Jun didn’t want to comment on this number, but emphasized the company’s shipments in the first quarter conforms to the plans.

Just like the radio displaces the newspaper, the TV displaces the radio; the computer tends to gradually displace the TV. People around the world prone to use the computer for entertainment, working and life. So people in industry of PC producing are nowadays trying to optimize computer so that it will be more convenient for people and more useful for life. Therefore, PC will be not only a tool to communication, work, entertainment, etc., it will penetrate into the whole society and life of human beings. We will open ourselves to the world through PC, and let others in the world know more about not only you yourself but also the environment around you, your relatives and friends and every detail of you. When you enjoy the world PC bring about for you, you should be aware of the potential threats the open world bring back to you.

As most people will store their private and confidential information in their PC and always they lack the awareness of data security for they think PC is safe enough. In fact, data and information will easily be lost and stolen when they are stored in computer without any protection. In order to prevent data from hackers and malware, you should apply a type of file encryption software to encrypt your files/folders so that they will not be breached by unauthorized access even though someone else enter your PC. Locking files will be helpful for you to avoid financial and reputational loss caused by data leakage

May 13

Count Ten Brands of Storage Devices

Not long ago, storage appliance was still a new concept. Now, there are hundreds of storage appliance products in market. According to Gartern’s statistics, the only market of backup devices will achieve 19% yearly growth before 2016.

And then I will introduce ten types of storage devices below.

Data Domain DD160

EMC Data Domain sells various data de-duplication devices. Data Domain DD160 is the entry-level product which can meet customers’ need of data protection on a unified platform. It supports most back-up and archival applications and it integrates with EMC Avamar and EMC Networker. Increasing another remote DD160 will provide your disaster recovery with remote copy function based on the Internet.

EVault

Evault provides EVault Plug-n-Protect Appliance and EVault Express Recovery Appliance series back-up and recovery products. They contain default hardware, store and software, which is designed for data protection of cloud connection. EVault Plug-n-Protect has the cloud copy function, while EVault Express Recovery Appliance is able to speed up data recovery by keeping local data cache for data backup.

The price of EVault Plug-n-Protect is between $17,995 to $10,995.

Asigra Cloud Backup Connector Appliance

It is based on Cisco Integrated Service Router Generation 2 and is equipped with Asigra software under private, public and composite backup environment. This equipment will enable users to protect all company data on local LAN or backup all the data to data center of ISP.

 

The quotation of Asigra Cloud Connector starts at $2695.

Astute ViSX

Astute ViSX series are based on Performance Storage Appliancesof SSD. It offers storage I/O speedup, this function will be applied to the existing storage system. It start at $32,000

Gridstore

Grid from Gridstore enables you to increase storage block based on requirement. It virtualizes storage stack and distribute it in a grid based on network. It can also optimize workload by virtual controller. These controllers can well adjust every I/O requirement of virtualized or non-virtualized workload.

 

HP StoreOnce 2600

HP StoreOnce Backup provices joint data de-duplication function, which is available in small branch offices as well as large DR recovery site. This product contains several series, in which 2000 series is entry-level product. The quotation of StoreOnce 2600 starts at $10,000.

Avere FXT 3800

Avere FXT 3800 is a compound edge file system device. It can automatically have layers in memory, SSD, SAS and SATA. Data block will be distributed based on data active level. It can be clustered into other FXT Edge file system device, and be extended up to 50 node. It starts at $112,500.

 Sepaton S2100-ES3

With configuration of version 7.0 software, Sepaton S2100-ES3 Backup and Recovery Appliance PBBA contains 8Gb/sec fiber channel、1Gb/s Ethernet and 10Gb/s Ethernet connections. It can absorb data with speed of 80TB/h. It is configured with calendar data storage array, which can encrypt data during idle time and de-duplication. The price of it starts at $355,000, and the encryption of it needs individual authorities.

Pivot3 HC-3 Healthcare Validated VDI

Combined with VMware、Teradici、Samsung and Imprivata, Pivot3 provides medical sevice providers with VDI based on equipment. It integrates all storage and sever hardware, desktop virtualization software, license management software and endpoints in device mode. Every Pivot3 VDI device supports up to 125 desktop.

Silver Peak Virtual Appliance.

Silver Peak VRX-2、VRX-4 and VRX-8virtual devices provide data acceleration function to speed up the process of copy. They adopt Virtual Acceleration Open Architecture of Silver Peak to solve the problems of WAN and quality. This software runs on the standard virtual machine manager which includes VMware、 vSphere、MS、Hyper-V、Citrix XenServer and KVM。

The price of entry-level product, VRX-2 with the configuration of 60GB/h and remote copy function, is $2,764 per year.

 

With rapid development of storage devices, we should also pay more attention and efforts to file encryption to protect the important or even confidential data and information from stealing and breaching.

Apr 22

A Ban is Not a Proper Solution to USB Leakage

Since April, 2011, Wikileaks has published hundreds of thousands of military documents about the wars in Iraq and Afghanistan. After a investigation by U.S. military, the leakage of these files are caused by the leakage of USB flash disk of former U.S. intelligence analyst in Iraq.

According to CNN reported on Dec.13, 2011, since there was no better leak prevention techniques, the commander of U.S. air force network division, Richard webb major general would publish network control orders that the army should be forbidden to use USB removable storage media ,offenders would be court-martialed. It’s reported the other services also received a similar command, it’s also said that this action the army took aimed at preventing the recurrence of military secrets by websites such as Wikileaks. In fact, as early as the end of 2008, in order to prevent the spread of the virus, the U.S. had banned removable storage media, as the ban had brought a lot of troubles to the military data transmission, in February 2010, the ban was canceled, then resulting in a lot of confidential documents by Wikileaks, in this situation, American army had to ordered the army to ban the use of portable storage media once again.

In information age, removable storage devices have become an indispensable part of people’s life.USB flash devices, as one of the most convenient storage tools, have played an important role in people’s life, study and work. Perhaps it’s the excessive dependence that makes USB flash devices a way of data leakage. However, the action of forbidding the use of USB flash devices, alone, is not enough.

As for how to solve the problem of data leakage, we should change the thinking way. Since USB devices have become our necessities, that what we should do is how to use anti-leakage technology to prevent the problem happening, rather than banning the use of USB devices to block the way of transmission of information. That’s to say, what we shall consider is how to use USB flash drive encryption to protect USB disk security.

Nowadays, many people have been aware of the problem of data leakage, and some solutions have accordingly come into being to tackle it, such as USB security software.

U.S. army told us that the information security should avoid the misunderstanding of heavy technology, light management, and build a solid defensive line by strengthening the management of information security on the basis of necessary technical measures. In addition, notice to enhance education of information security for personnel to improve the awareness of information security.