HNS MAIN FEED
Tuesday, 17:48 EST
- OpenDNSSEC 1.0.0 released
- Microsoft releases giant patch collection
- 81% percent of e-mail links to malware
- Unaware of the dangers, most teens share personal info online
- Data harvested from Facebook used in boiler room scams
- A closer look at USB Secure 1.3.0
- Safety tips for online dating
- Researcher hacks security encryption chip found on millions of PCs
- Is authenticated XSS a problem?
- Online shopping safety: Consumers hold retailers responsible
- Seagate ships the Savvio 10K.4 hard drive
- Political hacktivism and the exploitation of tragedies is on the rise
Interview with Vladimir Katalov, CEO of ElcomSoft
Vladimir Katalov is working in ElcomSoft from the very beginning. He created the first program the password recovery software line has started from: Advanced ZIP Password Recovery.
Now he coordinates the software development process inside the company and develops strategic plans for future versions.
What do you see as the biggest security threats today?
It is definitely a human factor. There are a lot of technical measures today: you can install the words' best firewall, antivirus, anti-spyware; implement an extremely good security policy; provide a few complex levels of authentication to protect your critical data -- and still do not get the appropriate security level simply because the human nature remains the same, most of today's attacks are still based just on that.
What is, in your opinion, the biggest challenge in protecting sensitive information at the enterprise level?
The balance between security, privacy and convenience. You can get only two of three, but not all together -- e.g. security and privacy, but such solution will not be convenient. Or you can trade the privacy for security plus convenience. Finally, privacy plus convenience usually means no or bad security.
In your opinion, how important are passwords in the overall security architecture?
Extremely important. Of course, there are a lot of other solutions such as smart cards, biometric etc, but passwords is the most convenient and so widely-used type of authentication in most systems and applications. The intruiders always attack the "weakest link", and that could be just one weak password for the minor rarely-used program you did not care about because you thought it is not so important.
According to recent case studies, 75% of people use the same, single password for all applications they work with -- which means that bad guys can get it easily, for example, from email client on instant messaging program, and gain access to all your data, even those that you though is unbreakable (such as PGP).
What challenges do you face in the marketplace? What do you see as your advantages?
1 | 2 | Next page >>
- A closer look at USB Secure 1.3.0
- Is authenticated XSS a problem?
- A closer look at File Encryption XP 1.5
- Corporations should follow the goverment's lead on attribution of cyberattacks
- IDS legacy is institutionalized failure
