Common security solutions unable to prevent data theft
Posted on 09 November 2006.
Widely used data security solutions have been found useless against several methods of data theft, according to tests conducted by Innersafe Corporation. Types of data exposed included those useful for fraud, identity theft, phishing, or spamming. And, like tampered votes in certain electronic voting machines, data theft can remain undetected after it happens.

Disk encryption cannot prevent theft while the disk is used, if simply copying or uploading files create unprotected copies. Imagine a jewelry store locking up at night, while freely giving away diamonds to all visitors during the day. Users deserve better security

In one test, a text editor exposed protected data on a PC running disk encryption, firewall, antivirus, and antispyware. Exposed data included password-protected private records used by Palm Desktop, a PC application bundled with smartphones such as Palm Treo 650, Treo 680, and Treo 700p.

"Data theft from a PC is surprisingly easy. Password recovery programs can instantly unlock files protected by software such as Microsoft Outlook 2003," said Richard Amacker, Founder and CEO of Innersafe Corporation.

Disk encryption scrambles data on the disk so it cannot be unscrambled without a secret code such as a password. However, the test revealed security gaps with disk encryption solutions.

"Disk encryption cannot prevent theft while the disk is used, if simply copying or uploading files create unprotected copies. Imagine a jewelry store locking up at night, while freely giving away diamonds to all visitors during the day. Users deserve better security," said Richard Amacker.

Other solutions, like file encryption, can protect files that might get copied or uploaded. However, analysis by Innersafe also found multiple security gaps with file encryption solutions because they required files to be decrypted to disk. File content can remain on disk because overwriting files can be an illusion on PC hard drives or wear-leveling thumb drives.

Hacked PCs are estimated to send billions of spam emails each day, but it is unknown how much personal data is stolen from them. In one case, three men arrested for data theft and fraud created a botnet with over 1.5 million hacked PCs.

Innersafe is expected to announce patent pending solutions to close security gaps not addressed by disk encryption, file encryption, and other common security solutions.





Spotlight

IoT devices are filled with security flaws, researchers warn

Posted on 30 July 2014.  |  We are living in an increasingly interconnected world, and the so-called Internet of Things is our (inescapable) future. But how safe will we, our possessions and our information be as these wired and interconnected devices begin to permeate our lives?


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Jul 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //