Avivah Litan

A member of the Gartner Blog Network

Archives for March, 2012


New credit card data breach revealed

by Avivah Litan  |  March 30, 2012  |  140 Comments

Just when we thought the big credit card data breaches were over, at least for a while (with Alberto Gonzalez put away after his scams at TJX, Heartland Payments and others) – along comes a new one reported today in www.Krebsonsecurity.com. See KrebsOnSecurity.com Visa and MasterCard have already issued warnings on this. I’ve spoken with [...]

140 Comments »

Category: Uncategorized     Tags:

U.S. Credit reports and Knowlege Based Authentication Compromised

by Avivah Litan  |  March 27, 2012  |  2 Comments

I just read with interest Bob Sullivan’s latest blog http://redtape.msnbc.msn.com/_news/2012/03/26/10875023-exclusive-hackers-turn-credit-report-websites-against-consumers. If you ask me it’s time to seriously rethink knowledge based authentication based on data held by the credit bureaus and other public data aggregators. (It’s also time to rethink KBA just based on the relatively high failure rates – as much as 10% after [...]

2 Comments »

Category: Uncategorized     Tags:

Apple’s rejection of UDIDs will drive adoption of alternatives

by Avivah Litan  |  March 26, 2012  |  1 Comment

Apple’s rejection of applications that access the iPhone or iPad unique identification number, UDID, will only drive adoption of alternative measures. There are plenty around – not that they are as strong and absolute as the UDID, but they are, in many circumstances, ‘almost as good.’ These identifiers include other hardware IDs like the MAC [...]

1 Comment »

Category: Uncategorized     Tags:

Stuxnet still in the wild – Security researchers taking it apart

by Avivah Litan  |  March 9, 2012  |  2 Comments

This may be old news to many of you but I just learned that Stuxnet is still very much alive and well, and spreading around. As you know, it was used to interfere and potentially damage closed systems in Iran’s nuclear facilities. Apparently, it can be leveraged to damage lots of other closed systems, like [...]

2 Comments »

Category: Uncategorized     Tags:

Takeaways from the National Press Club Awards Dinner – the Internet is Insecure

by Avivah Litan  |  March 8, 2012  |  Comments Off

I was excited to go to the National Press Club Awards Dinner last night and found the evening very inspiring, thought provoking and educational. A few highlights: a) a 24 year old reporter at a small town newspaper, the Patriot Ledger, (the editor made jokes saying the national media considered them microscopic with just 19 [...]

Comments Off

Category: Uncategorized     Tags:

Something smells foul with Medicare Fraud and Misuse Detection project

by Avivah Litan  |  March 3, 2012  |  4 Comments

On February 23rd, the Associated Press reported that months after the Summer 2011 launch of a $77 million computer system to detect Medicare fraud, only one suspicious payment worth $7591 had been stopped by Christmas. See: http://www.cbsnews.com/8301-501363_162-57383858/apnewsbreak-anti-fraud-effort-disappoints/ After hearing about all the studies that have found hundreds of millions and even billions of fraud and [...]

4 Comments »

Category: Uncategorized     Tags: