Four questions for the week ahead in security
Here's what I'm pondering for the week ahead.
1. When are those Mac patches coming? We have Macworld next week and while everyone is looking at those cool ultra portable notebooks don't be surprised if Apple launches a software update. With any luck Apple can address the latest QuickTime flaw. Who will notice? Nobody really. After all, we'll be too mesmerized by Steve Jobs's performance.
2. Is a quarterly patch schedule better? Oracle served notice that it had 27 fixes in the works. Those puppies land on Jan. 15. Oracle's patch schedule is quarterly. Is that necessarily easier to implement?
3. Can the ScanAlert business model work if trust erodes? Earlier this week news surfaced that Geeks.com, which sports the HackerSafe logo, was hacked. If there are similar incidents will businesses pay McAfee's ScanAlert to audit their sites?
4. What are the real implications of REAL ID? The Department of Homeland Security today announced its final rules for the REAL ID program, which is supposed to deter drivers' license fraud. From the DHS statement:REAL ID will address document fraud by setting specific requirements that states must adopt for compliance, to include: (1) information and security features that must be incorporated into each card; (2) proof of the identity and U.S. citizenship or legal status of an applicant; (3) verification of the source documents provided by an applicant; and (4) security standards for the offices that issue licenses and identification cards.
Is this better fraud deterrence or any easier way to track me?