EMC/RSA "SecurID" Compromised, Lockheed Martin Hacked

Have you seen those key fobs that display a new pseudo-random series of numeric digits every minute or so? To log onto a network or system you have to enter the current set of digits plus your regular credentials (user ID and password), typically.

Unfortunately a group of unknown hackers, possibly a group sponsored by a government, broke into EMC's RSA division and figured out how to duplicate those key fobs, in effect. Then the same group (perhaps) broke into Lockheed Martin, the leading U.S. defense contractor.

It's not clear what sensitive information was taken, and Lockheed Martin isn't saying. However, it's possible the invaders were able to find details about future weapons systems along with operational information about current military deployments in Afghanistan and Iraq, among other places.

I might have more to say in a subsequent post about mainframes, mainframe security systems, and their important role in "defense in depth" — a role which some businesses and governments are not exploiting to full advantage.

UPDATE: RSA has confirmed that SecurID has been compromised.

by Timothy Sipples May 28, 2011 in Security
Permalink | Comments (1) | TrackBack (0)

Sony Needs a Mainframe (Update: Starbucks Singapore, Too)

Sony's Playstation Network, Sony Entertainment Japan, Sony Music Greece, and Sony Ericsson Canada have all been hacked.

UPDATE #1: Skype... er, Microsoft... needs a mainframe, too.

UPDATE #2: Starbucks needs a mainframe, at least in Singapore. I tried to use my Starbucks card to pay for my coffee this morning, but the barista informed me that "the servers are down in Singapore." So Starbucks cards don't work reliably at Starbucks.

UPDATE #3: Sony still needs a mainframe. Sony Pictures has also been hacked. Meanwhile, Starbucks Singapore still needs a mainframe, too. Starbucks Singapore is accepting its own cards once again after days offline. But Starbucks won't accept Singapore-issued cards outside Singapore nor even at Singapore Changi Airport Starbucks locations. Anybody know why I should allocate precious wallet space to a Starbucks Singapore card?

by Timothy Sipples May 25, 2011 in Business Continuity, Security
Permalink | Comments (1) | TrackBack (0)

Reports of Oracle's New Hardware Maintenance Terms

I have been reading in the trade press that Sun customers are not happy with Oracle's acquisition because they're seeing sharp increases in support costs. Now I'm getting more details from readers detailing the problems. For example, Sun's hardware maintenance was available but selectable per machine, as with nearly every hardware vendor's practice (including IBM's). That is, you could choose specific machines for 24 hour coverage, for business hours coverage, and for zero coverage. That makes sense: some machines are more critical than others, and you could pay for whatever maintenance coverage you need per machine serial number.

In contrast, Oracle thinks that hardware maintenance should be like software maintenance: all or nothing. If you want 24 hour coverage, you have to buy it for every Oracle (Sun) machine you own in your entire organization. And the maintenance price per machine isn't any lower. If anything, it's higher after Oracle's acquisition of Sun. Maintenance price increases might be more tolerable if Oracle had better support than Sun, but that's certainly not true.

Oracle's strategy seems to be to extract as much revenue as possible from Sun customers as they exit the platform. I suppose that's one way to run a business, but, fortunately, Sun customers have alternatives, including IBM Power and zEnterprise servers.

by Timothy Sipples May 22, 2011 in Economics, Systems Technology
Permalink | Comments (0) | TrackBack (0)

Microsoft Overpays for Skype?

Microsoft is paying $8.5 billion to acquire Skype, the voice and video chat service. Plenty of investors and analysts, including The New York Times, think Microsoft is overpaying. I tend to agree. That's an extraordinary amount of money, and it's also hard for me to see how Microsoft recoups its investment.

If you think about computing at the most basic level, there are only three dimensions: processing (CPU), storage (memory, disk, etc.), and input/output (networking, communications, etc.) It's a historical accident, really, that the price of processing and storage collapsed earlier and faster than the price of global networking. Skype is a byproduct of the collapse in networking costs. What used to be extremely expensive -- a long distance call between, say, New York and Istanbul -- is now almost free. Skype competes against the classic telephone networks which were (and in some cases still are) national monopolies. A few countries have tried to ban Skype in a futile attempt to protect those monopoly rents.

The asymmetric price collapse in these three dimensions of computing helped foster the PC revolution, "client/server" computing, and similar styles of computing. The motivation was simple: processing (especially) and storage were very cheap, and networking was very expensive, so why not deploy those two computing dimensions everywhere and de-centralize? And that cost-driven pattern caused many people to question the whole premise of mainframe computing, in particular. With more years of hindsight, though, we now know better.

If you can capitalize on and, better yet, lead a rapid change in economics, shaking up an entire industry, that's a great business to be in while the adjustment happens. However, is Skype "sticky"? Do consumers find Skype essential? I don't think so. Google Voice and Chat, Yahoo! Messenger, Apple FaceTime, Fring, Lotus Sametime (now available for System z), and scores of other services offer the same or better options. As I write this blog entry, I'm listening to a colleague in Russia talk with a colleague in Australia, and I'm not using Skype, but I am using voice over IP. Therein lies the problem: it's easy for somebody else to enter the same market.

Another problem is that most people still buy mobile carrier-subsidized handsets. Microsoft has been trying to break into the mobile device market with Windows Phone and inked a big deal with Nokia. Microsoft is openly talking about putting Skype in every Windows Phone device. That's fine technically, but the mobile carriers will hate the idea and will be extremely resistant to distributing Windows Phone mobile devices. Maybe the mobile carriers are fighting a losing battle, but that battle isn't over yet, and Microsoft has an investment to recoup.

by Timothy Sipples May 11, 2011 in Current Affairs, Economics
Permalink | Comments (3) | TrackBack (0)

The postings on this site are our own and don’t necessarily represent the positions, strategies or opinions of our employers.
© Copyright 2005 the respective authors of the Mainframe Weblog.