News Stay informed about the latest enterprise technology news and product updates.

Security Bytes: Eudora's new approach to phish scams; CA World postponed

In other news, judge dismisses case against keylogging whistleblower.

Eudora deters phishing with new 'Scamwatch' tool
The newest version of Eudora e-mail includes ScamWatch, which analyzes Web links embedded in e-mail messages to warn users when they don't match hostnames. Such discrepancies in IP addresses could signal the e-mail is a fake used to con people into giving up sensitive data later used to clean out their accounts. "Ultimately, what we're trying to do is preventing the click," explains Bill Ganon, vice president of the Eudora Product Group. Eudora 6.2, released this month, also incorporates OpenSSL for added security, believing the open standard provides greater compatibility and easier negotiations when e-mails are authenticated.

Though its customer base includes such diverse enterprises as NASA, The New York Times and major universities like Harvard and Yale, Eudora has never seriously threatened market rivals Microsoft's Outlook, Exchange or Lotus Notes, which combined can be found on more than 90% of all desktops. Not being the 800-pound gorilla has its advantages, since Eudora isn't a favorite target for virus writers. But the e-mail program, bought by wireless giant Qualcomm Inc. 12 years ago, also has made itself less attractive to attackers by disallowing HTML tags that allow automatic execution of code. It also automatically turns off auto-scripting by default and uses a different file extension for address book files to prevent address harvesting. "We may fall to a more conservative scheme, but we also aren't making the headlines. So it's probably a good thing," Ganon said.

CA postpones CA World, hires new CEO
Islandia, N.Y.-based Computer Associates International Inc. canceled its annual user conference, CA World, in April "to redefine this very important, flagship program," according to a news release. The software giant, which has aggressively promoted its eTrust security product lines in recent years, still intends to hold is executive-focused User Group President meeting in April, as planned. For others, CA plans to add more regional events to keep users informed on the latest business and technology issues.

The company also announced last week that IBM veteran John Swainson, 50, would be its next CEO, placing Sanjay Kumar, who left amid the financial scandal and is now under indictment following federal probes into bookkeeping irregularities when Kumar was president of the company. Last month the company agreed to pay a $225 million fine to the U.S. Justice Department. Swainson, who headed IBM's software sales until now, is the first outsider to run Computer Associates. Kumar had inherited the job from his mentor, Charles Wang, a co-founder of the company.

Keylogging case thrown out on technicality
A Los Angeles judge last week dismissed criminal charges against a whistleblower who installed a keystroke logger on a secretary's computer to help attorneys gather incriminating evidence against employer Bristol West Insurance Group. A district court judge ruled that the device "KEYKatcher" did not violate federal wiretap laws. Prosecutors maintained former claims adjuster Larry Ropp's use of the tool, which he bought off the Internet, fell under the federal statutes because the PC under surveillance was hooked up to the company's nationwide network and was used to exchange e-mail, according to published reports. Instead, Judge Gary Feess called Ropp's actions "a gross invasion of privacy" that fell short of the federal Wiretap Act. Ropp earlier said he installed the keylogger to help consumer attorneys prove Bristol West Insurance Group engaged in improper actions.

Dig Deeper on Email and Messaging Threats-Information Security Threats

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.