What is the most secure way to authenticate electronic data? Until recently,
many technical people would have answered ‘cryptographic keys' without
blinking. But recent headline events - and a ‘biggie' last year - have
raised serious doubts about the ability of cryptographic keys to protect
vital government and corporate data.
Here are two examples from February that should make CIOs, CTOs and CSOs
tremble in their boardrooms: McAfee revoking keys for signing apps on the
Apple store; and stolen keys from Bit9 being used to sign malware.
In the McAfee case, a McAfee administrator revoked (by mistake) the digital
key for certifying desktop apps that run on Apple's OS X, thereby creating
serious problems for customers who wanted to install or upgrade Mac antivirus
The original Arstechnica article (McAfee revoking keys) noted that the
administrator intended ... (more)
Finally, a low-cost cloud-based QA testing tool hits the market. After an
extensive beta program by software testers at 500 companies from 23
countries, QASymphony announced general availability of qTest, a cloud-based
enterprise test management solution.
The testing tool is aimed at small and growing QA teams looking to escape the
heavy lifting and expense required from enterprise-focused systems such as HP
Its vendor claims qTest is on par with large enterprise systems, yet unlike
those heavyweights the platform's SaaS subscription model makes it a low-risk