Opportunistic TLS and MessageLabs

Back in February 2008, I suggested to the Sendmail admins that we look into opportunistic TLS.   Like all encryption there is a performance hit.   Unlike S/MIME or PGP the encryption is only during transit between links.   Additionally there is no guarantee that all links will be encrypted.   Hence the word opportunistic.   While you don’t want to …

Continue reading ‘Opportunistic TLS and MessageLabs’ »

That’s Not from the Copier

A lot of copiers now have the ability to scan documents and email the result as a PDF. I’ve never quite understood why people don’t take the time to change the default subject line. On a Xerox it is something like “Scan from a Xerox WorkCentre” to something a bit more descriptive. Worse yet, I’ve …

Continue reading ‘That’s Not from the Copier’ »

Symantec buys PGP and GuardianEdge

I’ve been waiting for Symantec to buy GuardianEdge ever since they started selling a rebranded GuardianEdge encryption product. It seems every other endpoint security company bought a dancing partner over the past year or two and Symantec was merely renting. When Symantec bought MessageLabs, I was very concerned. I like MessageLabs and was afraid of …

Continue reading ‘Symantec buys PGP and GuardianEdge’ »

Zscaler protects against IE Zero Day

On Tuesday, as seems to be the custom, Microsoft released patches and announced a new zero day in Internet Explorer. MSKB 981374 is a remote code execution in IE6 and IE7. Who know that being on IE5 could ever be a good thing. The KB says Microsoft released details to venders in their Microsoft Active …

Continue reading ‘Zscaler protects against IE Zero Day’ »

Email Security

Last Friday Purewire blogged about a fake Microsoft Outlook update that one of their employees received via email. Typically when a security company blogs about an email virus they’ve seen in the wild, it clear that its something the research team found, or something that got through to a home address or to their wife’s …

Continue reading ‘Email Security’ »

Barracuda’s Purchase of Purewire

The 451 Group has a blog entry on the Barracuda’s purchase of Purewire. I am currently evaluating Purewire. This article had some tidbits I hadn’t seen in other analysis. I had noted that the Security as a Service webspace was getting a bit crowded. ScanSafe as this article notes is the granddaddy of them all. …

Continue reading ‘Barracuda’s Purchase of Purewire’ »

MessageLabs Adds Public IM Security Service

This is interesting. After I wondered yesterday about the applicability of IM security products that ignore social networks, MessageLabs announced the launch of a new public IM security service. The solution does not address any of the problems I mentioned. The press release mentions AOL’s AIM, Yahoo! Mail and Microsoft MSN, but does not mention …

Continue reading ‘MessageLabs Adds Public IM Security Service’ »

MessageLabs HTTP Security Webcast

I watched a MessageLabs HTTP Security Webcast earlier today. I have evaled their product both when they were reselling Scansafe and once since they implemented their own solution. As anyone reading this site already knows, there was a big uptick in malware served by legitimate sites at the end of 2008. SQL injection and other …

Continue reading ‘MessageLabs HTTP Security Webcast’ »

Can MessageLabs improve Symantec Antivirus

I rescued an old comment from Akismet (the spam filter I’m using on the blog) because it asked a interesting question. How can Symantec’s acquisition of MessageLabs improve their desktop antivirus. My first reaction to this is that MessageLabs Antivirus can’t be duplicated at the desktop. They use multiple antivirus engines in addition to their …

Continue reading ‘Can MessageLabs improve Symantec Antivirus’ »

Symantec buys MessageLabs

Symantec buys MessageLabs the leader in email security. Press release is here. I was just talking to my old sales rep last week about ML on the market. It seemed to me that MessageLabs sold its ISP Star to make it easier to sell itself. There is some good things here. Both Symantec and MessageLabs …

Continue reading ‘Symantec buys MessageLabs’ »