By DCarmody -

In the wake of the 2010 Wikileaks controversy, the United States Congress ordered the Office of the Director of National Intelligence to conduct an audit of all the security clearances granted by the US Government.   The results were surprising to some.  A total of 4.2 million people – which the Washington Post notes “rivals the population of metropolitan Washington” – have active security clearances to access government-classified data.

Although we’re just learning of this report, the numbers are dated to October 2010, which means this number has most likely grown over the past 11 months.  It also dwarfs some experts’ expected numbers, raising some concerns about the security of our nation’s important data.

Others don’t think this number is high – and argue that it is a result of increased Government secrecy in the recent years.  Additionally, figuring all military personnel and the entire workforces of the FBI and CIA agencies will have some level of clearance, the number seems much more palatable.

Regardless of the number, the security of our government’s most important and sensitive data should be very closely monitored. As technology has made accessing data exponentially more efficient and immediate, the safety and security of the transfer and storage of this sensitive data should be of top priority.

Read the full article and comments favoring both sides over at the Huffington Post: http://www.huffingtonpost.com/2011/09/20/security-clearances-government-classified-information_n_972492.html

By ADuch -

Have you ever accidentally mistyped a recipient’s email address and sent information to the wrong person? If so, you may want to double check what you send and to whom you’re sending it to.

In a recent post on gizmodo.com, two researchers were able to grab 20 gigabytes worth of data from Fortune 500 companies in a span of six months. The researchers set up doppelganger domains to mimic legitimate domains that belonged to Fortune 500 companies. Doppelganger domains are domains that are spelled almost identically to legitimate domains. Therefore, users are vulnerable to email interception when they mistype a recipient’s email address.

To test the vulnerability of a few Fortune 500 firms, the researchers set up 30 doppelganger accounts to see what they would come up with. To their surprise, the accounts they set up attracted 120,000 emails in their six month experiment. Within these emails, the researchers received employee usernames and passwords, trade secrets, employee personal data and contracts for business transactions.

Out of the 30 doppelganger accounts, only one firm noticed what was going on once they registered the domain. Also, out of the 120,000 emails they received, only two senders recognized their mistake.

As you can see, the two researchers were able to grab a ton of valuable information in a short span of time. This information can be extremely harmful to an individual and/or company if an attacker got his/her hands on it. For future notice, please be careful when sending out emails.

For more on this story, follow gizmodo and their latest posts on Security:

http://gizmodo.com/5838708/how-researchers-stole-20-gb-of-e+mail-from-fortune-500-companies

By c-emmons -

The “client-server relationship” is a very common term when it comes to file transfer.. but what exactly is a “client” and what is a “server”?  The networking of a “client-server relationship” involves a distributed application architecture that divides tasks between service providers known as servers and a service requester, or a client.  Clients and servers generally operate over computer networks, such as office LANs or even the Internet.

The server is the more dominant machine in the relationship, being a high-performance host that runs one (or more than one) server applications.  The server applications are what the client “talks to”.  Applicaitons on the client system initiate communication sessions with servers.

Simply put, “client-server” describes the relationship between two computer programs where the client makes request to the server.  This relationship is seen in such tasks as sending emails and accessing the web. Many business applications currently use the client-server model as well as the main Internet application protocols (HTTP, SMTP, telnet etc.)

The simplest type of client-server uses only two systems, a client and a server.  This may also be referred to as “two-tier” and it allows for the sharing of files. Some examples of clients in this relationship would be web browsers, email clients,and online chat clients.  Servers would include web servers, ftp servers, application servers, mail servers, file servers, and most web services.

Client-server architecture enables the responsibilities of a system to be distributed amongst several individual computers. These individual computers  are accessed only through a network so it is easier to maintain and repair or even relocate a server without affecting the clients.  Another benefit exists in that data is stored on servers which generally have greater security than clients. Servers can also control user access and resources.  Client-server technologies are abundant in the world today,  designed to ensure safety and security. One example  of an innovater in this field is Ipswitch – a software company which has been offering FTP software since 1991.  As the field of file transfer continues to grow, so will the need for safe servers and happy clients who together form a healthy, networked relationship.

By c-emmons -

When transferring files, several users seem to have trouble figuring out why such things as images do not send over properly.  A reason for this may be due to the fact that the file could be corrupted by using the wrong type of codes.  Rule of thumb is that if it does not work, you probably corrupted it through your transfer.  Many systems today make it easy to send files without worrying about corruption, but lets take a step back to look at the variations between ASCII and binary transfers.

Binary is the number system that is based on 2, referring to numeric information.  It uses all 8 bits in a byte.

ASCII is the American Standard Code for Information Interchange, or simply the  code that computers have been using to store text for decades.  It is used to code for text only.  If sending an HTML document for example, use the ASCII mode.  It is a limited transfer system because it only uses 7 of the 8 bits in a standard byte.  When it was first created, this was an adequate amount and was run because of the price of computer memory.  The modem speeds then were also much slower, allowing 7 bits instead of 8 made the transfer more rapid.  However, if you were to send something that utilized all 8 bits, 1/8 on the content would be lost.  So the big question here is why do we even bother with ASCII any longer when binary transfers allow for all 8 bits in a standard byte…

If you transfer using ASCII, both FTP clients and servers will translate any symbols into the native language of the computer recieving.  This will rid files that look to have garbage in them or appear to be a long line.  Overall, if sending an HTML file it is safest to used ASCII.  You can send it via binary transfer but you may mess up the file a bit.  Keep in mind if you use a command-line FTP client the default mode is ASCII.

WS_FTP has an Auto mode.  If this is checked, it does not affect the status of the ASCII or binary mode.  This mode helps to send files in either the binary or ASCII mode, whichever is more effective.  This is accomplished by going under the Options dialog, clicking Extensions and filling in the rest.

To summarize, a file that is simply text, HTML, postscript or EBCDIC should be transferred using the ASCII mode because transferring in binary mode could damage the file.  A file that had compressed (.exe, .jpg, .bmp), a bitmap, or an executable should be transferred in binary mode.  Furthermore, keep in mind is the growing system of Unicode.

By pete -

We just came across a great Computerworld article that gives a rundown of one thing that makes File Transfer so great. Ever want to send a big photo, movie, or song via email, only to be rejected by large attachment size restrictions? Sure – who hasn’t!! Well – maybe sometimes can just skip email all together .

Transferring files without e-mail – Computerworld.

The best FTP client I know of is WS_FTP from Ipswitch. Check PCWorld’s download area for free and trial versions of FTP software from dozens of programmers. Client based software tools are great for more knowledgeable users who transfer large files regularly.

Stop fighting e-mail and trying to make it do something it can’t — transfer large files. Check online for free and inexpensive options, or break our your old tennis shoes and revive SneakerNet.

Good stuff, Computerworld! We of course agree with your WS_FTP recommendation here.