RealSecurity

In 1998, I was working in Germany designing a 5000 site IPSec VPN solution encompassing 125 countries for a logistics company. The options were few. Timestep had the best product during that time with many other IPSec products emerging, such as Altiga, Novell's BorderManager, and Checkpoint. Of course, Cisco was very interested, but didn't have solid IPSec code. Cisco got involved and insisted with a little work they could have a meaningful solution. This bode well for the client given that they used Cisco for all their networking gear, making the whole philosophy very attractive.

There has been a great deal of industry static about Microsoft’s WMF vulnerability and the giant’s reaction to the critical gaping hole. In short, the WMF vulnerability provides the opportunity for a hacker to embed code in an image. When that image is displayed in a browser, document, e-mail, or whatever, the code is executed. It’s important to understand that the user did nothing unordinary for this to occur. Just going to a site with one of these "trojaned" images is enough. Clearly, this has significant implications and will be with us for some time.