Former Patent Supporter Says Patents Hurt... >>
<< Pokemon Causes Cancer
 tdicon 


(Mis)Uses of Technology

by Mike Masnick

Mon, Dec 19th 2005 5:18pm





Hacker Detection Firm... Hacked

from the data-compromised dept

You would think, if you're in the "unauthorized computer break-in prevention" business, that you better make damn sure that your systems are pretty well protected -- because you are absolutely going to be a target. However, on top of that, you should probably make sure that your customer records are encrypted and you don't keep information you're not supposed to -- like credit card CVV numbers. Unfortunately, it appears that Guidance Software did none of those things, and is now informing customers that their info had been stolen by hackers. In fact, Guidance didn't even notice the hack until two weeks after it happened, which doesn't bode well for its sales pitch on its new security tools targeted at law enforcement officials.

9 Comments | Leave a Comment..


If you liked this post, you may also be interested in...
 

Reader Comments (rss)

(Flattened / Threaded)

  1.  

    No Subject Given

    identicon
    Jared Anderson, Dec 19th, 2005 @ 6:01pm

    Clearly this company is going to be in business for a long time to come...

    reply to this | link to this | view in thread ]

  2.  

    Prevention Vs. analysis

    identicon
    Paul Vogel, Dec 19th, 2005 @ 6:20pm

    It would be even more ironic if they were actually in the hacker prevention business.

    But Guidance is in the computer forensic analysis software business. Their software either runs inside the network you want to protect (the enterprise version) or on a freestanding workstation that requires the physical hard drive from the suspect's machine. No, I don't work for Encase. In fact, my agency pays Encase a lot of money to purchase/license their programs.

    It's almost as good to say "Forensic software company hacked".

    reply to this | link to this | view in thread ]

  3.  

    Re: Hacker Detection Firm... Hacked

    identicon
    Tim, Dec 19th, 2005 @ 8:09pm

    That's hilarious...and sad. Add to this the fact that most of their customers knew as much or more than they did about network security and computer crimes...lol.

    reply to this | link to this | view in thread ]

  4.  

    Re: Prevention Vs. analysis

    identicon
    Tom Cameron, Dec 19th, 2005 @ 8:23pm

    ...a special thanks goes to Paul and his company for funding this year's christmas, and my summer-of-'06 trip to Italy. Grazie!

    reply to this | link to this | view in thread ]

  5.  

    No Subject Given

    identicon
    Ryan, Dec 19th, 2005 @ 8:30pm

    Yeah, I just saw a commercial for (I think it was) AOL. It was like "we protect you from hackers." I was all, "shyah right! Some happy little company like AOL is going to keep my safe from determined and clever hackers. Right." This story proves my case.
    I think it's hilarous.

    reply to this | link to this | view in thread ]

  6.  

    Every move like chess

    identicon
    Andrew Strasser, Dec 19th, 2005 @ 9:03pm

    A hacker has you mated before you start.

    reply to this | link to this | view in thread ]

  7.  

    No Subject Given

    identicon
    s, Dec 20th, 2005 @ 2:33am

    Doesn't bode well at all... hehe

    reply to this | link to this | view in thread ]

  8.  

    Re: Prevention Vs. analysis

    identicon
    Thomas, Dec 20th, 2005 @ 8:33am

    Well...your right about them being a computer forensic company, but they also state the following on their website:

    Most companies have sophisticated intrusion detection systems, but without a reasonable plan to address security breaches, the number of alerts is overwhelming. We don't think you should have to pick and choose which issues to address; we think every significant event demands attention. That's why we built EnCase® Enterprise software to provide a complete and automated incident response capability, able to fully integrate with your alerting systems, automating response, data analysis and remediation across your entire enterprise. And better still, EnCase Enterprise can do it live, while the network is up and running. Now you're covering more ground, quickly, with little or no disruption to your organization.

    So it would seem they did not use their own products at all or they just don't work.

    reply to this | link to this | view in thread ]

  9.  

    Re: Prevention Vs. analysis

    identicon
    Fred, Dec 20th, 2005 @ 3:13pm

    Maybe the IDS did not go off? That statemnent says it integrates with the alerting systems. They are not an alerting system.

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>


Former Patent Supporter Says Patents Hurt... >>
<< Pokemon Causes Cancer
 tdicon 

A word from our Sponsors...
Follow Techdirt
Flattr rss rss

Powered by Postrank

From the Techdirt Archive...
A word from our Sponsors...

Close

Email This