RealNews

SBC Web Hosting Flunks Security Basics

If you are using SBC to host your Web site, you might want to think about finding someone else. Your site may be at risk due to SBC’s lack of security. The problem, which was brought to my attention by one of SBC’s hosting customers and since confirmed by the company, has to do with the browser-based “control panel” application that users run to maintain their sites. The level of potential exposure I think is high and unfortunate. There are several issues. First, the login process is done over an ordinary, unsecured browser link, rather than over a secured (SSL) and encrypted link. This means that anyone who monitors the path between your browser and SBC’s servers can highjack your password. SBC says, “We understand that customers want the added sense of security that an SSL-based control panel access method would provide. We are working to implement a new login system that will operate using SSL. We anticipate that it will be ready for customer use later this summer.” That is unacceptable, given that they have heard about this for several months. It should be fixed, pronto. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.