0
8
May

Internet Banking security in South Korea

I came across this interesting article that said Korean bank uses PKI mechanism to ensure security on their Internet Banking system. Which means, they’re not using SSL (for those whose not familiar with SSL, notice the Verisign sign on your online banking system? That’s SSL certificate provider. Meaning your online banking site use SSL).

However, the growing usage of smartphones such as Blackberry and iPhone has made the Korean people to plea over the change of the current laws that enforce the usage of PKI-based mechanism on their online banking system. Here’s what the article says:

The Security of Internet Banking in South Korea

For those of you who have followed my blog, you know that it has been 3 years since I first reported on the fact that Korea does not use SSL for secure transactions over the Interent but instead a PKI mechanism that limits users to the Windows OS and Internet Explorer as a browser. Nothing fundamentally has changed but there are new pressures on the status quo that may break open South Korean for competition in the browser market in the future.

In fact, one of the new pressures on the status quo has been the popularity of the iPhone in South Korea, which wasn’t available officially until late 2009 due to a different Korean software middle-ware requirement, WIPI, which has since been deprecated. With WIPI dead and buried, Apple released the iPhone to great fanfare in the Korean market and Blackberry has also launched in the Korean market.

Read the rest of this entry »

0
5
May

Sri Mulyani named Managing Director of WB

A shocking news today that has made it to Twitter trending topic (even Justin Bieber can’t compete with this) is that our one and only Minister of Finance is resigning and becoming a managing director of World Bank, one level below the president of world bank. My lecturer said that it’s the highest position any non US-citizen can become, well because non US-citizen can’t become the US president, rite? :-D

News Excerpt

May 5 (Bloomberg) — Indonesia’s Finance Minister Sri Mulyani Indrawati, who has been a candidate to head her nation’s central bank, was selected to be a top adviser to World Bank President Robert Zoellick.

Sri Mulyani, 47, will start June 1 as one of the Washington-based bank’s three managing directors, the highest rank under Zoellick, the World Bank said in a statement. Indonesia’s stocks tumbled after the announcement left it unclear who will be the next finance minister.

via Bloomberg.com

I hope she’ll be doing good on her future endeavour. I know she will. So proud of her :) what a sweet revenge :D hihi (eat that you Pan**s morons).

Google more here.

0
5
May

IPS & IDS

More about firewall, they also mention something about IPS/IDS. Which I had no idea what they were all about. Here’s the cheat sheet from Wikipedia.org.

Intrusion Prevention System (IPS)

An Intrusion prevention system (IPS) is a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. Network-based IPS, for example, may operate in-line to monitor all network traffic for malicious code or attacks . When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass. Intrusion prevention technology is considered by some to be an extension of intrusion detection (IDS) technology .

Intrusion prevention systems evolved in the late 1990s to resolve ambiguities in passive network monitoring by placing detection systems in-line. Early IPS were IDS that were able to implement prevention commands to firewalls and access control changes to routers. This technique fell short operationally for it created a race condition between the IDS and the exploit as it passed through the control mechanism. Inline IPS can be seen as an improvement upon firewall technologies, IPS can make access control decisions based on application content, rather than IP address or ports as traditional firewalls had done. However, in order to improve performance and accuracy of classification mapping, most IPS use destination port in their signature format. As intrusion prevention systems were originally a literal extension of intrusion detection systems, they continue to be related.

Intrusion prevention systems may also serve secondarily at the host level to deny potentially malicious activity. There are advantages and disadvantages to host-based IPS compared with network-based IPS. In many cases, the technologies are thought to be complementary.

An Intrusion Prevention system must also be a very good Intrusion Detection system to enable a low rate of false positives. Some IPS systems can also prevent yet to be discovered attacks, such as those caused by a buffer overflow.

more at Wikipedia.org.

Intrusion Detection System (IDS)

An IDS is a device (or application) that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station. Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents, which are violations or imminent threats of violation of computer security policies, acceptable use policies, or standard security practices.[1] Intrusion prevention is the process of performing intrusion detection and attempting to stop detected possible incidents.[1] Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, attempting to stop them, and reporting them to security administrators.[1] In addition, organizations use IDPSs for other purposes, such as identifying problems with security policies, documenting existing threats, and deterring individuals from violating security policies.[1] IDPSs have become a necessary addition to the security infrastructure of nearly every organization.[1]

IDPSs typically record information related to observed events, notify security administrators of important observed events, and produce reports.[1] Many IDPSs can also respond to a detected threat by attempting to prevent it from succeeding.[1] They use several response techniques, which involve the IDPS stopping the attack itself, changing the security environment (e.g., reconfiguring a firewall), or changing the attack’s content.[1]

More at Wikipedia.org.

0
5
May

What is Network Firewall?

We’re currently selecting several vendor to provide us with network firewall and I’m not an expert on it. Fortunately my friend brought a cheat sheet and I decided to post something here as a reminder. This article is quite brief but it gave me the big picture so that I could easily understand.

Host-based vs. Network Firewalls

Host-based firewalls (sometimes called “personal” firewalls) are simple, low cost programs or devices intended to protect a single computer. Examples include ZoneAlarm, Norton Personal Firewall, and the Internet Connection Firewall (ICF) built into Windows XP.

Network firewalls can protect multiple computers. However, not all network firewalls are created equal. Some are simple devices or programs that cost little more than personal firewalls. Many consumer-grade DSL and cable routers include this type of firewall technology. Simple network firewalls perform packet filtering, but usually don’t do more than very rudimentary ALF.

Enterprise firewalls are “all business,” designed for large, complex networks. It goes without saying that they cost much more. They will handle many more users, have faster throughput, and have advanced features, such as:

  • Incorporation of VPN gateways
  • Ability to manage multiple firewalls centrally
  • Sophisticated monitoring and reporting mechanisms
  • Can be extended through add-on modules or plug-ins
  • Ability to control access via policies and apply different policies to different users
  • More sophisticated authentication mechanisms
  • High availability with load balancing and failover

Cost for host-based firewalls is usually around $100 or less. Enterprise firewalls can cost over $25,000. The most popular medium-range business firewalls cost from $1500 to around $5000. But that’s just the initial purchase price. As we’ll see later, many vendors charge extra for functionalities that others include free.

Hardware vs. Software Firewalls

All firewalls run firewall software, and they all run it on some sort of hardware, but the terms hardware firewall andsoftware firewall are used to distinguish between products marketed as an integrated appliance that comes with the software preinstalled, usually on a proprietary operating system, and firewall programs that can be installed on general purpose network operating systems such as Windows or UNIX.

Hardware firewalls can be further divided into those that are basically dedicated PCs with hard disks and those that are solid state devices built on ASIC (Application Specific Integrated Circuit) architecture. ASIC firewalls are generally faster performers and don’t have the hard disk (a mechanical device) as a potential point of failure.

Read the rest of this entry »

2
8
Apr

Kuliah Competitive Strategy bersama Michael Porter

Michael Porter adalah penulis beberapa buku Competitive Strategy dan dosen di Harvard Business School. Salah satu framework/model berpikir yang paling terkenal adalah Porter’s Five Forces untuk menganalisa competitiveness dari suatu industry atau perusahaan yang akan masuk dalam industry tertentu.

The Meeting Room turned into class

Pada hari Rabu, 7 April 2010 kemarin saya dan 30 murid dari MMUI diberi kesempatan untuk ikut hadir pada perkuliahan Porter di Harvard University melalui Video Conference yang dilangsungkan di Worldbank. Yaps, perkuliahan tersebut memang terselenggara berkat kerjasama antara Worldbank dan Harvard University.

Perkuliahan tersebut dilaksanakan di kelas Porter di Harvard bersama mahasiswa-mahasiswi nya yang mengambil mata kuliah Competitive Strategy. Mereka diberikan makalah kasus tentang Indonesia dan bagaimana menarik Foreign Direct Investment ke Negara Indonesia. Kuliah berlangsung selama 1.5 jam dimana mahasiswa-mahasiswi diberikan kesempatan oleh Porter untuk mengungkapkan permasalahan-permasalahan yang dihadapi oleh Indonesia dan tantangan dalam menarik investor asing untuk datang dan menanamkan uangnya di Indonesia. Banyak hal yang diungkap disana, dari Infrastruktur, Stabilitas Politik, Hukum, Korupsi, policy, dan lain-lain. Porter dengan sigap mendengarkan dan merangkum aspirasi murid-muridnya dan membuat resume pada black board besar. Psstt, ada Agus anaknya SBY juga lho mengambil kelas Porter! Sayangnya dia tidak bicara sama sekali mengenai kasus Indonesia ini. Hiks…

Mari E Pangestu facing the video camera

Di Indonesia sendiri, selain dihadiri oleh 30 mahasiswa MMUI, acara ini dihadiri peserta dari Worldbank, alumni MBA Harvard dan mentri perdagangan Mari E Pangestu. Setelah mendengarkan selama 1.5 jam komentar Porter dan mahasiswanya mengenai Indonesia, Mari E Pangestu sebagai policy maker diberikan waktu 20 menit untuk menjelaskan, mengupdate dan memberikan informasi mengenai kondisi saat ini. Dan oh my god, ternyata Mari E Pangestu ini pintar sekali sodara-sodara!!! Saya sampai amaze, takjub dan ternganga-nganga mendengarkan pendapat beliau yang sangat lancar dan tepat sasaran. Padahal selama 1.5 jam ia hanya mendengarkan, membuat orat-oret dan tidak ada ‘contekan’ dari manapun juga! Well, Alhamdulillah orang sepinter itu masih mau pusing-pusing mikirin Indonesia :D hehehee

Me and Other Participants

Oh saya belum bilang ya, kalau kuliah ini diselenggarakan pukul 03.00 pagi waktu Indonesia barat? :D hehehe yaps karena saat itu adalah malam hari dan jadwal kuliah di US hihihihi kesan bangun jam 03.00 pagi untuk mengikuti kuliah Porter? Seneng banget! It was a truly magnificent experience :) jam 03.00 – 05.30 pagi pun gak berasa. Sayangnya selama kuliah berlangsung tidak diperbolehkan merekam atau memotret huhuhu Oh I wish I was there, in Harvard University as well :P hahaha *ngarepppp* hahahaah

See more pictures here.