Lenovo ThinkPad X30 IDC white paper titled "The Coming of Age of Client S
Lenovo ThinkPad X30 Manual
View all Lenovo ThinkPad X30 manuals
Add to My Manuals
Save this manual to your list of manuals |
Lenovo ThinkPad X30 manual content summary:
- Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 1
the Point of Entry Sponsored by: IBM Corporation Roger L. Kay January 2003 including, purportedly, an unknown quantity of Windows source code files. Naturally, Microsoft never advertised the epicenter of the information technology business is vulnerable (and by inference should know better), truly - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 2
desktop and notebook PCs still often have only a Windows password protecting them, and, in older Windows the user's private key. To address this weakness, IBM has embedded the entire process in hardware. An in hardware, your systems are more vulnerable. In this environment, client security can - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 3
! The advantages of IBM's hardware security implementation ! so-called "Triple DES" encoding with all the computing power currently hooked up to the Internet simultaneously would need 64 unencrypted connections, vulnerable to getting picked off by a sniffer, A denial-of-service attack on the - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 4
and a denial-of-service attack on the Internet's 13 root servers successfully crippled traffic on the a coconut in less than a minute. More primitive client password schemes - still used in Windows 95 and 98 installations - can simply be bypassed by hitting the Escape key. 4 #3577 ©2003 IDC - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 5
outside penetration. The hacker community knows about these flaws and cruises the Internet, looking for systems that lack the updates. Once inside the network via a vulnerable client node, a hacker with malevolent intent has all the privileges accorded the legitimate user of that client: access to - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 6
FIGURE 1 WORLDWIDE ECOMMERCE SPENDING BY TYPE, 2000-2003 ($B) 1,600 1,400 1,200 1,000 800 600 400 the entire value of the business. Another Russian hacker was monitored for years as he downloaded millions of pages of sensitive data from defense department computers, including one colonel's email - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 7
badge, and password), only the legitimate owner of the locked-away files can open them as readable data. This same type of authentication can be pressed into service to authorize the client node's user to the network and all the corporate resources it contains. THE EVOLUTION OF SECURITY TECHNOLOGY - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 8
but would still yield to trial and error. These types of techniques were supplanted by the use of "key in security came in 1970, when IBM scientists developed the Data Encryption Standard ( These algorithms all depended on the absence of computing power, which in today's world can perform, in - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 9
increased to 128 bits. With these specifications, AES would be far too large for narrowed to a few finalists. IBM championed an algorithm called MARS; storage and transmission. However, the problem of the shared secret is Here are two illustrations of how this type of encryption can be useful. Let - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 10
Public key encryption is based on the idea that some mathematical operations are easy to do - but hard to undo. A simple example is a square versus a square root. If you already have the square root of three (which, although approximately 1.73205080756888, has no finite answer), multiplying it by - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 11
Net and all the clients and services that they run into, there medium do we utilize this powerful math? CLIENT SECURITY IMPLEMENTATIONS client. One of the benefits of this type of user verification system is that, can hold is limited, which is a problem from the perspective of likely developments in - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 12
board of the client. It supports RSA PKI operations and includes electronically erasable programmable read-only memory (EEPROM) for storing key pairs. The chip communicates with the main processor via a local bus and also has a link to the system BIOS during boot up. An application program interface - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 13
internally and stored on the chip, never appear in main memory. So there is no way a Trojan horse can sniff it. When a system with the a hardware security chip is first booted up, the chip must be enabled with a BIOS setting (the BIOS itself is protected by an integrity procedure). No one can - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 14
security can plug some of the more vulnerable holes in the security perimeter. For Ethernet controller. Another key feature of the IBM-embedded security chip is that it is inexpensive - to the point where IBM and faster memory, and wider and faster system buses - have more than enough power to - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 15
, the success of any security strategy depends on its comprehensiveness and universality, and it is in IBM's interest that this solution become as widespread as possible. The platform specification, which has been agreed upon by the general membership, is now shipping in version 1.1. Atmel, based - Lenovo ThinkPad X30 | IDC white paper titled "The Coming of Age of Client S - Page 16
now, such as secure support for email and for than like a wrench of a specific gauge for a narrowly defined task if the BIOS has been changed since the previous boot. ! wireless LAN via 802.1x, which ships with Microsoft's Windows XP, be used along with the IBM Client Password Manager software to
WHITE PAPER
The Coming of Age of Client Security: Top Managers Realize They
Have to Lock Down the Point of Entry
Sponsored by: IBM Corporation
Roger L. Kay
January 2003
SUMMARY
Although security technology has progressed tremendously over time, awareness of
the need for security on the part of people who use computers ° both consumers
and businesspeople ° has not in general kept pace. Essentially, there is plenty of
technology on hand, but the understanding of what it does and how to use it has
lagged. However, much has changed since the attacks of September 11. CEOs and
IT managers everywhere drew lessons from the differing fates of companies that had
backup and restore procedures and those that didn’t. Data recovery is, of course, only
one piece of the security pie, but as political tensions have increased on the macro
level, this and other security concerns have risen in visibility with top managers. "To
what degree is our data ° and therefore our business ° safe?" CEOs are now
asking in ever greater numbers and with increasing vehemence. "Just where are we
with security?" they want to know of their CIOs.
This shift in attitude represents an evolution from the pre±September 11 state, which
was characterized by a vague awareness of some subset of security issues but a
misunderstanding of the complete security picture and a widespread lack of adoption
and deployment.
Now managers are beginning to assess their vulnerability and to ask what their
alternatives are.
In most corporations, the security infrastructure is still inadequate and full of holes.
Even the most sophisticated organizations are vulnerable. In one incident, widely
reported in the press, that had an impact of major but unknown proportions ° the
degree of penetration was difficult to assess ° a hacker from St. Petersburg, the
intellectual seat of the old Soviet Union, broke into Microsoft’s network and
absconded with a large number of important files, including, purportedly, an unknown
quantity of Windows source code files. Naturally, Microsoft never advertised the
extent of the damage ° if, indeed, it is actually known. And if a company at the
epicenter of the information technology business is vulnerable (and by inference
should know better), truly, no company is safe from attack.
The security threat is growing in several dimensions at once. The amount of value
flowing across the network ° in the form of actual money, but also business plans,
intellectual property, and strategic documents ° is rising by leaps and bounds. And
value is at risk in less obvious ways. A reputation can be damaged irreparably by an
attack, business can be lost as a result of downtime, and the trust on which ebusiness
is based can be destroyed permanently. To the growing list of imaginative crimes
must be added identity theft, which has become a veritable cottage industry. In
addition, malicious hackers are getting more sophisticated. Malevolent programmers
are not only figuring out more effective ways to harm businesses and individuals but
are also publishing their tricks on Web sites for other less creative, but perhaps more
vindictive, people to find and use.
Global Headquarters: 5 Speen Street
Framingham, MA 01701 USA
P.508.872.8200
F.508.935.4015
www.idc.com
²To what degree
is our data
and therefore our
business
safe?"
CEOs are now
asking.
The security threat
is growing in several
dimensions at once.