|
Thursday, 11 March 2010 00:02 |
|
Barracuda Labs has published an interesting threat report that reveals some data about Twitter.
The first thing to point out is that the vast majority of people (or bots) that have signed up for Twitter do not in fact use it. 51% follow ten “people” or less. 73% have tweeted ten or fewer times. One of my favorite charts in the report plots tweets versus followers on a log-log graph. Not surprisingly the most active tweeters cluster around 1,000 followers. Most of the super celebrity accounts with the million plus followers are not active Tweeters. Conan O’Brian, a new Twitter user, has 615,000 followers but has only Tweeted 14 times. He appears on 15,310 Twitter lists, a measure that Barracuda does not track.
The most interesting aspect of Baracuda Labs’ analysis is their identification of the “Twitter Red Carpet Era”:
From November 2008 to April 2009, many “celebrities” – from actors and athletes to musicians and politicians – started Twitter accounts. We call this the “Twitter Red Carpet Era.” It was during this time, 27 of the top 50 and 48 of the top 100 most followed Twitter users joined and began tweeting and promoting the service on a daily basis. With the increased visibility of Twitter, the millions of fans of many of these celebrities also joined Twitter, causing the Twitter growth rate to spike – from 2.02% in November 2008 to 21.17% in April 2009.
49% of Twitter accounts were created during the Twitter Red Carpet Era.
In their analysis of Twitter scams and attacks Barracuda makes the valid point that bad guys are following the flood of newbies to Twitter. They measure “Twitter crime” as the percentage of new users who have their accounts suspended by Twitter, a peak of 12% last October. If you assume, as I do, that Twitter is not actually very effective at identifying the accounts that have nefarious purposes I think it would be safe to assume the rate is double that: one in four Twitter accounts are not real people.
Read the latest Barracuda Labs report. It is high on data and low on hype.
|
|
Wednesday, 10 March 2010 01:30 |
|
One thing is evident from this year’s mega-security conference in San Francisco. The security industry is back with a vengeance. The show was packed with attendees and the expo floor was busier than I can remember in the last seven years I have attended. The reason? While economic downturns can curtail general IT spending and investments in upgrades and new technology deployments they have little impact on the need for securing existing infrastructure. Cyber criminals prey on companies in good times and bad. Add to that the new found interest in security from governments as they discover that they are under attack from their advisories and you have a formula for a boom.
Although I had an exhausting RSA this year (I met one on one with 48 vendors) my survey of the industry was not exhaustive. But I saw much to commend at RSA Conference 2010. Here are my choices for Best of Show RSA Conference 2010:
1. Astaro’s Red Box is the single most innovative product I saw. It is a little appliance that is drop shipped to a remote office. Once it is plugged in to the network behind the router it creates an SSL tunnel back to head quarters. It extends the corporate network to as many locations as desired. This leverages the investment in security at one location by extending it to many. It is simple and inexpensive at MSRP of $299.
2. F5’s new enterprise Big-IP edge gateway is based on SSL as well. It uses the web application acceleration features that F5 usually deploys in front of web servers to allow faster access to those applications in a secure manner.
3. PhoneFactor, a young company based in Kansas, has introduced strong authentication via SMS to add to their existing product that used voice authentication. The idea is not new, Estonia has been doing phone based authentication for years, but the timing is right. Imagine a transaction authentication solution for your bank account. Every time you transfer funds or pay a bill online you would acknowledge a text message sent to your phone.
4. GreenSQL. While not officially exhibiting at RSA the founder of this Israeli startup, David Mamam, was making the rounds. He introduced a database firewall that has been downloaded 75,000 times in its free form. The commercial version is a powerful solution that is affordable for the small to medium business.
5. Secunia, the premier vulnerability research company announced an integration with Microsoft WSUS, making patching of critical vulnerabilities possible in quick and painless fashion.
6. Damballa has found that they are in the right place at the right time. Their focus on fighting botnets turns out to be just what people are looking for post Google-Aurora.
While cloud computing was the most hyped subject at RSA 2010 I saw the most development in authentication and extensions of protective capabilities in UTM solutions. Privileged access management is gaining momentum with several vendors, including last year’s IT-Harvest Best of Show, Xceedium, were present.
The industry breathed a sigh of relief last week as they saw evidence that 2009 is behind us. I look forward to a busy RSA 2011.
|
|
|
