Satyam acquires Motorola software development center (SDC) in Cyberjaya

India's Satyam Computer Services Ltd, which is the 4th largest IT solutions and service provider and has its own building block in Cyberjaya Malaysia, has just initiated an acquisition to its Cyberjaya neighbour - the software development center (SDC) of Motorola in Malaysia.

On the recent Monday, the 128 staff in Motorola SDC were briefed about the acquisition, that all of them, together with the SDC’s assets, will be diverted from Motorola to Satyam by the end of the year. Anyhow, they are assured by the management that their contractual bonus for the year will not be affected.

The SDC is part of Motorola's Home and Network Mobility business and focuses on network management system development. After the acquisition, Motorola will outsource the business to Satyam and get the same level of service as before.

Both Satyam and Motorola are listed in New York Stock Exchange (NYSE). To date, Satyam has a staff strength of over 500 in Malaysia.

WPA Wi-Fi encryption cracked!

If you are using a wireless network, especially in office environment, you should be well awared that running Wi-Fi without any encryption is a big no-no, and that the depreciated Wired Equivalent Privacy (WEP) encryption is extremely weak and can be cracked within seconds. As such, you probably are using Wi-Fi Protected Access (WPA) encryption to protect your Wi-Fi from unauthorized access and/or information stealing/leaking.

But now, bad news is that 2 German researchers - Martin Beck and Erik Tews - have found a way to crack the Temporal Key Integrity Protocol (TKIP, which was supposed to fix all problems with WEP) of WPA encryption within minutes, and they are going to share their cracking tools to the public during the PacSec Conference in Tokyo this 12-13 November 2008. In fact, some of the code used in the attack was already quietly added into the Aircrack-ng Wi-Fi encryption hacking tool about two weeks ago.

In short: WPA is no longer secured!

So what can you do to safeguard the security of your wireless network? Ensure that your wireless access points and equipments support WPA2, and switch over to it. WPA2 implements the mandatory elements of IEEE 802.11i standard, and is still uncracked by now, if it doesn't make use of the TKIP, and is instead set to use Advanced Encryption System (AES) with its Cipher Block Chaining Message Authentication Code Protocol (CCMP).

Click here to read more about this new crack on WPA Wi-Fi encryption.

Hardening PHP security with Suhosin

Suhosin (수호신) is a Korean word that means “guardian-angel”, originally developed by Stefan Esser, a German developer who loves Korean language.

Originated from the Hardened-PHP project, Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core.

There are 2 parts in Suhosin:

• Patch to PHP that hardens the Zend engine to protect from possible buffer overflows and related vulnerabilities.

• Standalone Suhosin extension module for PHP to provide many security features that are not present in PHP itself.

Both of them can work together, or the extension module alone can be used.

Some of the features of Suhosin are:

• Logging of errors to syslog or arbitrary logfiles
• Create blacklists and whitelists per virtual host
• Filter on GET and POST requests, file uploads, and cookies
• Transparent encryption of sessions and cookies
• Set memory limits
• ... and many more
  

If your web applications are developed in PHP, you should seriously consider installing Suhosin to harden its security. It is already included in most major Linux distributions. Search for "php5-suhosin" or "php-suhosin" in your Linux distribution to install it.

For more information about downloading and installing Suhosin, click here.