Community
Showing results for 
Search instead for 
Do you mean 
Reply

Sync with out a server.

Bronze Elite Contributor
Posts: 2,633
Country: New_Zealand

Re: Sync with out a server.

Yeah like, 3 million hackers are interested in hacking any old port they come across. Thanks for the advice, I'll breakout the typewriter tomorrow and auction off the server. 

Graeme Leo
Xact Software - consultants and developers
Follow us on Twitter and check out our Blog


Platinum Elite Contributor
Posts: 14,584
Country: Australia

Re: Sync with out a server.

That is one of the ways that groups like Anonymous gain access to large numbers of systems to control for DDoS attacks on a target they want to hammer.
Bronze Elite Contributor
Posts: 2,633
Country: New_Zealand

Re: Sync with out a server.

So next headline will be.. "Anonymous now targetting ACT! uses rather than the low profile targets like IRS, FBI and NASA."

Graeme Leo
Xact Software - consultants and developers
Follow us on Twitter and check out our Blog


Platinum Elite Contributor
Posts: 14,584
Country: Australia

Re: Sync with out a server.

You don't seem to understand what I said ... in order to attack the intended targets, a common way is to get control of large numbers of users that are easier to compromise and control and then launch a combined attack.

This style of attack has brought down banks, paypal, the CIA and some other major sites. From the compromised drone systems, they suffer major bandwidth loss or inability to access the web.

Another option might be to use the drones for an email-bomb - that is to use it to send masses of spam

And these assume that they aren't targeting the user ... if so, could set up trojans to read passwords or other data
Bronze Super Contributor
Posts: 1,679
Country: Australia

Re: Sync with out a server.

I'm kinda curious. In fact I've asked a related question before: http://community.act.com/t5/ACC-Discussions/LizaMoon-SQL-Injection-Attack-Hits-Websites/m-p/121996/h...

 

Just because 55% of sites that use ACT! have 5 or fewer users, does not mean they are not a target. 

 

I feel that security is something I'd like to hear more about with regard to Sage ACT!. Just how secure is are our APFW sites, how secure is the sync traffic?

 

Being told "it is secure" is meaningless.


Years ago Volvo made the claim their cars were safe. They backed that up with evidence.

 

Happy to hear the claim "we are safe and secure" but I still want to see some evidence. Reports, whitepapers, explainations.

 

When we clearly understand what the risks are, what measures have been taken to reduce the risk, then we can make an informed decision for ourselves (and clients).

 

Ben.

Platinum Elite Contributor
Posts: 14,584
Country: Australia

Re: Sync with out a server.

The security of something that needs to be publicly available is different from something like ACT! ... it's not that difficult to setup a private SSL VPN and take the worry away.

This is crucial if you ever plan to use public WiFi to access data from a mobile ... otherwise, even if the server is secure, you're giving away user/pass details to anyone interested.