My very first computer:
Computers, Windows, PC Games, Security, Linux Ubuntu News, Internet
SUMMARY: On Saturday, programming code for National Security Agency hacking tools was shared online. The content appears to be legitimate, but it is not clear if it was intentionally hacked or accidentally leaked. Hari Sreenivasan speaks with The Washington Post's Ellen Nakashima and Paul Vixie of Farsight Security about where this development fits in the context of other recent cybersecurity breaches.
HARI SREENIVASAN (NewsHour): The National Security Agency's primary mission is to spy on the electronic communications of countries and people overseas.
Over the weekend, though, sophisticated code the NSA developed to penetrate computer security systems was posted online. This serious breach comes amid the ongoing revelations of the hacking of the Democratic National Committee and other organizations, allegedly by groups linked to Russian intelligence.
For more on this, we turn to The Washington Post national security correspondent Ellen Nakashima, and Paul Vixie. He designed and built some of the software that is the backbone of the Internet today. He is now chairman and CEO of Farsight Security, a computer security firm.
Ellen Nakashima, what happened this weekend? What got released?
ELLEN NAKASHIMA, The Washington Post: Over the weekend, apparently on Saturday, mysteriously, a cache of NSA hacking tools was released online through file-sharing sites such as BitTorrent and Dropbox.
It really wasn't noticed until about Monday, when the computer security community started commenting on it and questions arose as to whether or not the NSA had been hacked.
HARI SREENIVASAN: So, Paul Vixie, if these lock picks, these digital tools to try break into different systems out are out in the open now, these are the tools that the American government was using, what is the consequence, if it is in the public sphere?
PAUL VIXIE, Farsight Security: Well, I think, every day, everybody is trying to hack everybody. So, this is not huge news.
What's big news about it is that these tools were built by the U.S. government. Some of the lock picks, as you call them, are now obsolete. They are relying on vulnerabilities that have since been closed, because the files are about 3 years old.
But at least one of them is active against a very current piece of equipment from Cisco. And it is going to lead to a lot of break-ins while the patches are prepared and shipped and then applied.
Stock exchanges. Central banks. Satellite uplinks. Transoceanic fiber optics links. All mysteriously succumbing to an unexpected “evolution” of the web. When the world’s critical services start to collapse, you know this is more then a simple event. Who or what is behind it? Only an experienced and dedicated hacker, with know-how gained as an international cyber-intelligence agent, can root out the cause and bring it down.
The creators of Digital Hazard and BS Hacker bring you to new levels of hacking simulation, with unparalleled graphics and a pulse-pounding sound track. Hack into computers, look for exploits and information, and steal money to buy hardware upgrades as you attempt to assemble the pieces of an international puzzle. Your virtual operating system environment is packed with the features to immerse you in the role of world-class hacker.
Hacker Evolution is a totally unique experience, challenging the evolved gamer's intelligence, attention and focus to create a captivating mind game. Solve puzzles, examine code and bits of information, and evade the system’s trace to reach your objectives.
UPDATED: Cisco’s Talos security intelligence and research group has come across a piece of software that installed backdoors on 12 million computers around the world.
The software, which exhibits adware and spyware capabilities, was developed by a French online advertising company called Tuto4PC. The firm, previously known as Eorezo Group and apparently linked to another company called Wizzlabs, has been targeted by French authorities over its questionable practices regarding the installation of unwanted software and harvesting of users’ personal details.
Cisco started analyzing Tuto4PC’s OneSoftPerDay application after its systems detected an increase in “Generic Trojans” (i.e. threats not associate with any known family). An investigation uncovered roughly 7,000 unique samples with names containing the string “Wizz,” including “Wizzupdater.exe,” “Wizzremote.exe” and “WizzInstaller.exe.” The string also showed up in some of the domains the samples had been communicating with.
Researchers determined that the application, installed with administrator rights, was capable not only of downloading and installing other software, such as a known scareware called System Healer, but also of harvesting personal information. Furthermore, experts found that the software is designed to detect the presence of sandboxes, antiviruses, security tools, forensic software and remote access doors.
These “features” have led Cisco Talos to classify the Tuto4PC software as a “full backdoor capable of a multitude of undesirable functions on the victim machine.”
According to Tuto4PC’s website, the company offers hundreds of tutorials that users can access for free by installing a piece of software that displays ads. However, based on Cisco’s research, it appears the company is doing more than just displaying ads.
Tuto4PC said its network consisted of nearly 12 million PCs in 2014, which could explain why Cisco’s systems detected the backdoor on 12 million devices. An analysis of a sample set revealed infections in the United States, Australia, Japan, Spain, the UK, France and New Zealand.
“Based on the overall research, we feel that there is an obvious case for this software to be classified as a backdoor. At minimum it is a potentially unwanted program (PUP). There is a very good argument that it meets and exceeds the definition of a backdoor,” Cisco Talos researchers said in a blog post.
“The creation of a legitimate business, multiple subsidiaries, domains, software and being a publicly listed company do not stop this adware juggernaut from slowing down their attempts to push their backdoors out to the public,” they added.
In response to Cisco’s blog post, Tuto4PC Group CEO Franck Rosset clarified that its antivirus bypass technology is not used for malicious purposes — he says it’s designed to make it easier for users to install its applications, which have been blocked by antiviruses. The company has provided the following statement to SecurityWeek:
- “The Talos blogpost is inaccurate in describing Tuto4PC as a shady malware distribution enterprise. We are currently working with our lawyers in order to evaluate the action we can take against Talos’ inexact (negative) presentation of our business.
- We are a listed company on the French stock exchange. Since 2004, our business model is to create widgets, tutorials etc, for free download on download websites. The download of our programs is for free subject to agreement for accepting advertising from an adware attached in the download.
- Contrary to Talos’ wrongful allegations, our business has been approved by French regulators and we have never been indicted or sued for any malware distribution!!!!
- We have a technology subsidiary (Cloud 4PC) with some developments in cybersecurity. Due to some undue blocking by antiviruses that recently blocked Tuto4PC adware (some of them have also an adware business model), we are using a bypass technology so that people can easily download our programs (and adware). Although the bypass software is extremely efficient, it has no other purpose or use that helping the Tuto4PC adware download.
- There is no malware activity and Talos cannot prove or show any malware use of the program — with more than 10 million installed, if there was to be any malware activity, obviously there should be some user complaints.
- As you can see, we are a French company — very easy to reach, we are not hiding in some rogue country — we do not understand why Talos has not contacted us prior to their post.
- In any case, our subsidiary Cloud 4PC is going to launch soon “AV Booster,” an antivirus booster that will help stop any real malware that use bypass techniques like the ones we developed."
Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses—these are just some of the entities impacted recently by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them.
The inability to access the important data these kinds of organizations keep can be catastrophic in terms of the loss of sensitive or proprietary information, the disruption to regular operations, financial losses incurred to restore systems and files, and the potential harm to an organization’s reputation.
And, of course, home computers are just as susceptible to ransomware, and the loss of access to personal and often irreplaceable items—including family photos, videos, and other data—can be devastating for individuals as well.
Ransomware has been around for a few years, but during 2015, law enforcement saw an increase in these types of cyber attacks, particularly against organizations because the payoffs are higher. And if the first three months of this year are any indication, the number of ransomware incidents—and the ensuing damage they cause—will grow even more in 2016 if individuals and organizations don’t prepare for these attacks in advance.
In a ransomware attack, victims—upon seeing an e-mail addressed to them—will open it and may click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code. Or the e-mail might contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.
One the infection is present, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to. Users and organizations are generally not aware they have been infected until they can no longer access their data or until they begin to see computer messages advising them of the attack and demands for a ransom payment in exchange for a decryption key. These messages include instructions on how to pay the ransom, usually with bitcoins because of the anonymity this virtual currency provides.
Ransomware attacks are not only proliferating, they’re becoming more sophisticated. Several years ago, ransomware was normally delivered through spam e-mails, but because e-mail systems got better at filtering out spam, cyber criminals turned to spear phishing e-mails targeting specific individuals.
And in newly identified instances of ransomware, some cyber criminals aren’t using e-mails at all. According to FBI Cyber Division Assistant Director James Trainor, “These criminals have evolved over time and now bypass the need for an individual to click on a link. They do this by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers.”
The FBI doesn’t support paying a ransom in response to a ransomware attack. Said Trainor, “Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”
So what does the FBI recommend? As ransomware techniques and malware continue to evolve—and because it’s difficult to detect a ransomware compromise before it’s too late—organizations in particular should focus on two main areas:
- Prevention efforts—both in both in terms of awareness training for employees and robust technical prevention controls; and
- The creation of a solid business continuity plan in the event of a ransomware attack. (See "Tips for Dealing with the Ransomware Threat" below)
“There’s no one method or tool that will completely protect you or your organization from a ransomware attack,” said Trainor. “But contingency and remediation planning is crucial to business recovery and continuity—and these plans should be tested regularly.” In the meantime, according to Trainor, the FBI will continue working with its local, federal, international, and private sector partners to combat ransomware and other cyber threats.
If you think you or your organization have been the victim of ransomware, contact your local FBI field office and report the incident to the Bureau’s Internet Crime Complaint Center.
Tips for Dealing with the Ransomware Threat
While the below tips are primarily aimed at organizations and their employees, some are also applicable to individual users.
- Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
- Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
- Ensure antivirus and anti-malware solutions are set to automatically update and conduct regular scans.
- Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
- Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
- Disable macro scripts from office files transmitted over e-mail.
- Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
Business Continuity Efforts
- Back up data regularly and verify the integrity of those backups regularly.
- Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.
SUMMARY: In the 30 years since Steve Case co-founded AOL, the global tech landscape has seen immense growth and change. What new developments wait in the near future, and what does the rapidly expanding online world mean for human life? Case explores those issues in his new book, “The Third Wave.” Case joins Judy Woodruff to discuss his vision of the future.
JUDY WOODRUFF (NewsHour): Back in 1985, when Steve Case co-founded America Online, only 3 percent of Americans were actually online. Fast-forward some 30 years, and we can see the global change brought about by the Internet and an ever-growing array of devices and social media.
So, what is next?
Well, we get a glimpse from Steve Case himself. He is the author of a new book, “The Third Wave: An Entrepreneur’s Vision of the Future.”
Steve Case, it is good to see you.
STEVE CASE, Author, “The Third Wave”: It’s good to see you again.
JUDY WOODRUFF: So you borrowed that term the third wave from the futurist Alvin Toffler.
STEVE CASE: Yes.
When I was in college in the 1980, I read Toffler “Third Wave.” It completely mesmerized me inspired me. I spent the last almost four decades pursuing some of the ideas he talked about.
So, when I was writing a book, I wanted to pay respect to him. I open the book with talking about my experience reading Toffler. And I hope others will similarly be inspired by my book, and because the future once again is going to change, and the path forward is going to be different than what we saw in the last two waves. And that’s what I was trying to lay out in this book.
JUDY WOODRUFF: So, in a thumbnail, first wave was the creation of the Internet, which you were involved in. Second wave was building on that, you describe, social media devices and so forth.
What is the next wave?
STEVE CASE: It’s really integrating the Internet seamlessly throughout our lives.
And there is a lot of things that haven’t changed that much in the first wave or the second wave. How we learn, our kids learn is about the same. How we stay healthy is about the same. How we manage energy is about the same. Even how we think about food is about the same.
And work itself is starting to change in the third wave because of the freelance economy, what some call the gig economy. So, I think it’s important for everybody, not just businesspeople or technologists, to understand what is happening next. And that is what I try to lay out in this book with sort of a — a little bit of a road map forward and a little bit of a playbook in terms of how you can think about orchestrating your career and your life, and how you think about maybe your kids and even your grandkids. What world are they going to be inheriting?
A letter from the President of the European Commission may spark an ongoing war between privacy advocates and online publishers that use anti-ad-blocking filters on their sites.
Alexander Hanff, CEO of Think Privacy Inc., has penned a letter to Jean-Claude Juncker, EC's president, this past winter, asking for clarification regarding the language of the e-Privacy Directive's Cookie Law.
Mr. Hanff wanted to know if the cookie law is referring strictly to browser cookies or the general notion of gathering "any information stored on such equipment [is] part of the privacy sphere of the users requiring protection."
Scanning for ad-blockers breaks the EU's e-Privacy Directive
The response of the European Commission was clear, and that any type of server or client-side scripts that attempt to access or collect information stored on the user's devices fall under the e-Privacy's umbrella, meaning that publishers need to ask for permission before gathering any type of data, not just about cookies.
Under Mr. Hanff's expert opinion, this also includes ad-blocking blocking technologies that prevent users from viewing a website's content if they have an ad-blocker installed in their browser.
Based on this response, to comply with this new interpretation of the cookie law, Internet publishers must ask you if they can scan your browser for ad-blocking software, and then prompt you to disable the ad-blocker if you agree.
The problem of server-side scripts
Mr. Hanff's says that his original letter only included the question of client-side scripts that scanned for ad-blockers, but he points out that the answers received from the European Commission include references and legal opinions that cover server-side scripts as well.
Under this latter category, any analytics service could potentially be affected. Mr. Hanff has answered Softpedia's inquiry, and he argues that this is true. Any analytics service, that employ client or server-side scripts, should also ask for permission. Until now, only analytics services that deployed client-side cookies were affected by the EU Cookie Law. This means that analytics services, commercial or deployed in-house, relying on server-side scripts are also impacted and may need to ask for permission.
This is just one of the questions we can raise from this letter. Of course, the ramifications of this response might need to be debated by people with actual in-depth knowledge of EU law, and not us.
What is certain is that Mr. Hanff has pledged to use the answer he received from the European Commission to start legal actions against any publisher that blocks users with ad-blockers installed to access their websites.
Below are tweets from Mr. Hanff on this matter, along with images of the answer he received from the European Commission.
SUMMARY: One of the greatest threats to private cybersecurity today is ransomware -- a cyberattack that blocks access to a computer until the hacker is paid a ransom. The problem recently took on new urgency when a hospital in Los Angeles had its entire network shut down for hours, putting hundreds at risk; another high-profile breach hit L.A.’s health department last week. William Brangham reports.
GWEN IFILL (NewsHour): But, first, a look at what’s become the latest threat to our cyber-security.
The problem took on new urgency recently when a hospital in Los Angeles had its entire computer network, including all its digital medical records, locked up by hackers. They demanded a ransom before they’d release the computers. It was the second such attack this month. L.A.’s Health Department was hit last week.
These types of computer attacks, which usually target individual computer users, are on the rise.
The “NewsHour's” William Brangham reported on this threat last year, and now he brings us an update.
WILLIAM BRANGHAM (NewsHour): Inna Simone is retired. She’s a mother and grandmother from Russia who now lives outside of Boston. In the fall of 2014, her home computer started acting strangely.
INNA SIMONE, Retiree: My computer was working terribly. It was not working. I mean, it was so slow.
WILLIAM BRANGHAM: A few days later, while searching through her computer files, Inna saw dozens of these messages — they were all the same. They read: “Your files are encrypted. To get the key to decrypt them, you have to pay $500.”
Her exact deadline, December 2 at 12:48 p.m., was just a few days away.
All her files were locked , tax returns, financial papers, letters, even the precious photos of her granddaughter Zoe. Inna couldn’t open any of them.
INNA SIMONE: It says, “If you won’t pay, your fine will double. If you won’t pay by then, all your files will be deleted and you will lose them forever and never will get back.”
WILLIAM BRANGHAM: Inna Simone, like thousands of others, had been victimized by what’s known as a ransomware attack. Hackers — who law enforcement believe come mainly from Eastern Europe or Russia — manage to implant malicious software onto your computer, usually when you mistakenly open an infected e-mail attachment, or visit a compromised Web site.
That software then allows the hackers to lock up your files, or your entire computer, until you pay them a ransom to give it back.
Justin Cappos is a computer security expert at New York University.
JUSTIN CAPPOS, New York University: It will actually lock you out of the files, the data on your computer.
So, you’d be able to use the computer but those files have been encrypted by the attacker with a key that only they possess. It’s frustrating because you know the data is there. You know the files are there. You know your photos and everything is there and could be accessible to you. But you have no way of being able to get at it because of this encryption that the attackers are using.
WILLIAM BRANGHAM: This is exactly what happened at Hollywood Presbyterian Hospital in Los Angeles. According to officials, about a month ago, their computerized medical records were locked up by one of these malicious programs, and a hacker demanded $17,000 in ransom to unlock them.
During this time, medical staff were forced to use paper and pen for their record-keeping, but they say no patient files were compromised. The hospital decided to pay the ransom. Their computers were unlocked, and the FBI is now investigating.
Most of the way this huge roleplaying-shooter game works is carried over from its excellent predecessors, Fallout 3 and Fallout: New Vegas. It is the Skyrim to Fallout 3’s Oblivion, if you will – it iterates on the previous game’s already amazing systems, and it’s similarly dense with locations to explore, genuinely creepy monsters to fight, and superbly engrossing post-nuclear atmosphere that blends unsettling gore and death with dark comedy. After more than 55 hours played I may have seen an ending, yet I feel like I’ve only begun to explore its extraordinary world; from the look of it, I’ll easily be able to spend another 100 happy hours here and still see new and exciting things.
A story that begins as a basic search for your lost family evolves into something much more complex and morally nuanced. Like in Fallout: New Vegas, we’re drawn into a struggle between several groups competing for control of the region, and deciding which of their imperfect post-apocalyptic philosophies to align with made me pause to consider how I wanted events to play out. Even the highly questionable Institute has a tempting reason to side with them, and turning away from them in my playthrough wasn’t as clear-cut a choice as I’d expected. I was impressed by the sympathy shown toward the villains, too - even the most irredeemable murderer is explored and given a trace of humanity.
An artificial intelligence program developed by researchers at Google can beat a human at the board game GO, which some consider to be the most complicated board game in existence. And this AI program — dubbed AlphaGo — didn’t defeat any ol’ human, but the European Go champion Fan Hui in a tournament last October by five games to nil. The findings, published today in the journal Nature, represent a major coup for machine learning algorithms.
“In a nutshell, by publishing this work as peer-reviewed research, we at Nature want to stimulate the debate about transparency in artificial intelligence,” senior editor Tanguy Chouard said at a press briefing yesterday. “And this paper seems like the best occasion for this, as it goes- should I say, right at the heart of the mystery of what intelligence is.”
Known as wéiqí in Chinese and baduk in Korean, GO originated in China over 2,500 years ago. The board consist of a 19 by 19 grid of intersecting lines. Two players take turns placing black and white marbles on individual intersection points. Once place, the stones can’t be moved, but they can be captured by completely surrounding an opponent’s marble. The ultimate objective is control more than 50 percent of the board, but since the board is so intricate, there are numerous possibilities for moves.
“So Go is probably the most complex game ever devised by man. It has 10^170 (that's 10 followed by 170 zeros) possible board configurations, which is more than the numbers of atoms in the universe,” said study author and AlphaGo co-developer Demis Hassabis of Google DeepMind.
I make no guarantee that any advice given on these pages will work as expected. There are just too many variables depending on Operator Systems and hardware configurations to give any advice that will always work.
Where possible, I will provide links to my source.
I have over 30yrs experience in electronics, computers, and software. I have served as an IT Technician. So I have created this blog to pass on my experience on these subjects.
Note that I do not have any Certifications nor degrees. All I know is from hands-on.
My experience in electronics comes from 22yrs in the Navy (retired) in Avionics, including as an instructor.
Note that I monitor the support forums under "Recommended Links."