Wednesday, December 28, 2011

WINDOWS - Win7 Menu Bars

This is about turning ON Menu Bars in Windows 7 (Win7).


Menu Bar in Explorer (My Computer):
  1. Click the [Start] logo-button and type folder options in the search-box, click Folder Options link displayed

  2. Click the [View] tab and check [X] Always show menus


  3. (click for better view)


IE 8 or 9, and Media Player Menu Bars:
  1. Open Internet Explorer or Media Player

  2. Right-click on a EMPTY area on the Tab Bar, then [X] check the Menu Bar option

Monday, December 19, 2011

CYBERCRIME - Battle Over Online Piracy

"Film, Music Industries Battle Leading Internet Companies Over Online Piracy"
PBS Newshour 12/15/2011


Excerpts

JEFFREY BROWN (Newshour): Alright.

Markham Erickson, first, do you acknowledge piracy is a problem? I mean, all over the Internet, one can get copyright -- there are copyright violations.

MARKHAM ERICKSON, Open Internet Coalition: Well, sure. People are doing bad things on the Internet. And we agree that there are ways to try to deal with the very real problem of sites that are located outside of the jurisdiction of our court system and our legal system that are engaging in theft and illegal activity.

JEFFREY BROWN: What's the problem with the way they are proposing?

MARKHAM ERICKSON: The problem is, the proposals in Congress right now are not targeted to the problem of dealing with offshore illegal piracy.

We think there is a way to deal with that. And we've proposed a solution, which is to follow the money. The offshore sites are there to make money. They're there to profit from illegal activity. The companies I represent -- represent are some of the biggest ad networks and payment processors in the Internet ecosystem.

And they want to work with the rights-holders that, when an offshore site is engaged in illegal activity, they will shut off the economic lifeblood to those sites. And, if they do that, those sites will disappear.
----
JEFFREY BROWN: And what -- Mr. O'Leary, what about the proposed other -- the alternative route for dealing with this that he raised?

MICHAEL O'LEARY, Motion Picture Association of America: Well, I think that it's the -- to look at it from a positive perspective, it's encouraging to see a recognition that something has to be done about this problem.

I think that what we have concerns with the alternative proposal is that it sets up a separate court in the ITC. And that is not something which is necessarily used to deal with copyright. It's slow. It's bureaucratic. And, frankly, when someone is stealing from you, you don't have 12 to 18 months to work -- to let the bureaucratic court process work.

What we're proposing, what has bipartisan support, we have a broad support from not just the political spectrum, but across all types of American businesses is something which is a tool which will allow law enforcement to go after bad actors that are hiding overseas. We think it's more effective and more efficient.

COMMENT: As a techie in this area I support Mr. Erickson's view.

Note that Mr. O'Leary is NOT a computer network expert, he's only repeating what others have told him. His assertion that the proposed law is "more efficient" is wrong. Having the online payment processors shut-down payments to illegal sites is actually more efficient because it would NOT *require* courts at all. This could be done by the online payment processors themselves.

What the copy right industry SHOULD be doing is making a partnership with online payment processors to identify then block illegal sites. What I am proposing is that the film, music, and book industries with the online payment processors start their own origination to find, track, then block illegal sites.

The courts would only intervene IF a site disputes being blocked. Note that the online payment processors have total rights and control on just who they allow to use their services.

What is wrong with the proposed laws is that they will NOT work, because it can ONLY effect organizations within U.S. jurisdiction. They will have little effect on sites overseas that they are so concerned about.

Friday, December 9, 2011

SECURITY - Pentagon Seeks Hacker Help

"Pentagon asks hackers for help with cyber security" by Joseph Straw, Daily News 11/8/2011

The Pentagon agency that invented the Internet is asking the hacker community for help in eliminating Defense Department computer vulnerabilities.

The Defense Advanced Research Projects Agency, or DARPA, hosted a meeting this week for defense stakeholders and civilian computer experts, acknowledging that it has to start thinking differently about cyber security, Wired.com reported.

And the computer networks that run U.S. infrastructure are so vulnerable to cyber attack that the White House should think twice before even attacking emerging adversaries, a national security expert said.

Richard Clarke, who advised ex-Presidents Bill Clinton and George W. Bush, added that U.S. defense networks are "as porous as a colander."

Their Goliath scale leaves them especially vulnerable to tiny attacks, the Associated Press and Wired reported.

Clarke, who claims his early 2001 warnings to the Bush administration about the emerging threat of Al Qaeda went unheeded, issued the new warnings as tensions escalate between the U.S., Israel and their shared adversary Iran.

Last month Wired reported that a mundane virus called a key logger - one that surreptitiously records keyboard typing - was found on the computers used to remotely pilot Air Force drones targeting terrorists overseas.

In 2009 national security officials disclosed that Russian and Chinese agents had penetrated the U.S. electric grid and left behind software to help map the systems.

Wednesday, November 30, 2011

INTERNET - Open Letter on "IP Act" and "Online Piracy Act"

"An open letter to Senator Leahy regarding Internet censorship" on Newsgroups: alt.politics.usa.constitution


Dear Senator Leahy;

I am very concerned about the over-reaching authority which appears to be in the Protect IP Act and the Stop Online Piracy Act.

References:

Protect_IP_Act

Stop_Online_Piracy_Act

I am a software developer on the Internet. My main site is nodes.net which I have owned since 1998. I am working on a "quality discernment system" to advance the concept of an "intelligent web."

An integral part of the vision I hold is for individuals to "endorse" specific URL's on the web. These URL's could be something I call "metalinks" which are basically re-programmable re-directs to other web sites. These MetaLinks allow people to make a short, easy-to-
remember link for a web search or a web page.

For example, http://oil.nodes.net will redirect you to Energy Prices at Bloomburg. http://occupy.news.nodes.net will produce a search of news for "occupy" at Google news. There are many other search engines which are being included in this syntax at nodes.net

For example, http://vermont.wiki.nodes.net will take people to Wikipedia's entry for Vermont. I didn't program this metalink specifically. It is automatic. You can search for any word or phrase by substituting your word(s) for "vermont" in this URL.

In similar fashion http://05401.weather.nodes.net will take people to the weather for Burlington, VT and http://paris.time.nodes.net will take people to the current time in Paris. There are several dozen of these interfaces to other web sites and there will be hundreds, even thousands more in the near future.

I am concerned that the legislation currently being considered will limit the development of new technology to create an "intelligent web."

While the Metalinks currently in use have all been defined by someone I plan to allow intelligent software to create metalinks in the future.

It would be unwise to restrict the use of intelligent software to define links in my opinion. It's wrong to assume that all links are created by individuals operating independent of each other. Links could be a result of composite or collaborative intelligence.

In the future, metalinks will represent our "collective intelligence" or "community wisdom." That's what I'm working on now. I'm working to
create an "intelligent web." The concept I am working with is "augmented human intelligence" rather than "artificial intelligence."

I am asking you to put this legislation on the shelf for a minimum of 30 days, until 2012, so that there can be more input by the public and
a more careful analysis of what it means for all of us.

Consideration is a virtue. Please consider the effects this legislation would have on me and others who are working to advance the evolution of human intelligence on the Internet.

Sincerely,

Steve Moyer
Internet Developer
Founder, NODES Network
http://steve.nodes.net ( see what can be done with my technology )

P.S. You can see a link of all the Metalinks currently in existence, not including automatic search interfaces, at http://metalinks.nodes.net

CYBERCRIME - JoD Protections, Pro and Con

"How Effective Is Justice Department Crackdown on Counterfeit Goods Dealers?" PBS Newshour 11/29/2011

Excerpt

GWEN IFILL (Newshour): We look now at the government crackdown on the online sale of counterfeit goods. The Justice Department used Cyber Monday, the biggest online shopping day of the year, to shut down 150 websites that were allegedly peddling fake shoes, sporting goods and handbags. But was this the right approach?

Joining us to discuss that are Steve Tepp, chief intellectual property counsel at the U.S. Chamber of Commerce, and Larry Downes, author of "The Laws of Disruption," a book about law and innovation in the digital age.



More significant excerpts

STEVE TEPP, U.S. Chamber of Commerce: It's a massive problem that's growing every day, because many of these sites are located outside the United States, where there is no remedy.

For the sites located in the U.S., or at least where their domain name is registered in the U.S., dot-com, dot-net, then our enforcement agencies, like the Immigration and Customs Enforcement and the Department of Justice, who are both doing fantastic work on this, protecting the American people, can go to court and seize those domains with a court order.

That's what happened yesterday, and that's 150 domain names that will not be used to steal American jobs, to harm American consumers today.
----
LARRY DOWNES, "The Laws of Disruption": Well, first, it should be noted that, you know, what we're seizing here is not the website itself, just the domain name. It's a largely symbolic act.

What happens is, the site is still there. It can be accessed directly from the I.P. address. Or what often happens is the site comes back a little bit later under another domain name. So whether that is effective or not, it doesn't matter.

Wednesday, November 23, 2011

WINDOWS - CD/DVD Disappears From My Computer

This is a "this has never happened to me before" post.

I have an internal DVD-RAM drive (DVD Recorder, multi-foremat) and when I opened My Computer I noticed that it was missing. All my other drives (internal and external) did show.

I've had this DVD drive for years with no problems.

So, what to check:
  • Rebooted and checked BIOS to see the DVD drive listed

  • Used Device Manager, under DVD/CD-ROM drives to see list (see screenshot)

My HP DVD Writer was listed in both places.

Normally this drive was listed as G: but there was no such drive in My Computer.

Solution:

Open Disk Management (in Computer Management) and scroll-down to where your CDs are shown in the right (see screenshot). Each drive SHOULD have a Logical Drive Letter assigned.

I found that one CD/DVD drive had no Logical Drive Letter.

You right-click on the drive on the right panel, select Change Change Drive Letter and...., then (in this case) [Add] a drive letter. The dialog will show the next available letter.

In this case it showed G: which is what my HP DVD Writer should have been. Clicked [OK] and my DVD displayed AFTER I closed Computer Management.

(click for better view)


Note that this screenshot was taken AFTER I reassigned my HP DVD Writer as G:, and CD-ROM 0 is actually my external DVD-Recorder.

Tuesday, November 22, 2011

SECURITY - Worm, the First Digital World War

"Book Chronicles Fight to Save Web From Sophisticated Computer Worm" PBS Newshour 11/21/2011

Excerpt

MARGARET WARNER (Newshour): In November 2008, computer security experts began detecting a new, highly sophisticated computer worm. They called it Conficker. Ultimately, it invaded at least 12 million computers worldwide.

The story of the campaign to defeat it is chronicled in a new book, "Worm: The First Digital World War." The author is journalist Mark Bowden.



COMMENT: I'm a computer specialist and IT Technician by trade, so I am aware of BOTnets and other malware.

There are protections for users, one mentioned in video is to keep your Windows OS updated.

The specific tool is Microsoft's Malicious Software Removal Tool downloaded during updates (or via their PC Security site).

There is a simpler protection method. This malware cannot be use, or get on your system, IF you are NOT ONLINE. If you do not have a pressing reason to be online, don't; either disconnect your internet or log-off your system. Even better, turn off your PC when you are not actually using it.

Lastly, run a GOOD Antivirus Utility. All that I know of will protect you from KNOWN BOTnet malware.

Thursday, November 3, 2011

UTILITIES - Move from WinXP to Win7

This post is for those who want to move your old WinXP system to a Win7 system.

CAUTION: I have not used this utility, so I cannot verify LapLink's claims.

PCmover Pro from LapLink

The Easiest Way to Move to Windows 7!

PCmover is the ONLY software that moves programs, files and settings from your old PC to your new PC – even restore from an image (or old hard drive) or perform an in-place upgrade.

The easy-to-use wizard will guide you in selecting which programs, files and settings you want on your PC. When complete, your new computer will have the personality and functionality of your old PC. And, PCmover is safe – it removes nothing from your old PC, won’t overwrite anything on your new PC, and includes an easy "Undo" feature.

Looking at the edition comparison table on their Overview page, the Professional edition is the only one worth the money. Also note the inclusion of their "High Speed Transfer Cable" if you order the boxed utility.

Also note the [Docs & Requirements] tab on the linked page. You can get the PDF docs to evaluate if this utility will do what you want.

Thursday, October 20, 2011

FIREFOX - Possible Windows Error Dialog on Launch

This is about an occasional problem with the Firefox browser.

This problem happened to me after:
  1. Upgrading from Firefox 6 to Firefox 7

  2. Then after installing a new Add-on

I did some research on the Firefox Support Forum I found the solution.

The problem is getting a Windows error dialog when Firefox cold-launches using your [Favorites] menu. By "cold-lunch" I mean when Firefox is NOT already running.

(click for larger view)


I stress this is a Windows dialog that appears BEFORE Firefox opens.

This is the fix found on the support site and it does work:

Firefox Win Error Fix

Registry Editor (regedit)

CAUTION: Editing the registry incorrectly can damage your system. Do not attempt these steps if you are inexperienced or uncomfortable using the Registry Editor.

BEFORE making changes, from the tree hierarchy on left of REGEDIT, backup the "open" folder for EACH entry listed below by righ-clicking the folder and using [Export]. Save the result as the branch-name but change "\" to dashes.

NOTE: Make the changes in the order they appear on the tree. (order shown here)

Use the directory tree hierarchy to navigate to the following and DELETE the "ddeexec" registry key:
  1. HKEY_CLASSES_ROOT\FirefoxHTML\shell\open\ddeexec

  2. HKEY_CLASSES_ROOT\FirefoxURL\shell\open\ddeexec

  3. HKEY_CLASSES_ROOT\HTTP\shell\open\ddeexec

  4. HKEY_CLASSES_ROOT\HTTPS\shell\open\ddeexec

After making the changes and closing the Registry Editor, Log Off then Log On.

Now use your [Favorites] menu to launch a site. The Windows error dialog should not appear.

Note that others have had this problem, and why it happens is not known.

Friday, October 7, 2011

WINXP - Make Icons Display Quicker

In Windows XP every time you open My Computer to browse folders XP automatically searches for network files and printers. This causes a delay in displaying your icons. This also applies to your [Start] Favorites menu.

You probably see the "default" windows icon and as you scroll it changes to the correct icon. This is how to stop that...
  1. Open My Computer

  2. Click on the Tools menu and select Folder Options

  3. Under Folder Options, select the View tab

  4. Uncheck the very first box that reads "Automatically search for network folders and printers"

  5. Click [Apply] or [OK]

You should see a dramatic increase in speed when Windows displays your icons.

NOTE: I've tested this on 2 WinXP desktops and it works.

WINXP - Changing Registry Entries

This article is about changing Registry entries, especially using filename.reg downloaded from WEB sites.

First, the WARNINGS:
  1. If it ain't broke, don't fix it DEFIANTLY applies to the Registry

  2. If you are NOT technically-incline, DO NOT DO THIS

  3. Do NOT trust downloaded filename.reg files, open them in NOTEPAD FIRST and see what they change

  4. Make a backup of the Registry Branch from the tree (left-pane) BEFORE executing the REG-file, using the [Export] option, and assign a unique filename (see example below)

  5. Only AFTER you have a backup of the Registry Branch being changed, execute the filename.reg

  6. Backing up the Registry Branch also applies to any manual changes you make


EXAMPLE file disablerefresh.reg:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"NoNetCrawling"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
"Max Cached Icons"="12000"


The Registry Branches that should be backed-up in from example file above, are (see example screenshot)
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer


(click for better view)

Tuesday, September 13, 2011

CYBERSECURITY - Internet WEB Threat

"Hacker Rattles Security Circles" by SOMINI SENGUPTA, New York Times 9/11/2011

Excerpt

He claims to be 21 years old, a student of software engineering in Tehran who reveres Ayatollah Ali Khamenei and despises dissidents in his country.

He sneaked into the computer systems of a security firm on the outskirts of Amsterdam. He created fake credentials that could allow someone to snoop on Internet connections that appeared to be secure. He then shared that bounty with people he declines to name.

The fruits of his labor are believed to have been used to tap into the online communications of as many as 300,000 unsuspecting Iranians this summer. What’s more, he punched a hole in an online security mechanism that is trusted by millions of Internet users all over the world.

Comodohacker, as he calls himself, insists he acted on his own and is unperturbed by the notion that his work may have been used to spy on antigovernment compatriots.

“I’m totally independent,” he said in an e-mail exchange with The New York Times. “I just share my findings with some people in Iran. They are free to do anything they want with my findings and things I share with them, but I’m not responsible.”

In the annals of Internet attacks, this is likely to go down as a moment of reckoning. For activists, it shows the downside of using online tools to organize: an opponent with enough determination and resources just might find a way to track their every move.

It also calls into question the reliability of a basic system of trust that global Internet brands like Google and Facebook, along with their users, rely upon. The system is intended to verify the authenticity of a particular Web site — to ensure, in effect, that Gmail is Gmail, and that the connection to the site is encrypted and difficult for an outsider to monitor.

Hundreds of companies and government authorities around the world, including in the United States and China, have the power to issue the digital certificates that the system relies upon to verify a site’s identity. The same hacker is believed to be responsible for attacks on three such companies.

In March, he claimed credit for a breach of Comodo, in Italy. In late August came the attack on the Dutch company DigiNotar. On Friday evening, a company called GlobalSign said it had detected an intrusion into its Web site, but not into more confidential systems.

Armed with certificates stolen from companies like these, someone with control over an Internet service provider, like the Iranian authorities, could trick Internet users into thinking they were safely connected to a familiar site, while eavesdropping on their online activity.

Fearing the prospect of other breaches similar to those carried out by this hacker, Mozilla, the maker of the Firefox Web browser, last week issued a warning to certificate authority companies to audit their security systems or risk being booted off Firefox.

“It is a real example of a weakness in security infrastructure that many people assumed was trustworthy,” said Richard Bejtlich, the chief security officer of Mandiant Security in Alexandria, Va. “It’s a reminder that it is only as trustworthy as the companies that make up the system. There are bound to be some that can’t protect their infrastructure, and you have results like this.”

Thursday, September 8, 2011

SOFTWARE - Linux Ubuntu on IBM Mainframes?


"Mainframe Ubuntu Linux?" by Steven J. Vaughan-Nichols, ZDNet 9/7/2011

When you think of “Ubuntu Linux,” you probably think of the community Linux distribution and the Linux desktop. That’s great, but Canonical, Ubuntu’s parent company, also wants you to think of Ubuntu as a server and cloud operating system platform. To that end, Canonical has been working with IBM to get Ubuntu certified on IBM’s high-end System P Power hardware line and System z mainframes.

Yes, that’s right little Ubuntu Linux may soon be certified and running on top-of-the-line IBM enterprise hardware. Before this, Canonical worked successfully with IBM on bringing Ubuntu certifications for IBM’s x86-powered System x and BladeCenter lines.

Officially, all Canonical has to say is “Our company policy is that we don’t comment on any rumors that might be circulating. We’ll of course keep you well informed of any news that comes out of Canonical.” Away from public relations though I’m hearing that Canonical and IBM have working hard on expanding Ubuntu’s reach on IBM hardware.

If all goes well, Ubuntu will be officially supported on System p within the month and it will be certified on the Z mainframes by year’s end. This is happening because Canonical is working hard on increasing its business market share. While Ubuntu is arguably the single most popular Linux distribution with individuals, it’s always lagged behind most Red Hat and SUSE, formerly Novell, in business. Canonical wants to change that.

In order to do that, Canonical has been improving its partnerships with Original Equipment Manufacturers (OEMs); major server companies such as Dell, and its enterprise customers. This next step into high-end business computing with IBM makes perfect sense in pursuing this strategy.

As for IBM? Linux has been very, very good for IBM over the last decade and they’re getting to like Ubuntu. Historically, IBM has allied with Red Hat and Novell/SUSE. But, as IBM’s VP of Open Systems Development, Dan Frye told me recently, IBM is operating system and Linux agnostic. IBM will support what its customers want, and so, it appears to me, that IBM’s customers must now be asking for Ubuntu. Sometime soon it looks like they’ll be getting it.

This could be a very big win for the Linux world.

Tuesday, August 30, 2011

SECURITY - Fraudulent SSL Certificate for Google.com

"Fraudulent certificate triggers blocking from software companies" H Security 8/30/2011

A fraudulent SSL certificate for "*.google.com" issued by Dutch certificate authority (CA) DigiNotar, possibly to the Iranian government or its agents, has triggered a wave of updates from software makers to stop applications trusting the CA. The certificate was issued on 10 July to unknown persons in Iran.

Several security experts, such as Moxie Marlinspoke, confirmed that the SSL certificate came from DigiNotar; one pastebin entry detailed the contents of the suspicious certificate, while another called for the "internet death sentence" because the company's "carelessness may have resulted in deaths in Iran". The Electronic Frontier Foundation said in a blog posting that it believes the attacks have been used to intercept searches and private email. It is unknown who the certificate was actually issued to and whether or not any other bogus certificates were issued.

The attack was initially noticed by Google Chrome users because Chrome 13 and later implements certificate pinning which ensures that the browser will only accept certificates for Google from a whitelist of certificate authorities; DigiNotar was not a CA on the whitelist and users of Chrome were alerted that something was amiss with the certificate they were being presented. The certificate was revoked yesterday, 29 August, at 16:59 GMT, but because many browsers do not check for revoked certificates by default, software vendors have had to take action to prevent the continued exploitation of the bogus certificate. It is also currently unknown if any other bogus certificates were issued by DigiNotar, therefore the vendors are opting to block all certificates signed by the CA.

Microsoft has released a security advisory and updates for all supported Windows operating systems – including Vista SP3, Server 2008 SP2 and Windows 7 SP1 – which revoke trust in the CA's root certificate. Windows XP SP3 and Server 2003 SP2 will receive separate updates as these systems do not use the centrally managed Microsoft Certificate Trust List.

Mozilla has announced that it is releasing updates for Firefox (3.6.21, 6.0.1, 7, 8 and 9) and Firefox Mobile (6.0.1, 7, 8 and 9), Thunderbird (3.1.13 and 6.0.1) and SeaMonkey (2.3.2), which will also revoke trust in DigiNotar's root certificate. Mozilla has also released instructions on how to delete the DigiNotar Root CA certificate from Firefox manually.

Google is also disabling DigiNotar's certificate in Chrome "while investigations continue" even though Chrome detected the fraudulent certificate. The Chrome browser was only able to do that for google.com subdomains and if there are other fraudulent certificates for other domains Chrome would be unable to detect the deceit.

This is the second fraudulent certificate incident this year: in March, SSL certificates for addons.mozilla.org, Yahoo, Skype, Microsoft Live and Google were created by an intruder into a Comodo reseller.

Friday, August 26, 2011

TECHNOLOGY - Apple Without Steve Jobs?

"What Will Happen to Innovation at Apple With Jobs Out as CEO?" PBS Newshour 8/25/2011

Excerpts from transcript

RAY SUAREZ (Newshour): It was all a far cry from the days when Steve Jobs and co-founder Steve Wozniak began building their now ubiquitous brand, from scratch, in a California garage. They scored an early hit with the Apple II, the first consumer-grade computer to catch on. By the mid-1980s, the company was in a slump, and Jobs was forced out.

But he returned in 1996, and Apple began a turnaround. Still, in a rare interview in 2007, he said his work was never about creating the next big thing.

STEVE JOBS: We don't worry about stuff like that. We just try to build products that we think are really wonderful and that people might want. And sometimes we're right, and sometimes we're wrong.
----
RAY SUAREZ: Walt Mossberg, whether it's consumer electronics, entertainment, even computing, which is where it all started, this has been a big impact player, hasn't it?

WALTER MOSSBERG, The Wall Street Journal: Well, you know, Ray, I think Steve Jobs is a historic figure.

He's not only a historic figure in business, but really in America. He has not only disrupted and innovated in computers and consumer electronics for all those products we saw just now listed, but he has, in the process, shaken up and revolutionized the music industry, the movie industry, publishing industry. Even the retail industry, the Apple store chain that he built, is widely admired.

And on the side, while he was doing all that, he bought a little company called Pixar and turned it into the most successful studio in Hollywood and revolutionized animation.
----
WALTER MOSSBERG: But the devotion to product is -- goes beyond just those words. It's really a devotion to designing products for actual users. You know, a lot of computer companies -- Hewlett-Packard is a good example in what they are doing in spinning off P.C.s -- are really much more interested in selling to businesses, selling to intermediaries, like I.T. departments.

Steve Jobs calls those orifices. He's much more interested in designing something for the actual consumer, whether they're in a big company or just a family. And that -- and he's a perfectionist about it. And he's surrounded himself with other people who are just laser-focused on that.

The other thing, Ray, I think is incredibly important is, they don't just make little innovations based on market research. They take big risks and make big bets on what they think the next thing that people will want is, even if the people don't know it themselves at the time.

Monday, August 22, 2011

SECURITY - AES Crypto Broken

"AES crypto broken by 'groundbreaking' attack" by Dan Goodin, The Register 8/19/2011

Updated, Cryptographers have discovered a way to break the Advanced Encryption Standard used to protect everything from top-secret government documents to online banking transactions.

The technique, which was published in a paper (PDF) presented Wednesday as part of the Crypto 2011 cryptology conference in Santa Barbara, California, allows attackers to recover AES secret keys up to five times faster than previously possible. It introduces a technique known as biclique cryptanalysis to remove about two bits from 128-, 192-, and 256-bit keys.

“This research is groundbreaking because it is the first method of breaking single-key AES that is (slightly) faster than brute force,” Nate Lawson, a cryptographer and the principal of security consultancy Root Labs, wrote in an email. “However, it doesn't compromise AES in any practical way.”

He said it would still take trillions of years to recover strong AES keys using the biclique technique, which is a variant of what's known as a meet-in-the-middle cryptographic attack. This method works both from the inputs and outputs of AES towards the middle, reusing partial computation results to speed up the brute-force key search. The technique is designed to reduce the time it takes an attacker to recover the key.

Lawson continued:

This technique is a divide-and-conquer attack. To find an unknown key, they partition all the possible keys into a set of groups. This is possible because AES subkeys only have small differences between rounds. They can then perform a smaller search for the full key because they can reuse partial bits of the key in later phases of the computation.

It's impressive work but there's no better cipher to use than AES for now.

AES remains the favored cryptographic scheme of the US government. The National Institute of Standards and Technology commissioned AES in 2001 as a replacement for the DES, or Digital Encryption Standard, which was showing signs of its age.

The research is the work of Andrey Bogdanov of Katholieke Universiteit Leuven; Microsoft Research's Dmitry Khovratovich; and Christian Rechberger of Ecole Normale Superieure in Paris. Bogdanov and Rechberger took leave from their positions to work on the project for Microsoft Research. ®

Update

Vulture Central has been deluged with missives from outraged readers complaining about the use of the word “broken” in the headline. "Broken" in cryptography is the result of any attack that is faster than brute force. The biclique technique described here allows attackers to recover keys up to five times faster than brute-force. AES may not be completely broken, but it's broken nonetheless.

What's more, theoretical attacks against widely used crypto algorithms often get better over time. As Root Labs' Lawson has noted, MD5 wasn't compromised in a single 2004 paper. Rather, people successively found better and better attacks against it, starting in the mid 1990's.

Monday, August 15, 2011

WINDOWS - MFT and MFT Zone

This is about the Windows NTFS Master File Table (MFT) and MFT Zones.

From SearchWindowsServer.com, Master File Table:

The master file table (MFT) is a database in which information about every file and directory on an NT File System (NTFS) volume is stored. There is at least one record for every file and directory on the NTFS logical volume. Each record contains attributes that tell the operating system (OS) how to deal with the file or directory associated with the record.

Detailed information about a file or directory such as the type, size, date/time of creation, date/time of most recent modification and author identity is either stored in MFT entries or in space external to the MFT but described by the MFT entries. For a complete list of MFT attributes, click on "View" (in Explorer aka My Computer) in an open folder containing at least one file or subfolder and then click on "Choose Details." You can select which attributes you want made visible by checking or unchecking the boxes in the left-hand column of the resulting pop-up window.


Screenshot of MFT Data List
(click for better view)


MFT Zone, excerpt from PCGuide.com

As more files and directories are added to the file system, it becomes necessary for NTFS to add more records to the MFT. Since keeping the MFT contiguous on the disk improves performance, when an NTFS volume is first set up, the operating system reserves about 12.5% of the disk space immediately following the MFT; this is sometimes called the "MFT Zone". This is a substantial chunk of real estate to reserve, but bear in mind that it is still usable. Regular files and directories will not use this space until and unless the rest of the disk volume space is consumed, but if that occurs, the "MFT Zone" will be used. Eventually, if there are enough entries placed in the MFT, as it expands it will use up the "MFT Zone". When this happens, the operating system will automatically allocate more space elsewhere on the disk for the MFT. This allows the MFT to grow to a size limited only by the size of the volume, but this fragmentation of the MFT may reduce performance by increasing the number of reads required for some files, and the MFT cannot generally be defragmented.


WARNING: The main reason for posting this article has to do with a major problem that can occur (and did to me just the other day).

This has to do with the "Delayed Write" on hard drives. On modern hard drives data is not written to the drive real-time. The data is stored in a memory cache, sometimes the drive itself has a cache.

A major problem occurs when the copy of the drive's MFT kept is in memory cannot be written to the drive. You get a error dialog stating that "delayed write" failed and it lists "$MFT" which is the hidden filename. The dialog will also state that "data has been lost."

In my case, this happened when I tried to Restart/Reboot my system, and the error was for to my USB External Hard Drive and the usual tools could not fix (rebuild) the MFT. I suspect a USB hard drive interface hardware failure.

This will make the hard drive inaccessible. Your system may be able to see the hard drive, but it will show as NOT partitioned. Therefore ALL your data on the drive is lost/inaccessible.

This CAN happen to any hard drive, but External Hard Drives are especially susceptible if the interface (USB or Firewire) goes bad during actual operation. I believe that USB External Hard Drive are most susceptible because of all the other USB devices that you connect to your USB ports. A glitch in another USB device at a critical moment, causes a problem on the USB External Drive (like a Delay Write failure of the $MFT).

Friday, August 12, 2011

SOFTWARE - EaseUS Partition Master Pro

An excellent hard drive partition utility, EaseUS Partition Master Professional.

All Partition Master Pro's features can be seen in the sidebar of the screenshot of the Main Dialog.

Especially note the "WinPE bootable disk" under Tools. This is also available from Partition Master's start menu list as "Create bootable disk." Partition Master comes with an ISO image that is written (using either option) to a CD and runs the entire utility when you boot to the CD. This is the best feature, and I suggest using this CD for the most trouble-free method of using this utility especially for operations on your boot disk (C:).

Note the dark purple color designates a Primary Partition, the cyan is a Logical Partition.

In the screenshot, both Disk1 and Disk2 are external Firewire Hard Drives, and are seen by Windows (WinXP SP3) first.


(click for better view)


NOTE: This is better than MimiTool's Partition Wizard Pro.

Friday, August 5, 2011

PRIVACY - Facial Recognition Technology and Social Networking

"Profile pics on social media sites pose privacy risk, researcher warns" by Jaikumar Vijayan, ComputerWorld 8/5/2011

Excerpt

Facial recognition tech makes it easier to combine offline, online identities

Imagine walking down a street and having a total stranger being able to instantly pull up your name, date of birth, Social Security number, your last blog item and other data on their smart phone.

That could soon happen, said Alessandro Acquisti, associate professor of IT and public policy at Carnegie Mellon University's Heinz College.

In a presentation at the Black Hat conference here this week, Acquisti demonstrated how it's becoming easier for strangers to identify people and infer detailed information about them from their publicly available images on sites such as Facebook and LinkedIn.

The trend has "ominous implications for privacy," Acquisti said. "I'm here to raise awareness of what I feel is going to happen."

Acquisti detailed the results of a series of experiments he conducted in which he applied off-the-shelf facial recognition tools to publicly available Facebook profile images to uniquely identify individuals. In one of the experiments, Acquisti and his team of researchers attempted to glean the true identities of individuals who had posted their images under assumed names on an online dating site

First, they used a search engine and an API they developed to automatically extract about 275,000 publicly available profile images of Facebook members in a particular city.

They then did the same with publicly available images of individuals in the same city who had posted on the dating site. Acquisti used a facial recognition tool called Pittsburgh Pattern Recognition (PittPatt) developed at CMU to see whether he could find matches between the dating site images and the Facebook profile pictures.

In all, about 5,800 dating site members also had Facebook profiles. Of these, more than 4,900 were uniquely identified. The numbers are significant because a previous CMU survey showed that about 90% of Facebook members use their real name on their profiles, Acquisiti said. Though the dating site members had used assumed names to remain anonymous, their real identities were revealed just by matching them with their Facebook profiles.

In another experiment, Acquisti's team took webcam photos of nearly 100 students and tried to match those images with the pictures on each student's Facebook profile.

Students were asked to pose for three photos and then fill out a short survey. While the surveys were being filled out, the webcam images were run against PittPatt to see whether a match could be found on Facebook.

In that experiment, about 31% of the students were correctly matched with their Facebook profiles -- in about 3 seconds.

CYBERSECURITY - Massive Spying Campaign

"Massive Campaign of Cyber Spying Uncovered" PBS Newshour 7/4/2011

Excerpts from transcript

MARGARET WARNER (Newshour): For at least five years, a high-level hacking campaign infiltrated the computer systems of more than 70 governments, corporations and public and private organizations in 14 countries. So says the Internet security firm McAfee, which uncovered the massive campaign and dubbed it Operation Shady RAT.

A summary released by McAfee yesterday identified -- identified the perpetrator only as one specific state actor.
----
MICHAEL JOSEPH GROSS, Vanity Fair: This is an unprecedented campaign of cyber-espionage, demonstrates with absolute clarity now that there are just two kinds of organizations, those that have been compromised and those that haven't, as Dmitri Alperovitch, the guy who discovered this campaign, has often said.

What happened is, they went into more than 70 organizations, everything from the International Olympic Committee to giant corporations, to tiny nonprofits, in 30 different organizational categories in 14 countries. They took out government secrets, design schematics, legal contracts, negotiation plans for business deals, every kind of sensitive information you can think of.

In many cases, these organizations were compromised for at least a year, in some cases, more than two years. And there's a really interesting pattern to the evolution of the attacks that suggest where they may have come from.

MARGARET WARNER: And that is?

MICHAEL JOSEPH GROSS: That is China.




"Revealed: Operation Shady RAT" by Dmitri Alperovitch, McAfee Labs 8/2/2011

Excerpt

For the last few years, especially since the public revelation of Operation Aurora, the targeted successful intrusion into Google and two dozen other companies, I have often been asked by our worldwide customers if they should worry about such sophisticated penetrations themselves or if that is a concern only for government agencies, defense contractors, and perhaps Google. My answer in almost all cases has been unequivocal: absolutely.

Having investigated intrusions such as Operation Aurora and Night Dragon (systemic long-term compromise of Western oil and gas industry), as well as numerous others that have not been disclosed publicly, I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact. In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.

McAfee Global Threat Intelligence

Thursday, July 28, 2011

SECURITY - Cybercrime, Attacker Arrested

"British Police Make Arrest in Net Attacks" by SOMINI SENGUPTA, New York Times 7/27/2011

Excerpt

The British police announced the arrest on Wednesday of a 19-year-old man who they said was the spokesman of the online vigilante group Lulz Security, which has claimed responsibility for a string of attacks on the Web sites of government agencies and private corporations.

In a statement, the police said the man used the online alias Topiary and had been picked up during a raid on a residence in the Shetland Islands, the rugged archipelago off the northeastern coast of Scotland. The police said they were also questioning a 17-year-old but had not arrested him.

On Twitter, Topiary described himself as a “simple prankster turned swank garden hedge.” His missives were often facetious, suggesting the handiwork of someone who relished playful language.

Lulz Security, the offshoot of a larger and more amorphous hacker group called Anonymous, has said it was responsible for attacks on the sites of PBS, the Senate, the Arizona Department of Public Safety and a company associated with the F.B.I.

Friday, July 15, 2011

LINUX - Opinion, Mint vs Ubuntu

"Is Linux Mint a Better Choice than Ubuntu?" by Matt Hartley, Datamation 7/12/2011

Excerpt

Could the rapidly growing, user-friendly Linux distro attract converts away from the mighty Ubuntu?

For many advanced Linux enthusiasts reading this, I doubt that any recent changes to the Ubuntu desktop swayed you very much. Most of you already have had plenty of time to select alternative distros -- from Fedora to Arch Linux -- should you decide you want to.

Each distribution has its own set of advantages and differences. But for those people who cannot bear to part with some features that are considered to be unique to Ubuntu, Linux Mint might be a viable option to look into.

Linux Mint is perfect for new users

I've used Linux Mint GNOME edition off and on for a few years now. I have mostly used it in testing, as I'm really not the target audience for this distribution. Yet I continue to be impressed with how simple and user-friendly this desktop is. In addition, there are other factors that I think give Linux Mint a huge edge over Ubuntu for the casual user.

When running the Linux Mint software updating tool, you'll find things are numbered from 1 to 5. Packages numbered with a 1 are from Linux Mint developers while those packages with a "2" or higher come from Ubuntu or a third-party.

This numbering system all but guarantees that you won't hose a system with a bad set of updates from a rogue repository you added and forgotten about.

The next big thing with Linux Mint is how concisely the menu layout is presented. Unlike the old Gnome menus or even Unity, everything in Linux Mint is tightly laid out to make the entire experience as logical as possible. This menu setup makes migrating from another operating system much less overwhelming for newer users. For "old hat users" such as myself, I enjoy finding everything within reach. And if it's not visible, the provided search box takes care of anything that's missing.

Another huge push in the right direction for newcomers would have to be the introduction screen that appears on the first boot. Documentation, support, and so forth is presented right away. From there, items that I think should have been provided by Ubuntu out of the box are a given with Linux Mint.

Gufw (Easy to use Ubuntu Firewall) is installed and ready to go. There is a Mintbackup utility that not only offers the same functionality as SimpleBackup on Ubuntu, but it even backs up your application titles. This means you can take this list to another PC, run the program and install the same software list as before. That’s always been possible via the command line, and now it's nice to see this functionality provided for newer users with a friendly GUI.

Without any doubt, the biggest reason for me to love Linux Mint is that I can install software by name from the control panel -- with greater speed than I could have with apt-get.

Plus I can avoid all the package managers and directly type in the application's name, which presents me with the option to install it. Best of all, it's done very quickly and without the bloat of the software center. It's almost like being able to run the terminal without needing to know how. I love it!

It feels like Ubuntu

One of the biggest reasons I still rely on Ubuntu is because of the huge number of software packages available for it. If there's software for Linux, then there's an Ubuntu package somewhere for that application title.

Luckily, these same applications also work well for Linux Mint as it offers a release based on Ubuntu. This means that should Ubuntu's direction force me to drop it completely I can stick with the same applications.

Below is my laptop's Linux Mint-10 Desktop.

(click for better view)


NOTE: The calendar shown is Rainlendar which has Windows and Linux versions. Rainlendar Lite is freeware, Rainlendar Pro (allows calendar network sharing and MS Outlook sync) is shareware license-fee.

What I run on both my WinXP Pro desktop and Mint laptop is Rainlendar Lite.

SECURITY - Department of Defense 'Cyber Command'

"Is the U.S. Prepared for Battle in Cyberspace?"
PBS Newshour 7/14/2011


"Pentagon Gears Up for the Digital Battlefield"
PBS Newshour 7/14/2011

Monday, July 11, 2011

MALWARE - Rootkit Threat to NTFS Loader

I'm posting this because of the high danger of this type of malware.

"New Rootkit Infects NTFS Loader" by Lucian Constantin, Softedia 7/6/2011

Security researchers from Kaspersky Lab have identified a new piece of malware which writes malicious code to the NTFS boot loader.

The threat which Kaspersky detects as Cidox, features two rootkit drivers, one for 32-bit versions of Windows and one for 64-bit ones.

As part of its infection routine Cidox determines the version of the operating system and copies the relevant driver to the empty sectors at the beginning of the drive.

It only infects NTFS partitions and determines the active one by looking at the MBR code. It then proceeds to replace the Extended NTFS IPL (Initial Program Loader) code. The original one is encrypted and saved at the end.

This is part of a special technique that leverages Windows kernel features to load the malicious driver into the system.

The driver has the purpose of hooking into several processes including svchost.exe, iexplore.exe, firefox.exe, opera.exe and chrome.exe via a special DLL.

"This library modifies any browser output, substituting it with its own. As a result, the user sees a browser window displaying an offer to renew the browser due to some malicious programs allegedly detected on the system," Kaspersky's Vyacheslav Zakorzhevsky explains.

This threat is effectively a form of scareware, as the user is asked to pay for the browser renewal by sending an SMS message to a premium rate number.

In order to appear more convincing, there are custom pages for each browser borrowing design elements from other official ones displayed by their developers.

This is one of the most sophisticated scareware threats currently in the wild, but at the moment it only appears to target Russian-speaking users.

It seems that malware authors are increasingly using advanced techniques. One of the most dangerous threats at the moment, the TDL4 rootkit, infects the MBR (master boot record) in order to hide itself.

NOTE: Although I could NOT find the exact references to "Trojan-Dropper.Win32.Cidox" stated in the Zakorzhevsky article, Microsoft Malware Protection Center had the following references:

Note the Softedia article says "new" but I found references to NTFS Loader threats, at several virus sites, back in 2009.

Wednesday, June 29, 2011

HARDWARE - A New Type of Mouse

This is so evolutionary I had to post it

Celluon evoMouse - the evolution of the mouse

Thursday, June 16, 2011

SOFTWARE - MiniTool's Partition Wizard Pro

This is about a hard drive management tool form MiniTool, Partition Wizard Pro.

In the past (long, long time ago; in a galaxy far, far away) I used Partition Magic from Symantec. Problem, Symantec no longer supports it, AND it does not work with today's large hard drives. In fact it can screw-up your hard drive if you [OK] at the message when you launch Partition Magic (sees a non-existing problem with the drive).

I had to find an alternative because I had replaced my old HD0 (C: & D:) with a larger one and had to resize the partitions after recovering the image backups of each drive.

The answer is MiniTool's Partition Wizard Pro. The screenshot below is of my home system with my larger HD0 (aka Disk 2), C: highlighted, after resizing.

(click for better view)

For those that notice, the "Disk" order is what Windows sees after boot. "Disk 1" (H:Games4) is a Firewire drive and Windows sees that first.

CAUTION: You should run CHKDSK on the drive after your done. Example = chkdsk c: /f/v

List of features:
  • Resize/Move Partition: Easily resize/move partition without data loss

  • Create, Format, Delete Partition

  • Convert Partition format from FAT to NTFS

  • Hide and Unhide Partitions, set active partition, label drive letter

  • Merge Partition

  • Hot Extend Partition without reboot

  • Change cluster size without data loss

  • Support Linux Ext2, Ext3, Ext4 (file systems)

  • Partition Copy: Copy entire partition to unallocated space with high performance file-by-file, moving technology; backup or move data without any data loss

  • Partition Recovery: Scan disk to restore deleted or damaged partitions

  • Hard Disk Copy: Copy an entire disk to a different diskquickly and easily with data clone technology. Backup disk data without data loss

  • Support Windows 32/64 bit Operating Systems

  • Visually demonstrate your disk/partition configuration to preview changes before apply

  • Support RAID

  • Support single disks or partitions larger than 2 TB

  • Support up to 32 hard disks within one system

  • Set partition as primary

  • Set partition as logical

  • Rebuild MBR (must use if you copy a boot partition)

  • Convert Dynamic Disk to Basic Disk

  • Disk Surface Test

  • Partition Surface Test

  • Change Partition Serial Number

  • Change Partition Type ID

Friday, June 10, 2011

INTERNTE - IPv6 World Test

"World Tests IPv6: Why 4.2 Billion Internet Addresses Just Weren't Enough"
PBS Newshour 6/8/2011

What I've discovered:
  1. First and foremost, most of us desktop/laptop users will not have to worry about this, WEB sites you use today can still be accessed WHEN IPv6 becomes the world standard

  2. Most major OS are IPv6 ready (examples WinXP, Vista, Win7, Linux, Mac)

  3. Your ISP will have to implement IPv6, I found out that my ISP, AT&T will be doing that in the future and will notify me when they roll it out

  4. The hardware you use to connect to your ISP (DSL/Cable Modems, routers, etc) will also have to be IPv6 capable; some hardware MAY be able to upgrade firmware or you'll have to buy a new model

  5. The U.S., and most of the developed world, are IPv6 ready when it comes to the WEB as a whole

IPv6 is an extension of the IPv4 we use today, which is why most of us will not have to worry.

The industry I see as implementing IPv6 the fastest is the hand-held-devices; your iPad, Blackberry, new-gen cell phones, etc. This is the industry that is expanding the fastest and needs more IP addresses.

As for PC industry, newer products in the future will include IPv6 capable hardware.

Here's a link to Test Your IPv6 (from Netgear forums).

Tuesday, June 7, 2011

INTERNET - Apple's iCloud and Mac OS X Lion

"Apple Unveils New iCloud Music Service, but Privacy Issues May Lurk"
PBS Newshour 6/6/2011


Excerpt from transcript, security

RAY SUAREZ (Newshour): If I put my stored and accumulated content on the cloud, is it private?

CECILIA KANG, The Washington Post: Well, that's a good question.

The -- the devices will be encrypted. And that's what Apple said in passing. But there's a lot of questions as to your privacy and the security of cloud-based applications, Internet-based services. We have seen a lot of attacks on information, hacking attacks into Sony, Nintendo, PBS. You have seen a lot of these -- this -- the vulnerability of information that resides on the Internet.

And when I say it resides on the Internet, I mean that it resides on servers. You don't know where they are, but there are large data farms all over the country around the world, where bits -- your bits and pieces, the bits, I should say, of the music that you have, the videos that you have, the bits, the actual digital packets, they reside in these places that you don't really as much control of.

So, when you make this decision to switch to cloud-based applications, it's much easier, more convenient and often much cheaper. But there often is the -- there is the consideration of a tradeoff, perhaps, in that there may be less security involved. It's much safer when you have your information on your own computer that only you can access than on the Internet.

And your privacy is also perhaps in -- in question, in that more people, more companies have access to what you're doing. And they can see what you're doing online.


ALSO

As mentioned in video Mac OS X Lion (Wikipedia) (Apple) (links open in new page)

Thursday, June 2, 2011

CYBERCRIME - Latest on Hacker Attacks

"Gauging the Impact, Motivations of Today's Hackers"
PBS Newshour 6/1/2011


This is the related story mentioned in video

"Google Says Hackers in China Stole Gmail Passwords" by JOHN MARKOFF and DAVID BARBOZA, New York Times 6/1/2011

Excerpt

Google said Wednesday that hundreds of users of Gmail, its e-mail service, had been the targets of clandestine attacks apparently originating in China that were aimed at stealing their passwords and monitoring their e-mail.

In a blog post, the company said the victims included senior government officials in the United States, Chinese political activists, officials in several Asian countries, military personnel and journalists.

It is the second time Google has pointed to an area of China as the source of an Internet intrusion. Its latest announcement is likely to further ratchet up the tension between the company and Chinese authorities.

Tuesday, May 17, 2011

SECURITY - Global Cybersecurity

"U.S. Calls for Global Cybersecurity Strategy" by HELENE COOPER, New York Times 5/16/2011

The Obama administration on Monday proposed creating international computer security standards with penalties for countries and organizations that fell short.

While administration officials did not single out any countries in announcing the strategy, several officials said privately that the hope was that the initiative would prod China and Russia into allowing more Internet freedom, cracking down on intellectual property theft and enacting stricter laws to protect computer users’ privacy.

“The effort to build trust in the cyberspace realm is one which should be pushed in capitals around the world,” said Commerce Secretary Gary Locke, who will soon be taking over as President Obama’s ambassador to China.

The strategy calls for officials from the State Department, the Pentagon, the Justice Department, the Commerce Department and the Department of Homeland Security to work with their counterparts around the world to come up with standards aimed at preventing theft of private information and ensuring Internet freedom. A fact sheet released by the White House also promised that the United States would respond to attempted hacking “as we would to any other threat to our country.”

Attorney General Eric H. Holder Jr. called it a “historic strategy,” adding that “the 21st-century threats that we now face to both our national and international security really have no borders.”

Last week the administration released the domestic component of its new computer security strategy, increasing and clarifying the penalties for computer crimes, and giving the domestic security agency a clear mandate for the protection of the government’s own networks. That effort was intended to reverse a growing perception that penalties for attacks on government, corporate and personal computers had been relatively small.

In addition to giving the Homeland Security Department new authority over federal computer systems, the legislation calls for the agency to work with energy companies, water suppliers and financial institutions to rank the most serious threats and find ways to counter them. The law would also require each business to have an independent commercial auditor assess its plans and, in the case of financial firms, report those plans to the Security and Exchange Commission.

About time. We have international law enforcement agreements, and military security agreements, why not this one? While nations like China or North Kora will ignore this, that should not prevent the majority of nations to come up with a plan. It would protect national interests as well as individual people.

Thursday, April 28, 2011

SECURITY - Cybercrime With World-Wide Impact

"Sony PlayStation System Hacking Incident Highlights Web-Security Gaps" PBS Newshour Transcript 4/27/2011 (includes video)

Excerpt

RAY SUAREZ (Newshour): The latest episode involved millions of people around the world who use Sony's PlayStation video game system and who may have had their credit card information stolen in a hacking incident.

The intrusion caused the company to shut down PlayStation's Internet network a week ago. It provides access to online gaming, music, movies, sports and TV shows. Seventy-seven million user accounts were disconnected worldwide. But it wasn't until yesterday that Sony disclosed a hacker obtained information, including players' names, addresses, birth dates, email addresses, passwords and log-in names.

And on the company's blog, Sony spokesman Patrick Seybold said, "While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility."

Near Sony headquarters in Tokyo, some said the breach may stop them from using PlayStation.

KAZUNORI SANO, resident of Tokyo (through translator): I will be afraid of playing with the game machine after hearing of this. I don't want my credit card information to be leaked out somewhere else in the world.

RAY SUAREZ: And in Australia, police urged PlayStation users to be vigilant.

DETECTIVE SUPERINTENDENT COL DYSON, New South Wales State Police Force: It would appear that the risk in relation to credit cards may be low. But if people have concerns, they should be talking to their banks and watching for unauthorized usage of the cards.

RAY SUAREZ: Some industry experts say the scale of the breach could cost the company billions of dollars.

THOMAS PUHA, "Pelaaja": This is going to have a very negative impact on a business that they have built up, because I think a lot of -- obviously, a lot of consumers will really be very wary of putting their credit card information back online or even buying anything.

RAY SUAREZ: Sony said it expects the PlayStation Network to be restored in a week. In the meantime, an outside security firm has been hired to investigate what Sony deems the malicious intrusion.

For a closer look at all this, we turn to Kevin Poulsen, senior editor at Wired.com. A former hacker himself, he's also author of a new book, "Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground."

And, Kevin, for those people who aren't gamers, why would you have to load personal information into a game console in the first place?

KEVIN POULSEN, Wired.com: Well, a lot of gaming takes place now online. You have multiplayer games where you could play with or against opponents live in real time.

And, of course, a game console isn't just a game console anymore. You want to be able to download movies and other content. And all -- you pay for all of that, which means you have to give up this information.

RAY SUAREZ: Sony says it has no direct evidence that credit card numbers were taken, but it says -- quote -- "We cannot rule out the possibility."

When you have had a breach, when someone has been rifling around in your files electronically, can you tell what they have seen and what they haven't?

KEVIN POULSEN: There are usually -- there's usually some kind of trail left, yes. But if the hacker is good and took steps to cover his or her tracks, then it could -- it could take a while to extract that.

I imagine that's why Sony took so long to announce this. They were probably hoping to find better news. They were probably hoping to find evidence that the -- that information wasn't accessed. Now that they have brought in an outside company, I expect they will know a lot more than they do now, eventually. Of course, they -- they may know more than they're telling us now.

RAY SUAREZ: The PlayStation system has been down for over week, disappointing a lot of people who are frequent users.

Does that long-term shutdown tell you something about the seriousness of the breach, that they're not patching it, but rebuilding the whole network?

KEVIN POULSEN: Absolutely.

It's a really radical measure to take. And it's surely going to cost them a lot of money and a lot of fan loyalty. There are people that aren't even going care about the breach itself who are just going to be extremely angry that they were denied access to the PlayStation Network for so long. So, it's bad news all around.

If this had just been a casual intruder, a recreational intruder, some kid working from his bedroom, I doubt they would have taken this measure. So, they probably have some indication that this was a serious, focused attack.

RAY SUAREZ: Well, as we reported earlier, they got user names, passwords, various other kinds of personal information. What's the risk to account holders at this point?

KEVIN POULSEN: You know, the biggest risk is probably with the personal information, especially the passwords, because a lot of people use the same passwords everywhere.

So, that, coupled with your email address and your real name and your date of birth, the hackers will, if this was done for profit, then, all of that could wind up being sold on the black market, probably for a nice sum of money.

And then, whoever buys it, other computer intruders could use the information to try and hack into other accounts held by these PlayStation Network users. It could be anything from Facebook to online banking. You could use it to stage scams targeting the users in other ways.

So, it could be -- it could wind up that this becomes the first stage in a lingering problem that haunts users for a long time, if, in fact, that that was the nature of the breach.

Stress this quote, "You know, the biggest risk is probably with the personal information, especially the passwords, because a lot of people use the same passwords everywhere."

HINT, do not use the same password for all your online accounts.

Thursday, April 7, 2011

SECURITY - Vulnerability of Internet Certificates

"An Attack Sheds Light on Internet Security Holes" by RIVA RICHMOND, New York Times 4/6/2011

Excerpt

The Comodo Group, an Internet security company, has been attacked in the last month by a talkative and professed patriotic Iranian hacker who infiltrated several of the company’s partners and used them to threaten the security of myriad big-name Web sites.

But the case is a problem for not only Comodo, which initially believed the attack was the work of the Iranian government. It has also cast a spotlight on the global system that supposedly secures communications and commerce on the Web.

The encryption used by many Web sites to prevent eavesdropping on their interactions with visitors is not very secure. This technology is in use when Web addresses start with “https” (in which “s” stands for secure) and a closed lock icon appears on Web browsers. These sites rely on third-party organizations, like Comodo, to provide “certificates” that guarantee sites’ authenticity to Web browsers.

But many security experts say the problems start with the proliferation of organizations permitted to issue certificates. Browser makers like Microsoft, Mozilla, Google and Apple have authorized a large and growing number of entities around the world — both private companies and government bodies — to create them. Many private “certificate authorities” have, in turn, worked with resellers and deputized other unknown companies to issue certificates in a “chain of trust” that now involves many hundreds of players, any of which may in fact be a weak link.

The Electronic Frontier Foundation, an online civil liberties group, has explored the Internet in an attempt to map this nebulous system. As of December, 676 organizations were signing certificates, it found. Other security experts suspect that the scan missed many and that the number is much higher.

Making matters worse, entities that issue certificates, though required to seek authorization from site owners, can technically issue certificates for any Web site. This means that governments that control certificate authorities and hackers who break into their systems can issue certificates for any site at will.

Experts say that both the certificate system and the technology it employs have long been in need of an overhaul, but that the technology industry has not been able to muster the will to do it. “It hasn’t been perceived to be a big enough problem that needs to be fixed,” said Stephen Schultze, associate director of the Center for Information Technology Policy at Princeton. “This is a wake-up call. This is a small leak that is evidence of a much more fundamental structural problem.”

In the Comodo case, the hacker infiltrated an Italian computer reseller and used its access to Comodo’s systems to automatically create certificates for Web sites operated by Google, Yahoo, Microsoft, Skype and Mozilla. With the certificates, the hacker could set up servers that appear to work for those sites and try to view the unscrambled e-mail of millions of people, experts say.