Friday, January 31, 2014

UTILITIES - A Better System Information for Windows

I've posted about this utility a long while back but they just came out with a 2014 version.  In my opinion this utility is worth the price.

SIW or System Information for Windows

SIW is an advanced System Information for Windows tool that analyzes your computer and gathers detailed information about system properties and settings and displays it in an extremely comprehensible manner.

SIW can create a report file (CSV, HTML, TXT or XML), and you can run it in batch mode (for PC Inventory - Software and Hardware Inventory, Asset Inventory, Software License Management, Security Audit, Server Configuration Management).

The System Information is divided into few major categories:

  • Software Information:  Operating System, Software Licenses (Product Keys / Serial Numbers / CD Key), Installed Software and Hotfixes, Processes, Services, Users, Open Files, System Uptime, Installed Codecs, Passwords Recovery, Server Configuration.
  • Hardware Information:  Motherboard, CPU, Sensors, BIOS, chipset, PCI/AGP, USB and ISA/PnP Devices, Memory, Video Card, Monitor, Disk Drives, CD/DVD Devices, SCSI Devices, S.M.A.R.T., Ports, Printers.
  • Network Information:  Network Cards, Network Shares, currently active Network Connections, Open Ports.
  • Network Tools:  MAC Address Changer, Neighborhood Scan, Ping, Trace, Statistics, Broadband Speed Test
  • Miscellaneous Tools:  Eureka! (Reveal lost passwords hidden behind asterisks), Monitor Test, Shutdown / Restart.
  • Real-time monitors:  CPU, Memory, Page File usage and Network Traffic.
SIW (Technician's Version) is a standalone utility that does not require installation (Portable) - one less installed program on your PC as well the fact that you can run the program directly from an USB flash drive, from a network drive or from a domain login script.

Client Platform:  Windows 8.1 / Windows 8 / Windows 7 / Vista / Windows XP / 2000 / Media Center / Tablet PC / WinRE / BartPE / Winternals ERD Commander

Server Platform:  Windows 2012 (R2) / Windows SBS 2011 / Windows Server 2008 (R2) / Windows Server 2003 (R2) / Windows Server 2000

NOTE:  This is not freeware.

Screenshot of my home desktop rig (click for larger view)

I have the Technician's version, yearly subscription.

You only get SIW.exe which is the entire utility (NOT an installer).  When you first launch it you get a dialog to enter your registered name and license key, it then generates a siw.key file which must be in the same directory as SIW.exe for it to run.  This means you just copy both files to a USB stick and you can run it from there.  Of course, to run it on your system you create a folder and move the files there then create a shortcut (I used the System Tools category) to run it.

Tuesday, January 28, 2014

HARDWARE - My New ThinkPad Ubuntu Laptop


My Clevo Ubuntu (Linux) Notebook was getting long-in-the-tooth, and having sound problems.

So I got an upgrade from the fine people at Linux Certified.  The same people who shipped me the Clevo.

Here are the main specs:

  • Intel Quad-Core i5-3230M, 2.6 GHz, 3MB L3 Cache 64bit
  • Hard Drive 500 GB SATA
  • 3gb RAM
  • Display 15.6" HD at 1366 x 768 (aka Widescreen)
  • DVD Writer Dual Layer 
  • Built-in 10/100/1000 LAN
  • Integrated Mini-PCI 802.11 WiFi Card
  • Smart Li-Ion 6 cell battery
  • Had it pre-loaded with Ubuntu 13.10

Need I say, it's fast, and with that memory everything runs in memory.

This time I went with the Ubuntu (aka Unity) Desktop.

(click for larger view)

I had said in the past that I didn't like Unity, but now that I understand it, it's not that bad.  Also has less problems with some apps running GNOME Desktop.

The Unity Launcher (aka Strip) to the left is a combination Taskbar and Quick Launcher.  When you launch an app the app's icon will appear in the Strip marked with a white arrow that indicates its window is open.  If you minimize a window/app the Strip icon acts just like the button in the Windoz Taskbar, you click it to re-open the window

The addition is you can 'lock' an app's icon to the Strip, making it a quick-launch icon.  Every icon on my Strip shown above are quick-launch.

The main complaint I had against Unity is not having a treed-menu.  That is why I used GNOME Desktop on my old Clevo.  GNOME has a menu.

But there is a plug-in that puts a Classic Menu Button (Global Bar, top right) for Ubuntu.

You click this button and you get a classic tree menu, nice.

Here's a link to Lenovo's spec page.

Note that I have Steam installed.  Now I have a rig that can play games without a hitch.

Monday, January 20, 2014

CYBERCRIME - Who Orchestrated the Target Breach

"Were criminal gangs involved in the Target security breach?" PBS Newshour 1/18/2014


HARI SREENIVASAN (Newshour):  Another story that we wanted to follow up on tonight is the state of credit card security, or lack of it.  This following discourse is about major security breaches at big retailers, including Target and Neiman Marcus.  Now new details are emerging about who was behind it, and how it was accomplished.  For more we are joined now, from Washington, by Mike Riley with Bloomberg News.  So, there was a big report out - it started to layout the details.  How do these hackers get all the credit card numbers?

MIKE RILEY, Bloomberg News:  So, they have a pretty sophisticated piece of malware that goes on the point of sales system itself, so that is the terminal that sits in front the the cash register that we all swipe our cards on.  So, the malware goes there and it takes advantage of a quirk, where within that machine, all that information that is taken off that card is sent from one memory chip to another.  It is not encrypted in that process, and they grab it right there.

HARI SREENIVASAN:  And so, who is writing this malware?

MIKE RILEY:  It looks like it is Eastern European or Russian criminal gangs.  Some of the most sophisticated hackers in the world are Russian or Eastern European.  What they have done is they have gotten really good systems.  It is like a supply chain that you can buy pieces of malware.  If you are good enough, as in this case - they have bought a specific piece of malware, called Black POS.  It is a pretty good piece of malware to begin with, but then they customized it.  They made it better.  They made it harder to find, and then they figured out a scheme to get into Target's computers, and stuck it on the point of sales system.  It is also pretty clear that the same gang, or a group of different hackers using the same malware, are targeting other retailers.  We have not seen the end of this.

Thursday, January 16, 2014

INTERNET - FCC Net Neutrality Rules

"Will end of net neutrality rules impact future innovation?" PBS Newshour 1/15/2014


HARI SREENIVASAN (Newshour):  Net neutrality is the idea that broadband Internet service providers, Comcast, Time Warner Cable, Verizon and others, should treat everything that flows across the Internet equally.  That means preventing service providers from creating fast lanes for sites they have business ties with, such as streaming video services like Hulu or Netflix, and slowing access to others, like Amazon.

It also means not charging more for YouTube and other sites based on their heavier bandwidth use or in exchange for faster speeds, all of which could affect what consumers see online, how fast, and at what price.  The principles were set out by the Federal Communications Commission nearly a decade ago.

The agency enshrined them in its Open Internet Order adopted in 2010.  But Verizon sued to challenge the agency's authority, and, yesterday, the U.S. District Court of Appeals for the District of Columbia found the FCC acted improperly.  The 81-page ruling said the agency is wrong to classify Internet service providers as information services, but at the same time regulate them as common carriers, meaning as it does telephone and utility companies.

While the FCC decides whether to appeal, Amazon and others are watching to see if the broadband networks impose their own rules, favoring some content companies over others.

For its part, Verizon issued a statement yesterday that said, in part:  "Verizon has been and remains committed to the open Internet.  This will not change in light of the court's decision."

The ruling doesn't apply to wireless services accessed through mobile devices, which represent a growing share of the market.

SECURITY - Hacking By Radio

Public release of this information is a direct threat to U.S. national security.  We have just let our new enemies know what to look for.

"N.S.A. Devises Radio Pathway Into Computers" by DAVID E. SANGER and THOM SHANKER, New York Times 1/14/2014


The National Security Agency has implanted software in nearly 100,000 computers around the world that allows the United States to conduct surveillance on those machines and can also create a digital highway for launching cyberattacks.

While most of the software is inserted by gaining access to computer networks, the N.S.A. has increasingly made use of a secret technology that enables it to enter and alter data in computers even if they are not connected to the Internet, according to N.S.A. documents, computer experts and American officials.

The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers.  In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.

The radio frequency technology has helped solve one of the biggest problems facing American intelligence agencies for years: getting into computers that adversaries, and some American partners, have tried to make impervious to spying or cyberattack.  In most cases, the radio frequency hardware must be physically inserted by a spy, a manufacturer or an unwitting user.

The N.S.A. calls its efforts more an act of “active defense” against foreign cyberattacks than a tool to go on the offensive.  But when Chinese attackers place similar software on the computer systems of American companies or government agencies, American officials have protested, often at the presidential level.

Among the most frequent targets of the N.S.A. and its Pentagon partner, United States Cyber Command, have been units of the Chinese Army, which the United States has accused of launching regular digital probes and attacks on American industrial and military targets, usually to steal secrets or intellectual property.  But the program, code-named Quantum, has also been successful in inserting software into Russian military networks and systems used by the Mexican police and drug cartels, trade institutions inside the European Union, and sometime partners against terrorism like Saudi Arabia, India and Pakistan, according to officials and an N.S.A. map that indicates sites of what the agency calls “computer network exploitation.”

“What’s new here is the scale and the sophistication of the intelligence agency’s ability to get into computers and networks to which no one has ever had access before,” said James Andrew Lewis, the cybersecurity expert at the Center for Strategic and International Studies in Washington.  “Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the U.S. a window it’s never had before.”

No Domestic Use Seen

There is no evidence that the N.S.A. has implanted its software or used its radio frequency technology inside the United States.  While refusing to comment on the scope of the Quantum program, the N.S.A. said its actions were not comparable to China’s.

“N.S.A.'s activities are focused and specifically deployed against — and only against — valid foreign intelligence targets in response to intelligence requirements,” Vanee Vines, an agency spokeswoman, said in a statement.  “We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of — or give intelligence we collect to — U.S. companies to enhance their international competitiveness or increase their bottom line.”