Security

I've actually always had one really. A very haphazard one but a backup strategy none the less. On most of the PCs I've owned until recently anyway, always had more than one hard disk installed. The plan was to take valuable files and make duplicate copies on the additional drive. Then I would always make duplicate copies of stuff on different PCs as well, also I always seem to copy files from one OS to another on the same PC if possible. Things I would tend to copy would be pictures, un drm'd musics files, copies of databases, my web and mail servers, install programs, user keys, personal settings, configurations ...etc. Then there were the several USB flash devices I had acquired that I put various files I deemed necessary for one reason or another and they were of course very useful for moving stuff from one machine to another. The word centralized was not however in my vocabulary as the scattered method had always gotten me through the few emergencies I ever encountered without to much pain.

Recently though the idea of a network attached storage device had been intriguing me as a means of sort of automating the process and a way of centralizing everything. I at one point considered building such a device or maybe getting a bring your own disks type rig. There is certainly no shortage of options in the market right now and it almost seems like if one can visualize what they want they can either find a solution out the box or make it themselves. My criteria were pretty simple I wanted it now so it had to be available locally which is really huge as where I live as shopping choices for hardware are somewhat limited. It also had to be fairly compact because I wanted it hanging off my wireless router, and most importantly it had to be dead simple to to use. I wanted to plug it in, find it on my network, set it up, and start using it period without installing any additional software to access it. It also had to be accessible from Linux as well as Windows. With my criteria in mind I set out to one of the chain computer/home electronics style stores located around here. Very few choices were available but I was expecting that so I settled for one of these in the 500GB flavor from Circuit City.I knew it wasn't going to be terribly fast but I was pleased to find out that it wasn't terribly slow either and by that I mean for a home user not doing automated backups, but just backing up user files using the mapped drive interface its speed is tolerable. Now on my server via software I have backup set to happen synchronously and currently is at about 1 GB of data. Since it is set up synchronously it just runs in the background and keeps up with the task as things change hopefully causing a minimal impact on the servers perfomance. The initial backup took well over an hour and I used the Memeo AutoBackUp software that came bundled with the LinkStation Live which is only a trail version as the registration number they bundled with it did not work (less than honest sh*t imho). It would not copy empty folders and as slow as it seemed to be I wasn't about to buy it. So I've been on a download spree trying almost every free product out there before settling on another trialware offering. The program is called MirrorFolder and it completed the initial copy in less than 20 minutes which might not sound all that fast but compared to the various programs I gave a shot it is lightening fast and very easy on system resources. It copies everything you tell it to and as far as I can tell does what the program's writer says it will. To a new user this is not exactly the most intuitive interface but the program's performance compared to other offerings make the learning curve a worthwhile endeavor.

As far my backup strategy goes I'll still do all the things I mentioned in the beginning of the post I've just expanded a bit to include some new automation tools and hardware. Just for the record the LinkStation Live plays very nicely with Linux (Ubuntu anyway) as my installation had no problems finding and making it usable. Still though the whole experience has been sort of a mixed one for me being somewhat tainted by the bundled Memeo trialware debacle and I found the documentation that came with the product lacking. I mean there is a PDF file on the install CD which I didn't use and it is also available on the LinkStation Live once one has managed to connect to it. I just prefer a well written quick start guide in paper form at least. After all I did not want to have to install any software to connect it. Luckily I did not have to but I can see where some users might not have any choice as basically the PDF gave that out as the first step.

Insert the LinkNavigator CD into your computer’s CD-ROM drive.
On a PC, setup should automatically launch. If it does not, manually launch setup.exe by pressing Start and selecting the Run... option. When the Run dialog opens, type d:\setup.exe (where d is the drive letter of your CD-ROM drive). Press OK to continue.

Installing Software
If you are installing the software on a Mac, open the CD and click LinkNavigator to begin installation.

Not what I was realy looking for... a minor thing but a thing none the the less.

It has been awhile since I've posted anything as I have been really busy trying to get things setup where I work. That being said though I always at least skim my compliment of various types of sites and look at what is happening around the web as far as news goes. I ran ran across this McAfee SiteAdvisor Phishing Quiz . I got nine out ten correct. So I guess that would translate into something like I could spot a fake 90% of the time. Only problem with that though is it only takes one time to really mess up one's day. Of course this kind of test isn't an absolute indication of how likely one is to become a scam victim but just an exercise in recognizing what is happening in the wild. Staying safe from scammers is in my opinion is part common sense, coupled with use of tools and best practices.

Don't really know about this one as the article doesn't really define risk very well .

McAfee's SiteAdvisor said that music and technology related websites have a negative impact on computers since they often leave spyware and other malicious codes, which can lead to a massive increase in the amount of spam generated.

The study revealed that browsing porn websites through search engine has a 9 percent risk of infecting PCs with spyware, adware and spam. This figure jumps to 19 percent when searching for digital music. Other sites that can harm computers are those related to electronic gadgets and for background wallpapers.

By define risk I mean is giving up personal info to some pornographer somewhere safer than downloading some P2P file sharing application and using it to share copyrighted materials. Both practices sound fairly risky to me. Check out the Earth Times Online Newspaper for more.

We've heard this stuff before about how clueless PC users are turning the Internet into some sort of front end for international crime syndicates.....

Service providers and everyday users were singled out by panelists and audience members for not taking enough responsibility. Attendees slammed ISPs for not searching for rogue computers on their network or shutting off internet access to compromised PCs reported to them by security companies, charging that ISPs were endangering the internet to avoid support calls from cut off customers.

For their part, users don't care about security because the rogue zombie software often only uses minimal computing power, making the background spam-spouting code not their problem.

A few audience members argued seriously that computer users should have to take a test to get an internet license, maintain botnet insurance and have their machines inspected for information-super highway worthiness. Others countered that individuals shouldn't have to know how to secure their own computers -- the machines should simply be more inherently secure.

Personally I don't think it is going to happen. Users are not going to be licensed, ISPs could generally care less, until of course they get caught with a malware spewing botnet in their network. Even then at most they'll just block the users in question and get even more clueless users to replace them. As far as systems getting more inherently secure well how long have the major players been working on that one and is it better or worse than say five years ago. Oh well for the whole article that I pulled the above quote from head over to Wired News and check out the rest.

For Dell Ubuntu it is..

In February when Dell launched IdeaStorm as forum for customers to contribute ideas for product offerings, we received overwhelming feedback that customers wanted Linux on desktops and notebooks. As part of an overall effort to update our Linux program, today we are announcing a partnership with Canonical to offer Ubuntu on select consumer desktop and notebook products.

Anyone who reads this site with any regularity might have guessed I am a Ubuntu fan. I really hope Dell can pull this off but realize all experiences with Ubuntu are not always fun.

Saw on another site today there is some really wicked malware that can allegedly destroy a PC in than 10 Minutes.

A good 30MB+ of individual files are downloaded onto the PC, and it just kills it. Kills it right in the face. Kills it right in the face with a brick and then comes back with a breeze block to finish the job.

Really sounds nasty I am looking forward to the follow up on that one.

Then lately there is this whole Joost thing going on. Taking a page from Google and Gmail by making it an invite only thing at first to peak interest these guys have got it going on for the moment. We'll see how it works out as some big players have jumped in with them. Still not having seen the service myself it sounds like yet another way for them (whoever them represents) to get advertisements onto my PC. Self directed reruns and commercials sort of like cable only the way I want it instead of the package cable provides. Curious yeah but not that much though.

Of course with Microsoft's recent release of Vista things are starting to get interesting in the hackasphere. Shall we say game on?

Las Vegas (NV) - A hacker duo will demonstrate several ways of getting past Windows Vista security in an upcoming Black Hat training class. Polish security researcher Joanna Rutkowska and Alex Tereshkin will show off new rootkits and ways to defeat Vista’s vaunted BitLocker drive encryption.

An actual class on the subject of defeating a platform's security features for 3,000 dollars. Not my thing but I do find it interesting. I wonder if people attending a class like that sign NDA documents or something similar.

Last off in the incredible greed department there is this whole lets screw up internet radio thing happening as well. One thing is for certain the entertainment industry really doesn't get their target demographic anymore in fact they are completely clueless about them... a side effect of greed I am sure. Well thats it for this installment.

I guess what I forget is that some people are really just beginning to grasp the whole Internet is really a place concept. Computer security really is important and that real and damaging things can happen as a result of venturing there. I am not a real long time PC user and many lessons I've learned, I learned them the hard way. We've been PC users at my house since 1996 and have gone from 28.8 dial up Internet access with one shared PC to always on cable connectivity and 5 PCs sharing a connection wireless style. Learned about mal, scum, ad, wares from the file sharing heydays of the post free Napster era. We had a teenager in the house and we all shared the same PC back then. Hell I'll admit it I have even fallen for the old in order to use this software for free we need to install something else line before. He wasn't the only one that ever took the bait. I have also been the victim of drive by installs and fought infections all the way to the point of reinstalling my OS more times than I can count. I learned about using antivirus, firewall, and patching my OS from getting viruses and worm infestations. Thing was back in our early days for us the stakes weren't so high as they are now. Sure things went wrong but they were annoyances more than anything else. I mean for us anyway online banking and bill paying were just getting cranked up around here. Data for about the first 5 years was a disposable commodity in our household. The PC really didn't have anything that personal to us on its hard drive. Sure it was inconvenient as hell to lose everything and start over but that was all it was really. Times changed rapidly though online banking, 401K management, bill paying, shopping, selling, even some online subscription stuff are pretty common with us now. Then there is the whole 100, 200, even 300+ gigabyte hard drive thing that is so common on PCs now lots of our personal stuff only exists as data. Backup strategies, quality protection products, patched and an up to date OS are musts, not options these days. As homes go we are more connected than some less connected than others, one thing is for sure though the PC has gone from being a novelty entertainment item to more or less a necessity in our home.

Anyone who knows me knows that I am pretty enthusiastic about PCs. It works out sometimes that people will even ask me for advice when they are about to make a purchase and as strange as it sounds some folks still don't own a computer. They will says things like we want/need one mostly for the kids really. I try and explain then that it really is in their best interest to become really well acquainted with the device that there are actually are certain risks associated with the use of a computer, especially where young people are concerned. I will even go so far as to tell them that it is not just a one time purchase that actually between Internet and various security product charges there is really like sort of a yearly maintenance fee. I grasp for ways to explain what a socially engineered threat is. The evils of ad/spy/malware, why patching is important but what could potentially happen even on a patched system. Explain if any of this does happen they need to maintain some sort of backup strategy for their personal stuff because even if the machine can be brought back to a workable state the fact is that it was compromised and a reinstall of the OS is probably a good idea as well as changing email addresses, sensitive login information, possibly getting new credit cards ...etc. Explain about alternative browsers' and email clients' possible benefits ...etc. Some get it some don't and that has really got me thinking a lot here lately maybe I should be telling them consider using Linux or buying a MAC as sort of a lower their exposure approach as opposed to a beefed up perimeter defense approach. Realistically I don't see Linux as a good option for a person looking to try out computers for the first time I mean when they can't just go to CompUSA or wherever and pick up the gadget/printer/card ...etc. and hook it up to their machine and have it working straight away then disappointment will be their next emotive display. MACs on the other hand seem to have a very broad base of hardware available for them. They look good too. Just wish I had more experience with them. Who knows though maybe Vista along with Windows Live OneCare will simplify the average users experience and impact PC security in an overall positive way. One thing is for sure now the stakes for the average person are very high where personal security is concerned. Getting people to realize it is a big challenge though.

Microsoft has broken their patch Tuesday cycle and issued a fix for the VML issue. This is one of those that everyone probably needs to apply immediately lest they visit an evil website and become zombified.

From Websense-Blog comes a movie showing how the VML flaw would be exploited by malicious websites....

Now that we are seeing VML exploits proliferate the Internet, we thought it would be fun to grab a video capture of what happens when a workstation visits an infected site. We did a similar video when the WMF zero-day was released and our workstation was instantly flooded with Spyware applications and pop-ups galore. It was an impressive sight and obvious that you had just visited an infected site.

So, we fired up our trusty video capture tools and pointed a VMWare workstation at a random site where our miners had recently discovered an iframe containing a VML exploit.

But...what's this? Nothing happened, or so it seemed.

This one is well explained and very simple to understand everyone should check this one out. The blog entry can be found here or if one prefers just go straight to the video as it really drives the potential dangers of the issue home.

ZERT for short has released a hot-fix for the latest Internet Explorer Vulnerability. They also have a test page that allows users to test their browsers and see if they are vulnerable. I tried it with the latest version of IE7 (my secondary browser) and I don't use Outlook at all so I did not bother with patch so I can't offer any details as to how easy it is to install or remove. It reported IE7 as not being affected on a XP SPK2 fully patched system. If they stick to their normal schedule Microsoft will probably address this issue October 10 when they do their monthly patch thing. The exploit is alive in the wild thus the reason I assume ZERT is offering the patch.

Well the patch Tuesday event from Microsoft has come and gone again with 9 critical and 3 important patches. Anyone who hasn't done so yet should go get patched. The Department Of Homeland Security is pitching one of the patches. Has that ever happened before?

AOL goofed recently giving up 658,000 er cough cough anonymous users' search data. Apology is kind of lame but I think that is what the big boys call doing damage control.

StopBadware.org and partner Google have announced that...

We're entering a new phase here at StopBadware.org. Google -- which is one of our partners -- is now presenting people with a warning before they visit websites that have been reported to StopBadware.org as sites that distribute badware.

Well I haven't been able to trip the warning but I guess they are still working out the mechanics of the whole thing. Anyway the warning page is supposed to look something like this. There is a free Firefox extension or Internet Explorer plugin that I use that does prettty much the same thing called McAfee Site Advisor. It also works with Firefox on Linux as well as Windows.

Recently a couple security experts demonstrated wireless device driver flaws on the often touted as more secure by default Mac platform.

During the course of our interview, it came out that Apple had leaned on Maynor and Ellch pretty hard not to make this an issue about the Mac drivers -- mainly because Apple had not fixed the problem yet. Maynor acknowledged that he used a third-party wireless card in the demo so as not to draw attention to the flaw resident in Macbook drivers. But he also admitted that the same flaws were resident in the default Macbook wireless device drivers, and that those drivers were identically exploitable. And that is what I reported.

I wonder how Linux wireless device drivers stack up against this exploit? My guess would be not much differently.

Last thing for this post I'll just call the scum of the week. It is a sort of interesting malware that employs a little social engineering to get people to install it by encouraging them to do something they ought not be doing anyway.

Of course, the program is a complete scam - run it, and you get a fake message telling you that "AOL has fixed the vulnerability". What they don't tell you, is that they also dropped a boatload of goodies - well, nasties - in your System32 folder. Those files will rip the top of your PC off and scream at you in a scary, THIS IS BROKE kind of fashion.

If they do install it... Well it does them and they no doubt are turned into spam and ad spewing legions of keystroke logged zombies or something. Keep an eye out and do not download or install The AIM Screen Name Hacker.