News Posts matching #PC Security
Return to Keyword Browsing
Most would agree that Windows Vista's most obvious security feature, UAC, which asks a user for confirmation every time the computer decides to perform an administrative task, can become quite annoying. However, past whatever annoyance a user might perceive, it does have some very useful features. When a security firm pitted seven anti-virus suites against roughly 30 rootkit infections. Unfortunately, none of the programs found all of the rootkits. However, when tested on a Vista platform, Windows Vista's UAC actually prevented the rootkits from getting terribly mangled into the system, which made removal and detection a little easier. If nothing else, UAC kept the system more stable while the rootkit did its thing, and prevented a lot of damage from happening. In fact, when the security firm pitted the rootkit against Windows Vista UAC by itself, all of the rootkits were stopped right in their tracks.
In response to one of the largest hacking scams in the history of Canada, police from Quebec raided several homes across Quebec, and arrested 16 people, between the ages of 17 and 26. Their crimes, other than making a million zombies, include creating phishing sites that earned them a respectable kickback of $45 million CAD. Canadian authorities claim that these million computers were mainly in Poland, Brazil, Manitoba, and America. Government computers may have been compromised as well, but investigators will not disclose where those computers may have been. Regardless, many of these zombies are coming back from the brink, and it seems this crisis is, for the most part, contained.
Microsoft's Windows Genuine Advantage software, which was designed to prevent piracy, is doing anything but. Cracks that get around, or even shut off, WGA are easily found by true pirates, while innocents are bagged for piracy when they've never even heard of the term. Fortunately, Microsoft has figured out how to make WGA friendly. Instead of WGA trying to use fancy code to find out if the Windows copy it is attached to is hacked, WGA will now search for the presence of common hacks, and only common hacks. This will drastically reduce the number of false flaggings, and make WGA a lot friendlier. Another large change is that the Vista version of WGA will no longer feature a "kill switch", or go into reduced functionality mode when WGA calls a hacked copy. Instead, there will be a long, politically-correct stream of dialog boxes that won't go away until you've validated. Microsoft made no mention of when this new, superior version of WGA will fly out factory doors.
Scottish Prime Minister Gordon Brown recently unveiled epic plans to place the information of every child's health, education and social/economic status on one database for the UK to access, to much protest. The Prime Minister believes that placing all this information on one central database will eliminate confusion, streamline necessary medical care, and have all sorts of other benefits. The Prime Minister also feels that if all the information is in one central location, it will be a lot more secure, and a lot harder to lose. Most UK citizens feel that this is really not the way to be doing things, claiming that his central database would be the target of hackers, pedophiles, terrorists, and other baddies as long as the database remained operational. McAfee subsidiary SafeBoot feels otherwise. The only easy way for the previously mentioned baddies to get such touchy information is to snatch it while it's unencrypted and in transport. By eliminating several instances of unencrypted transport, and by solidifying security, things suddenly get much safer.
Microsoft had a rather clever idea. Why not use the worm virus for a useful purpose, such as updating Windows? Microsoft, for a while, was researching a way to make the worm code more efficient, and was going to put it to good use. That way, important security updates could spread just as quickly as viruses, if not quicker, considering that Microsoft's best were in the study. However, this idea was received about as well as the Giants victory in Super Bowl XLII. Some people cheered, but most people cried foul. Using a worm to spread things like Windows Updates would be a massive invasion of privacy, does not allow a user to say no to an update and would totally bungle up any attempt to uninstall or interrupt installation. What's worse is what would happen if a bad guy got their hands on the enhanced worm code.
Microsoft, upon hearing what users thought of a worm-based security patch, decided against using it. If the new worm they've developed will have any benevolent use, we certainly haven't heard of it yet.
Vista SP1 was recently handed out to some select testers, with mixed results. However, things took a turn for the worse when Microsoft tried to release one of the first updates to SP1. Update KB937287 will effectively freeze most computers caught trying to put it onboard. Most users who will get a problem don't see the issue until it is too late. There is a general consensus that users will see a certain "Configuring updates: stage 3 of 3 - 0% complete" error, and then get stuck in a reboot cycle. When Microsoft caught wind of this, they began an investigation. The report will determine how widespread the problem is, how to fix KB937287 and if this error can somehow be fixed. Until then, Microsoft has pulled the update before it can brick more computers. At this point, the best way to fix this is to stick in your Windows Vista install CD, and run System Restore from the CD. If you somehow manage to fix your PC, Microsoft urges that you turn off Windows Update until they sort out this whole mess.
While The Pirate Bay, itself, is not involved in any crime (which is really the only reason that groups like the RIAA haven't been able to get a conviction on any of the administrators just yet), it certainly is a host to all manner of evil. Most recently, the torrent tracker found a 125MB zip file, which turns out to be the backup from the Harvard Graduate School of Arts and Sciences website. The torrent was actually seeded from a Harvard-based IP address, and carries all manner of information, passwords, and files. The .NFO file, in broken English, reads as follows:
Maybe you don't like it but this is to demonstrate that persons like tgatton(admin of the server) in they don't know how to secure a website.
This is the first security breach since 2005. Harvard is currently working on patching the breach, and at this point, the main website that was hacked is down.
Just a few hours after Mozilla promised the public they were safe from hackers while using Firefox 2.0.0.12, a hacker went and found a way around the patch. The hacker, named Ronald van den Heetkamp, has this to say to the Firefox developer team.
Don't patch vulnerabilities for fifty percent, take the time and fix the cause. Because directory traversal through plugins is all nice and such, we don't need it. We can trick Firefox itself in traversing directories back. I found another information leak that is very serious because we are able to read out all preferences set in Firefox, or just open or include about every file stored in the Mozilla program files directory, and this without any mandatory settings or plugins.
Ronald van den Heetkamp recommends installing the NoScript add-on, or simply using an alternative browser, until Mozilla fixes this bug.
Apparently, the RIAA doesn't feel like ISPs blocking piracy server-side is quite enough. The RIAA wants ISPS to begin implementing client-side filtering. This would work by forcing the end-user to install a program that monitors their every move, to ensure that nothing is illegal. It is very unlikely that such a move will actually come into play, because it is a massive violation of privacy and a huge breach of user rights. The RIAA feels that it would all be worth it, because it would let users that wouldn't otherwise know they're getting in a lot of trouble pirating stuff that they are, indeed, pirating.
Sites such as MySpace and Facebook have come under fire in recent times for allowing children to post as much as they want about themselves, which in some tragic cases hooks pedophiles up to pubescent girls. For a while, this was the only type of news coming in: bad press for social networking sites of any kind. Fortunately, things are changing. A recent study conducted by the University of New Hampshire confirmed what teenagers could have told you years ago: social networking sites are nothing compared to instant messaging clients and chatrooms. The University of New Hampshire took 1,600 healthy 10-15 year olds, and asked them to report any instances of sexual solicitation while on the internet. Roughly 4% said they were solicited while on a social networking site, and 9% said they were harassed. While these figures are nothing to dismiss, much more dire figures were found when children were asked if they had ever been solicited/harassed on an instant messaging/chat client. An astounding 59% of children were harassed while instant messaging, and 19% were harassed while in a chat room.
Frightened by the sheer multitude of ways that a corporate network could be crippled, a consulting firm took it upon themselves to investigate the most harrowing threats to technology on the planet. Deloitte (the aforementioned consulting firm) discovered that while viruses and spyware were all well and good, the worst threat is much harder to control: human error. Anything ranging from a simple malware infection to a complete system take-down could by caused by an employee who presses the wrong button on the wrong day. Coincidentally, companies fear human error more than any other problem. 91% of survey respondents claimed they were worried about human error, while a comparatively paltry 28% were worried about contractor/third-party software.
Windows Vista is known for a lot of things. Among them is eating memory, both in storage and RAM, like a fat kid through cake. The folks who made VLite, a program designed to let you custom-build a Windows Vista disk without a lot of things you don't need, were very proud of what their program was doing for people who liked a streamlined operating system. Unfortunately for VLite, Microsoft has sent a look of scorn at the makers of the software. A public outcry asks, why? After all, VLite keeps people using Vista, instead of letting them come to the conclusion that XP is more streamlined, and should be used in place of Vista. However, Microsoft's reason for not liking VLite actually makes a lot of sense. When users go merrily chopping programs and processes willy-nilly, they risk keeping Windows Vista from updating properly in the future. Basically, Windows Update would try to update a component that isn't there, making parts of Windows unstable, and possibly bricking the whole system.
As long as you understand the risks, though, and know what you're doing, using VLite should not be a problem, and Microsoft is not going to make VLite copies of Vista illegal.
While some schools do everything they can to facilitate children learning about computers, others draw a fine line between "edutainment" and "security risk". A high school student in Fairfax County, Virginia must visit one of the latter categories. He was pulled out of his Philosophy exam to be told that he may not graduate; he built a proxy server in his (parents') home. Dubbed "Afnani's Moo Proxy", it was used by himself and a couple technologically-adept students to bypass school firewalls. The administrator of the school networks would not have any of it. He tried to declare the server illegal, despite nothing in the usage contract saying using any proxy, let alone your own personal one, was illegal. When the student pointed out the flaw in the contract, the administrator simply changed his accusations to "repeat network abuse", which can keep the boy from walking at graduation.
The high school student has decided to comply, and has shut down all proxy servers he owns. His personal school computer account has been disabled, but he is (at this point) allowed to graduate.
It's not news that Comcast secretly monitors all web traffic for possible illegal activity and shuts down anything that sets off their alarms. However, there has lately been a move to push this ISP filtering one step further, and making it mandatory for all ISPs. Thankfully, the RIAA, known throughout America for taking ridiculous measures to prevent piracy, really does not see the need for the proposed solution. All the RIAA asks instead is that ISPs, instead of monitoring and filtering everything that comes their way, merely respond to the RIAA's demands to shut down certain servers and users, when necessary.
It would appear that running any of 600 add-ons in Mozilla Firefox opens up a terrible hole. When exploited, this hole allows a hacker to steal "session information, including session cookies and session history". Mozilla promises a fix by February 5th, with the release of Firefox version 2.0.0.12. While Mozilla classifies this threat as a "high risk", there is some controversy in the hacker world as to how bad this threat really is. According to a hacker, via "hiredhacker.com", this isn't as big a problem as people have made it out to be. However, it is certainly more serious than "leaking a few variables", and should definitely be patched as soon as possible.
Apparently, the Firefox crowd needs to raise awareness of what exactly Firefox does. A high school student was doing his assignments using the internet browser, and got this note home from the teacher...
To the Parent(s)/Guardian(s) of [Redacted], Grade 11
This is to inform you [Redacted] has been assigned a(n) Detention.
Today in class [redacted] had a program launched called Foxfire.exe [sic]. I had told [redacted] to close the program and to resume work but he told me that it was just a different browser and that he was doing his work. I had given him two warnings but he insisted that it was just a 'better' browser and that he wasn't doing anything wrong. I had then issued his detention
The teacher who issued this letter is proof that Firefox simply needs to step up their advertising campaign. The teacher that issued this detention had no idea how to even spell the program name, let alone what it did. Granted, the teacher probably gave this detention out of safety protocol. After all, if you saw a foreign program running on a lot of expensive computers you didn't own, wouldn't you want it out of your systems?
In the continuing war against spam, Symantec files reports on how the anti-spam industry is doing every month. Symantec concluded that, in November, 72% of all messages sent to people was spam. Symantec cited "Thanksgiving holiday captions in subject lines, advertisements of replica products, mass e-mail address collection using an animated snowball .gif image, "free" gift-cards from well-known companies, and seasonal lotto scams" for the high amount of spam last month. As anti-spam software/filters get bigger, better, and more advanced, Symantec hopes to watch this figure go down. You can read the full "State of Spam" report
here.
A new white-paper published by
Remote Exploit highlights how it is possible to remotely intercept signals from wireless peripherals such as keyboards. The security hack works only against keyboards using radio technology operating on a radio frequency of 27Mhz, which was previously thought to be secure from most casual attacks. The white-paper demonstrates how it is possible to use a simple radio receiver, a sound card, and some basic PC software to intercept these signals and reveal what users have been typing. While Bluetooth is safe from this vulnerability, companies such as Microsoft and Logitech still continue to use the tradition radio technology.
It's no secret that the Windows Genuine Advantage software, which is designed to protect legitimate users and stop piracy, does quite a lot of flagging and hindering legitimate users. While piracy of Windows Vista happens about half as often as piracy of Windows XP, you hear a lot more about Windows Vista WGA hacks that extend the grace period by several days/years. And so, Microsoft is going to change WGA so that there is less unjust flagging of legitimate users, and more pirate-catching. The new WGA will first fix the aforementioned grace period hack. Please click "Read full story" to see the exact methodology behind the fix. Another main thing that Microsoft aims to do is eliminate the Vista OEM hack, which tricks Windows into thinking it is being installed on a legitimate OEM system.
It's no secret that Microsoft's anti-piracy campaign, WGA (Windows Genuine Advantage), is a lot like strict gun laws: they make sure that only criminals have an easy time of things. While legitimate users are accused of piracy and have to re-activate Windows every time they upgrade their graphics card, pirated versions of Windows, completely cracked, lack all forms of WGA software. In light of this, Microsoft did a study of their WGA software. An analysis of the study results found a couple things that would make WGA much more trustworthy, easy to work with, and less frustrating. Microsoft has already repaired the WGA validation servers that caused such a fuss back in August, and is adding quite a few backup servers. Microsoft also added 24/7 technical support via phone and internet for anyone with a problem. In the future, Microsoft plans to unleash a "get genuine" campaign. If anyone discovers that their version of Windows is pirated, and wants to go legitimate, the "get genuine" software will give these people an easy way to get a legitimate copy of Windows installed and running.
While Facebook prides itself in being one of the few social networking sites to respect the privacy of all members, some staff members recently decided to abuse that trust. Said employees were caught analyzing profiles they had no right to look at, reading private messages, and otherwise spying on/invading the privacy of unsuspecting members. Facebook caught on to this violation of trust when members began writing in complaining about unknown people viewing their profiles. Facebook administrators are currently investigating the situation, and will fire those that consider spying on members to be "a perk".
It seems as though the mass adoption of Mac OS X Leopard is bringing Apple more than publicity and sales. The German security experts at Heise Security and security blogger Rich Mogull tested OS X Leopard out for themselves, and found some serious problems. The OS X Leopard firewall works by signing applications that aren't already signed by Apple, so that they are given the go-ahead by the firewall. Unfortunately, when a program changes, that go-ahead disappears. Skype is one of those programs that changes itself, and so it comes as no surprise that Skype users are reporting trouble getting Skype to work on their Mac OS X Leopard computers. World of Warcraft also has this problem, though it's not entirely understood why. World of Warcraft forum members report that reinstalling the game clears the bug right up.
When the common user sees a patch for Windows that should have come with Windows Update and didn't, it's no big deal. The user simply goes to the Microsoft website, downloads the patch, runs the Windows Genuine Validation tool, and goes on their merry way. However, for at least four hours this morning, nobody could do that. The servers glitched, and from 12AM EDT to at least 4AM EDT, nobody could validate anything, from Windows Media Player 11 to Windows Vista Ultimate. There is no official word from Microsoft as to what caused this temporary bug or how they are planning to make sure this doesn't happen again.
A simple blunder in an E-mail server's code recently caused the Department of Homeland Security to give itself a miniature DDoS attack. Here's the low-down on what happened: a reader of the DHS' daily Open Source Intelligence Report replied to the list address with a request for a change. The message quickly found itself E-mailed to all subscribers of the newsletters, which numbers in the thousands, for reasons unknown. Unfortunately, once those subscribers got the request, they also got the list of recipients. When the good subscribers tried to report this problem, the same problem happened to the server, and every subscriber quickly found themselves knee-deep in E-mails asking for an un-subscription. That's not the only E-mail passed around the DHS network, though. Subscribers also received requests to cease replying, urgent requests from the Department of Defense and DHS officials for recipients to "kindly stop now please," a "vote for me" political ad, job offers and updates on the local weather. All in all, the server sent, received, and otherwise handled 2.2 million E-mails over the course of an hour, causing a mini-DDoS. The problem is resolved now, and the DHS is ensuring that such a problem will never happen again.
With Firmware v1.1.1, Apple aimed to do more than prevent users from accessing other networks: they were trying to fix critical security holes. While their efforts did work temporarily, hackers recently are proclaiming that they are cracking those security measures. Hackers claim that a special TIFF file can cause a buffer overflow error in Mobile Safari, rendering the iPhone itself vulnerable. While these hacks are nowhere near as easy to use as what was happening in previous versions of firmware, it's definitely a start. There is no word as to when firmware v1.1.1 will be hacked to the point where alternative networks are available for the iPhone.
Return to Keyword Browsing