August 20, 2007
Oh joy. I know a number of people who have used Monster in the last year for job applications. so I had to post about it.
According to Symantec Corp. security analyst Amado Hidalgo, a new Trojan horse called Infostealer.Monstres by Symantec has stolen more than 1.6 million records belonging to several hundred thousand people from Monster Worldwide Inc.'s job search service. That data is then used to target the Monster.com users with credible phishing mail that plants more malware on their machines.
In general, phishing schemes are easy to spot because of the poor nature of the emails. Therefore, to get a better return, these guys stole data that would enable them to send out mass mailings with an official look to them. After all, if you applied via Monster and then received an email via "Monster" with legit information about yourself... how are you supposed to know if it's the real thing or not?
So, what are they stealing?
The first piece of malware, dubbed Banker.c by Symantec, is a run-of-the-mill information-stealing Trojan horse that monitors the infected PC for log-ons to online banking accounts. When it sniffs a log-on in process, Banker.c records the username and password, then transmits the data back to hacker HQ. Gpcoder.e, on the other hand, is "ransomware," the name given to Trojan horses that encrypt files on the hacked computer, then hold those files hostage until the user pays a fee to unlock the data.
Ah, such lovely people. If you've used Monster recently, check out the article. If you haven't, always remember your information is susceptible to being stolen. If any email you receive from a job search site asks you to download software so you can access something - you may want to get in touch with their tech support first and let them know what's happening. I don't know of any sites that require software downloads to work - if they do, people should stop using them!
As for Identity Thieves, can we just line 'em up and shoot 'em? That may be a small deterrent. Although I would guess 99% of these scum believe they will never be found (sadly they may be correct).
August 16, 2007
The argument has always been that the usual suspects (cable and telcos) are evil and charging their customers far too much money for a simple internet connection. I mean, what's so difficult? You set up connections, plug it in and boom - you're on. How dare the cable and telcos charge such outrageous fees for such a simple thing!
Constructing networks that can provide Internet access to homes and office buildings and withstand challenges from nature that interfere with wireless signals -- such as hills or rainstorms -- is proving more costly than anticipated.
Now there's a shocker! You mean it's not all tea and crumpets? You mean there's more to it than setting up a wireless access point and turning it on? How can that be?
Ah, they are finding out that the current providers are charging money for a reason! What a concept. You have to have people who are able to set things up, trouble shoot, constant equipment upkeep, far more access points than anticipated as there are so many things that will block a signal... the list goes on. It's called infrastructure. Cable companies and the telcos all face these charges - that's why their fee structure is what it is. (whether or not you like their service is another matter - I'm just talking about what they must have in place to continue functioning)
Now let's get to the "free" or "cheap" bit of this equation. How can they do this? Well naturally, the cities are subsidizing these installations... this means the money comes out of their budget... so it's the TAX PAYER who is paying for these networks. If you live in these cities and pay taxes - you are paying for everyone to have wi-fi access. And in some instances - it looks like cities are finding ways to use federal money to pay for the network.
...Toledo's commissioner of development, says the new proposal would reduce the city's contribution to $1.5 million by tapping resources already budgeted to public-safety agencies and taking advantage of a federal grant the city has received from the Department of Homeland Security.
BTW - I should add that the city council must still approve this - so it's not quite a done deal, however, it is proposed.
Public safety. That would be police, fire... they don't need the money do they? Not when it can be used so everyone can have an internet connection! How crass to believe that the fire department might be able to put the money to much better use.
The Homeland Security Money - that's federal - so all US citizens will be footing a portion of the Toledo network if it goes through. Is this how we wanted cities to spend DHS funds?
Why do I get the feeling we're now looking to provide little Hussein Jr with an internet connection so he can coordinate terror cells... Of course clues will be missed because police officers won't be properly trained as DHS money, meant for such mundane things was used to build the wi-fi network instead. But I digress...
The best quote of all goes to the Google spokesman:
"We continue to hope that EarthLink and the City of San Francisco will find a way to enable all its residents to enjoy the free Wi-Fi network they deserve,"
I hate to say it, but not one single person in this country "deserves" a wi-fi connection, much less a so called "free" one. Availability of access is one thing. Tax payers footing even a portion of the bill so someone in San Francisco or Toledo or some other city can get online? At the expense of other needed services? That's something none of us deserve.
August 06, 2007
You can set up all the cute software deterrents you want, but they can almost all be bypassed if someone can get physical access to the computer.
"Most people think that computers inside buildings are secure. How many computers do you see left logged on at night?"
Franken's creation was among the real-world lock-cracking revelations made at the DefCon hackers conference, where a room is devoted to the "sport" of lock picking.
Medeco deadbolt locks relied on worldwide at embassies, banks and other tempting targets for thieves, spies or terrorists can be opened in seconds with a strip of metal and a thin screw driver, Marc Tobias of Security.org demonstrated for AFP.
"This is incredible; it's unreal," Tobias said while showing the ease with which the locks can breached.
After years of running as separate entities within companies, it is finally breaking into the consciousness of those in charge of physical and computer security, that you can't have one without the other. There are hackers on the internet, social engineers on the phone, and the old fashioned type "let's pick the lock" thieves. Each of them are very effective in grabbing the company valuables - that is data. Data is gold, or maybe could be thought of as the new diamond.
I expect the stereo types will linger for years. After all what does the dorky nerd who sits in front of a keyboard setting up firewalls have in common with the flat foot patrolling the building at night checking doors? They both are working toward the same objective, even if they don't want to acknowledge it - they are each keeping the company safe in their own way.
The hackers and crackers are not going to go away, even if they now hold respectable conferences where they share information among themselves and somewhat with law enforcement. People like Steve Hunt have been pushing this convergence for years.
It seems that this year, the abilities of those who can pick locks have certainly caught the attention of the press. Let's hope it has also caught the attention of the right people - those charged with keeping people, buildings, and data secure. I hope they were there taking notes.
August 03, 2007
But more interesting were the examples Krawetz gave of al Qaeda images. Krawetz took an image from a 2006 al Qaeda video of Ayman al-Zawahiri (above right), a senior member of the terrorist organization. The image shows al-Zawahiri sitting in front of a desk and banner with writing on it. But after conducting his error analysis Krawetz was able to determine that al-Zawahiri's image was superimposed in front of the background -- and was most likely videotaped in front of a black sheet.
If you're into digital photo manipulation, go check out the entry. Of course, then you have to wonder what's up with that? I really hope our intel people have an idea (even if they wouldn't share it) because there wouldn't be much point in all the photoshopping just to send out a verbal message.
August 02, 2007
One of the good things about geekiness being more cool, is that these conferences, which used to be for hackers only and otherwise ignored, are now watched carefully for the latest hacks and cracks.
The other day I was posting about firewalls and unsecured hotel wi-fi (or even cafe wi-fi). Today I ran across this very interesting story coming out of the Black Hat conference...
Black Hat Users of Yahoo! Mail, MySpace and just about every Web 2.0 service take note: If you access those services using public Wi-Fi, Rob Graham can probably gain unlimited access to your account - even if you logged in using the secure sockets layer protocol.
Head over and read the whole thing to see how he does it. (really - it's not so terribly awful) In the meantime - the only service that can be hardened against this attack is google.
I didn't check to see if there was a way to do this with IE, but with Firefox you can install an extension called Customize Google. It allows you to retain your SSL connection (the encrypted bit that keeps anyone from snooping the connection) until you finish your session. It also does a host of other things for you, like blocking the Google Analytic cookies (which is how your browsing is tied back to your computer). Have a look. If you are so inclined, give it a try. Especially if you tend to use open wi-fi connections. It's a little bit of protection.
For more protection, you may want to look into Zonker's suggestion (in my previous post's comments) and spring for HotSpot VPN to encrypt all your online machinations. I use their Mergic VPN for accessing my email on my Treo, so they cover it all.
When you leave your house, you lock your doors and windows - consider this to be locking your computer's doors and windows so no one else can jump in and steal your information. That's worth a bit of effort.
My first thought... "Are they going to monitor conversations so they can send targeted ads to your phone?"
August 01, 2007
Over the last few weeks, the filter has gone ballistic. It seems to take email at random and put it in the junk mail folder. True spam, and legitimate email, there seems to be no difference in the mind of the filter. I can see the inner workings of its tortured soul now...
"Okay, I need to put something into the junk filter. I'll just grab the next 6 or 7 emails and stick them in there - at least then it looks like I'm working!"
Ah yes. I've changed settings, I've even turned the thing off totally, yet it continues on it's quest to grab periodic pieces of innocent email and throw them in the junk folder.
I have googled around like mad (or maybe I should say "asked around" as I use the ask.com search engine) only to find legions of people with the same problem and no solution. One guy tried really hard - he had a possible solution. Sadly it didn't work for me - or for many others - all of us sitting here, starting at our email application and wondering what we did wrong.
We think "Maybe if I did something different, it would work again" only to be disappointed over and over. And then you contemplate changing email clients... but experience has shown you that none of them work quite right. They all have these annoying idiosyncrasies. No, I don't like my email client, but I've gotten used to it. I don't want to start over again, battling a host of new issues. So, I'll live in angst. Hoping real email won't all be lost in the general mayhem.
It's sad really, that one little application can cause so very much trouble.
73 queries taking 0.016 seconds, 254 records returned.
Powered by Minx 1.1.6c-pink.