In the endless fight for IT security in the vulnerable internet, even Google’s Orkut has been hit by a self-propagating Trojan which is currently being studied for a possible cure to remove it from the wild. The Trojan works when the creators get information and send messages with links that prompts users to install a newer version of the flash player program. The user is greeted by a pop-up window that tells the user an installation of a newer version of software being used is in need of download and subsequent update. The program downloads a seemingly legal copy of the software installer which in turn begins to unload it’s payload of malicious code and propagates by sending more messages with the addresses that are tagged as friends in the victim user’s address book. So far, the pop-up message that promotes the spread of the Trojan is only in Portuguese which has been seen only in Brazil and with a few in India, but the security experts at Symantec are worried that an evolved version can unload more malicious code that can do more damage to the millions of users on the web, even cause another cascading slowing down of the internet as a whole if these Trojans begin to overload vital internet hubs forcing them to shut-down due to the infinite requests for direction which it would be unable to handle. Google has been warned by Symantec which has yet to release a reply to that warning. Symantec and many other industry leaders in the development of virus/,alware removal software have predicted the rise in attacks that would take effect this year as more and more people get onto the social network bandwagon making the world a smaller place but at the same time opening previously shut doors ripe for attack fromt the ever changing face of malware.
Archives for February 2008
Encrypted Hard Disks – Data Secure —Naaaahhhh!!!!
As the evolution of the lowly hard drive goes with the increase of storage capacity into the terabyte range and hardware based-encryption it seems that data cannot be more secure once it is stored within the said hard disk. Well, according to WindowsIt Pro, not totally for based on their testing of several hard drives that come as wireless removable storage devices you connect to your USB 2.0 ports, it ain’t that secure after all. The device/s tested was even secured by a wireless security key that used rfid technology to unlock the drive for use by authorized users only (which in the real world is anyone who has the keychain key).
The name and brand which we would not name for obvious reasons have indeed admitted the weakness and that the advertised capability of the drive was wrong. As it turns out, the true 128-bit AES security system was used only by the RF chip and the controller on the drive which was easily defeated by removing the drive from the case and connecting to a now standard SATA drive connector. The drive was encrypted, but not at the ‘military grade’ levels that were advertised for the encryption chip used only a basic encryption level which was not up to par with accepted high-encryption standards.
Both the manufacturers of the controller boards, casing and key, have acknowledged the flaw and promise a more robust system (which is to use a more secure encryption chip that is said to come out this year but is still only in development) by the end of the year. So we guess the false advertising with regards to the encryption standard of the drives should be changed from ‘Strong 128-bit AES encryption’ to ‘standard encryption’, which would only be fair for people do make choices based on the products qualities and capabilities.
Microsoft Opening Doors…. What Gives?
News that Microsoft, the world’s largest software developer, is going to disclose some of their so-called proprietary/secret software technology to competitors is sending chills down the spine of many IT industry leaders. This comes after the company suffered a blow when Yahoo.com rejected their bid to buy a majority of shares from the internet search engine giant. Yahoo might have been in the rut for sometime, but they are still one of the most used search engines on the planet making them an ideal target for the IT giant.
The news comes as a surprise as Microsoft has always worked hard to prevent technology in terms of software design and other inter-operability technologies between their operating systems like XP and Vista, the Office Family and many other software products that have managed to keep the lead in terms of the number of installations. Being the most recognizable IT firm (and even the most hated by some), Microsoft has managed to come out of many problems such as the well criticized and publicized flop of their Vista SP1 which many saw as just another way for the firm to say they care for their customers. People who have the Service pack were not at all pleased with it saying thatit was not as they expected (maybe referring to the milestones they came over when they did the same for XP with SP1 and SP2). This leaves a sour taste in the mouths of prospective users still with XP that the upgrades and improvements will be not as significant as they had hoped for.
Microsoft has been in the spotlight before but not as a company who regularly shares details about its products. The step might be a step in the right direction or it may just prove to be a testing of the waters for the software giant. Time will tell if the information they do disclose would benefit competitors or as others have said, it might just be another try to get people hooked on their technology, taking them down as a whole (hook, line and sinker) into the world of Microsoft.
OS Updates, Patches and Service Packs – What they’re not telling you (Part 2)
Some of these updates and patches are well publicized and known to media and IT circles while others are not. The real truth, not all users want to know the details of the several updates and patches that are being installed as long as they get to use the internet and other software without issues. This is a dangerous tightrope to walk for like the Facebook incidents and MySpace problems, and yes even Google (with their customer purchase tracking system which they took out of service as people took notice and were pissed they were being monitored as to shopping habits etc).
Even the most popular web search engines have come under fire when people took notice of their tracking systems and how that information is used to target them for advertising campaigns. The web is a true and proven signal of unparalleled freedom for it allows you to get information all with the press of a few buttons. But the battle begins at your desktop or laptop where the OS resides and is installed on making it the root of all possible problems. Yes, Attacks do come from the net but they are targeted at your home or office desktops using them as propagation tools to spread them all over the globe. Privacy and the right to know is quite battered on these fronts with many problems being discovered at every turn. People love intrigue and they will continue to scrutinize and criticize the work of others may they be friends or foes. On goes the OS wars and we are on the sidelines waiting to suffer all the fallout of their drive to be the first to release the most innovative and feature loaded software (with bugs and system crashes all bundled and included in the box, well till they release the respective fixes and patches to remedy them).
OS Updates, Patches and Service Packs – What they’re not telling you (Part 1)
Everybody on this earth who uses the internet has to begin with a device (PC, Laptop or Mobile Phone) that has a form of operating system that gives the machine (computer/device) the ability to function as it does. May it be from Microsoft (Windows XP or Vista), Apple (OS X Leopard and prior versions) or Linux-Based operating systems, all these programs get their fair share of patches and bug fixes that are essentially damage control measures that hopefully correct programming errors before they cause too much harm to the user and the computer they are installed on.
These patches and updates are available for free for most licensed users but for those who still use bootlegged software, well, they are a bit too difficult to get hold of for the move of OS manufacturers to install (sometimes without you even knowing it), validation tools that check via the internet if the copy of your OS is licensed and legit. These underground updates are not always so discreet for some do get out and are found by users, programmers and other people who rely heavily on their computers for their everyday existence. Some get blown out of proportion sending them into the headlines as unwanted and unauthorized processes that you get to see on CNN and the BBC.
Software development firms are businesses and they do try their best to keep ahead of the pack (competitors) when it comes to the complexity and capabilities of their products. The competitiveness goes as far as the early release of a product before all testing and real-world simulations have been completed opting for patches and updates to correct them well after the product has been released into the wild (for public use). Some problems associated with them are so critical that the developers are so ashamed to admit they overlooked them that they opt to update these files without the user’s knowledge (have you ever seen your OS getting updates from the web as you get to go on your coffee break, sometimes so discreetly you even fail to notice, returning to a computer that tells you your system has been updated and a restart is needed for them to take effect?)
Facial Recognition and Smart Mice – biometrics of the invasive kind.
The future (not actually that far off) sees computer systems that are powerful enough to map out the human face which is known as facial recognition, scanning it into a database that takes a full-360 degrees picture mapping the individual face into a digital fingerprint of sorts allowing no need for invasive security systems. Imagine walking towards your workplace which is studded with cameras that constantly takes pictures of your face and compares it to a digitized database of many other faces in the system. As you get to your terminal, you get immediate access (for the system has seen you as the rightful owner of the computer terminal) to all you stuff without having to physically go through invasive security systems (like the one seen on the sci-fi movie the Minority Report). In the movie, society has evolved into a centralized environment where there are security scanners tied into all major computer systems such as media advertising boards located in major city center’s. Advertising that is suited to one’s preferences and such other information are obtained on a person through retinal scanners that continuously scans one’s location and other information such as the case in the plot which has a rogue officer of the law being subject of much fuss. This gives an insight into the possible future of the human race and how much information technology play’s a part in that future world where nothing is secret and just about anything with the right access can get enough information about you. Hot Forest’s introduction of biometrics-technology based interface system (initially a mouse) that have embedded medical grade sensors that monitor blood pressure and other vital bodily functions to indicate the productivity of their staff based on baseline information collected as the system is implemented. Their system, ‘OPTIMAL OFFICE’ monitor’s the health of their employees through sensors (heart rate monitors) and software helping management create a less stressful workplace. This allows offices to monitor their employees productivity by monitoring their blood pressure which is a sure sign of stress or too much of it allowing better management and control.
The system works and begins to provide important information about an employee who uses the system for more than 2 hours allowing the collection and collation of vitals which are compared and rated according to standards set by the medical field as either healthy or hazardous to one’s health. Management is then alerted to whether they are under or over stressed based on these information allowing the conduction of adjustments or other health analysis tests. This is said to promote a better office for healthy people who work happily are more productive. Though many see the system as too invasive, it may offer an insight on what tomorrow would hold for us as technology become’s more of a necessity rather than an addition to the way we live day by day.