In the endless fight for IT security in the vulnerable internet, even Google’s Orkut has been hit by a self-propagating Trojan which is currently being studied for a possible cure to remove it from the wild. The Trojan works when the creators get information and send messages with links that prompts users to install a newer version of the flash player program. The user is greeted by a pop-up window that tells the user an installation of a newer version of software being used is in need of download and subsequent update. The program downloads a seemingly legal copy of the software installer which in turn begins to unload it’s payload of malicious code and propagates by sending more messages with the addresses that are tagged as friends in the victim user’s address book. So far, the pop-up message that promotes the spread of the Trojan is only in Portuguese which has been seen only in Brazil and with a few in India, but the security experts at Symantec are worried that an evolved version can unload more malicious code that can do more damage to the millions of users on the web, even cause another cascading slowing down of the internet as a whole if these Trojans begin to overload vital internet hubs forcing them to shut-down due to the infinite requests for direction which it would be unable to handle. Google has been warned by Symantec which has yet to release a reply to that warning. Symantec and many other industry leaders in the development of virus/,alware removal software have predicted the rise in attacks that would take effect this year as more and more people get onto the social network bandwagon making the world a smaller place but at the same time opening previously shut doors ripe for attack fromt the ever changing face of malware.
Tags: Google, Orkut, Trojan
Categories: General, IT Security Basics, Instant Messaging, Malware, Network Security, News, Privacy & Anonymity, Real-World Issues, Security Policies
As the evolution of the lowly hard drive goes with the increase of storage capacity into the terabyte range and hardware based-encryption it seems that data cannot be more secure once it is stored within the said hard disk. Well, according to WindowsIt Pro, not totally for based on their testing of several hard drives that come as wireless removable storage devices you connect to your USB 2.0 ports, it ain’t that secure after all. The device/s tested was even secured by a wireless security key that used rfid technology to unlock the drive for use by authorized users only (which in the real world is anyone who has the keychain key).
The name and brand which we would not name for obvious reasons have indeed admitted the weakness and that the advertised capability of the drive was wrong. As it turns out, the true 128-bit AES security system was used only by the RF chip and the controller on the drive which was easily defeated by removing the drive from the case and connecting to a now standard SATA drive connector. The drive was encrypted, but not at the ‘military grade’ levels that were advertised for the encryption chip used only a basic encryption level which was not up to par with accepted high-encryption standards.
Both the manufacturers of the controller boards, casing and key, have acknowledged the flaw and promise a more robust system (which is to use a more secure encryption chip that is said to come out this year but is still only in development) by the end of the year. So we guess the false advertising with regards to the encryption standard of the drives should be changed from ‘Strong 128-bit AES encryption’ to ’standard encryption’, which would only be fair for people do make choices based on the products qualities and capabilities.
Tags: data-security, Encrypted Hard Drives, encryption
Categories: Backups, Cryptography, General, IT Security Basics, News, Physical Security, Real-World Issues, Security Policies, Storage
News that Microsoft, the world’s largest software developer, is going to disclose some of their so-called proprietary/secret software technology to competitors is sending chills down the spine of many IT industry leaders. This comes after the company suffered a blow when Yahoo.com rejected their bid to buy a majority of shares from the internet search engine giant. Yahoo might have been in the rut for sometime, but they are still one of the most used search engines on the planet making them an ideal target for the IT giant.
The news comes as a surprise as Microsoft has always worked hard to prevent technology in terms of software design and other inter-operability technologies between their operating systems like XP and Vista, the Office Family and many other software products that have managed to keep the lead in terms of the number of installations. Being the most recognizable IT firm (and even the most hated by some), Microsoft has managed to come out of many problems such as the well criticized and publicized flop of their Vista SP1 which many saw as just another way for the firm to say they care for their customers. People who have the Service pack were not at all pleased with it saying thatit was not as they expected (maybe referring to the milestones they came over when they did the same for XP with SP1 and SP2). This leaves a sour taste in the mouths of prospective users still with XP that the upgrades and improvements will be not as significant as they had hoped for.
Microsoft has been in the spotlight before but not as a company who regularly shares details about its products. The step might be a step in the right direction or it may just prove to be a testing of the waters for the software giant. Time will tell if the information they do disclose would benefit competitors or as others have said, it might just be another try to get people hooked on their technology, taking them down as a whole (hook, line and sinker) into the world of Microsoft.
Tags: Breaking News, Microsoft, Opening Up Microsoft
Categories: General, News, Real-World Issues
Some of these updates and patches are well publicized and known to media and IT circles while others are not. The real truth, not all users want to know the details of the several updates and patches that are being installed as long as they get to use the internet and other software without issues. This is a dangerous tightrope to walk for like the Facebook incidents and MySpace problems, and yes even Google (with their customer purchase tracking system which they took out of service as people took notice and were pissed they were being monitored as to shopping habits etc).
Even the most popular web search engines have come under fire when people took notice of their tracking systems and how that information is used to target them for advertising campaigns. The web is a true and proven signal of unparalleled freedom for it allows you to get information all with the press of a few buttons. But the battle begins at your desktop or laptop where the OS resides and is installed on making it the root of all possible problems. Yes, Attacks do come from the net but they are targeted at your home or office desktops using them as propagation tools to spread them all over the globe. Privacy and the right to know is quite battered on these fronts with many problems being discovered at every turn. People love intrigue and they will continue to scrutinize and criticize the work of others may they be friends or foes. On goes the OS wars and we are on the sidelines waiting to suffer all the fallout of their drive to be the first to release the most innovative and feature loaded software (with bugs and system crashes all bundled and included in the box, well till they release the respective fixes and patches to remedy them).
Tags: Apple, linux, Microsoft, OS Wars
Categories: General, IM, IT Security Basics, Instant Messaging, Malware, News, Operating Systems, Privacy & Anonymity, Programming, Real-World Issues, Security Policies, Spyware
Everybody on this earth who uses the internet has to begin with a device (PC, Laptop or Mobile Phone) that has a form of operating system that gives the machine (computer/device) the ability to function as it does. May it be from Microsoft (Windows XP or Vista), Apple (OS X Leopard and prior versions) or Linux-Based operating systems, all these programs get their fair share of patches and bug fixes that are essentially damage control measures that hopefully correct programming errors before they cause too much harm to the user and the computer they are installed on.
These patches and updates are available for free for most licensed users but for those who still use bootlegged software, well, they are a bit too difficult to get hold of for the move of OS manufacturers to install (sometimes without you even knowing it), validation tools that check via the internet if the copy of your OS is licensed and legit. These underground updates are not always so discreet for some do get out and are found by users, programmers and other people who rely heavily on their computers for their everyday existence. Some get blown out of proportion sending them into the headlines as unwanted and unauthorized processes that you get to see on CNN and the BBC.
Software development firms are businesses and they do try their best to keep ahead of the pack (competitors) when it comes to the complexity and capabilities of their products. The competitiveness goes as far as the early release of a product before all testing and real-world simulations have been completed opting for patches and updates to correct them well after the product has been released into the wild (for public use). Some problems associated with them are so critical that the developers are so ashamed to admit they overlooked them that they opt to update these files without the user’s knowledge (have you ever seen your OS getting updates from the web as you get to go on your coffee break, sometimes so discreetly you even fail to notice, returning to a computer that tells you your system has been updated and a restart is needed for them to take effect?)
Tags: Apple, linux, Misrosoft, OS Wars
Categories: General, IM, IT Security Basics, Malware, News, Operating Systems, Privacy & Anonymity, Real-World Issues, Spyware
The future (not actually that far off) sees computer systems that are powerful enough to map out the human face which is known as facial recognition, scanning it into a database that takes a full-360 degrees picture mapping the individual face into a digital fingerprint of sorts allowing no need for invasive security systems. Imagine walking towards your workplace which is studded with cameras that constantly takes pictures of your face and compares it to a digitized database of many other faces in the system. As you get to your terminal, you get immediate access (for the system has seen you as the rightful owner of the computer terminal) to all you stuff without having to physically go through invasive security systems (like the one seen on the sci-fi movie the Minority Report). In the movie, society has evolved into a centralized environment where there are security scanners tied into all major computer systems such as media advertising boards located in major city center’s. Advertising that is suited to one’s preferences and such other information are obtained on a person through retinal scanners that continuously scans one’s location and other information such as the case in the plot which has a rogue officer of the law being subject of much fuss. This gives an insight into the possible future of the human race and how much information technology play’s a part in that future world where nothing is secret and just about anything with the right access can get enough information about you. Hot Forest’s introduction of biometrics-technology based interface system (initially a mouse) that have embedded medical grade sensors that monitor blood pressure and other vital bodily functions to indicate the productivity of their staff based on baseline information collected as the system is implemented. Their system, ‘OPTIMAL OFFICE’ monitor’s the health of their employees through sensors (heart rate monitors) and software helping management create a less stressful workplace. This allows offices to monitor their employees productivity by monitoring their blood pressure which is a sure sign of stress or too much of it allowing better management and control.
The system works and begins to provide important information about an employee who uses the system for more than 2 hours allowing the collection and collation of vitals which are compared and rated according to standards set by the medical field as either healthy or hazardous to one’s health. Management is then alerted to whether they are under or over stressed based on these information allowing the conduction of adjustments or other health analysis tests. This is said to promote a better office for healthy people who work happily are more productive. Though many see the system as too invasive, it may offer an insight on what tomorrow would hold for us as technology become’s more of a necessity rather than an addition to the way we live day by day.
Tags: Biometrics, Facial Recognition, Future Tech, IT Security Basics, Vein Mapping Technology
Categories: General, IT Security Basics, Network Security, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies
Biometrics is seen as the next step in computer systems security and access control due to the failure of more primitive and fundamental security systems. Fingerprint scanners, passwords, security keys and even smartcards have failed miserably in providing the ultimate and most secure intrusion prevention method for just about anything. From your home, car, computer terminal at work to just about anything else that needs security, it has be come more and more of a must due to the increasing threat of identity theft and other computer related crimes in and out of the workplace.
Biometrics are security systems that are based on the differences the human body manifests in terms of eye structure, facial features and now vein geometry. We’ve all heard of DNA or the so-called blueprint for life and the way it makes each and every human different from everyone else on this earth (well, except for some genetic disorders and diseases that changes the DNA makeup). That is what biometrics takes advantage of as a source of a very unique key or method of identifying one from another person.
Your fingerprint is mapped when it is initially scanned into a computer system which convert’s your analog (actual) print into a digital map that is as unique as you are an individual. Iris scanners take into account the differences the iris has from each and every individual (through the use of a low powered light and scanner to obtain a picture of the eye’s iris which is also unique). Voice recognition takes into account, the differences our voices have from everybody else also converting it into a digital map or password of sorts. Vein geometry, uses a thermal imaging camera to take a picture of your hand or whole body which is sensitive to heat showing all the blood vessels which show as hotspots thus giving you a unique id of sorts as that is also mapped and converted into digital form. All of the above biometrics systems rely on our individual differences which are quite unique to us and add onto it, other more basic security measures such as a physical key (password, key or other devices) to give the ultimate security system preventing intrusion.
Tags: identity-theft, Secure workplace
Categories: General, IT Security Basics, Network Security, Operating Systems, Physical Security, Real-World Issues, Security Policies
Is Microsoft looking for another area of investment? Well, it sure looks like it, for they have just placed a bid on Yahoo which may be a sign of them trying to diversify and try to catch some action on the search engine part of the internet. The well publicized bid will make Microsoft more part of everyday computing and the internet that it already is. This move would bolster their already well-known market dominance with their operating systems such as Vista (the latest addition to their Windows series of operating systems), Xbox (their bid to get some share of the gaming market previously dominated by Sony with their PlayStation Series) and the many other products such as Microsoft Office.
Bill Gates has left the company onto another’s hand which spelled the end of his prominence in the PC and computer industry but he is not expected to fade out soon for he is still looked at by many as the father of the Windows empire. If they indeed succeed with their bid for expansion, they will add yahoo to their already diverse list of markets on the IT industry which they have a cut of. This would also add more hatred to those people termed as the rebels of the IT world who have hated windows and it’s tight grip on the internet and computing industry as a whole.
Hackers have made it known again and again that they will continue to pester and bring headaches to the company which has resulted in many well publicized attacks causing the company millions of dollars in lost revenue. Their problems with the Xbox and Xbox live, also proved to be a hard pickle to swallow for the problems of the Christmas season when their high-tech gaming network system ground to a halt, to the dismay of many a players and subscribers. They managed to get out of it promising a free game for all their clients which should have instead earned revenue. More would be expected on Microsoft as they enter a new year filled with challenges and hurdles but they will always be a presence on the computer industry. This might also turn out to be a bad choice for they already have their resources stretched too thin with successive problems with their products. They might have to stick with what they do best which is to focus on their OS systems rather that diversify and expand. Well, we’ll see this year if their strategy for expansion works or not.
Tags: Bidding-for-Yahoo, Microsoft, Microsoft-and-Yahoo, Microsoft-News, Yahoo
Categories: General, News, Real-World Issues
The accessory cards for the standard PC has become so widespread that they come in many shapes and form allowing the connection of any number of security cameras. Triggered systems which rely on other security deterrents for activation allows the people monitoring the site to save on storage which used to be a bank of video recorders that were set to record in extended mode on a loop in a back office which was hopefully secure enough to prevent tampering and destruction by perpetrators. Off-site security allows monitoring over high-speed internet lines of the site without the danger of loosing valuable evidence in the form of video footage safely secured onto the company’s own storage servers or can be out-sourced to off-site data storage companies like Iron Mountain who specialize in secure and reliable data storage. The advent of high capacity hard drives like the Toshiba Terabyte Drive allows a huge amount of data to be stored with minimal hardware footprint. Seagate on the other hand has gone a step further by releasing hardware-based encryption in it’s hard drives which can be activated with the use of the Operating System making for one ultra-secure hard drive (well, till you forget the password or key to decrypt the drive making it useless or exceed the MTBF of the specified drive, ouch.. that’s 931 GB of lost data).
Security has become an ever present need and so is the drive to protect assets that are the essence of business organizations. These newer and cheaper versions of security systems add a level of security that assures us our assets stay safe and secure in the event of either man-made or natural disasters that are becoming quite common as life becomes harder and money is harder to come by turning people to a life of crime never before seen on this earth.
[tags]Securing Assets, Security[/tags]
Tags: Asset-Protection, Remote-Security-Systems, Security-Systems, Video-Surveillance, Wireless-Surveillance
Categories: Backups, General, IT Security Basics, Network Security, Privacy & Anonymity, Real-World Issues, Security Policies
Security cameras in its many shapes and forms have evolved into more of a necessity rather than a luxury usually available to those firms who could afford it. Developments in CCD technology and miniaturization of electronics components have allowed the price to fall steady making them widely available and easy to deploy. Similar to webcams, IP based security systems like the one from LPM, are now more and more becoming well accepted for like VoIP, it allows the video feed from a site hundreds of miles away to be sent over the internet to a security center in the company’s security center allowing centralized monitoring of warehouses and other facilities that would otherwise need security personnel saving in manpower costs.
The technology has evolved to a point that all one needs for IP-based security surveillance monitoring is a peripheral card one installs into the standard PC and the necessary cameras that are desired. Another deterrent of security systems of past was the requirement for extensive cabling which can be quite costly if one wishes to monitor a large area which needs to have all supporting cabling installed (power, video feed cables, audio cables, etc.). The advent of the many wireless radio communication technologies have also contributed to ease of implementation allowing wireless communication between a site’s central console and it’s subordinate cameras, who then send the information through the internet to it’s security base which can be a few blocs to hundreds of miles away.
[tags]Security Systems, Video Surveillance, Remote Security Systems, Asset Protection [/tags]
Tags: Asset-Protection, IP-Based-Surveillance, Remote-Security-Systems, Security-Systems, Video-Surveillance
Categories: Backups, General, IT Security Basics, Network Security, News, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies, Storage
In the endless fight for IT security in the vulnerable internet, even Google’s Orkut has been hit by a self-propagating Trojan which is currently being studied for a possible cure to remove it from the wild. The Trojan works when the creators get information and send messages with links that prompts users to install a newer version of the flash player program. The user is greeted by a pop-up window that tells the user an installation of a newer version of software being used is in need of download and subsequent update. The program downloads a seemingly legal copy of the software installer which in turn begins to unload it’s payload of malicious code and propagates by sending more messages with the addresses that are tagged as friends in the victim user’s address book. So far, the pop-up message that promotes the spread of the Trojan is only in Portuguese which has been seen only in Brazil and with a few in India, but the security experts at Symantec are worried that an evolved version can unload more malicious code that can do more damage to the millions of users on the web, even cause another cascading slowing down of the internet as a whole if these Trojans begin to overload vital internet hubs forcing them to shut-down due to the infinite requests for direction which it would be unable to handle. Google has been warned by Symantec which has yet to release a reply to that warning. Symantec and many other industry leaders in the development of virus/,alware removal software have predicted the rise in attacks that would take effect this year as more and more people get onto the social network bandwagon making the world a smaller place but at the same time opening previously shut doors ripe for attack fromt the ever changing face of malware.
