July, 2010
Wednesday, July 28th, 2010
Journalists and hackers, while they both have very different aims, are not too dissimilar in their working methods.
This was my realisation about ten minutes into a Stonesoft Hack The Lab event held today where attendees were invited to compromise a fictitious website.
Both journos and hackers start off their projects by selecting a target before moving on to gather related information. For the latter activity, both look through the raft of data that can be found on newspapers, magazines, websites and from available contact details.
Then, in admittedly very different ways, writers and cyber criminals alike look to pick holes in their target, finding vulnerabilities to attain their respective goals.
Of course, this is where the similarity ends. Journalists go ahead and write up a story, while hackers can do a range of different, possibly illicit, things such as leaving backdoors or covering their tracks (the last thing journalists want to do is hide their identity – quite the opposite in fact).
While the comparison is not entirely accurate, it hints at something more important: anyone can be a hacker – something that was proved by my visit to Hack the Lab.
Stonesoft’s Alan Cottom said at the very beginning of the meeting that many companies still consider intrusion prevention to be something of a “dark art”. The aim of Hack the Lab is to show how simple compromising a system can be if the right protection is not in place, a sentiment that Stonesoft has expressed to clients through such events before.
Cottom guided us through hacking a fake company named City Burger. All that was required were some instructions, a range of easily downloadable tools (I won’t name them from fear of promulgating the the threat of DIY cyber crime) and, admittedly, some help from the guys in the know.
Having gathered some info on the site, we eventually got hold of an old email with some password details on. Eventually, after discovering where the password went, a couple of attendees (my skills are still lacking… perhaps for the good of the world) were able to take control of a compromised system and carry out commands from that. Simple really.
What is clear though, is that with the right protection in place and a sensible password strategy (check out our guide on how to create a solid one), companies stand a much better chance of blocking wannabes like myself… well at least the self I was a few hours before writing this.
I’ve now gone clean after tasting the dark side. I am officially a reformed hacker.
Wednesday, July 28th, 2010
Google has twice as much malware as Bing, Twitter and Yahoo! combined
Google is, without any doubt, the king of search. However, a new security report published today suggests it is also the king of malware.
According to the Barracuda Labs 2010 Midyear Security Report http://www.barracudalabs.com/research_resources.html which looked at more than 5.5 million search results and 25,000 trending topics over a two month period, Google is the undisputed heavyweight malware spewing champion of the search world.
Presenting the results of the report at Security BSides in Las Vegas this weekend, the study concentrated on the ‘big four’ in the world of search: Bing, Google, Twitter and Yahoo! in order to analyse trending topics and identify malware trends.
Researchers discovered that Google turned up twice as many malware-laden results when searching for popular trending keywords than the other three combined. According to Barracuda Labs, Google presented some 69 percent of malware hits compared to Yahoo! at 18 percent, Bing at 12 percent and Twitter at just one percent. Not that Twitter escaped unscathed, as a separate Barracuda report also published today which attempted to identify malware indicators in Twitter account usage revealed that the malicious account usage is increasing. (DANIWEB URL HERE)
But back to the Google statistics, because they really do seem to tally with the experiences of most people in the security research world that I mix with and who constantly despair at the sheer volume of search engine poisoning that happens. Barracuda Labs reckon that the average amount of time it takes for a trending topic to appear on Google after breaking on Twitter, for example, is just 1.2 days. Proving that the bad guys don’t waste time when it comes to getting those poisoned links into play. And talking about time, the research finds that more than half the malware on Google is found between 4am and 10am funnily enough. Which suggests that most of it does not originate in the UK, which is also in keeping with my experience.
Google is, without any doubt, the king of search. However, a new security report published today suggests it is also the king of malware.
According to the
Barracuda Labs 2010 Midyear Security Report which looked at more than 5.5 million search results and 25,000 trending topics over a two month period, Google is the undisputed heavyweight malware spewing champion of the search world.
Wednesday, July 28th, 2010
Did you see the excellent Sherlock Holmes on the Beeb the other night? Did you spot the references to the original? Der, yes he’s Sherlock a consulting detective and Dr Watson is, er a doctor – ex army and often called upon to pack his “service revolver”. Sherlock, famous for his “three pipe” problems applies a nicotine patch when he already has two on and refers to it being a “three patch problem”.
Most people should have got that much, but you may have had to have read the books to spot that the original Watson was wounded in Afghanistan (the “second Afghanistan war” according to Conan Doyle – what version are we up to now?). However, you might need your anorak to notice that the current Watson has a psychosomatic limp and near the end of the episode the joke is he was wounded in the shoulder. In the book (A Study in Scarlet) about page one we discover Watson was wounded in the shoulder but about page 46 (my copy) we find him massaging his “wounded” leg – presumably a gaff by Conon Doyle but beautifully picked up by Steven Moffat.
What’s that got to do with documentation? Well, Holmes is also famous for not letting on what he knows, dropping super obscure hints and then exploding the answer in everyone’s faces so he can take a bow to a stunned audience.
That’s not the way to do it. What if Moriarty did mange to finish him off? No one would be able to pick up the trail. So it is with coding (and project design, and …). We shouldn’t keep it all to ourselves, we should be documenting and commenting our code and procedures. Being indispensable probably won’t keep us our jobs (bosses are too stupid to notice what we do and will never believe someone else can’t do it – even if no one else can). Being co-operative, getting things done (even when someone else does them) may just get us a promotion. Or is that madly optimistic?
Oh, and BTW how did I notice the leg / shoulder thing? I have a second hand copy and someone has made notes in the margin of all the inconsistencies – information shared!
Tuesday, July 27th, 2010
For so very long, I have been hearing “tape is dead.” Yes, it may be cheap and it may be easy, but it is known for being unreliable with a short shelf life, and the disk alternative is seen as worth the investment.
However, this week has seen both Oracle and EMC refresh their ranges with offerings for tape storage.
It has become a bit of a chicken and egg scenario. Technology big wigs are trying to encourage companies to move their money away from tape and put it towards disk storage, yet, they keep providing the tape option.
A company who has used tape for years and continues to see costs drop is hardly going to be leaping onto the disk bandwagon if they are not pushed, especially in times of economic strife.
But at the same time, tech companies don’t want to remove their tape products whilst people are still buying them and, really, is it their right to decide what companies use to store their data?
Somebody needs to make the first move. Tape may do the job but there are much better options out there that can do even more and can really improve storage capabilities, with price tags for companies of all sizes.
But it is down to the industry now. As with the resistance to SSD adoption (price) and cloud computing (security), it is down to the trustworthy names to lead the way and reassure firms it is the best step to take.
Am I saying I can see them doing this and throwing away their current easy money from tape? Maybe not, but it doesn’t mean they should not.
Be brave EMC and Oracle, show people the better way to store, not just the easy way – more so for your revenue stream than for their businesses.
Monday, July 26th, 2010
Stupid Patent Infringement Claims: Spam Filtering
A company is suing Apple, Google, Dell, IBM, McAfee, RIM, Symantec, Yahoo! and a whole bunch of others for, it claims, infringing on the email spam filtering patent it owns.
I’m not sure if this story should be filed under stupid patents or stupid lawsuits. On second thoughts it should be both, considering how basic the patent is and extravagant the lawsuit claims resulting from it.
Last year, IBM were granted 4895 patents by the US Patent and Trademarks Office. http://www.daniweb.com/news/story253255.html I would imagine that many of them were even quite useful and worthy. On January 25th, 2000 a patent was granted to The Robert G. Uomini and Louise B. Bidwell Trust for an application filed on December 11th 1996 which covered a “System for adding to electronic mail messages information obtained from sources external to the electronic mail transport process”. http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&p=1&u=/netahtml/PTO/search-bool.html&r=50&f=G&l=50&co1=AND&d=PTXT&s1=6,018,761&OS=6,018,761&RS=6,018,761
This particular patent covers, and I quote from the application: “A method of obtaining context information about a sender of an electronic message using a mail processing comprising the steps of: scanning the message, using the mail processing program to determine if the message contains a reference in a header portion of the message to at least one feature of the sender’s context, wherein the sender’s context is information about the sender or the message that is useful to the recipient in understanding more about the context in which the sender sent the message”.
Now excuse me for mentioning it, but the fact that this was even granted a patent in the first place strikes me as being rather bizarre. In fact, it is right up there with Amazon getting a patent for giving reviewers a virtual badge http://www.itwire.com/it-policy-news/regulation/20999-amazon-gets-patent-for-giving-reviewers-a-badge or Microsoft being awarded a Page Up Page Down patent. http://www.itwire.com/it-industry-news/strategy/20193-microsoft-granted-page-up-page-down-patent Am I alone in thinking this is about as simple a description come concept of spam filtering that you can get? Certainly the spam filters that are in use by the likes of McAfee and Symantec, for example, are a damned site more sophisticated and worthy in my humble opinion.
But then again, when it comes to being worthy or sensible neither have been pre-requisites in the world of patent infringement claims so far. Who would apply either of those descriptions to Microsoft and the Linux infringement claims after all? http://www.daniweb.com/news/story218516.html Still, I think this one takes the biscuit when you consider exactly how many companies are named in the lawsuit. Mind you, I do note that Microsoft seems to have escaped the attention of the patent-sitter company, InNova, http://www.innovapatentlicensing.com/ which now owns the spam filtering patent in question and which is behind the lawsuit. Perhaps they have used Microsoft’s spam filtering attempts and decided they are so pants that no court would convict.
I somehow doubt that this one is going to go away quietly, though, given the size of some of the companies listed and the somewhat hopeful claims being made in the lawsuit such as suggesting the patent is the ‘building block’ for all email communication.
Kudos to Chad Catacchio http://thenextweb.com/us/2010/07/21/texas-company-says-it-owns-patent-to-spam-filtering-sues-google-apple-yahoo-dell-aol-ibm-30-others/ for spotting this bit of patently ridiculous arm-chancing.
A company is suing Apple, Google, Dell, IBM, McAfee, RIM, Symantec, Yahoo! and a whole bunch of others for, it claims, infringing on the email spam filtering patent it owns.
(more…)
Monday, July 26th, 2010
I remember a while back Neoware produced a “Mobile Thin Client”, some people thought it was mad – a laptop without a hard disk?! But I thought it was quite cool. Small, light, fast to boot, long battery life and secure. The problem with the Neoware model was it cost more than a similar spec’ed laptop – a bit like one of those custom super cars where you pay to have bits taken out to make it lighter and faster.
It seems more people are thinking it’s a good idea
however, I hope they’ve got the prices right, I never want to pay more for less.
I guess I’m more of a “go large” than “nouvelle cuisine”…
Sunday, July 25th, 2010
You are aboard ship, on deck and taking the air. In your shoulder bag is your laptop, cellphone and camera. As you turn to return inside, the bag’s strap breaks and it flies overboard to sink immediately along with all its contents. What next? (more…)
Tuesday, July 20th, 2010
If celebrity searching has become something of an online sport, the extreme games version has to be naked celebrity searching. Not least because the promise of a naked Lindsay Lohan or Sandra Bullock could land you in some very dangerous territory indeed. Stick with me, and I’ll try to explain.
We all know that hackers love to compromise perfectly legitimate websites and use them to hide malicious payloads and scams under the radar as it were. Now the eFt Threat Prevention Team has detected a new scam http://threatcenter.blogspot.com/2010/07/widespread-compromise-impacts-thousands.html which would appear to involve more than 3000 websites.
And the naked Lindsay Lohan connection? Well eSoft CTO Patrick Walsh told me earlier today that the attackers in this case are “going after nearly every celebrity you can imagine from Sandra Bullock to Lindsay Lohan and hundreds of others” by primarily targeting pornographic search terms. The bad guys are using poisoned keyword searches that involve naked celebrities and porn stars, sex parties and some stuff that I cannot mention here for fear of breaking our own rules on being offensive.
The thing is you can innocently search for Lindsay Lohan nude, well as innocently as any search ever can be of course, and end up courtesy of these poisoned results on some page hosting a rogue anti-virus scam. Patrick Walsh explains that “Hackers create networks of hacked and fake sites that link to a target site. These links cause the search engines to think the target site is popular and to move it higher in the search results. The terms used in and around the links determine the keywords that lead to the search result. In this way, hackers get people to click through to their target site, which is typically malicious.”
In the case of this current attack, most of the infected pages would appear to be pushing people in the direction of some rogue anti-virus scam going by the name of Antivirus Plus. eSoft reckons that, based on the variety of platforms and web servers involved, that the sites would have been compromised thanks to the use of stolen FTP credentials.
It’s not the first time that naked celebrities have been abused by the bad guys, most often they are favoured subject lines for spammers and can also be found luring punters to non-existent videos that trigger malware downloads in the guise of player and codec software updates. It’s not the first time that rogue anti-virus software has reared its very ugly, and very expensive, head either. Nor is it a debut for poisoned SEO tactics, or even obfuscated JavaScript and compromised host sites. However, it is the first time I’ve come across this particular combination all being used together in such a compromise and impacting upon so many separate websites.
My advice? Think twice before searching for naked celebrities you loser.
My other advice? Make sure you have up to date Internet security software installed, don’t respond to ‘pop-up’ security alerts from software you’ve never heard of and have never installed nor asked to scan your computer, and if you run a website secure your FTP passwords and regularly scan all nooks and crannies of the site for stuff that you never put there. And still think twice before searching for naked celebrities you loser…
If celebrity searching has become something of an online sport, the extreme games version has to be naked celebrity searching. Not least because the promise of a naked Lindsay Lohan or Sandra Bullock could land you in some very dangerous territory indeed. Stick with me, and I’ll try to explain.
(more…)
Monday, July 19th, 2010
Just two weeks ago The Times made a bold move and decided to stick its website behind a paywall, charging visitors a fee to read any of its online news content.
Figures (albeit unofficial) released today claimed The Times’ website had lost two thirds of its readers since its paywall introduction, leaving just 15,000 clicking through. This was despite 150,000 registering for it when the trial was free.
It seems that extra bit of cash was not worth splashing for its online readership.
It makes me think of the open source versus proprietary software argument.
I could see what Murdoch was thinking if he was looking at Open Office and Microsoft Office and going to himself: “Ok, there are free alternatives out there that do the job, but mine is established and has the trust of its users.”
Thing is that world is changing. Freebies aren’t just “does the job” bits of software anymore, they are real alternatives. Google Android, Apache, even Rackspace have jumped on the bandwagon today, and more and more customers are questioning why they have to pay at all.
It is the same with news. Yes, the likes of the London Paper died a death, but the internet has made free news an established part of our day to day lives and one we will not give up lightly.
Murdoch has the established landscape that proprietary software owns when it comes to physical newspapers, I grant you, but he does not have this when it comes to getting your news online. No matter how powerful, it would be a very difficult task to change this, especially alone.
The Times will defend its paywall, using the tough times journalism is going through to justify it.
But I am a journalist. Obviously I like to be paid for my creative content, however, plenty of newspapers, websites etc do manage to pay their staff whilst still offering online content for free.
Yes, it has been a difficult time in the media with a lot of pay freezes, job cuts and, in the worse cases, titles being shut down. But the problem is introducing a paywall is unlikely to get people to pay; it will just mean they will search the internet for a free alternative.
This is something many companies are doing when it comes to software. They cannot afford the huge licence costs when it comes to the proprietary so they have begun searching out the cheaper alternatives.
It is sad when a local newspaper closes or a niche site that really offers a one off type of content. But despite any respect I may have for the columnists at The Times, there are plenty of other suitable options, if not better, for finding your news without a price tag that is going back into Murdoch’s pocket. Just like there is for CRM software or email.
I still buy my paper in the morning and enjoy having it there in my hands, which is the idea of paying for a physical product, but many people don’t do this anymore.
I still like having an external hard drive to store my files on, but again many people will store everything in the cloud nowadays.
When it comes to paywall, I thought it may have just been me. I was prepared that I may have to eat my hat when everyone else paid for news and all the other national papers ducked behind a paywall as well.
This was probably how most of the open source evangelists felt a few years back, thinking we know these free software offerings are just as good but how can we compete with the big guns.
But the not-so-loyal Times readers aren’t paying up, those other sites stills have hundreds of thousands of readers and no-one else outside of the Murdoch dynasty seems to be planning on a similar move yet.
At the same time open source companies are making their mark, and in more than just hidden away online chatrooms.
So for now I will sit on my high horse, reading the likes of IT PRO, PC PRO, The Guardian and BBC online for free, in the knowledge I am getting good journalism without the need for extra pounds.
And I will use my Android phone, Open Office word processor and Mozilla Firefox browser with that same feeling.
Monday, July 19th, 2010
Have you ever wondered what will replace all that BIOS set up that you’ve been doing since the 1980’s?
All that Press F2 to enter BIOS set up, or ESC or Del, or F10 or CTRl-ALT-NUM LOCK -Star (how many fingers have you got?).
It all sounds like good stuff – not least that boot time is a priority.
Mind you, Plug’n'Play BIOS sounded like a good idea and also sounded like we wouldn’t need to do any set-up…
