by clearmind | Nov 18, 2013 | Uncategorized
The thoroughly expected “CryptoLocker” malware has attained prominence over the last two months, properly encrypting files and requiring a difficult-to-track ransom in order to receive back the decryption key. At the same time, there has been a large run-up in the price of Bitcoin. Most commentators have focused on the Chinese market for the Bitcoin run-up. However, finally there is some attention to how the Bitcoin ransoms may be helping to inflate this tiny market: http://ftalphaville.ft.com/2013/11/18/1696832/a-crypto-crisis-or-a-crypto-triumph/ 2) A sinister cryptlocker virus has been spreading aggressively for more than a month. It hijacks computer systems and threatens to delete data unless a bitcoin ransom is handed over. Also, reports abound of a rush of purchases byunsophisticated and distressed buyers who are presumably ready to pay any price, and thus can be squeezed by more sophisticated players in the market. Kaminska makes this reason #2, ahead of the Chinese market and below the Silk Road seizure – but the Silk Road incidents should have lowered the price, not raised it. Combine that with how it might be difficult to buy a MoneyPak, and you’ve got the recipe for a...
by clearmind | Aug 8, 2013 | Uncategorized
Two days ago, Heise (the German news and IT firm) reported that a backdoor was found in the prominent advertising platform OpenX. (German link here, and I leave translation to the reader.) The backdoor itself was injected into a somewhat obscure flowplayer javascript file, with obfuscated php hiding the fact that it was a remote code execution bit of php. With this code there, it would be trivial for a solid hacker to build a shell for the server and completely compromise it. The question which immediately came up for me was, Huh? Since when is a webserver interpreting a javascript file as a php file? I doubted that it is typical for web servers to be configured to have .js files interpreted by the .php interpreter first, then sent to the browser. However, none of the technology reporting said anything about how the OpenX backdoor was getting the .js file to be executed as .php. A couple examples of the simple explanation that .js files just obviously might house some .php and invoke it: http://arstechnica.com/security/2013/08/backdoor-in-popular-ad-serving-software-opens-websites-to-remote-hijacking/ http://nakedsecurity.sophos.com/2013/08/07/openx-ad-servers-pre-compromised-official-distro-contained-remote-code-backdoor/ But web servers don’t do that. So there must be something else in the OpenX code which allows javascript to be interpreted as php. One clue was that the original Heise article said: Die Datei wird durch einen Aufruf von require_once() aktiviert which means, basically, that the rogue PHP function in the flowplayer js would be called and activated by a require_once() call. But where is that call? The second clue is that there were actually three files involved in the intrusion, not one, and all three are critical to the intrusion. The somewhat...
by clearmind | Jul 9, 2013 | Uncategorized
Recently I’ve needed to use Live CDs for a client, when nothing could be saved on disk. I’ve used: * Knoppix (best) * Xubuntu (has problems with the wireless card in this laptop) * Tails (security overkill) It is time to take a look at Puppy again, just to see if it is compatible with the wireless card in this server. Incidentally, the idea of routinely using a hard-drive-free Linux live CD is becoming more appealing. The idea is to have a computer with no connection between current and past sessions. If you are dealing with information covered by privacy regulations, like student info, health information, or financial information, this can help you meet regulations in short interactions with...
by clearmind | Jun 4, 2013 | Uncategorized
Intellectual property concerns are paramount in the technology world. Once the Supreme Court opened the door for patenting computer programs and technical processes, the economic incentive to patent technologies of all kinds became large. Pair that with a potentially less-than-precise Patent Office, which frequently allows patents which are either obvious or have significant overlap with other patents (and frequently both!), then you get a recipe for litigation over the most simple of computer techniques (say, one-click ordering, pop-up windows on mobile, or cloud storage of files). This American Life put together a fantastic exploration of this topic. Check it out. ...
by clearmind | May 8, 2012 | Uncategorized
Nielsen reports today that more than 50% of Americans use smartphones, and than Android-based phones are in the lead. Android is at above 48%, and iPhone is at 32%. Android software is heavily fragmented, however, and I would suspect that a demographic study of users would reveal that iPhone users are more valuable in...
by clearmind | Nov 6, 2008 | Uncategorized
The word “free” is always dicey when you talk about computer software. Usually, free software is a loss-leader for the software company, and such software often comes bundled with stuff which tries to separate you from your money later on. And, in the worst cases, this “stuff” is spyware, which spies on you, trying to figure out how to sell you more stuff. Nevertheless, there are some computer security companies which make available some good antivirus software, and they give it away to home users. Those companies hope to make money later, either from upgrades, or indirectly as a marketing cost leading to higher trust levels (for instance, tech people buy their software for non-home situations) I often will recommend these packages to my clients, and they work well in a pinch. The biggest problem with these programs is that they can turn into “nagware” – that is to say, they start nagging you to buy an upgrade. AVG, for instance, used to be pretty quiet, but now (in 2008) its newest version is total nagware. Avast! 4, from the Czech company Alwil. http://avast.com/eng/download-avast-home.html The main annoyance with this software is the yearly registration requirement, but that is no more or less annoying than some website registrations. AVG Free, also from a Czech company, AVG (formerly Grisoft). http://free.avg.com/download-avg-anti-virus-free-edition — AVG has been amping up the upgrade nags quite a bit lately, so if you install this, be prepared. Comodo Internet Security: http://www.comodointernetsecurity.com/download_cis.html — This program is a bit technical and geeky, but its latest upgrade strikes me as worthwhile. There are a few other currently free antivirus software packages...
Recent Comments