| |
| Current Topic: Computer Security |
|
CBS 2 Chicago: Protect Your Computer From Wi-Fi Spies |
|
|
|---|
| Topic: Computer Security |
12:10 pm EST, Mar 2, 2005 |
] CHICAGO (CBS 2) Wireless Home Computer Networks, called
] Wi-Fi (Wireless Fidelity), are very popular. Internet
] access without wires sounds like a good idea, but you'd
] better protect your computer network from Wi-Fi Spies. Short but accurate and easy to understand article about how mainstream America needs to protect their home wi-fi networks. The attached video features the reporter doing a wardrive around Chicago with Mike Dahn, who some of the Memestreams regulars may recognize from Def Con and PhreakNIC. CBS 2 Chicago: Protect Your Computer From Wi-Fi Spies |
|
Security: The Weakest Link |
|
|
|---|
| Topic: Computer Security |
11:57 am EST, Feb 15, 2005 |
I saw a link to this in Schneier's latest Crypto-Gram newsletter, and it made me laugh. It's a beautiful visual representation of why security needs to think about the "weakest link" principle. Security: The Weakest Link |
|
Schneier on Security: Safe Personal Computing |
|
|
|---|
| Topic: Computer Security |
5:07 pm EST, Dec 15, 2004 |
] I am regularly asked what average Internet users can do
] to ensure their security. My first answer is usually,
] "Nothing--you're screwed."
]
] But that's not true, and the reality is more complicated.
] You're screwed if you do nothing to protect yourself, but
] there are many things you can do to increase your
] security on the Internet.
]
] Two years ago, I published a list of PC security
] recommendations. The idea was to give home users concrete
] actions they could take to improve security. This is an
] update of that list: a dozen things you can do to improve
] your security. Good advice, ranging from "back up regularly" to "don't type your password into a non-SSL encrypted webpage" to "don't follow links in unknown Email". I have my own mantra that I repeat to digitally neophyte relatives and friends who ask me how to make their systems secure. I've lost track of the number of times I've visited a friend's house and listened in horror as they said something like, "I keep getting these weird popups and my computer runs really slow sometimes, and no, I don't use anti-virus software or anything... Can you help?" At which point I either tell them to do the following, or I push them aside and do it myself if I'm feeling particularly generous with my time: (1) Download a free anti-virus program and run it. For example, AVG is highly recommended, and can be obtained at http://www.grisoft.com/us/us_avg_new_free_edition.php (2) Check for operating system updates: http://windowsupdate.microsoft.com (3) Download the free program "ad aware" and run it: http://www.lavasoftusa.com/support/download/ (4) Download and run some free anti-spy-software like "Spybot S&D": http://www.safer-networking.org/en/download/index.html Run all of the above, and then when done, go back and do them all again. Then if things still feel gooey: lather, rinse, repeat, until the warning messages stop. Of course I can also lecture the friend about not opening email attachments, and making regular backups, etc. etc., which they may or may not do. But at least the above steps can address the vast majority of messes that most folks run into. - Elonka Schneier on Security: Safe Personal Computing |
|
Computerworld: New 'Mydoom' worm spreading faster than last year's Sobig-F |
|
|
|---|
| Topic: Computer Security |
11:35 pm EST, Jan 26, 2004 |
] A new e-mail worm that first appeared on the Internet this
] afternoon is spreading rapidly, according to leading security
] companies.
. . .
] The worm arrives as an e-mail with an attachment that can have
] various names and extensions. The message can have a variety of
] subject lines and body texts, but in many cases it will appear
] to be an error report stating that the message body can't be
] displayed and has instead been attached in a file. Computerworld: New 'Mydoom' worm spreading faster than last year's Sobig-F |
|
Wired News: Cloaking Device Made for Spammers |
|
|
|---|
| Topic: Computer Security |
11:46 am EDT, Oct 15, 2003 |
] According to Tubul, his group controls 450,000 "Trojaned"
] systems, most of them home computers running Windows with
] high-speed connections. The hacked systems contain
] special software developed by the Polish group that
] routes traffic between Internet users and customers'
] websites through thousands of the hijacked computers. The
] numerous intermediary systems confound tools such as
] traceroute, effectively laundering the true location of
] the website. To utilize the service, customers simply
] configure their sites to use any of several domain-name
] system servers controlled by the Polish group, Tubul
] said. According to the article, this may have been one of the original purposes of the Sobig worm. Wired News: Cloaking Device Made for Spammers |
|
Blackmail & steganography |
|
|
|---|
| Topic: Computer Security |
1:23 am EDT, Aug 26, 2003 |
From Decius:
"This case documents a real world use of stegonography and digital cash which allowed a blackmailer to anonymously collect payment for his victim." Blackmail & steganography |
|
RE: New Phase of Sobig.F Set for 3 p.m. EST Friday 8/22/2003 |
|
|
|---|
| Topic: Computer Security |
12:24 am EDT, Aug 25, 2003 |
Elonka wrote:
] More info about the fastest-spreading worm of all time, which
] enters a new phase today, trying to download unknown code to
] 20 specific home computers: Turns out they may have failed here. From a post on Interesting People: "All the experts were totally faked out. While everyone was concentrating
on getting the "magic 20" machines shut down, no one realized that
different copies of Sobig.f had different lists of servers to contact. We put a block of udp port 8998 on our firewall this morning. We had 3
previously undetected infected machines on our network, each of which
tried to contact a different list of 20 machines. One of the lists
corresponds to the one that Sophos and others have published. The other
two lists have no addresses in common with the published list, or with
each other. I wonder how many different sets of servers there were, how many
different variants of Sobig.f there were, and how many infected machines
now have some additional trojan, worm, or ddos code waiting for a
command to do something." RE: New Phase of Sobig.F Set for 3 p.m. EST Friday 8/22/2003 |
|
New Phase of Sobig.F Set for 3 p.m. EST Friday 8/22/2003 |
|
|
|---|
| Topic: Computer Security |
3:16 pm EDT, Aug 22, 2003 |
More info about the fastest-spreading worm of all time, which enters a new phase today, trying to download unknown code to 20 specific home computers: ] The worm infected close to one million computers via
] e-mail attachments in e-mails with spoofed addresses
. . .
] Now, those infected
] computers are programmed to start to connect to machines
] found on an encrypted list hidden in the virus body.
] F-Secure said the list contains the address of 20
] computers located in United States, Canada and South
] Korea and is expected to start at 3:00 EST Friday. New Phase of Sobig.F Set for 3 p.m. EST Friday 8/22/2003 |
|
'Good' Worm Fixes Infected Computers (TechNews.com) |
|
|
|---|
| Topic: Computer Security |
4:24 pm EDT, Aug 19, 2003 |
] A new Internet worm emerged today that is designed to
] seek out and fix any computer that remains vulnerable to
] "Blaster," the worm that attacked more than 500,000
] computers worldwide last week. My mail queue is also going nuts today with the results of the latest "Sobig Worm". Dozens of .pif files getting sent with forged "from" addresses: http://www.pcworld.com/news/article/0,aid,112078,00.asp Over the last week, I've been personally educating every single one of my non-tech friends and relatives (even the cousins I only talk to once every few years) on securing their systems: Walking them through step by step on how to get anti-virus packages, firewall, and OS updates. It continues to stun me how many people are online with no security at all -- no firewall, or even an anti-virus package. And it's especially ironic because some of these people are the same ones who will forward the "Don't open any email that has the word 'green' in its subject line!" urban legends at the drop of a hat... Anyway, this "good" worm idea sounds awfully tempting right now! :) 'Good' Worm Fixes Infected Computers (TechNews.com) |
|
Slashdot Interview: Fyodor, creator of Nmap, speaks |
|
|
|---|
| Topic: Computer Security |
12:47 pm EDT, May 30, 2003 |
Fascinating interview with Fyodor, the creator of the Nmap port-scanning tool. He discusses some of the ways that Nmap has been used (ranging from Chinese students using it to bypass governmental "internet-jamming", to its recent fame as the tool-of-choice in The Matrix), talks about the etiquette of doing port-scans on unknown computers (including what he thinks about script kiddies), and also brings up how he's launched attacks against a few companies himself. This is extremely interesting information from someone who really knows his stuff. Some of the info here is too technical for the average person on the street to understand, but I recommend that even non-techies scan through it for the human interest stories in the interview. You'll learn a lot! Slashdot Interview: Fyodor, creator of Nmap, speaks |
|
