St. Petersburg Web Design Blog

Archive for the ‘security’ Category

This video helps explain what a firewall is. (By request)

A two way firewall is absolutely necessary.

Zonelabs has the best on in the business and it’s free.

In case you haven’t heard, The conficker worm/trojan/virus whatever, is one bad mama-jama! Most anti-virus software can’t detect it, none can actually do anything about it. they’ve been trying for months. They have learned lots about it. This article isn’t going to talk about that or the drama surrounding the Conficker. But we will tell you about a really easy way to find if it’s infected your computer.

The conficker blocks your computers access to many anti-virus software makers websites. Using that info, Joe Stewart made a handy little test to see if you have the Conficker. He calls it The Conficker Eye Chart.

Hope this helps, and I hope you pass the test!

Writing about the Coleman data leak is going to be tough to do without sounding like a paranoid extreme left winger or an extreme right winger. Let me assure I’ve alway been disappointed with both parties and I am a confirmed independent.

With that out of the way, lets get on with the paranoia:

The Main stream media is definitely reporting untruths about this story. They are saying that the data leak was the result of a hacker and that federal crime has been committed. This is entirely untrue. the only person that’s even saying this is Colemans attorney, well I’m sure some extreme supporters are saying this too.

What really happened.
The developers running colemans site asking for donations to his legal fund screwed up the site. It left the website down for an extended period of time.
While investigating Adria Richards stumbled across the websites database completley unsecured. she did this with a web browser and nothing else. This is not hacking. This is “surfing the internet”.

links:

http://www.politico.com/news/stories/0309/19912.html

http://www.google.com/search?q=Adria+Richards&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

http://butyoureagirl.com/2009/01/28/did-norm-coleman-fake-his-own-website-death/

http://washingtonindependent.com/33674/norm-colemans-donor-database-exposed-campaign-claims-political-motives

Microsoft announced a big security hole in Microsoft Excel 2007.
(Update - the tech specs on this alert have broadened greatly, including almost all versions of MS Excel now)
There is also new info on this , I’ve add it to the bottom of this post.

If users download a malicious Excel file and open it, a Trojan Horse is installed on their computers which can allow the attacker who created the Excel file to completely take over the computer in question.

Most of the few remaining clients I have that haven’t went under yet use Excel on a daily basis and even send / receive them via e-mail or over a corporate network.

If this is you, please have your Network technicians promptly block e-mail delivery of all excel files via e-mail. I mean now. If one person on your corporate network receives one and opens it, it could quickly infect every computer on the network.

This is rapidly infecting corporate networks around the world.

There is NO patch for this as of yet.

Most anti-virus software won’t catch or do anything about this yet.

Microsoft probably will release something to fix this vulnerability in Excel, but it’ll be week in coming, not hours.

If you’re one of the smaller businesses and can’t get your network specialist to lock this down promptly, then call me and I’ll talk you through how to do it on your own.

Also tell your network technicians the symantec article on this subject is erroneous at the time of this writing.

Here’s a tech alert about this.

UPDATE:
The first trojan it installs is called:
Trojan.Mdropper.AC.
UPDATE 2
Not the old trojan with the same name from 2006 that effected MS Word.

03-01-2009:
Microsoft finally acknowledges it’s existence, but still doesn’t have a fix, here’s their tech bulletin.

We’ve learned the exploit won’t work on machines running Windows Vista.

Microsoft has also issued a “workaround”:

1 – Turn on MOICE. MOICE converts the XLS to XSLX before opening. Again, the new XML file format is not susceptible to this vulnerability.

2 – Turn on FileBlock. This option is a little more disruptive to most environments. With FileBlock enabled, Excel will only open the new XML-based file format that is safer. It will not open the legacy binary file format. If your organization has switched over to using the new file format exclusively, this might be a great option, even just long enough for us to get a security update out to address the vulnerability.

- Jonathan Ness and Bruce Dang, MSRC Engineering

So what is MOICE? It stands for “Microsoft Office Isolated Conversion Environment.” It’s an update for MS Office. It’s hard to find, hard to use and converts your office files to MS Office’s “Open XML” format. what MS won’t tell you is that often destroys the file making it permanently unusable or only usable after an expert “fixes” all the info in it by hand.

I’ve got my own work around going:
Open it on a Vista Machine, convert the file to a simpler format, like .csv, and then send it back. This is only if your really need the file. If it’s a case of curiousity, as in I got this excel file in the e-mail and I don’t know what it is, then just don’t open it, the odds are it’s infected.

here’s more.

This time the Israeli’s are watching you at the mall, not just sporting events like the Superbowl.

Some of you locals may remember the last time the Superbowl was in Tampa. There was a widely publicized effort to digitally capture every single face that came into the Superbowl.
In the guise of protecting the nation from terrorists Tampa authorities went beyond the law and beyond the constitution. They hired a foreign company to set up camera’s use facial recognition software and run background checks on every single man (or persons?) that entered the super bowl. No approval from the voters and in fact, the program was kept secret until days before the SuperBowl. After it’s release it was touted as the end all to security. Maybe the common man felt safer, but those of us in the know, were worried. Really worried. Well we’re worried again, because they’re at it again.
Read the rest of this entry »

In the war against free speech on the internet the Telcos are quietly winning. Here’s the latest blows:

• In December, Rogers Communications ( a Telecommunications and Internet Service provider), essentially hacked Google, adding a message to Google’s home page that appeared to it’s customers that where getting close to the ISP’s bandwidth limit.
• Comcast has admitted to blocking file-sharing traffic. link
• Comcast is discovered to blocking non file-sharing software as well. link
•      – BTW, the methods they use are illegal (packet forging and/or spoofing) are not just illegal but felonies (each act) under federal law.
•      – Ironicly, comcast reported this story on their own site, I quess they are proud of their censorship efforts
• Time Warner/AOL blocked e-mails from and to subscribers that were critical of thier “pay-to-send” (a method that ensure that spam will reach AOL users for a fee) email plan. link
• Verizon prevented the abortion rights group Naral Pro-Choice America from getting a “short code” that would allow the group to send text messages to supporters. They claim they have a right to block anything they’d like.link
• Comcast blocks other companies VOIP traffic a few days before they begin offering their own VOIP services for twice as much as others. link
• Telus (an ISP in Canada) blocked 766 websites in an effort to block one Pro-Union web site during a lock-out by the company. link. NOTE: This is a very extremely sloppy and lazy way to block one site.
• AT&T cut off the webcast of a Pearl Jam concert just when lead singer Eddie Veder was critical of U.S. President George Bush. link

The Telco’s argument in justification of all this is twofold as is their battle plan:
Read the rest of this entry »