systemcall dot org

False security is worse than no security. It’s that simple.

Bruce Schneier won’t stop saying how CCTV cameras are not only plain ineffective, but they bring the false sense of security even on police forces that won’t patrol the streets as good as they would without cameras. People won’t worry as much as they would without cameras and become easy baits for common robbers.

The same apply to computer security, of course. Building up a firewall in your computer, running an updated version of the latest anti-virus / anti-rootkit / anti-malware / anti-whatever won’t protect you from the most simple of the attacks: social engineering. One email or phone call done right to the right person is enough to render the whole network inoperative for hours or to pass sensible information to black hats do whatever they want or need in order to hack a system. Yours or any other.

As if it was not enough, as Bruce always point out, placing cameras will make robbers attack on places without cameras. In the same line, placing personal firewalls will make viruses mutate and attack on more subtle ways. Placing proxies and snooping hardware on your network will only make the real offenders care more when they’re accessing prohibited websites or protocols, for they will anyway.

The fact is simple: You can’t assure 100% of security.

Money is hardly the issue here. Think on the amount of money the US spend on securing their own classified data. Probably more than what they spend on wars around the world. But it wasn’t enough, Gary McKinnon could get into all of that to search for UFO information (yes, I do believe him). Apple spends a whole bunch on securing their devices and Brazilian hackers unlocked it only 3 days after the new iPhone 3G was released.

DRM is the other myth I can’t understand how people with a bit (not much) of clarity and intelligence can ever think it’s worth the shot. All major locks imposed to consumers were broken immediately after they were released. Hackers (good and bad ones) can easily break into any security scheme but the normal public will have to use the digital handcuffs. It’s not only unfair, it utterly stupid and pointless.

There is no sensible choice other than agree with Richard Stallman’s philosophy: ideas should be open and free. Competitive advantage must be on what you are doing rather than on what you’ve done. It’s impossible to secure the past, let it go, walk forward, invent!

What’s the value (worth of stealing) of your previous achievements if your future ones are much better? What could a hacker possibly want with old things? If they’re hacking, it means you’re not fast enough! Keep up!!

Popularity: 1% [?]

Share This

The fast evolution of computer networks brought fantastic developments for communication and connection capacities.
We can easily see this evolution while observing the Internet, first a restricted network and now a complex and global network, where we can do a simple mail exchange or complex and elaborated financial transactions.
But, we also have the dark side of this fantastic environment: threats like virus, worms and Trojan horses, scanning, spoofing, sniffing or snooping, and so many others became the nightmare of all organizations.

Indeed, the technology can play for and against us.

A good way to make the technology works for us is using Packet Inspection. This is a tool frequently used to sniffing networks, looking for password and breaches, but information security professionals can use it to do exactly the opposite: protect the network.

With a good Packet Analyzer you can generate information about your integrated information systems, supporting the system administrator to find and solve the problems in a quick and efficient manner. It’s possible to identify attacks, non-authorized access to systems and malicious behaviors. In other words, with a good inspection solution your organization will be able to see and analyze everything that hits your network.

You can prevent problems and also reconstruct network sessions, providing the needed information for Network Forensics. It’s when the hunter became the hunted: you will be using the same method malicious threats use to put your business under risks to defend your organization.

Do you want to know what a Packet Inspection is? Watch this video for more information: Deep Packet Inspection explained or read here at Wikipedia.

Popularity: 3% [?]

Share This

Data Recovery
Every computer has storage files devices. These devices can be: Hard drives, notebook’s hard drive, CDs, DVDs, diskettes, Zip drive, memory card, pen drives, etc.
In these devices you can find the operational system e all information used and archived in your computer.
But, the truth is, these devices are subjects to failures and accident that can cause the lost of your valuable files: mechanical failures, electric failures, virus action, bad system functioning, information deletion, format, problems with water, fire, smoke, and others.

Data Recovery is the effort to rescue info lost in those or similar situations.

Insecure Data
Our data is not always secure and sometimes is too late to do something to protect them. That’s why Data Recovery business is growing so fast around the world with some many companies offering solutions.

The truth is we never imagine it can happen with us. “I ended up with nothing” – One day, while starting her computer, a friend heard a strange sound. With a burning smell, her computer turned off. She couldn’t turn her computer on again, a Pentium III with 2 years.

Even after installing new mother board, sound card and power supply, her computer didn’t turn on. Hard drive was removed and installed in another commuter, but, as you can imagine, she couldn’t access her data.
In that hard drive, she was keeping her PhD papers, and all her classes. No hard copies, no backups. Since now she can’t access her data, she is now looking for a company that can help her, to at least try to salve some of those files.

But the question is: are these files more valuable than the price for an eventual data recovery? And if yes, which values and services she should look in a data recovery company?

Information on Risk
I’m pretty sure that my friend’s history is totally familiar to you. The good thing is nowadays internet can provide valuable resources to help you with your data recovery. An example is this data recovery blog from DTIData, a great site with a lot of resources, where you can find information about how to recover your hard drive, your exchange server, your NTFS, your iPod, or even raid data recovery.

But how it happens? Why suddenly your hard drive doesn’t work anymore? How can we prevent this situation? Is it possible recovering any data? Is my data impossible to be recovered?
A future article will explain.

Popularity: 10% [?]

Share This

Our long time sponsor 123 CCTV Security Camera Surveillance, that you can see under Links at our right bar, has a new website.

With a range of clients that can go from The Pentagon to the home user, they have everything for security surveillance, since External and Internal security cameras, CCTV cameras to PC security systems.

We wish luck with their new website!

Popularity: 14% [?]

Share This

Welcome to the February 3, 2008 edition of information security carnival. And what can I say… This could be the USB Security Edition.

articles

bennie presents What technological things should you have? posted at Technology Matter, saying, “A list of technological things you should have.”

Host comment: This is not exactly a Infosec article, but it’s a good list.

DJ presents Bluetooth spamming gets green light posted at Bluetooth Insight.

Brian Terry presents 7 Website design mistakes to avoid (at all cost!) posted at Big Selling Website Design.

reviews

DJ presents LG Vaccine USB posted at USB Insight.

gs presents IronKey posted at The Tech-Investigator, saying, “Outlining the critical elements of information security for the mobile Professional Investigator.”

DJ presents Yoggie launches Gatekeeper Pico posted at USB Insight.

tips

Tutor presents 0tutor.com: 10-steps-to-a-secure-wireless-network posted at 0tutor.com tutorials blog.

Host comment: “Great tips!”

Sai presents Keeping Your USB Drive Safe: Part 1 posted at American (Tech) Sai-ko, saying, “Tutorial on how to keep your usb drive encrypted and safe.”

Host comment: “Wonderful Article! Now we are waiting for the Part 2″

BeThisWay presents You Dont Have To Be Gullible To Be a Victim of a Check Scam posted at Are You Going To Be This Way The Rest of The Time I Know You?.

Host comment: “Social Engineering and how to avoid it.”

That concludes this edition. Submit your blog article to the next edition of information security carnival using our carnival submission form.
Past posts and future hosts can be found on our blog carnival index page.

Technorati tags:

information security carnival, blog carnival.

Popularity: 12% [?]

Share This

Finally some good news to crackers that got the HMRC disks, they can now easily crack the password protected spreadsheets while playing Final Fantasy!

Popularity: 10% [?]

Share This

Welcome to the October 28, 2007 edition of information security carnival. We have frauds, ID thiefs, virus, spywares, privacy invasion and more.

articles

Marc and Angel presents 6 Digitally Traceable Tracks We Unconsciously Leave Behind | Marc and Angel posted at Marc and Angel, saying, “I have compiled a list of 6 digitally traceable tracks we unconsciously leave behind as we trek through our daily routines. I have also included a hypothetical example of how easy it can be to track someone down online by tracing their online affiliations and dabbling with the information that is found.”

Wenchypoo presents The Shocking Ease of Breaching Corporate Security posted at Mental Wastebasket, saying, “Written last year, but the info is (sadly) still relevant.”

Falando pelos Cotovelos presents Airport (In)Security posted at Falando pelos Cotovelos, saying, “Airports are a major concern nowadays.”

Doug Woodall presents Its Halloween! Spooks, Specters and Spyware! posted at The Spyware Biz Blog.

Wenchypoo presents Barking at a Hole in the Fence posted at Mental Wastebasket, saying, “Written last summer, but still relevant today.”

reviews

Renata Vincoletto presents Dangerous Files you Have to Avoid posted at systemcall dot org.

tips

Scott M presents How to Change the Root Password to Get Into a Linux Box posted at System Notes Org, saying, “Get Into a linux box when you don’t have the password. Requires physical access.”

Wenchypoo presents Credit and Identity in Shreds posted at Mental Wastebasket, saying, “A shredder isn’t enough!”

MT presents Safeguard yourself from internet frauds | MT Herald Dot Com posted at MT Herald Dot Com.

Wenchypoo presents No Rest from Identity Thieves–Even After Death posted at Wisdom From Wenchypoo’s Mental Wastebasket, saying, “I experienced this myself when helping my husband clean up his parent’s estate.”

Karl Sultana presents Keeping Children Safe From Online Sexual Victimization posted at NoAdware Blog.

Wenchypoo presents Wisdom From Wenchypoo’s Mental Wastebasket: Choice versus Privacy Invasion posted at Wisdom From Wenchypoo’s Mental Wastebasket, saying, “More to do with consumer information security than anything else.”

tools

Infosec presents Managing your Information Security Projects on line posted at Infosec.

information security carnival, blog carnival.

Popularity: 12% [?]

Share This

Their long support for the minority is well appreciated for us, Linux users, but now they’re indirectly supporting the bad guys as well! Not to panic though, every major breakthrough comes with a proportional cost (ie. nuclear physics).

According to The Register, this company is using NVidia’s GPU to reduce the password cracking from months to days!

The new CUDA platform allows you to use the GPU for numeric processing, giving a big advantage over the too generic (and too complex) CPU.

Now, just between us, they can’t say they didn’t know it was going to happen, can they? No one said week password schemes (even with strong public encryption algorithm) were safe…

Popularity: 6% [?]

Share This

Wandering around my Linux filesystem I found a weird directory in /home …


drwxr-xr-x 2 root root 4096 2007-08-19 12:03 eb588afc0325b12eeb074fd6


Ok, I thought, I didn’t create that. If it’s a virus, it’s the most stupid virus in existence, but, we never know… Then I got inside and see what files it had, and found this:


$ l eb588afc0325b12eeb074fd6/
total 956
-rw-r--r-- 1 root root 865822 2007-08-02 21:41 mrt.exe._p
-rw-r--r-- 1 root root 96216 2007-08-02 21:34 mrtstub.exe
-rw-r--r-- 1 root root 45057 2007-08-19 12:03 $shtdwn$.req


Mamma mia, if it really is a virus, it’s even more stupid trying to put .exe files in my Linux box! Anyway, The Oracle would know the answer… Searching for mrtstub, the first hit is this page, directly from the enemy’s site. Not too far I found the origin:

mrtstub is part of the Malicious Software Removal Tool. It is responsible
for copying mrt.exe to the correct location and launching it.

Long story short: I have dual boot (which I never use but my son plays sometimes) and my Linux home directory is mounted using an ext3 driver for Windows. Microsoft asked me to install this Malicious Software Removal Tool which I denied 10 times asking every bloody time NEVER TO INSTALL IT IN THE FUTURE until the 11th was my son that wasn’t even asked but turned it off as he always do and Microsoft stealthily installed this piece of crap in my computer.

That’s enough, I’ll spend a fiver and buy a cross-over software to run my son’s games on Linux and remove this crap out of my computer once and for all.

Popularity: 100% [?]

Share This

Crackers like to use phishing to spread their malicious code. And actually, if you take care with just some file extensions you can avoid these dangerous codes.

If you receive an e-mail with the extensions .cmd, .bat, .exe or .scr, don’t open it, even if it comes from a secure source. And, as email servers are blocking these attached files, crackers are using telephone promotions, your bank account and other current subjects to direct you to a malicious link where a virus is downloaded. They develop sites almost identical to the original sites, “clones”, where the cracker has total control over your acts. It’s really common send scraps to Orkut users with these links.

Most files available to download in these websites are those kind mentioned in the beginning: .cmd, .bat, .scr or .exe.

The .cmd and .bat files are used to execute scripts known as batch files, to automate tasks. Crackers use these kind of files to steal user data. The .scr are screen saver files, and most users trust this kind of files, but the virus will be activated when the screen saver is executed.The most known, and still most used as phishing is .exe. Users know how dangerous these files are, but, most of time, they don’t pay attention to the extension they are downloading.

The files mentioned are Trojans and keyloggers. Trojans open your machine to the cracker and Keyloggers record everything you type. So, can you imagine the damage to your personal data?

Now that you know these dangerous files, what to do to protect your data? it’s always a good idea to have a firewall and other prevention methods that can identify these links and extensions. And don’t think you will notice that your computer was infected. The cracker don’t want to be noticed, he will be hidden, and quiet, to get all information he wants.

Take care with those files and links, check the extension, don’t open files from unknown sources and don’t execute anything in your computer that you are not sure what is. It’s not that hard to be safe on line.

Popularity: 12% [?]

Share This

« Previous entries