News and other tidbits that Chad Cloman finds interesting enough to share
I’ve noticed a good number of these showing up in my spam folder. Unless it says the e-card is from someone I know, I just delete it.
Link: http://www.computerworld.com/…
(via Kim Komando)
A teenager in Washington state was using a MySpace account to send bomb threats to his school. The FBI was able to infect his home computer with spyware that harvested enough information to identify him. Details are not clear about exactly how the FBI managed to get the spyware installed on his computer, but the article covers several ways in which it might have been done.
Link: http://www.computerworld.com/…
(via Kim Komando)
There’s a new type of spam email making the rounds—the spam message is inside a PDF attachment. The email text is designed to circumvent spam filters, and the unwary reader will open the attachment to see the spam. The PDF files have been safe to open (no viruses), but you never know what an attachment may do. So beware of short emails with a PDF attachment.
Should you ever (legitimately) need the default password for a router, firewall, or print server, there’s a good chance it will be on this list. This is a great tool for any sysadmin or consultant.
Link: http://www.phenoelit-us.org/…
(via digg)
There have been a few recent cases where people were arrested for using open (or even free) wireless connections. In the linked article, a man parked in front of a coffee shop and used its open wireless connection without going inside or purchasing anything. In another case I read about, a man found an open wireless connection in a residential neighborhood, and accessed it from his parked car. A police officer got suspicious and arrested him. The applicable laws about unauthorized access can be stretched to cover this type of situation. So the moral of this story is that even though the wireless connection is wide open, it’s still illegal to use it without authorization of some sort. And in Michigan at least, it’s a felony offense.
Link: http://www.foxnews.com/…
(via Consumerist)
A man named Didier Stevens put up an advertisement on Google for 6 months and got an amazing 409 clicks. Now most people wouldn’t consider 409 clicks out of 260,000 page views to be significant, but the ad said, “Is your PC virus-free? Get it infected here!”
Link #1: http://didierstevens.wordpress.com/…
Link #2: http://today.reuters.com/…
Researchers were recently able to factor a specially formed (but hard to factor) 1039-bit number in a mere 11 months. It shouldn’t be too long before those 1024-bit encryption keys can be broken in a realistic amount of time. My key is 4096 bits, which was specifically discouraged by the key generation software because it was considered to be massive overkill. Maybe it pays to be paranoid. Of course quantum computers, if they ever become a reality, will make existing encryption methods obsolete.
Link: http://actualites.epfl.ch/…
(via Slashdot)
Chad’s News hasn’t previously mentioned the massive TJX credit card data theft, but it’s worth noting what caused the security breach. TJX Companies is a large department store chain with such names as T.J. Maxx and Marshalls. Last December they discovered their network had been compromised for 18 months, and that credit card data for over 45 million customers had been stolen. Let’s repeat that number: 45 million customers. The whole thing started in 2005 when hackers broke the (woefully inadequate) wireless encryption of a Marshalls store in Minnesota. Apparently the wireless network used the WEP protocol, which is obsolete and can be cracked in a matter of minutes. Because of this gross negligence, it’s estimated that TJX will be on the line for over $1 billion in damages. To prevent this type of thing from happening to your network, be sure to use a more modern encryption scheme such as WPA/WPA2.
Link: http://arstechnica.com/…
Apple has updated QuickTime to fix a serious security flaw. Download the new version here.
It has long been known that, when it comes to rootkits, you cannot trust anything reported by software. So state of the art rootkit detection uses custom-built hardware to get an image of RAM. (Back in “the day,” there were peripherals that took an image of RAM in order to crack software copy protection. The hardware-based rootkit solutions work in a similar manner.) But a security researcher has developed a proof-of-concept rootkit that modifies the image of RAM obtained by these hardware detectors, such that the image is different from what actually resides in physical memory. This is the ultimate in rootkit stealthiness, and I find it to be mind boggling.
Link: http://blogs.zdnet.com/…
(via Slashdot)
Regular Chad’s News readers know how much I write on Computer Security. Having said quite a bit on the subject, I’ve moved on to other topics. But this research by University of Maryland engineers is noteworthy. They set up four Linux computers with weak security, connected them to the internet, and then monitored intrusion attempts over a period of 24 days. On average, the machines were attacked every 39 seconds. The researchers were able to determine the types of attacks, even down to the passwords used in dictionary attacks, as well as what the hackers did with the compromised computers. An interesting read.
Link: http://news.yahoo.com/…
Link #2: http://www.newsdesk.umd.edu/…
If you bought one of the CDs associated with the Sony rootkit fiasco, there is a second settlement for which you qualify (first one here).
This settlement is between the Federal Trade Commission and Sony. It allows you to (1) exchange any affected CDs and (2) receive up to $150 in reimbursement for your efforts to remove the DRM software.
Everybody and their brother has been reporting on this, but nobody gave instructions on how to file a claim. So keep an eye on Chad’s News, and another one on the settlement page—the current info is for the previous settlement.
Link: http://www.ftc.gov/…
