Discover how mastering email communication can boost business efficiency, avoid common pitfalls, and ensure secure, respectful online interactions.
Turkey Revenge
The turkeys are pissed this Thanksgiving they are seeking revenge.
Germs Infest 60% of Americas Phones
60% of Americans sleep with their phones, harboring germs. Cleaning regularly with UV sanitizer or alcohol wipes can help keep your phone and bed germ-free.
Smartphone Sanitizing: A Practical Guide
Securely erase personal data from your old smartphone before recycling. Protect your identity from hackers—easy steps to follow.
Why Soft Skills Matter in Today’s Job Market
Boost your career with essential soft skills like communication, teamwork, and emotional intelligence. Learn why they’re crucial for workplace success.
Audio SPAM in Your Luxury Import
Toyota has announced that new Lexus vehicles will start being delivered later this year. The luxury car comes equipped with a system that can send voice messages sent directly from the automaker to its drivers. The “service” called Lexus Insider will let Lexus send audio messages to owners on whatever subject it chooses.
Reports say the tips could range from making the best use of the vehicles’ features to suggestions for a scenic drive. Jon Bucci, vice president of Toyota’s U.S. advanced technology unit says the Lexus messages can be highly targeted. The messages can be tailored for those who have a specific vehicle type or who live in a particular ZIP code, which seems like verbal spam to me.
William Matthies of Coyote Insight and a longtime consumer electronics executive opined in USA Today. “You’ve got the same thing coming to your home now. It strikes me as the same thing” as junk mail. Assertions that the messages will be targeted and useful enough to appeal to particular drivers don’t impress Mr. Matthies. “They’re not claiming anything different than all direct marketers claim,” he says.
Perhaps, Toyota will drop the price of a Lexus, now that its customers are a captive audience to their marketing machine.
Related articles
- Lexus: Made in America? (features.blogs.fortune.cnn.com)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Ransomware Gets Tougher
Anti-malware vendor Trend Micro has noted an increase in ransomware. According to Wikipedia ransomware is a type of malware that encrypts the data belonging to an individual on a computer, demanding a ransom for its restoration.
This type of ransom attack can be accomplished by (for example) attaching a specially crafted file/program to an e-mail message and sending this to the victim. If the victim opens/executes the attachment, the program encrypts a number of files on the victim’s computer. A ransom note is then left for the victim. The victim will be unable to open the encrypted files without the correct decryption key.
Once the ransom demanded in the ransom note is paid, the attacker may (or may not) send the decryption key, enabling decryption of the “kidnapped” files.
Recently, Trend Micro Advanced Threats Researcher Ivan Macalintal reported that a new version of the GPcode ransomware has surfaced, It is said that Gpcode[dot]ag utilizes a 660-bit RSA public modulus. Attackers appear to be upping the ante, in early June 2008, another Gpcode variant, Gpcode [dor]ak, has been detected and researchers believe it utilizes an RSA encryption algorithm with a 1024-bit public key. “We estimate it would take around 15 million modern computers, running for about a year, to crack such a key,” writes Aleks Gostev, senior virus analyst at Kaspersky, on the company’s blog.
The rise of ransomware makes regular successful data backups even more important. With current backups, you can delete the files in question, restore them from your backup and let someone else pay the attacker.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Category: Uncategorized |
Tags: 2009, Data Security, Encryption, Malware, Ransomware, RSA, Trend Micro
Analog Televisions Future
According to the Consumers Electronics Association, the questions of what will happen to millions of analog Televisions following next year’s transition to DTV have been answered. According to their report “Trends in Consumer Electronics: Afterlife” there is good news for the environment. According to the April 2008 study, households receiving broadcast signals only over-the-air (OTA) expect to remove fewer than 15 million televisions from their homes through 2010.
Additionally, it is reported that 95% of the analog televisions will be sold, donated, or recycled. Most OTA-only households expect to buy a digital converter box (48%) and continue using the same TV. The CEA website, www.myGreenElectronics.org includes a zip-code searchable database of electronics recyclers.
rb-
Where is this market for analog TV’s going to come from?
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
LCDs Increase Global Warming
An article on NewScientist reveals an industrial chemical being used in ever larger quantities to make flat-screen televisions may be making global warming worse. The gas, nitrogen trifluoride (NF3) was developed an alternative to perfluorocarbons (PFCs) gases subject to the Kyoto protocol as a measure to cut greenhouse gas emissions and reduce Global Warming.
As a greenhouse gas NF3 is 17,000 times as potent as carbon dioxide, yet is not covered by Kyoto because it was made in tiny amounts when the protocol was agreed in 1997. The electronics industry uses NF3 mainly to flush out the by-products of chemical vapor deposition, a process which deposits thin films onto glass surfaces for liquid crystal displays (LCDs), and onto silicon wafers for semiconductors.
Michael Prather of the University of California, Irvine, calculates that NF3 has a half-life in the atmosphere of 550 years. Mr. Prather puts the first global estimate of NF3 production at about 4,000 tons this year, and double that for next year. The potential global warming effect of currently manufactured NF3 is greater than both sulphur hexafluoride and PFCs individually.
Mr. Prather agrees that switching to NF3 “probably was an improvement” for this reason, but he warns that NF3 is twice as potent as perfluorocarbons. At least one manufacturer of LCDs is concerned about the global warming effect of its NF3 emissions. Toshiba Matsushita Display Technology says it has developed a process that uses pure fluorine instead of NF3, resulting in “zero greenhouse gas emissions”.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedIn, Facebook and Twitter. Email the Bach Seat here.
Category: Uncategorized |
Tags: 2008, Global Warming, Green, Greenhouse gases, Kyoto protocol, LCD, Polar bears, Toshiba
Online Security Threats Growing
DarkReading is reporting that Ann Arbor-based Arbor Networks has issued its fourth Worldwide Infrastructure Security Report. The global report is based on responses from 70 lead security engineers worldwide. Some of the report’s findings are that DDoS attacks have grown a hundredfold since 2000 and the newest threat is increasing service-level attacks
Respondents to the survey said the main threat vectors for attacks experienced during August 2007 to July 2008, were:
- external, brute force attacks (61%)
- known vulnerabilities (12 %)
- social engineering (3%)
- misconfiguration (3%)
- none from zero-day threats.
Brute force attacks, such as DDoS, jumped 67 percent over the last year. ISPs reportedly spent most of their available security resources combating distributed denial of service (DDoS) attacks. Flood-based attacks represented 42 percent of the attacks reported and protocol exhaustion-based attacks at 24 percent last year. DDoS attacks have grown from megabit levels in 2000 to 40-gigabit attacks this year. Nearly 60 percent of ISPs worldwide say they experienced DDoS attacks larger than 1 gigabit-per-second (Gbps) to a record 40 Gbps, according to Arbor’s report. Arbor also indicates the growth in attack size continues to significantly outpace the corresponding increase in underlying transmission speed and ISP infrastructure investment according to Danny McPherson, chief security officer for Arbor Networks.
The report indicates that the ISPs surveyed are less worried about DDoS attacks than they were a year ago. This year ISPs describe a far more diversified range of threats, more than half are battling an increase in service-level attacks which accounted for 17 percent of all attacks, that attempt to exploit vulnerabilities and limitations of computing resources. New attacks are being directed at new services, as ISP’s work to diversify their income sources by expanding into content distribution, VoIP or other managed services. These new threats include:
- domain name system (DNS) spoofing
- border gateway protocol (BGP) hijacking
- spam.
Almost half of the surveyed ISPs now consider their DNS services vulnerable. Others expressed concern over related service delivery infrastructure, including voice over IP (VoIP) session border controllers (SBCs) and load balancers. Several ISPs reported multi-hour outages of prominent Internet services during the last year due to application-level attacks.
Botnets are still a big problem for ISPs. Botnets continue their expansion across the Internet. ISP’s report that botnet used for:
- SPAM (36%)
- DDoS (31%)
- phishing (28%)
- ID fraud (>5%)
- click fraud (>5%)
Rob Malan, founder and chief technology officer of Arbor Networks explained that, with application-based attacks, bot-infected computers worldwide make connections to a targeted site, then “use an application protocol to deliver a perfectly valid request, not a vulnerability, not something that an IDS or other type of firewall would necessarily flag”. For example, a botnet might instruct its zombie computers worldwide to do a back-end query off a database. “By itself, it’s not bad but, if you have multiple such requests, then you tie up the application – in this case, database – resources on the back-end,” he said.
Even the newest technologies are not secure, 55 percent of ISPs see the scale and frequency of IPv6 attacks increasing. “They are asked to deploy V6, but they don’t feel they can have security [with it],” Dr. Craig Labovitz chief scientist for Arbor Networks says. Today’s IPS/IDS, firewall, and other tools don’t have the proper visibility into IPv6 networks to secure them, he says. Arbor Networks released an earlier study in August 2008 which revealed negligible IPv6 usage.
The response capability of the respondents is mixed. The majority of ISPs report that they can detect DDoS attacks using tools. This year also shows significant adoption of inline mitigation infrastructure and a migration away from less discriminate techniques like blocking all customer traffic (including legitimate traffic) via routing announcements. Many ISPs also report deploying walled-garden and quarantine infrastructure to combat botnets.
Despite the tools, on hand, only a few of the surveyed ISPs said they have the capability to mitigate DDoS attacks in 10 minutes or less. Even fewer providers have the infrastructure to defend against service-level attacks or this year’s reported peak of a 40-gigabit flood attack.
Even less of an emphasis is placed on finding the criminals responsible for these attacks. Arbor Networks found that ISPs have faith in law-enforcement bodies. Nearly two-thirds of respondents indicated that they do not believe law enforcement has the means to act upon the information they provide about attacks or other security incidents. “It’s hard on carriers,” said Malan. “They get paid on traffic, not to do forensic analysis. So it’s hard from their perspective to make the economics work.”
The Arbor Networks 2008 Worldwide Infrastructure Security Report describes a networked world where DDoS attacks growth has outpaced the ability of firms to respond to them and new service level attacks are driven by botnet’s are matching the firm’s efforts to diversify their service offerings to customers. These facts when combined with the current economic recession, the networked world still appears to be a difficult place to do business.
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.