Tag Archive for Security

| March 27, 2010
Comments Off on Detroit Least Risky Online City

Detroit Least Risky Online City

Detroit Least Risky Online City Symantec has declared Detroit as the least risky online city in America. In a joint study with Sperling’s BestPlaces, Symantec released a report Norton’s Top 10 Riskiest Online Cities The U.S. cities under the greatest threat from cybercrime (PDF) (03-22-10) of the 50 riskiest places in America to be online and at the bottom of the list is Detroit.

DetroitThe report indicates that Detroit is the least risky online city, with residents less likely to take part in risky online behavior. Detroit has low levels of Internet access, expenditures on computer equipment, and wireless Internet access. The city also ranked low in cybercrime, wireless Internet access, and Internet access generally compared to other cities. El Paso, Texas, and Memphis were the second and third safest cities, respectively as reported by eWeek.

Data from several sources were used to determine the rankings. The data came from Symantec Security Response as well as third-party data about online behavior, such as accessing WiFi hot-spots and online banking. Each city was scored across several categories. For example the number of malicious attacks per capita, prevalence of Internet use, and the number of bot-infected machines per capita.

Symantec logoDetroit ranked last in all categories including:

  • Individual cybercrimes,
  • WiFi and hotspots per capita,
  • Annual expenditures per household on Internet Access and Computers,
  • Adult Internet use.

rb-

Up is down and down is up in Detroit. These are not promising statistics for Detroit. The depression “global financial crisis” has ravaged Detroit and southeastern Michigan for the past 11 years. These results are just another indicator of how far Detroit has fallen. Low levels of Internet access, not buying computer equipment along with slow and limited wireless Internet access cause the city to rank low in cybercrime. This is just like driving a car, the more you drive the more risks you take. Until the Motor City gets on the information super-highway there is little chance of Detroit moving forward.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| March 19, 2010
Comments Off on Keyboard Crud Fingers Suspects

Keyboard Crud Fingers Suspects

Keyboard Crud Fingers SuspectsResearchers have developed a new technique to identify individuals by the hand bacteria they leave behind on their personal computers keyboard and computer mice. Researchers at the University of Colorado (CU) at Boulder have shown that “personal” bacterial communities living on the fingers and palms of individual computer users that were deposited on keyboards and mice closely matched the bacterial DNA signatures of users.

The development of the technique is continuing, but it could offer a way for forensics experts to independently confirm the accuracy of DNA and fingerprint analyses, says CU-Boulder Assistant Professor Noah Fierer, chief author of the study. “Each one of us leaves a unique trail of bugs behind as we travel through our daily lives,” said Fierer, an assistant professor in CU-Boulder’s ecology and evolutionary biology department, ” … we think the technique could eventually become a valuable new item in the toolbox of forensic scientists.

The team used gene-sequencing techniques to match bacteria DNA swabbed from individual keys on computers to bacteria on the fingertips of keyboard owners. Fierer said in the article that bacterial DNA from the keys matched much more closely to bacteria of keyboard owners than to bacterial samples taken from random fingertips and from other keyboards. In a second test, the team swabbed nine keyboard mice that had not been touched in more than 12 hours and collected palm bacteria from the mouse owners. The researchers were able to successfully match the owner’s palm bacteria and the owner’s mouse from a group of 270 randomly selected samples.

The study showed the new technique is about 70 to 90 percent accurate, a percentage that likely will rise as the technology becomes more sophisticated, said Fierer. The CU-Boulder team used a “metagenomic” survey to simultaneously analyze all the bacteria on the fingers, palms, and computer equipment, said co-author Rob Knight. The effort involved isolating and amplifying tiny bits of microbial DNA, then building complementary DNA strands with a high-powered sequencing machine that allowed the team to identify different families, genera, and species of bacteria from the sample.

Another reason the new technique may prove valuable to forensic experts is that unless there is blood, tissue, semen, or saliva on an object, it’s often difficult to obtain sufficient human DNA for forensic identification, said Fierer. But given the abundance of bacterial cells on the skin surface, it may be easier to recover bacterial DNA than human DNA from touched surfaces, they said. “Our technique could provide another independent line of evidence.”

Once further research is completed, Frier says the new technique may be useful for linking objects to users in cases where clear fingerprints cannot be obtained – from smudged surfaces, fabrics and highly textured materials, he said. The new technique would even be useful for identifying objects touched by identical twins since they share identical DNA but they have different bacterial communities on their hands.

The study was published March 15, 2010, in the Proceedings of the National Academy of Sciences. Co-authors included Christian Lauber and Nick Zhou of CU-Boulder’s Cooperative Institute for Research in Environmental Sciences, Daniel McDonald of CU-Boulder’s department of chemistry and biochemistry, Stanford University Postdoctoral Researcher Elizabeth Costello, and CU-Boulder chemistry and biochemistry Assistant Professor Rob Knight.

rb-

Fierer states that this new technique brings up bioethical issues to consider, including privacy. “While there are legal restrictions on the use of DNA and fingerprints, which are ‘personally identifying’, there currently are no restrictions on the use of human-associated bacteria to identify individuals,” he said. “This is an issue we think needs to be considered.”

It would be my recommendation that firms get ahead of this issue and review their employee privacy policies to deter the “expectation of privacy” until the courts decide if bacteria growing outside of an individual is eligible to be classified as “personally identifiable information” (PII).

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,
| March 13, 2010
Comments Off on Mobile Botnet

Mobile Botnet

Mobile BotnetTwo researchers from TippingPoint’s Digital Vaccine Group duped thousands of smartphone users into joining a mobile botnet by spreading a seemingly innocuous weather application. Kelly Jackson Higgins at DarkReading writes that Derek Brown and Daniel Tijerina created a smartphone application called WeatherFist. Over 8,000 users downloaded WeatherFist, which grabbed users’ PII. The info they grabbed included GPS coordinates and telephone numbers, before displaying local weather information.

TippingPointThe researchers did not distribute their application via the official iPhone and Android application stores. Rather, they distributed the WeatherFist application via third-party app markets like Cydia, SlideME, and Modmyi. The apps could only be installed on jailbroken iPhones or Android devices where users had specifically given permission for non-approved applications to be run. “We wanted people to feel comfortable using the application and putting it on their phone so we would have permission to do a lot of things like pass GPS coordinates, write to the file system, and surf,” Brown told DarkReading.

Mobile Botnet

At the 2010 RSA Security Conference the researchers claimed they also wrote a malicious version of their mobile botnet, which they dubbed WeatherFistBadMonkey. According to DarkReading, the malicious app behaves more like traditional botnet code, stealing information and capable of distributing spam. “We could enable or disable system services [with a malicious app],” Brown says. The TippingPoint researchers told DarkReading they wanted to prove how an app could behave like much of the traditional Windows malware which, steals information, and allows hackers to gain remote control of hijacked devices.

rb-

Smartphones are a part of today’s network and Brown and Tijerina claim that this research shows a security hole in networks. Some of the ways to plug these new holes are to:

  1. Update policies for the  proper use of smartphones
  2. Prohibit unsafe modifications of smartphones
  3. Allow apps only from reputable app stores
  4. Provide training on smartphone application usage
  5. Lockdown the Wi-Fi network settings to keep smartphones from ‘phoning home’ any information that shouldn’t leave the firm.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| March 4, 2010
Comments Off on A New Problem Caused by IE

A New Problem Caused by IE

A New Problem Caused by IEThe Microsoft Security Response Center (MSRC) Engineering team is reporting a vulnerability involving VBScript and Windows Help files.  In Microsoft Security Advisory 981169, the MSRC says that hitting the F1 Help key can activate a vulnerability in VBScript enabling Remote Code Execution. The new Microsoft threat involves any version of Internet Explorer (IE) on Windows 2000 and Windows XP.

MicrosoftThe US-Cert Vulnerability Note VU#612021 says that any file displayed by the  Internet Explorer (IE) engine can trigger an attack. IE’s engine is often used to render HTML for other applications, even if you don’t see the usual IE program window.

Trigger the execution of arbitrary code

This issue makes it possible for a malicious web page, an HTML e-mail or an e-mail attachment, or any file to display a dialog box that will trigger the execution of arbitrary code when the user presses the F1 key. The prompt can reappear when dismissed, nagging the user to press the F1 key. MSFT calls the Windows Help files are an “inherently unsafe” file format. That means these files can run arbitrary code, thus the browser must prevent remote Windows Help files from executing automatically.

MSFT suggests that as an interim workaround, users avoid pressing F1 on dialogs presented from web pages or other Internet content. If a dialog box repeatedly appears trying to convince the user to press F1, users should log off the system or use Task Manager to kill the Internet Explorer process.

It is possible  to mitigate the threat from the command line to lock down the legacy Windows Help system by  typing:
cacls “%windir%\winhlp32.exe” /E /P everyone:N
and to undo the change type:
cacls “%windir%\winhlp32.exe” /E /R everyone

Windows Server 2003 is affected as well, but the default IE configuration mitigates the threat. Windows Vista, Server 2008, and Windows 7 are not affected.

Steve Balmmer

The MSRC post also describes how to change IE’s Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones a move that can also help protect against potential attacks.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,
| February 7, 2010
Comments Off on Cyberattacks Coming

Cyberattacks Coming

Cyberattacks ComingDirector of national intelligence Dennis C. Blair, told lawmakers on Tuesday (02/03/2010) the prospect of a major terrorist attack on America, was the “primary near-term security concern of the United States.”  The New York Times reports that Mr. Blair began his annual threat testimony before Congress by saying that the threat of crippling cyberattacks on telecommunications and other computer networks was growing. America’s top intelligence official told Congress that an increasingly sophisticated group of enemies had “severely threatened” the sometimes fragile systems undergirding the country’s information infrastructure. “Malicious cyberactivity is occurring on an unprecedented scale with extraordinary sophistication,” he told the committee.

He said that the surge in cyberattacks, including the penetration of Google’s servers from inside China, was a “wake-up call” for those who dismissed the threat of computer warfare. “Sensitive information is stolen daily from both government and private-sector networks, undermining confidence in our information systems, and in the very information these systems were intended to convey,” Mr. Blair said The NYT says Mr. Blair’s emphasis on the threat points up the growing concerns among American intelligence officials about the potentially devastating results of a coordinated attack on the nation’s technology apparatus, sometimes called a “cyber-Pearl Harbor.”

Related articles

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
« Older Entries   Recent Entries »