Thursday, January 30, 2014

NSA tactics enabled by confusion of encryption technology exports in the 90s: a bigger risk for the average self-publisher?

Peter Swire has a perspective in the Washington Post today, Thursday, January 30, 2014, p. A19, “The culture war over Snowden”, called online “Why tech companies and the NSA diverge on Snowden,” link here

Silicon Valley (and that’s not silicone) would like to see the idea of “free knowledge” prevail, and resisted the government’s effort (during the Clinton years) to control exporting encryption technology. So the NSA started doing things that makes the entire Internet less safe for everyone so it could snoop even when supposed enemies used advanced encryption.
That doesn’t affect ordinary people very often, hardly at all, until it does.  The biggest risk to the ordinary person who perhaps leveraged his visibility without competing in the expected ways of the past could be being framed for something.  Maybe you don’t know you have a problem until you’re pulled out of line at the airport.  It’s remote, and very low probability, but a catastrophe for the person it happens to.

Wednesday, January 22, 2014

Well, now there can be a "private cloud" service

There seems to exist a facility to have a "private Cloud" with encyption and no risk that a public server hosting the cloud could be hacked, or searched by the government.  Arstehcnica discusses it as AeroFS, which the writer Andrew Cunningham describes with "Build your own dropbox service, AerfoFS releases ios app for private clouds", here.
I can think of bad reasons that a consumer might want this service.
Ashton Kutcher passed along the link today in his "AplusK" twitter feed. 

Tuesday, January 21, 2014

McAfee "free" security scan complains to me that Webroot is a second engine

An odd thing happened with my own security setup. 

McAfee’s “it’s free” security scan on my Windows 8 Toshiba now tells me that I have two anti-virus packages and doesn’t seem to recognize that Webroot Security Anywhere is actually on. (Norton is on the machine as it came from Best Buy but it is not installed.  I believe that Best Buy switched the default to Webroot for Windows 8.1).   But it does say that the Firewall is on.

When I check Webroot, it does say that it is on.
The Dell Windows 7 Machine also has Secure Anywhere, and on that machine McAfee seems to recognize that it is running, and comes back green, “no issues”.
On both machines, McAfee seems to be trying to sell its own anti-virus, which I used until around 2008.  I did find the virus definition updates very time consuming then.

I did get a warning about a subscription two days after an expired (replaced) credit card at Best Buy failed, and I fixed it immediately.  I don't think any coverage was disrupted.  I was out of town and working with a travel notebook (without Webroot) when I fixed it. 

Above, I shared a Webroot Secure Anywhere review, although by a previous Webroot associate. The reviewer says it is one of the smallest in memory, “the size of a fly”. It is cloud-based and supposedly based on the Prevax system. There are core, web link, and usb shields.  The Zero-Day shield is said to identify new polymorphic threats.  Could this system have helped Target? 

Thursday, January 16, 2014

Soap opera "Days of our Lives" is giving us a lesson on computer and Internet security

The soap opera "Days of our Lives" weekdays on NBC gave us a lesson in Internet security.

The likable Dr. Daniel Jonas ran some complicated medical tests on a Priest (Eric) who had been drugged and then forced to have sex in order to ruin his reputation with the Catholic Church.  Jonas had stored the results on the hospital;s server (presumably with normal encryption like https), sent them to a medical laboratory by email (hopefully encrypted), and save them on his home PC.  All the results were wiped out, and the hard drives of his work and home computers were erased/

Could this happen?  One wonders if he set up his home computer as a network virtual drive (as in Windows) on the hospital computer (pretty easy to do in order to work from home, and this used to be common practice, but it is probably less common now, given concerns about security and HIPAA).

He should definitely have save the results on a backup drive, and an optical drive (CD) is even safer than a flash drive because it can't be affected by magnetism or EMP.  Nobody mentioned that obvious security precaution.  He should have stored a backup in a safe-deposit box in the bank.

Of course, in the soap opera, Stefano is the local crime and mob boss, and he is very determined to get what he wants.  A very determined enemy could undermine almost any security, which is one reason why the NSA goes to the extremes that it does in surveillance.  Although I have yet to hear about a bank robbery to get at a safe deposit box -- or maybe it has happened and I just don't recall that.

For the other subplots -- the "death" of the bad geek Nick Fallon, and the gay marriage thread, see my GLBT and TV blogs.  

Tuesday, January 07, 2014

Webroot lists top security threats in 2013: probably ransomware and commoditization

Marcus Moreno from Webroot discusses the most prevalent security threats in 2013.
These were ransonware, PUA’s, and fake SMS messages on mobile devices.
Ransomware usually claims that your computer is infected and demands a payment (sometimes in bitcoin).  It generally can be removed only from outside the Windows system by an operating system expert.  The very worst forms actually can display child pornography on a computer (Sept. 23, 2013).
PUA’s, or potentially unwanted applications, often mimic search engines, in an attempt to gain more ad revenue.
It wasn’t clear from the video if these problems can occur on the MacIntosh.
The SMS problem can lead to a shock on your bill.
Webroot has a link describing the top ten trends, by Danco Danchev, here. The main development is the “commoditization” of crime, where criminals sell hacking tools and also lists of compromised computers.  
Both reports were tweeted today. 

Monday, January 06, 2014

Webroot site rating doesn't allow you to click on a site with a "Null Classification" on a Firefox search

Here's a little anomaly.  In Firefox, in both Wiudows 7 and Windows 8, something wicked this way comes.  In Firefox with Webroot Secure Anywhere as a plugin, I get a warning of "Null Webroot URL Classification" on any site that it doesn;t have enough information to score, and it won't let me click on the URL.  I have to copy it into the browser.
"Null" has a lot to do with how variables are initialized in almost all OOP's as I remember.

Previously, I had notices these sites going to orange, which was fixed as green by Webroot.  (Dec. 27, 2003).

Sunday, January 05, 2014

Yahoo! has apparently served infected ads in the past week

Yahoo! has apparently admitted that a party advertising on its site was apparently loading malware onto visitor computers, seemingly to get a list of compromised home or business computers to sell to organized crime. The list of potentially compromised IP addresses is substantial. 
The hack apparently started on Dec. 30.
The Switch Blog of the Washington Post reported on the incident late on Saturday, here.  It was not immediately apparent if users could be infected merely from the Yahoo! pages of if they had to click on the actual advertisements served by Yahoo!  
Apparently the problem is now resolved.  I have asked Webroot if its Secure Anywhere would identify the threats on a home computer now.  I don’t think I have visited Yahoo! during this period, although I frequently visit its finance page most of the time. 

Fox IT had blogged about the issue recently, here

The exploit appears to use Java and will not infect a machine in which Java is disabled.  It isn’t completely clear if it is limited to Windows.  

Update:  Jan. 6

Latest reports indicate that most of the affected users are in Europe. 

Thursday, January 02, 2014

Attacks on Snapchat, Skype raise different questions and implications

Attacks on Snapchat and Skype attracted the attention of the security world today.
Snaptchat allows users to send photos which will then quickly disappear. It’s existence can raise questions about photography of people in various places, especially bars and discos;  in any case, someone who appears under the guise of another person’s camera has no way to know what could happen with it.  Expected courtesy standards in these places are evolving.
But apparently hackers posted personal information, including phone info (mobile) of over 4 million snapchat users as “proof of concept”.
The Snapchat blog discusses abuse of its Find Friends service, link. Techcruch has more details, uncluding info on how users can see if there PII wound up on the list, here

The attack on Skype did not compromise information.   A group in Syria may be claiming responsibility. Skype seems to be a very popular way for members of the military do maintain contact with families when deployed (see my movie review of “Where Soldiers Come From” Dec. 30), and that could have provided a disturbing incentive for the attack.
The Chicago Tribune has a story here