Friday, May 29, 2009

President announces plan for "securing our digital future"


President Obama has announced that he will create an office of cybersecurity. A recent position paper “Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure” is available from Wired (PDF) and starts with an executive summary emphasizing the idea that government must have a well-structured plan and be proactive in protecting the nation’s cyber intrastructure.

The White House Cybereview blog (URL) has a video “Securing our Digital Future” hosted by Melissa Hathaway, Cybersecurity Chief at the National Security Council. The Whitehouse blog also has a text of the President’s remarks March 29 here.

The president described the new office at the White House, to be led by the Cybersecurity Coordinator, and to be matrixed into his National Security Staff and various other agencies. The organization sounds complex in his speech, but I’ve seen such “matrix management” in corporate America many times before.

One of the most important statements in the president’s speech today is a reassurance:

"Let me also be clear about what we will not do. Our pursuit of cybersecurity will not -- I repeat, will not include -- monitoring private sector networks or Internet traffic. We will preserve and protect the personal privacy and civil liberties that we cherish as Americans. Indeed, I remain firmly committed to net neutrality so we can keep the Internet as it should be -- open and free."

Cam Simpson and August Cole have a Wall Street Journal story today "Obama Says U.S. Data Systems Under Constant Attack: President to Name Cyber Chief, but Details Are Scarce", link here.

Thursday, May 28, 2009

Some experiences with Spysweeper; deadly embrace problem with Firefox?


I thought I would post an update of my experiences with Spysweeper and Regcure, both of which I started using after I developed “slow bootups” and responses.

Regcure found about 2000 problems the first time, (many empty registry entries and incorrect entries) but the cleanup, which took about 20 minutes, did not make a lot of differemce.

The Spysweeper found about 45 suspicious cookies with the quickscan. I have found that after quarantining them, the performance of the computer does improve, improving faster startup.

I do uncheck DoubleClick, because I know that it is legitimate. Some of the others I recognize as legitimate, but Spywseeper finds many more spy-related items than does McAfee.

Sometimes the screen is still slow, and this seems to be related to problems with nVidia, which have been reported by others on the Web.

There is one tip. Google Chrome (at least on my XP Home machine from 2003) does not hook up to Webroot Spysweeper, but both Firefox and Internet Explorer do connect. If Spysweeper is updating its definitions right after I boot up and I try to bring up Firefox at the same time, the machine hangs, or at least the mouse does. There seems to be a “deadly embrace” in the software somewhere, that Firefox and Spysweeper should work together to fix. I get around the problem by bringing up Google Chrome first, going to at least one other site besides Google itself, and only then starting Firefox. (This reminds me of the “deadly embrace” in database problems; it also reminds me of the “empty files” S001 abend in the IBM mainframe that happens when trying to open a file for input when it had been allocated but never initialized before.)

Friday, May 22, 2009

School districts tightening up on student cyberbullying on the Web, social networking, and cell phones


NBC Washington offers a video from the Prince Georges County school system about efforts to deal with cyberbullying, both on the Internet (in social networking sites) and with cell phones, May 14, 2009.

View more news videos at: http://www.nbcwashington.com/video.



On Friday May 22, NBC Washington briefly reported a serious incident (in Seattle) of a YouTube video made to “threaten” a particular kid, as a “joke”. The link for the story about the incident has not been posted yet. Presumably law enforcement was contacted. The details are disturbing and don’t need to be reprinted, but I’ll provide the hyperlink as soon as one is available. Obviously YouTube would have taken it down as a TOS violation. A CNN report Saturday May 23 indicated that six girls perpetrated the act, which involved a cartoon. On comment on CNN said that this issue might lead to the government's regulating "what can be said on the Internet". Oh, well, look at COPA. The King 5 report by Tonya Mosley says that "Cyberbully expert says parents must be vigilant", link here.

It’s clear that there are still many problems of judgment as to what immature people put up on videos. Will it be necessary to restrict posting by minors more seriously? Right now you have to be 13 to create an account (reference). I hope we don’t see all those arguments from COPA coming back to haunt us.

Thursday, May 14, 2009

"Spy Sweeper" identifies many "spy cookies" not flagged by McAfee (at least for me)


Antivirus programs don't necessarily identify all spyware unless you ask them to, or buy the protection specifically. My current McAfee Security Center does say that it offers a scan for spyware as well as viruses, worms and trojans.

Yesterday (May 13) as part of a further effort to investigate a slow machine, I installed Spy Sweeper. I installed only the anti spyware portion, not the anti-virus, since I have McAfee. Best Buy has been selling some computers with SpySweeper as the anti-virus instead of McAfee or Norton.

I downloaded a free trial element, which made me Restart, which is so slow now. I had to try Firefox twice to get it to start, as Webroot attached itself to Firefox (along with an Ask.com search box). It also shows up on Internet Explorer but not Google Chrome.

I ran the quick scan, which took almost an hour, and it showed 46 “spy cookies”. Here is a Q&A on Yahoo! on “What is a spy cookie?” These 46 cookies had not been identified by McAfee, and some seemed familiar

Then it made me subscribe to quarantine the cookies. It made me download a “Reg” element, but it did not make me restart again. As with Regcure, I had to start the scan over, which I stopped after finding the 46 cookies, and then I was able to run the quarantine. I don’t think it ever made me enter the product key that it assigned me.

It does not seem to interfere with McAfee, and removing the cookies did not interfere with any major sites.

Picture: some financial advice from a DC Metro car

Update: May 15

Some of the cookies are well known and as far as I know legitimate: DoubleClick, Atlas, Casalmedia, zedo, etc. Spysweeper lets you deselect cookies that you know to be OK.

Wednesday, May 13, 2009

Craigslist "gives in" to pressure from states, to shut down online "red light district"


Craigslist has capitulated to pressures from very states’ attorneys general, announcing it will close down its Erotic Service and open a new adult section that will be closely monitored. Some observers say that prostitution will just move to unmoderated sections of the site, underneath the radar screen. But the appearance is like that of a city eliminating its “red light district” and driving it underground.

Jacqui Cheng has a story today (May 13) on Ars Technica, here.

The Reuters story is by Jason Szep is "Craiglist to drop 'erotic services' ads", here, and it creates a metaphor with traditional classified advertisements.

The company has been criticized for making so much profit from this one area of customer use with few employees.

It is always dangerous to “meet” with someone for sexual purposes after only an online encounter, since it is so easy to impersonate someone on the web. But many people use search engines to do “background investigations” on prospective dates or encounters, but that’s hardly reliable (again, we link back to the “online reputation” problem).

Picture: Amsterdam Red Light District (I was there in May 2001). The attribution link (Wikimedia Creative Commons ShareAlike) is here.

Tuesday, May 12, 2009

Go to jail and don't collect your pay: In Ohio, visitng "adult sites" at work is defined as "hacking"


Scott Lowe has an important entry in the Tech Republic blog today, “visit an adult site at work and go to prison,” link here.

A man named Richard Wolf was convicted of “hacking” in Ohio when he visited the “Adult Friend Finder” website at a municipal workplace, in Shelbyville Ohio, with another story here, by John Sawyer, on the “Darkreading” blog here. Apparently a local supervisor found a nude adult picture on a work computer, and called police as well as firing him.

The Ohio statute RC 2913.04 (link on Law Writer) reads:
“(A) No person shall knowingly use or operate the property of another without the consent of the owner or person authorized to give consent.
“(B) No person, in any manner and by any means, including, but not limited to, computer hacking, shall knowingly gain access to, attempt to gain access to, or cause access to be gained to any computer, computer system, computer network, cable service, cable system, telecommunications device, telecommunications service, or information service without the consent of, or beyond the scope of the express or implied consent of, the owner of the computer, computer system, computer network, cable service, cable system, telecommunications device, telecommunications service, or information service or other person authorized to give consent”.
The law was designed to provide criminal penalties for those who illegally access and/or misuse consumer information from work computers. To that extent, these laws are common everywhere. For example, the Census Bureau can prosecute employees for misusing information acquired in a census, and I believe that the same is true for IRS employees. The state law here defines using a workplace computer in a manner beyond the scope of intended use as “hacking.” But generally, these laws have not in the past been interpreted as considering viewing adult pornography as “hacking.” Viewing or downloading pornography has simply been an HR issue resulting in discipline or termination.

When I worked for Chilton Credit Reporting back in the 1980s in Dallas in a mainframe environment, there was a very strict policy about using computer resources for personal purposes, even course work. Employees were told not to leave themselves signed on when away from desks. One person was fired in 1982, shortly after I had started there, for tampering with credit reports. The mainframe logon screen greeted the worker with a statement of the Texas computer crimes law passed in 1985.
Workers should consider this case before feeling too innocent about accessing inappropriate material at work.

It is possible to access inappropriate material because of deliberately deceiving or “ironic” domain names, like "whitehouse.com" and "nightcall.com" (at least in the past). Workplaces should use Site Advisors (like McAfee or Web of Trust) to intercept inappropriate sites, that could be entered by mistyping.

Wednesday, May 06, 2009

Craigslist attorneys talks to state attorneys general about its "business model"


Craigslist lawyers are meeting with attorneys general of a number of states, including Illinois, trying to reach a compromise. Increasingly, the site has been used for arranging prostitution, which has resulted in criminal activity, including the Markoff spree in Boston and in Rhode Island.

States note that the site generates 20 billion page requests per month, in 50 countries, with a staff of only 28 people. And a large portion of these, according to states, are for erotic services or for services that cannot be safely procured from anonymous strangers over the Internet.

With a “staff” of one, I generate some page requests on my sites, but nothing like 20 billion. But it seems as though the low capital requirements for the company and the high leverage is viewed by them as anti-social.

The story by Edith Honan appeared on UK Reuters.

Monday, May 04, 2009

Facebook users confronted with new fake logon scam


AOL users this morning are being advised about a new scam that can hijack a Facebook member’s account. The user gets a message in her Facebook inbox with links to “FBAction.net”, which leads to a fake Log in screen.

It doesn’t seem as yet that the scheme was taking other personal information. It seems like it was more a ‘proof of concept’ attack on Facebook itself. Facebook has blocked the address.

The news story ("Web Social Networking: New Facebook Phishing Scam Will Hijack Your Account") is by Terrence O’Brien, dated April 30, and appears here.

We haven’t heard yet of similar attacks on Myspace, but users should be aware of any invitations that offers a new way to log on to a social networking site.

Sunday, May 03, 2009

Small webmasters should consider "private" registration for WHOIS


Here is another little safety tip for people who run their own domains on the web, perhaps even for home-based businesses. Many registrars (such as Network Solutions) will offer “private registration” for typically about $10 a year, to provide alternate contact information. Your personal information remains private, and your email address is changed every ten days or so. If someone has a legitimate need to contact you (as for a legal matter), the registrar contacts you. But the WHOIS database no longer has any personal information, including email. The Network Solutions link explaining the benefits is this.

Not everyone may need this. Some people use mail boxes as UPS stores or similar facilities and may have adequate spam controls on their email address. But another risk of not using it is that one’s email address is used to spoof as a sender of other party’s spam, something that might cause reputation problems with customers. Again, these sorts of problems could be contained by an email infrastructure that verifies sender-id.

Another problem to bear in mid is that, yes, there are companies that sell “unlisted” personal information, barely within what is legally permissible.

Saturday, May 02, 2009

Twitter hyperbole (associated with a "tea party") leads to arrest and prosecution


The “Threat Level” blog on Wired contains a disturbing story about the FBI arrest of an Oklahoma City man for apparently making “threats” with a series of tweats as part of a “tea party” tax protest in his city. The story is by Kevil Poulsen with the link here. The story contains photographs of the tweats with the text (which need not be copied verbatim here). The tweats appear (to me) at least to contain a lot of obvious hyperbole and metaphor and not be intended to be taken literally.

The incident is apparently the first involving Twitter as a microblogging facility. The incident is significant in that people often use Twitter impetuously and quickly, and don’t give a lot of thought to what they say in advance, and may not have a complete log of what they said, unlike the case with blogs or conventional sites. In that sense, the problem resembles what can happen with Chat or with cell phone text messages.

The Wired report contains a link to a story about another arrest over a hyperbolic “threat” made on a Yahoo! message board. It was quickly deleted but nevertheless showed up in many caches.