Thursday, July 31, 2014

"Working from home" particularly a security threat for retailers, financial institutions; discussion of "Backoff"


Employers, especially retailers and financial institutions, are finding that employee telecommuting is causing increased security risks, according to a story on the Business Day section of the New York Times on July 31 by Nicole Perlroth, link here.  Typically employees take laptops home, but may be less careful.  The article discusses in some detail some malicious software called Backoff, which is not easily detected by most antivirus software and which requires “layers” of corporate security.
   
When I was working, a lot of “homework” was done for nighttime production support, or “nightcall” (ironically the name of a porn film around 2000).  Access was mainly to the mainframe, often through dumb terminals or Procomm or similar software on one’s own home computer.  Awareness of the sensitivity of personal information of clients (like in AbendAID dumps of programs that had abended) was much less two decades ago. 


Tuesday, July 22, 2014

Chrome gives a malware warning from one of my blogs; it seems to be related to a 3rd-party gadget; Webroot had not detected it


Late Monday night, as I was surfing in Chrome on my Windows 8 computer, I got a sudden warning from Chrome that my “Bill’s Drama and Music News and Reviews” blog that it was accessing a site known to serve malware.  I did not get the warning from Mozilla, or from Webroot Secure Anywhere.  I didn’t write down the name of the site (it had the node “bmp”) but I immediately removed one remaining gadget at the boddom of the page, that had been there since 2009 with no problems.  After re-caching, the Chrome message went away.

I have removed other third-party gadgets before, when the stop working.  Usually the symptom is just an error message.  It’s possible that this gadget itself had been hacked. 

Various sources on the web say that some of these messages from Chrome are “false positives”.  The best resource I could find on the problem of Chrome warnings was here.  I’ll check other blogs and probably removed unnecessary third-party gadgets soon, as they seem to create a vulnerability. 

I have noticed recently that, after adding a new post, it can take up to a minute for the blog to re-cache and display the new posting (with repeated prompts on the reload).  This may account for underreporting in Analytics statistics.  
   
One other thing.  I had just been watching MLB videos, and earlier MLB had tried to get me to update Chrome, which I had ignored. 

Sunday, July 13, 2014

Workplace BYOD practices can have serious security flaws -- Webroot study


Webroot has written a blog post and published a paper (as a PDF) on the lack of security with many employers who allow workers to use their own devices, including mobile phones and laptops, here.

In the 1990s, I often did production mainframe support from my own laptop or desktop at home, often through Procomm, later through a company app.  For now archaic "conflict of interest" reasons I would not allow corporate property to be used in my residence. During production support, we had access to live consumer data (including military personnel), but this was at a time before security and privacy concerns were as great as they are now.  It was also common and possible to take printouts home, something that probably wouldn't be allowed today.  

Monday, July 07, 2014

"Staring" may decipher cell phone and iPad pin codes


People will really dislike being stared at in public places, if the latest reports that hackers could use software inside “Google Glasses” to decipher pin codes of other devices around them. 

The story on CNN suggested that keypads on cell phones and iPads might themselves have to be randomized (in position) to prevent motion-detection software from picking up pin codes merely by “staring”.
  

All of this reminds me of a morning in Dallas in 1986 when I was in a jury pool, and someone got worried that I was staring at him, an odd incident.  I went on to get selected for a civil malpractice case, which got settled once the jury was seated.  

Sunday, July 06, 2014

TSA rules have the potential to disrupt traveler who carry a lot of computers and hardware; hardware and malware could cause trips to be missed


The TSA has implemented screening rules requiring passengers to demonstrate that electronics actually work before boarding planes, at least at some overseas airports.  CNN has a story (“No power, no go”) today here.  At least one passenger at an airport in Germany reported such screening in the evening news on WJLA. ABC has a story with link here. All of this is on specific intelligence on new technology that terrorists may try to smuggle bombs onto planes. 
  
Back in the 1990s, it was common for passengers to have to turn on laptops to prove that they work.  Now, electronics put in TSA approved bags do not have to be turned on.

When I travel, I often carry a cell phone, a notebook laptop with Windows, an iPad, and two small cameras.  If such screening were done for domestic flights (and it doesn’t seem that they are now), all five items would actually have to work. 

It isn’t a problem to come to the airport with them powered up.  The cell phone would be on.  Perhaps the notebook (whose battery has a very long operation) could simply be on, as could the iPad.  A bigger problem could be a failure of a component (especially a laptop) to boot up even though powered up, possibly because of malware, or unlucky hardware failure by being banged around. 

Bigger complications could come for people who carry electronics for both work and personal use on trips.  Double lives get even more infeasible. 
   
While on a trip in Texas in 2011, I had a Toshiba notebook fail, but I was able to get it working again for the rest of the trip.   
  
This story will have to be watched closely.

Monday Webroot tweeted a UK Register story here. mentioning concern about external hard drives.

Also on Monday, CNN quotes Homeland Security as saying that the requirement could be put into place for domestic flights later, since some terrorists have valid US passports and visas and could try to come into the US and disrupt domestic travel.  But this has not happened with other means  (like underwear).

The latest information suggests that there is specific concern that the battery component of a cell phone or laptop could house explosives.  Therefore, starting the device by plugging in to a power source doesn't prove it's safe.  Your batteries must work.  You need to think carefully about traveling with older equipment.

Wolf Blitzer asks if a laptop could still work while having an explosive:

We have to stay on top of this story' it will change.

Thursday, July 03, 2014

MLB site leads to "browser out of date" warning, no clear indication of malware


Here's just a short story.  Today, as I tried to browse Major League Baseball video, I got interrupted by a warning that my browser is out of date, with instructions to download.  I was on Google Chrome. I was suspicious and did not do so.  I closed the browser, tried MLB again, got to the same video and this time it played normally.

Webroot's daily scan (which ran later) did not identify any threats.   It also did not intercept this message, although it might have interrupted me had I actually tried the download.