Nasty New Worm for the New Year

There's a nasty new worm out there named W32.Downadup.B (symantec link here) that spreads in a large number of ways. The Symantec link describes it in detail, and has a great list of recommendations at the end of the posting.

Best ones are:
1. Don't open attachments unless you know what they are, who sent them and why!
2. Keep your anti-virus up to date ( and if you don't have one - get one- I'll help!)
3. Make sure your firewall is working

Have a great new year!
Perry

The Boston Globe did what?!

The Boston Globe, or someone who said they were from the Globe, called us on the telephone a couple of days ago with a weird story that our credit card for delivery had expired, and asked for a new credit card number and expiration date.

Well, the Boston Globe isn't exactly a paragon of identity protection so Sue naturally thought it was a scam. After all, in this day and age, who would call their customers asking for credit card numbers?

Well, we got a letter in the mail today - and guess what? It was the Globe, and our credit card really had expired. Haha - I wonder how hard it is for them to update their customers' credit card numbers now?

Should I sign my Credit Cards?

I'm pretty sure the answer is "Yes", although there's certainly an urban legend around that to protect your identity you should put something like "See Photo ID" on the backs of them.

I recently received an email that said it was from a lawyer and had interesting advice regarding identity theft that included this trick.

It seems like pretty good advice, and I have tried it in the past. Trust me - don't experiment with this when you travel. The merchants hate it and I think the credit card companies do too. I think it's something legal.

I found Scambusters with this Google search: "PHOTO ID REQUIRED on credit card"

They say this specifically:
http://www.scambusters.org/Scambusters80.html

And they address a letter like it here:
http://www.scambusters.org/creditcardfraudprevention.html

They're right about hotel keys, which isn't in letter; however.

I did some more searching, and found this, too - a link from the Missouri attorney general's site

http://ago.mo.gov/ConsumerCorner/blog/10398/Should_I_sign_the_back_of_my_credit_card/

http://www.mytruston.com/blog/tips/sign_the_back_of_credit_cards_or_not.html

Truston is identity protection company, but they do link to the real visa rules, but does agree with what I found. Rules are 1 and 2.5 MB pdf files, I don't think I'll read them right now. :-)

Perry

Don't Download Free Antivirus!

Well, maybe you can use AVG , but DON'T download any other free antivirus products - they ARE viruses!

There's one particularly nasty one called "Antivir 2009" that's driving sysadmins crazy everywhere.

There's another called "Winiguard.com" ( note the extra "i") , and possibly a program called "Macguard" that's also suspect.

If you want free antivirus, I think the best is to download Norton or McAfee from your internet service provider ( I'm pretty sure Comcast and Verizon have it ) or AVG

Please contact me direct if you have any questions.

Perry

The Large Hadron Collider will not destroy the universe

Update: March 1 2009: Penn State Researchers say it can't possibly happen: "The world is constantly bombarded by energetic cosmic rays from the depths of space, some of them inducing particle collisions thousands of times more powerful than those that will be produced by the LHC, If these collisions could create black holes, it would have happened by now."

The really smart people at CERN are building an enormous particle accelerator to try to find the Higgs Boson.

Some people think that the instruments that are capable of finding it will destroy the universe.

The concepts behind this are pretty difficult to understand, but here's a video that helped me understand. (I don't know why, but a synthesized voice doing rap about the LHC brings tears to my eyes)

Quiz for extra points - After you've watched the video - what kind of atoms are protons smashed against?

Update - Well, now they're not so sure. The scientists are almost certain that it won't destroy the earth, and the solar system, etc

DNS Problem

Yes, there is another DNS vulnerability and attack, and it's pretty scary.

DNS is the system on the internet that maps the name, like "www.whoever.com", to the numeric address. If it breaks, the internet breaks. If bad guys can successfully attack it, they can make you go to their servers instead of important places like your bank, Ebay, etc.

There's a long interesting story involved. Dan Kaminsky, the one who found it has a blog, which tells the story and has a program to test your ISP's DNS servers. If your ISP hasn't fixed it, please change your DNS to OpenDNS. Call me if you like to do it and need help, please call me.

IPv6 Security

What's IPv6 (other than Internet Protocol version 6)?

It's the next step in the evolution of the Internet. The present internet (IPv4) was designed in the 70's, and is starting to have problems with its growth as well as some other issues.

IPv6 fixes the scaling problems as well as a bunch of other things, but adds a large amount of complexity and some overhead to the network.

In a nutshell, an IPv6 internet would be lots better than our present IPv4 Internet.

The bad news? It will be really hard to transition from IPv4 to IPv6 for our nework providers and network engineers. Would better technology work better for users when the operators don't understand it and the hardware is only partially implemented?

Add security to the mix and it's 10 (100?) times worse. The security people who understand IPv4 and are trying to keep up with the bad guys don't have the time to learn IPv6 at the level that they need to, and the hardware vendors don't have security devices that support IPv6 at the level of IPv4. IPv4 is also growing faster than our budgets to buy and support it -

IPv6 network gear is also (a lot) more expensive - how can we justify buying more expensive stuff when the features that add cost won't be turned on?

It's common knowledge in the network security business that the bad guys know IPv6 better than the good guys.

We know we need to transition our networks to IPv6 sometime. We just don't know when.

GuardianEdge for Hard Disk Encryption

Loss and theft of laptops and USB drives is one of the biggest security threats out there, and I need to know more about the products that support encryption.

If all the important information stored on your laptop and USB sticks are encrypted (the the laptop is OFF, or in a state where it needs a password to decrypt), then loss and theft aren't a security risk.

Just having a product that encrypts the data isn't enough, it has a good algorithm (like AES) and it has to be trusted. This means Common Criteria or FIPS 140-2 validation (or both). It also needs things like key escrow, so lost passwords aren't permanent.

I just talked to GuardianEdge as a solution for both full disk and removable storage encryption. It was a good meeting and an impressive product. We'll load it up on VMWare on both XP and Vista and kick the tires. It's both Active Directory integrated and FIPS 140-2 validated.

Has anyone worked with these products or worked with others in the same space?

Who are the Biggest Spammers?

Well, it looks like going after trying to go straight didn't work, Spamford Wallace and Walt Rines spammed MySpace, and got fined $50000 in January. That didn't appear to stop them.

Maybe they'll learn their lesson after a $230M (default) judgement. They didn't even show up to court. Can you blame them? I don't think they can scrape up that kind of money from strip clubs or gambling.

For the record, I briefly consulted for Walt Rines - when they were trying to do an ad-supported ISP business. I couldn't get out of there fast enough.

Anti-Security

Twitter.com is a site that lets you answer the question - "What are you doing?", online to all your friends. I guess it's anti-privacy.

I guess there are thousands of people who like it. Don't expect me to keep mine updated too well.

If you're in, please email or twitter me - I'm NHKayak by the way... I'm starting Facebook too :-/

Update (5/14/08): I'm liking twitter more than Facebook

Perry