The Ambassadors Wife and The Missing Laptop

September 28, 2007

I just heard the wife of the Pakistani ambassador to Ireland on the radio, talking about her laptop which was stolen from her apartment last week. She’s very keen to get it back, not because of the laptop, but because of the data that was on it. Personal information, photos, information realting to a scholarship scheme she’s putting in place. All gone. She was willing to buy back the laptop and not press any charges if she can just retrieve the data.

All of which goes to illustrate once again, that it’s not the computer equipment that is of real value, it’s data. I’m sure whoever took the laptop is planning to wipe all the info off it and sell it for a quick killing. They probably have no interest in what’s stored on it. The moral of the story is backup, backup, backup!


“The Secret” in Action

April 6, 2007

I mentioned in my last post how busy I’ve been recently, and put it down to having watched The Secret on DVD. If you haven’t come across this you should check it out, google Oprah and The Secret and I’m sure you’ll find out all about it.

Well I’ve been putting some of the suggestions into practice for a while now and the results are incredible. I’ve spend the past week having an absolute ball, doing work I’ve really enjoyed, getting new clients at every turn, fixing problems left right and centre. But the best day was Wednesday.

 I got two unexpected calls from companies looking for maintenance contracts. (Bear in mind that I’ve actually given up trying to sell maintenance contracts after spending the best part of 3 years having doors slammed in my face). I had a couple of other calls from clients with problems that looked very serious but that were sorted out really quickly. It just felt as though I had a magic wand and I could fix any problem instantly.

So, it was all going so well that I decided to buy a lottery ticket. I bought it with complete conviction that I was going to win something on it. I was practising the attitude of gratitude thing well before the draw was made. And when I checked the numbers I found I had won  €62. I think in future I’ll only do the lotto when I’m feeling that positive. No point in wasting money.

Thank you James Ray, Jack Canfield, Joe Vitale and everyone else involved.

Hacked Every 39 Seconds

March 21, 2007

No updates for the past while because I’ve been up to my tonsils with work. Not that I’m complaining. One of the “joys” of having your own business is the fact that you never know what’s round the corner. My business is just over three years old now, and a lot of that 3 years was spent cold-calling prospective clients, which was neither pleasant nor productive for me. Since Christmas I have done no cold-calls, and customers are beating a path to my door. I’m not sure why this is the case but I watched “The Secret” a while back and read “The Science of Getting Rich” so I’m putting it down to that.

Anyhow, I did get time last week to browse through PC Live, (Great value for just €3), and came across this article. According to a University of Maryland study, a PC connected to the internet will on average be attacked every 39 seconds.

The study also profiled brute force attacks and found the most common methods of guessing passwords. The most common was to re-enter the username or a variation of it, (eg user: admin, pwd: admin123). Other common password guesses were ‘password’, ‘passwd’, ‘test’, ‘123’, 1234′, ‘12345’, ‘123456’ and ‘1’.

Nothing too surpirsing I suppose in the guesses, but the frequency of the attacks was interesting. It also proves again the need for effective passwords, and we’ve discussed before. Make it long, mix letters, numbers and special characters, and change it on a regular basis.

WordPress Hacked

March 8, 2007

Having a WordPress-based blog about computer security, it would be a bit of an oversight if I didn’t mention the recent problems encountered by my gracious hosts.

Last week the server hosting the WordPress 2.1.1 download was hacked, and the code was modified to include code for remote PHP execution. According to Matt Mullenweg it appears that only two files were changed and measures have been implemented to try to prevent a recurrance. Any users of 2.1.1 should immediately upgrade to WordPress 2.1.2.

This is obviously a serious issue for WordPress, but in fairness they appear to have responded in the right way, publicising the attack and doing everything possible to make sure it doesn’t happen again.

The point of this blog is that everyone can do all the simple things to protect themselves from the casual attack. This type of attack however sounds like Wordpress was a  very specific target, which makes it much more difficult to defend yourself against.

I’m sure WordPress had already invested heavily in their security infrastructure, (Firewalls, Intrusion Detection etc), so now they’re going to have to go back and look at that investment and see where it failed them. Do they need to spend more on technology to prevent a recurrance, (not necessarily always the answer), or is it a matter of ensuring more effective processes are in place.

According to Matt’s blog, a number of measures have already been implemented to stop the same thing happenning again. Time will tell if they’ve done enough.

Dean Koontz

March 5, 2007

Just finished reading The Husband by Dean Koontz, (Didn’t he used to have an ‘R’ in there or am I imagining that?) Anyway, there’s one line in it that I thought had parallels with computer security. The hero is walking out of a house and doesn’t lock the door behind him, “…perhaps recognising that he couldn’t keep out those he wished to bar, only those who had no desire to enter.”

Computer Security is not quite that bad, but the truth is, if “they” want to get in badly enough, you’ll have to spend an awful lot of time, money and effort to stop them. Thankfully, usually these guys are more interested in the low-hanging fruit. There’s enough of that around to keep them busy so they don’t need to put the effort into actually breaking in. Why bother when there are so many open doors. Ironically, in the book, the guy who left his doors open turned out to be paranoid about computer security later on.

Julie Amero Update – Porn Queen or Spyware Victim???

March 5, 2007

There don’t seem to be too many people left who actually believe that Julie Amero was deliberately attempting to expose children to pornographic images. (The notable exceptions to that appear to be the prosecutor in Connecticut). I wrote about this case in more detail here.

Last week the Judge Hillary Strickbein postponed sentencing until March 29th at the request of the defence team. Apparently the postponement had been requested in order to give a new attorney and consultant time to familiarize themselves with the case.

With most of the supposedly “expert” technical evidence apparently having been discredited, Assistant State’s Attorney David Smith claims that Ms Amero did not do enough to protect the children from exposure to pornography, (eg shutting down the computer).  The substitute teacher had already informed colleagues that there was a problem with pop-ups on the PC, and had been told to ignore them. She was also under instruction NOT to turn off the PC.

I wonder if Mr Smith will use the same logic to pursue the individuals responsible for ensuring the school had proper technology in place to protect them from spyware. And whoever was responsible for ensuring teachers had full training on the PC’s. And whoever allowed the PC’s to be implemented without effective password controls. And whoever wrote and circulated the spyware that infected the PC in the first place.

Based on what I’ve read of the case to date, Julie Amero should be way down the list of people culpable for this. If Assistant State’s Attorney David Smith was hoping to make a name for himself out of this case, then he has certainly succeeded. Sadly though it looks as though justice, (and Julie Amero) were poorly served in the process.

Reads this if you use online banking

February 27, 2007

Ever heard of phishing? It’s the process whereby someone tries to lure you into divulging personal details, (username, password, account details etc), usually by sending you a mail that appears to come from your bank explaining that their servers are to be upgraded, and asking you to follow the link and re-enter all your details.

Well, last week a major pharming attack hit users of 65 banks in the US, Europe and Australia. Pharming is kind of a step up from phishing, because you don’t need to click on a link in an email. Basically what it does is recognise when you wype in the url for your banks site, and redirect those requests a duplicate site. In last weeks case, all the information keyed in by users was subsequently forwarded to the banks in question, which of course makes the problem harder to detect. But by the time the banks received the information entered it had already been captured by the guys behind the scam.

According to Yahoo news, target institutions included Bank of Scotland, Barclays Bank, eBay, Paypal, Discover Card & American Express.

The whole thing seems to have been launched through a trojan known as Burglar.A, which in turn downloaded a number of other Trojans. Keylog.LN, which captures keystrokes and looks for user login details, Banker.CLJ which carries out the pharming scam, FileStealer, which installs a web-server on the PC giving the authors remote control of the server, and Sters.P, designed to prevent users and programs from contacting their websites for security updates.

So overall this was a really nasty little piece of code. The Internet is a fabulous place, but to quote Hill Street Blues….Let’s be careful out there!