- Easy to share or email stories and links to friends
- Easy to star items for later reading
- Grouping news feeds for quick access to specific news
- Access from multiple platforms and locations
- Import files from other RSS readers
- Manage all subscriptions from a single page
- Informative feed suggestions based on current subscriptions
- Stats for tracking dead feeds
Dec 29, 2008
Google Reader Rant
Rosetta Stone for Unix
Nov 21, 2008
G4 Cube Debian Install
Here is a link to the Debian install ISO.
**Update** Very simple and easy install. Not a bit of trouble. Updating the system now via wireless (it found and configured my Airport card).
Nov 19, 2008
ESI - Educational Security Incidents
Oct 22, 2008
Sep 29, 2008
Sep 15, 2008
Forensics Blog
Sep 11, 2008
Identity Theft Poster
Sep 5, 2008
New Chrome EULA
11.1 You retain copyright and any other rights you already hold in Content which you submit, post or display on or through, the Services.
Sep 2, 2008
Aug 19, 2008
Microsoft Security Sites
The Microsoft Password checker will give you a good idea of how strong your passwords are and how strong they should be.
Unfortunately most people coming to these sites don't need this information. What we really need is a way to get people who NEED this information to READ this information.
Aug 11, 2008
Gmail Woes
We’re sorry, but your Gmail account is currently experiencing errors. You won’t be able to use your account while these errors last, but don’t worry, your account data and messages are safe. Our engineers are working to resolve this issue.I'm sure they will solve the problem soon. I can't live without my GMAIL!
Please try accessing your account again in a few minutes.
CERT Home Security Pages
The Home Network Security page and the Home Computer Security page are two great resources for home users.
Aug 9, 2008
Zendesk Helpdesk Software
Aug 8, 2008
Antiphishing Website
Aug 5, 2008
Seven Popular Online Blunders
Aug 4, 2008
Firefox Addons: Better Gmail 2
Aug 2, 2008
Apple patches DNS, kinda
Jul 30, 2008
Facebook and the F.B.I.
They offer a great list of precautions to take when dealing with email.
- Do not respond to unsolicited (spam) e-mail.
- Be skeptical of individuals representing themselves as officials soliciting personal information via e-mail.
- Do not click on links contained within an unsolicited e-mail.
- Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.
- Validate the legitimacy of the organization by directly accessing the organization's website rather than following an alleged link to the site.
- Do not provide personal or financial information to anyone who solicits information.
Open Source Monitoring Tool
I'll update here after I have more information on the application. A friend of mine is configuring it now. On the surface it looks similar to Nagios.
Jul 28, 2008
Howto Update the SPSS 16 License Server IP Address
Check the appropriate spssprod.inf file. This file is located in the product installation directory on the desktop computer. Open spssprod.inf and make sure DAEMONHOST is set to the correct name or IP address of the computer on which the license manager is running. If you are using redundant servers, this should be blank.Much easier than putting site license files on each machine. I should have done this years ago.
Jul 15, 2008
Maryland Discloses Personal Data Online
Jul 3, 2008
Google Opens Access to Ratproxy Tool
is designed to transparently analyze legitimate, browser-driven interactions with a tested web property and automatically pinpoint, annotate, and prioritize potential flaws or areas of concernI don't know that I will be installing this at home but it's certain to be a good tool for the right location.
"Microsoft Office" Available for Rental
I find it amazing that people will still pay for software just because it's the "industry standard" when there are so many alternatives out there that work just as well for free. If you can't grasp the idea of Google hosting your application there is always OpenOffice. Even Apple has decided Microsoft has held the reigns too long. iWork offers about the same group of applications for just a little more than 1 year of Microsoft Office.
Jul 2, 2008
Vishing attacks around Lawrence
Jun 2, 2008
Phishing and ID Theft Information
Phishing FAQ from USC
Online Tips from the FTC
ID Theft help from the FTC
May 30, 2008
Appeasing your IT Department
How To Appease The I.T. Dept.
01. When you call us to have your computer moved, be sure to leave it buried under half a ton of postcards, baby pictures, stuffed animals, dried flowers, bowling trophies and children's art. We don't have a life, and we find it deeply moving to catch a fleeting glimpse of yours.
02. Don't write anything down. Ever. We can play back the error messages from here.
03. When an I.T. Person says he's coming right over, go for coffee. That way you won't be there when we need your password. It's nothing for us to remember 700 screen saver passwords.
04. When you call the help desk, state what you want, not what's keeping you from getting it. We don't need to know that you can't get into your mail because your computer won't power on at all.
05. When I.T. Support sends you an E-Mail with high importance, delete it at once. We're just testing.
06. When an I.T. Person is eating lunch at his desk, walk right in and spill your guts right out. We exist only to serve.
07. Send urgent email all in uppercase. The mail server picks it up and flags it as a rush delivery.
08. When the photocopier doesn't work, call computer support. There's electronics in it.
09. When something's wrong with your home PC, dump it on an I.T. person's chair with no name, no phone number and no description of the problem. We love a puzzle.
10. When an I.T. Person tells you that computer screens don't have cartridges in them, argue. We love a good argument.
11. When an I.T. Person tells you that he'll be there shortly, reply in a scathing tone of voice: "And just how many weeks do you mean by shortly?" That motivates us.
12. When the printer won't print, re-send the job at least 20 times. Print jobs frequently get sucked into black holes.
13. When the printer still won't print after 20 tries, send the job to all 68 printers in the company. One of them is bound to work.
14. Don't learn the proper term for anything technical. We know exactly what you mean by "My thingy blew up".
15. Don't use on-line help. On-line help is for wimps.
VLAN Information
May 20, 2008
OSU Parking server hacked
Oklahoma State University has discovered that a server under the control of OSU Parking and Transit Services had been accessed from another country without authorization. The database contained confidential information, specifically the names, addresses and Social Security numbers of OSU faculty, staff and students who had purchased a parking permit between July 2002 and March 2008.
Upon discovering this intrusion, the IT Information Security Office immediately removed the server from the network to evaluate server activity to ascertain if personal information had been accessed. The confidential information has been removed from the database.The illegal access was limited to the parking and transit server.
As a result of its investigation, OSU believes the intruder's purpose and only action was to use the OSU server for storage capacity and bandwidth to upload and distribute illegal and inappropriate content. OSU contacted and worked with federal law enforcement authorities.
After evaluation of all available data related to this incident, OSU found no evidence which would indicate that the database was copied or viewed by the hacker; however, OSU cannot say with 100 percent certainty that the hacker did not access personally identifiable information.
We are not aware of any instances of misuse of this information or of any identify theft as a result of the temporary availability of this information. OSU recommends you carefully review any bills or financial transactions you receive in the near future to ensure that the charges associated with your accounts are accurate.
OSU President Burns Hargis said, "This breakdown in security is totally unacceptable. We are conducting a full review and will take whatever steps are necessary to protect our network from unauthorized access. This is a serious matter and we will deal with it aggressively. We regret the circumstances and concern this situation has caused."
Apr 21, 2008
Great Network Monitor and Mapping Tool
LookatLan.com
New Bigger and Better Eee Pc coming soon...
And to think I almost bought one of the current ones. I guess no matter how you go about it there will be an upgrade right around the corner.
Expanding the Eee PC FamilyAs long as there are plenty of expansion slots I don't care so much about the storage. It's the larger screen that makes this one more appealing.
ASUS has made several innovative improvements with the next generation of the
Eee PC – dubbed the Eee PC 900. These new technologies will bring about a brand
new concept for Internet access with 1G of memory, larger storage of up to 12GB, and wider 8.9-inch screens. These new Eee PCs will cost 399 Euro each, and will be available in summer this year – to select countries on the first wave of launch. All of these new models will be Windows ready, and will provide users with a chance to enjoy a brand new PC experience while on the go.
Apr 15, 2008
New Malware Threat Center
Apr 11, 2008
Latest Microsoft exploit seen in the wild
Last Updated: 2008-04-11 14:01:03 UTC
by Deborah Hale (Version: 1)
It appears that Symantec has raised the Threatcon to Level 2 this afternoon.
www.symantec.com/security_response/threatcon/index.jsp
It seems that their honeypots have sniffed out "In-the-Wild Exploit attempts" targeting the vulnerability identified in MS08-021 which allows remote code execution in GDI if a user opens a specially crafted EMF or WMF image file. Microsoft announced this in their latest super Tuesday release.
www.microsoft.com/technet/security/Bulletin/MS08-021.mspx
If you haven't already patched do so now and don't forget to remind your users not to open image files.
Apr 9, 2008
Patch your Adobe Flash Players
Adobe Flash Player Vulnerabilities
added April 9, 2008 at 07:34 am | updated April 9, 2008 at 10:36 amAdobe has released Flash Player 9.0.124.0 to address multiple vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code or conduct cross-site scripting attacks.
More information about these vulnerabilities can be found in Technical Cyber Security Alert TA08-100A.
US-CERT encourages users to review Adobe Security Bulletin APSB08-11 and upgrade to Flash Player 9.0.124.0 to help mitigate the risks.
Apr 7, 2008
Ubuntu 7.04 Feisty Fawn on USB
With just a little help I managed to get the latest Ubuntu running on a new 2GB USB stick. I must say I am impressed. I had a few setbacks but the whole thing only takes a few minutes so starting over isn't that big of an issue.
First thing is this tutorial. It works flawlessly for most of the work. I even cut and pasted a lot the commands. As noted the default Feisty Fawn ISO does not support persistent mode so I had to hunt down a patched ISO for the build part.
I used an old Dapper Dan live CD for my system to work from. It recognized all my hardware (Dell Optiplex 745 Core DUO) and the commands from the tutorial are identical (you will have to apt-get lilo, syslinux, and mtools).
This is the patched image for the build due to the problems with the default Feisty Fawn. I put this ISO on a spare 1GB USB stick since it doesn't fit on a CDR. I mounted this ISO as the "ubuntuCD" referred to in the tutorial.
The only trouble I had after building the USB image was with my laptop. I have a Dell Latitude D810 and for some reason I was getting "missing operating system" when attempting to boot from the USB drive. It worked fine on the Optiplex but not in the laptop. I reviewed the tutorial and decided to run the lilo command (lilo -M /dev/sdb) on the drive. After that it worked perfectly.
I can't say how impressed I am with the 7.04 build of Ubuntu. It works wonderfully on my laptop. It found all my devices and looks beautiful. I just joined my wireless network and I was up and running.
One thing I have figured out. The update component of Ubuntu will destroy the custom USB install. You will have to update the ISO and build it into the 1st partition of the install if you want updates. The good news is that if you do hose your entire USB install you just have to rebuild the 2nd partition. The first partition acts as a LiveCD and allows you to "fix" any problems you might have with the custom side of things.
Apr 3, 2008
Bits vs. Bytes
A bit is the smallest unit of information that can be stored or manipulated on a computer; it consists of either zero or one. Depending on meaning, implication, or even style it could instead be described as false/true, off/on, no/yes, and so on. We can also call a bit a binary digit, especially when working with the 0 or 1 values.
A bit is not just the smallest unit of information, but for sake of discussion it can be said that a bit is also the largest unit of information a computer can manipulate. The bits are bunched together so the computer uses several bits at the same time, such as for calculating numbers. When a "bunch" means eight bits then it is called a byte.
A byte also happens to be how many bits are needed to represent letters of the alphabet and other characters. For example, the letter "A" would be 01000001; my initials "KJW" would be 010011000100110101010110. To make this a little bit easier to see where the bytes are it is customary place a comma every four digits, to make what are sometimes called nibbles: 0100,1100,0100,1101,0101,0110. That's not really much easier for people to read or write--and many computer engineers, programmers, and analysts need to read and write even longer binary codes than this.
It so happens that there are only 16 different ways to write 0's and 1's four times. So something called hexademical code can be used to make the numbers shorter by translating each nibble (or half-a-byte) like this:
Binary: | 0000 | 0001 | 0010 | 0011 | 0100 | 0101 | 0110 | 0111 | 1000 | 1001 | 1010 | 1011 | 1100 | 1101 | 1110 | 1111 |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Hexademical: | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | A | B | C | D | E | F |
So my initials would look like this:
Letter: (or bytes) | K | J | W | |||
---|---|---|---|---|---|---|
Binary: (or nibbles) | 0100 | 1100 | 0100 | 1101 | 0101 | 0110 |
Hexadecimal: (also nibbles) | 4 | B | 4 | C | 5 | 7 |
So of course "4B4C57" is much easier to understand than "010011000100110101010110". To make it even a little bit easier to use commas are usually put in every 4th hexademical character just like was done for the binary digits. That would make my initials look like "4B,4C57". A group of 4 hexademical characters -- which would be 16 bits long -- is called a halfword.
Copyright © 1999 Kevin J. Walsh | |
walsh@njit.edu /KJW | |
Emacs Reference Card
Leaving Emacs
suspend Emacs (or iconify it under X) C-z
exit Emacs permanently C-x C-c
Files
read a file into Emacs C-x C-f
save a file back to disk C-x C-s
save all files C-x s
insert contents of another file into this buffer C-x i
replace this file with the file you really want C-x C-v
write buffer to a specified file C-x C-w
Getting Help
The Help system is simple. Type C-h and follow the directions. If you are a first-time user, type C-h t for a tutorial.remove Help window C-x 1
scroll Help window ESC C-v
apropos: show commands matching a string C-h a
show the function a key runs C-h c
describe a function C-h f
get mode-specific information C-h m
Error Recovery
abort partially typed or executing command C-g
recover a file lost by a system crash M-x recover-file
undo an unwanted change C-x u or C-`
restore a buffer to its original contents M-x revert-buffer
redraw garbaged screen C-l
Incremental Search
search forward C-sUse C-s or C-r again to repeat the search in either direction. If Emacs is still searching, C-g cancels only the part not done.
search backward C-r
regular expression search C-M-s
reverse regular expression search C-M-r
select previous search string M-p
select next later search string M-n
exit incremental search RET
undo effect of last character DEL
abort current search C-g
Motion
entity to move over backward forward
character C-b C-f
word M-b M-f
line C-p C-n
go to line beginning (or end) C-a C-e
sentence M-a M-e
paragraph M-- M-"
page C-x [ C-x ]
sexp C-M-b C-M-f
function C-M-a C-M-e
go to buffer beginning (or end) M-<>
scroll to next screen C-v
scroll to previous screen M-v
scroll left C-x <>
scroll current line to center of screen C-u C-l
Killing and Deleting
entity to kill backward forward
character (delete, not kill) DEL C-d
word M-DEL M-d
line (to end of) M-0 C-k C-k
sentence C-x DEL M-k
sexp M-- C-M-k C-M-k
kill region C-w
copy region to kill ring M-w
kill through next occurrence of char M-z char
yank back last thing killed C-y
replace last yank with previous kill M-y
Marking
set mark here C-@ or C-SPC
exchange point and mark C-x C-x
set mark arg words away M-@
mark paragraph M-h
mark page C-x C-p
mark sexp C-M-@
mark function C-M-h
mark entire buffer C-x h
Query Replace
interactively replace a text string M-%Valid responses in query-replace mode are:
using regular expressions M-x query-replace-regexp
replace this one, go on to next SPC
replace this one, don't move ,
skip to next without replacing DEL
replace all remaining matches !
back up to the previous match ^
exit query-replace ESC
enter recursive edit (C-M-c to exit) C-r
Multiple Windows
delete all other windows C-x 1
delete this window C-x 0
split window in two vertically C-x 2
split window in two horizontally C-x 3
scroll other window C-M-v
switch cursor to another window C-x o
shrink window shorter M-x shrink-window
grow window taller C-x ^
shrink window narrower C-x -
grow window wider C-x "
select buffer in other window C-x 4 b
display buffer in other window C-x 4 C-o
find file in other window C-x 4 f
find file read-only in other window C-x 4 r
run Dired in other window C-x 4 d
find tag in other window C-x 4 .
Formatting
indent current line (mode-dependent) TAB
indent region (mode-dependent) C-M-"
indent sexp (mode-dependent) C-M-q
indent region rigidly arg columns C-x TAB
insert newline after point C-o
move rest of line vertically down C-M-o
delete blank lines around point C-x C-o
join line with previous (with arg, next) M-^
delete all white space around point M-"
put exactly one space at point M-SPC
fill paragraph M-q
set fill column C-x f
set prefix each line starts with C-x .
Case Change
uppercase word M-u
lowercase word M-l
capitalize word M-c
uppercase region C-x C-u
lowercase region C-x C-l
capitalize region M-x capitalize-region
The Minibuffer
The following keys are defined in the minibuffer:complete as much as possible TABType C-x ESC ESC to edit and repeat the last command that used the minibuffer. The following keys are then defined:
complete up to one word SPC
complete and execute RET
show possible completions ?
fetch previous minibuffer input M-p
fetch next later minibuffer input M-n
regexp search backward through history M-r
regexp search forward through history M-s
abort command C-g
previous minibuffer command M-p
next minibuffer command M-n
Buffers
select another buffer C-x b
list all buffers C-x C-b
kill a buffer C-x k
Transposing
transpose characters C-t
transpose words M-t
transpose lines C-x C-t
transpose sexps C-M-t
Spelling Check
check spelling of current word M-$
check spelling of all words in region M-x ispell-region
check spelling of entire buffer M-x ispell-buffer
Tags
find a tag (a definition) M-.
find next occurrence of tag C-u M-.
specify a new tags file M-x visit-tags-table
regexp search on all files in tags table M-x tags-search
run query-replace on all the files M-x tags-query-replace
continue last tags search or query-replace M-,
Shells
execute a shell command M-!
run a shell command on the region M-_
filter region through a shell command C-u M-_
start a shell in window *shell* M-x shell
Rectangles
copy rectangle to register C-x r r
kill rectangle C-x r k
yank rectangle C-x r y
open rectangle, shifting text right C-x r o
blank out rectangle M-x clear-rectangle
prefix each line with a string M-x string-rectangle
Abbrevs
add global abbrev C-x a g
add mode-local abbrev C-x a l
add global expansion for this abbrev C-x a i g
add mode-local expansion for this abbrev C-x a i l
explicitly expand abbrev C-x a e
expand previous word dynamically M-/
Regular Expressions
any single character except a newline . (dot)
zero or more repeats *
one or more repeats +
zero or one repeat ?
any character in the set [ : : :]
any character not in the set [^ : : :]
beginning of line ^
end of line $
quote a special character c "c
alternative ("or") "_
grouping "( : : :")
nth group "n
beginning of buffer "`
end of buffer "'
word break "b
not beginning or end of word "B
beginning of word "<>
any word-syntax character "w
any non-word-syntax character "W
character with syntax c "sc
character with syntax not c "Sc
Registers
save region in register C-x r s
insert register contents into buffer C-x r i
save value of point in register C-x r SPC
jump to point saved in register C-x r j
Info
enter the Info documentation reader C-h iMoving within a node:
scroll forward SPCMoving between nodes:
scroll reverse DEL
beginning of node . (dot)
next node nOther:
previous node p
move up u
select menu item by name m
select nth menu item by number (1-5) n
follow cross reference (return with l) f
return to last node you saw l
return to directory node d
go to any node by name g
run Info tutorial h
list Info commands ?
quit Info q
search nodes for regexp s
Keyboard Macros
start defining a keyboard macro C-x (
end keyboard macro definition C-x )
execute last-defined keyboard macro C-x e
append to last keyboard macro C-u C-x (
name last keyboard macro M-x name-last-kbd-macro
insert Lisp definition in buffer M-x insert-kbd-macro
Commands Dealing with Emacs Lisp
eval sexp before point C-x C-e
eval current defun C-M-x
eval region M-x eval-region
eval entire buffer M-x eval-current-buffer
read and eval minibuffer M-ESC
re-execute last minibuffer command C-x ESC ESC
read and eval Emacs Lisp file M-x load-file
load from standard system directory M-x load-library
Simple Customization
Here are some examples of binding global keys in Emacs Lisp. Note that you cannot say ""M-#"; you must say ""e#".(global-set-key ""C-cg" 'goto-line)An example of setting a variable in Emacs Lisp:
(global-set-key ""C-x"C-k" 'kill-region)
(global-set-key ""e#" 'query-replace-regexp)
(setq backup-by-copying-when-linked t)
Writing Commands
(defun command-name (args)An example:
"documentation"
(interactive "template")
body)
(defun this-line-to-top-of-window (line)The argument to interactive is a string specifying how to get the arguments when the function is called interactively. Type C-h f interactive for more information.
"Reposition line point is on to top of window.
With ARG, put point on line ARG.
Negative counts from bottom."
(interactive "P")
(recenter (if (null line)
0
(prefix-numeric-value line))))
Copyright c 1993 Free Software Foundation, Inc.
designed by Stephen Gildea, May 1993 v2.0
for GNU Emacs version 19 on Unix systems
Permission is granted to make and distribute copies of this card provided the copyright notice and this permission notice are preserved on all copies.
For copies of the GNU Emacs manual, write to the Free Software Foundation, Inc., 675 Massachusetts Ave, Cambridge MA 02139.
Apr 1, 2008
JiggletheCable Purchased by LPGroup
Mar 27, 2008
Nice Safari for Windows EULA mistake
The article goes on to say how you aren't in any legal danger by installing Safari on your PC. It's obviously a mistake from Apple. The EULA for a Windows product says that you can't install it on a non-Apple machine. That is just not possible. Jonathan Kramer, a lawyer for the Kramer Telecom Law Firm, says "You can't enforce a term that's impossible."
Safari 3.1 For Windows Violates Its Own EULA, Vulnerable To Hacks
recoiledsnake writes
"The new Safari 3.1 for Windows has been hit with two 'highly critical'(as rated by Secunia) vulnerabilities that can result in execution of arbitrary code. The first is due to an improper handling of the buffer for long filenames of files being downloaded, and the second can result in successful spoofing of websites and phishing. This comes close on the heels of criticism of Apple for offering Safari as a update for approximately 500 million users of iTunes on Windows by default, and reports of crashes. There are currently no patches or workarounds available except the advice to stay clear of 'untrusted' sites."
Further, Wormfan writes
"The latest version of Safari for Windows makes a mockery of end user licensing agreements by only allowing the installation of Safari for Windows on Apple labeled hardware, thereby excluding most Windows PCs."
Mar 24, 2008
Trend Micro gets hacked
Mass Hack Attack
Posted by Laureli Mallek Wed, 19 Mar 2008 17:04:00 GMTAs Cnet and ITNews reported, Trend Micro got hacked last week. It was later discovered that users who visited the site got lucky in a big way: “We now know that the redirect on the site was broken code,” Mr Sweeny, Trend Micro’s spokesperson told ITnews. “It didn’t work properly and didn’t infect anybody.”
Additionally ITNews reported that a different wave of infection has formed, and it involves working code. This second mass attack is different, since it attempts to trick users into manually downloading an infectious codec.
The difference is linked with the modes of assault, ASP versus phpBB, AvertLabs explains. ASP attacks tend to focus on exploits that manipulate vulnerabilities in browsers or other software. The phpBB attacks use social engineering by exploiting the cognitive biases of users. I give the latter approach more points for interaction and creativity to manipulate users. Those points (sadly) get negated by the terminal result of those efforts.
Maybe the 200,000 users who went for the faux-porn offer (enough that they tried to download the player) should remember if the prize is too big, its probably not worth th download.
Mar 22, 2008
Microsoft Releases Windows Vista Service Pack 1
added March 19, 2008 at 04:53 pm
Microsoft has released Windows Vista Service Pack 1. This Service
Pack provides updates to increase reliability, performance,
compatibility, and security.
US-CERT encourages users review the following Microsoft articles:
Mar 20, 2008
Patch your Macs!
Published: 2008-03-19
Apple also updated its Safari Web browser on Tuesday, correcting 13 issues that affect the application running on the Mac OS X and Windows operating system, according to the company's advisory. Many of the flaws manifest as cross-site scripting issues, but at least one vulnerability could allow remote code execution. More information about the patches can be found on Apple's security site.
Consumer technology company Apple released two updates on Tuesday to fix more than a hundred flaws in its Mac OS X operating system, the OS's open-source components and the company's Safari Web browser.
The software patch for the Mac OS X closes at least 95 security holes in various parts of the operating system and the system's open-source components, though many of the flaws do not affect the latest version of the operating system, Mac OS X 10.5 "Leopard". Applications with a high number of patches include the Apache Web server (10 issues), the Clam AV antivirus scanner (19 issues), PHP Web software (10 issues), and the X11 graphics library (14 issues), the company said in its advisory.
The updates are the second time this year that the company has fixed vulnerabilities in its operating system. Apple has also patched its multimedia platform, QuickTime, and updated the iPhone earlier this year.
More information about the patches can be found on Apple's security site.
If you have tips or insights on this topic, please contact SecurityFocus.
Mar 6, 2008
Paypal doesn't like Safari
PayPal to Safari users: 'Ditch it'
By Jeff Smykil | Published: February 29, 2008 - 10:30AM CTWhile current browser share estimates for Apple's Safari web browser hover somewhere in the 4.5 percent range, Safari is attracting some unwanted attention from PayPal, the eBay-owned payment company. PayPal is urging its users to ditch Safari and instead use alternative browsers such as Internet Explorer 7, IE 8, Firefox 2, Firefox 3, or even Opera.
The reason for the warning is Safari's lack of anti-phishing technology. Currently the Apple browser does not alert users to sites that could be phishing for your info, and it lacks support for Extended Validation. PayPal is, of course, a popular site among phishers in their neverending search for personal information, user IDs, and passwords.
While it's not entirely fair singling out Safari (other Mac browsers like Camino also also lack this support), it is perhaps at least a helpful reminder of the threat. Embarrassingly enough, (what don't I keep from you folks?) I have fallen for a PayPal-related phishing scam. It was early in the morning and I realized my error as soon as I hit enter; nonetheless, there was the possibility that the phishers got my login information. At least I was lucky enough to realize I screwed up and was able to change my login information on that, and other sites, right away.
I use Camino as my full-time browser, so Safari didn't fail me, but it would have. As annoying as I sometimes find the antiphishing features at work where I use a PC, the small annoyance would have saved me an even larger one in the end.
Feb 26, 2008
This is why I don't like Real Player
Responding to RealPlayer
Posted by Erica George
Thu, 21 Feb 2008 16:35:00 GMT
Real’s blog post states that RealPlayer 10.5 is outdated, obsolete, and fully replaced by version 11. Many prominent web links for RealPlayer still lead to the download page for the older version. To truly make RealPlayer 10.5 obsolete, Real needs to do its best to take its outdated software out of circulation. We urge Real to stop distributing RealPlayer 10.5 and redirect the download page for 10.5 to the page for the latest version.
As Real explains in its response, there are legitimate reasons to bundle the Rhapsody player engine with RealPlayer 11. But not disclosing the inclusion of the Rhapsody player is a significant oversight, in contrast to other disclosures in the installation for RealPlayer 11. Users have a right to know if Rhapsody Player Engine is being installed on their computers. Users who choose to remove RealPlayer from their machines should also be able to remove anything that installed along with it just as simply. Real notes in its blog post that the Rhapsody player can be seen and uninstalled from the control panel. Expecting users to seek out a program they are not even aware is on their machine is simply not enough. For users to be able to make informed choices about what software is on their computers, bundled applications need to be disclosed and easily removable if the core application is uninstalled.Also, if users have no idea that the Rhapsody player software is installed on their computers, they won’t know to keep it updated. Many media player engines have security flaws that have been exploited in the wild. Once these flaws are found they can be fixed with software patches – but only if the user knows to download the patch or updated version. If the Rhapsody player sits on a user’s computer for two or three years without security updates, it could become a serious and potentially harmful vulnerability.
When StopBadware chooses applications to research and report, we don’t focus only on applications that are clearly egregiously harmful. Trojans and keyloggers and other malware are bad, and the average consumer doesn’t need us to tell them that. Where consumers can use a little help, however, is in figuring out which commonly available applications require extra caution. When a computer user chooses to download an application, they are placing their trust in the software’s makers and distributors. It’s the responsibility of the companies behind consumer software to make sure their productsfully live up to that trust.StopBadware believes that software applications should be held to a high standard of full
disclosure and user consent. That belief is the underlying principle for our software guidelines,
which we apply to determine if an application should be considered badware. Our computers are increasingly important parts of our lives, and we deserve to have control over the software that is on them.
We welcome a continuation of our dialog with the folks at RealNetworks, and we hope that Real will move to addressing the concerns we’veraised in its next update.
Feb 25, 2008
CBORD Group sold to Roper Industries
CBORD provides "card services" for many colleges campuses (including KU) around the world including theme parks and supermarkets.
I doubt this will mean anything to the customers but who knows. Moving away from Diebold can't really be a bad thing.
Feb 24, 2008
Critical VMware security alert for Windows-hosted VMware client versions Published
Published: 2008-02-24,
Last Updated: 2008-02-24 12:19:22 UTC
by Raul Siles (Version: 1)
During the last couple of years intensive security research has been performed on virtualization environments, like VMware, Virtual PC, XEN etc. It has been mainly focused on finding new ways to detect if you are running inside a virtual machine (vs. a native host), and finding ways to escape from a virtual machine to the host (or to another virtual machine).
This new VMware vulnerability discovered by Core means a full scape from the guest virtual machine to the host is possible: "On Windows hosts, if you have configured a VMware host-to-guest shared folder, it is possible for a program running in the guest to gain access to the host's complete file system and create or modify executable files in sensitive locations."
It has been rated as critical by VMware and it affects all VMware client products on Windows, that is:
- VMware Workstation 6.0.2 and earlier, AND 5.5.4 and earlier
- VMware Player 2.0.2 and earlier, AND 1.0.4 and earlier
- VMware ACE 2.0.2 and earlier, AND 1.0.2 and earlier
VMware on Mac OS (Fusion) and Linux are not affected by it.
By default, the shared folders feature is disabled in Workstation 6, Player 2, and ACE 2. Workstation 5, Player 1, and ACE 1 enable the shared folders feature by default, but exploiting this vulnerability still requires at least one folder to be configured as shared between the host and guest.
The impact on production environments is supposed to be limited as they tend to use the server versions. However, we, as security professionals, make an extensive use of virtualization technologies for multiple purposes: malware analysis, incident response, forensics, security testing, training, etc, and we typically use the client versions of the products, so... It is time to disable the shared folder capabilities!!, as no update or patch is available yet:
Workaround (from the VMware advisory)
To disable shared folders in the Global settings:
- From the VMware product's menu, choose Edit > Preferences.
- In the Workspace tab, under Virtual Machines, deselect the checkbox for Enable all shared folders by default.
- From the VMware product's menu, choose VM > Settings.
- In the Options tab, select Shared Folders and Disable.
Feb 21, 2008
OSU Bows to RIAAs Demands for Student Names
University Bows to RIAAs Demands for Student Names - jcgam69 writes "Hours after a federal court judge ordered Oklahoma State University to show cause why it shouldn't be held in contempt for failing to respond to an RIAA subpoena, attorneys for the school e-mailed a list of students' names to the RIAA's attorneys. But now that the RIAA has what it wanted, the group is unsure about how to go about sending out its pre-litigation settlement letters. Some of the students are represented by an attorney, meaning that the RIAA is barred from contacting them directly."
Read more of this story at Slashdot.
What is Spyware?
Spyware is a very active and dangerous threat to any computer connected to the internet where users browse the web. If new toolbars or multiple popup ads and banners suddenly appear while you are browsing the web, you most likely have some kind of Spyware or Adware. However, even if you don't see this type of behavior you may still be infected. These applications can remain silent in the background collecting information about where you go and what you do on the internet. Then it uploads this information to home servers while your machine is idle. Sometimes this activity takes place while you are trying to use the machine. This can make your internet connection or any type of activity on your machine very slow and almost unresponsive.
What can I do about it?
There are several applications that will clean and remove most Spyware. However, some of the more advanced products require many steps and possibly rebooting your machine several times.
Since most of these nasty applications simply open the door to other nasty applications you rarely have just one. For this reason you need to make sure you remove every part of every application or your machine will simply become re-infected in a matter of seconds. This is why more than one application is recommended when trying to secure against or recover from Spyware infections.
It is important to note that many Spyware applications will disguise themselves as a Spyware removal tool. Make sure to "Google" any application before installing. Most likely, someone has experienced that application before and this will give you a hint on its reputation.
To defend against Spyware I recommend the following steps.
- Use Firefox for all browsing unless you are at a KNOWN TRUSTED SITE that requires IE.
- Install some or all of the applications below.
- Browse wisely.
- Never click a link in an email. If you must open a link from email, copy then paste it into your browser.
- NEVER click any link or button from a popup window. Popups will appear as a new browser window. Unless you intentionally started that application, do not click on any links or buttons. If in doubt don't click anything, do an "alt-F4" to close the window.
- Keep your eye on the address bar. Make sure you haven't wandered onto an un-trusted or shady site. People browse the web so quickly anymore it is easy to follow links onto a site that should not be trusted. Most reputable sites will not try to hide the site name. If you think you are at USBank.com it should say that in the address bar, not just an IP address.
- Never click a link in an email. If you must open a link from email, copy then paste it into your browser.
- Keep Windows up to date.
- If you are really paranoid you can use the Noscript plugin for Firefox.
- Browse the Internet from behind a Firewall that blocks attacks on certain ports. Make sure this Firewall is checked and updated regularly.
- Spybot-S&D: A freeware program maintained and updated with new spyware information regularly. A great tool to remove Spyware from your PC, also be sure to click on the "Search for Updates" button and then if any new updates are displayed, make sure they are checked and then click "download updates". Additionally after you have updated click the immunization button to prevent many common Spyware instances on your PC in the future.
- Ad-Aware: Another freeware program for searching and removing Spyware. The interface is more user friendly, however the freeware version does not contain any sort of preventative measures against future Spyware infections.
- Webroot's Spy Sweeper is an excellent product with a full-featured demo that is free to download. The free demo allows you to update your Spyware definitions once. Ongoing protection and definition updates are fee-based.
- SpywareBlaster: SpywareBlaster does not clean spyware and Adware from your system, but it can help prevent it. SpywareBlaster does not run in the background, so your system won't take a performance hit if you decide to install it. This program is freeware, however the automatic update feature is fee-based.
- Google Toolbar: Among its other features, the Google Toolbar includes a popup blocking feature. The Google Toolbar is freeware.
- House Call: Not really a download, but an online virus scanner that can bypass problems in Windows that allow certain viruses to prevent themselves from being deleted from your system. Unfortunately it requires ActiveX, an insecure Internet Explorer to run (there is a Netscape only version, but it seems to be very buggy). The advantages outweigh this small problem, however.
- Microsoft's Antispyware: Microsoft's Anti-Spyware solution, which is based on the award-winning Giant AntiSpyware Suite. This product is still in Beta, but it is effective at cleaning certain types of threats (Spyware Agents, for example) that other virus/spyware scanners can't detect/clean.