Even people who don't live and die by their mobile phones sometimes need to send SMS messages. Did you know you can do that from your computer? Likewise, it's easier to clean your mobile phone of all the numbers you've not been dialing in the last few years using a mouse, rather than navigating repeatedly through the phone's menu system. Here are some Linux tools that can help you manage your cell phone.
Five years in the making and this is the best Microsoft could do?
It's not that Vista is awful. The integrated security and parental controls are nice, and the Aero interface is as whizzy as it gets. Searching and wireless networking are much faster and easier than under XP.
Suffering from its exorbitant price point and a dearth of titles, Sony's PlayStation 3 isn't exactly the most popular gaming platform on the block. But while the console flounders in the commercial space, the PS3 may be finding a new calling in the realm of science and research.
Right now, a cluster of eight interlinked PS3s is busy solving a celestial mystery involving gravitational waves and what happens when a super-massive black hole, about a million times the mass of our own sun, swallows up a star.
Nick Breese, a senior security consultant at Auckland, Australia-based Security-assessment.com, has come up with a way to drastically increase the processing capability of cracking passwords.Now I really want one of these...
By implementing common ciphers and hash functions using vector computing, Breese has pushed the current upper limit of 10--15 million cycles per second -- in Intel-based architecture -- up to 1.4 billion cycles per second.
The possibility that there is a backdoor in one of the officially recommended random number generators (RNGs) used to create encryption keys, has caused two well-known encryption experts to declare the scheme to be useless.
If you thought using an Apple with Mac OS was safe from all the nasties out there, think again!!! Even though the risk is lower for Mac OS compared to Windows, you still need to take the proper precautions.
In the words of many Windows antimalware developers, OS X users can feel a little less smug about their security after a new piece of OS X malware was discovered circulating on various fake codec sites. As would be expected, this news is beginning to receive fairly widespread coverage across the Internet, though more coverage has been received in recent days on arguments about whether the Leopard firewall is fundamentally flawed or not (probably not).Read more
Those tempted to download software cracks to unlawfully activate software from a trial mode into a paid mode have been warned that they may be unknowingly installing hacking tools onto their system.
Security features that Apple Inc. added to Leopard look great on paper, but in practice most are half-baked or useless, experts said Wednesday. And none of those features, good or bad, will make a whit of difference in how safe Mac users are when they hit the Internet.
"If security was the deciding factor, I wouldn’t be using my MacBook. But it’s not [the deciding factor]. The MacBook, and the tools on it, that’s what is."
"The cat and mouse game between hackers and Apple takes another move, with news that Apple’s new Leopard operating system has already been successfully installed on Windows PCs.
The OSx86 Scene forum has released details of how Windows users can migrate to Apple’s new OS, without investing in new hardware -- even though installing Leopard on an PC may be counter to Apple’s terms and conditions."
A new "unbreakable" encryption method will be keep votes safe for citizens in the Swiss canton (state) of Geneva in the country's upcoming national elections, officials said Thursday.
The city-state will use quantum technology to encrypt election results as they are sent to the capital on Oct. 21, said Nicolas Gisin of the University of Geneva.
Uruguay's government this week announced the results of a study indicating that XO computers from the One Laptop Per Child project were a better value for the nation's schoolchildren than Intel's similar offering, the Classmate PC. The next step is likely to be a purchase agreement between OLPC and Uruguay for at least 100,000 laptops. Though nothing has been finalized yet, when asked what needs to happen for formal agreement to occur, OLPC founder Nicholas Negroponte simply says, "business closure."
The Linux-based eX2 in-flight entertainment system (IFE) from Panasonic Avionics was the big winner at this year's Avion Awards, sponsored by an IFE trade group. The Best Overall IFE awards went to Emirates, Singapore Airlines and Cathay Pacific Airways, all running variants of eX2.
The idea of tapping fiber optic cables aren't new but I was surprised to find out how easy and cheap it was to do from this article. Apparently you can do with less than $1000 of equipment.
The funny thing about it is that I can clearly remember when I did my bachelors degree, lecturers always stress on how secure fibre optics is and that it cannot be tapped like copper wires. This perception sends out a totally wrong message and people tend to forget about the physical security of fibre optics unlike the copper wires. Thus under the wrong assumption, they pay less attention to secure the information sent over fiber channels with encryption.
This articles shows how easy it is to do and also suggests the use of encryption or a fiber intrusion detection device. One particular Fiber Optic IDS stated in the whitepaper is the INTERCEPTOR.
Article: Protect your network against fiber hacks
Whitepaper: Fiber Optic Intrusion Dete ction Systems
This is a cool story I read on haveeru.
Five vehicles which had been parked illegally and had not been claimed despite being clamped with a wheel lock and impounded have been destroyed by the Male Municipality yesterday.
Russian OS is to be installed on every school computer in Russia by 2009. Furthermore, every pupil will get the opportunity to operate the applied software produced in Russia, Leonid Reiman, acting Minister of Communication stated at a press conference. Experts and market participants consider the terms within which software is to be developed quite reasonable. According to Mr. Reiman, that might significantly reduce Russian dependence on foreign software.
Carnegie Mellon University professor Scott E. Fahlman creator of the emoticon, says that its been 25 years since he first used it @ 11:44 a.m. on Sept. 19, 1982...:-) read more
In January 2007, two of us (professor Joel Adams and student Tim Brom) decided to build a personal, portable Beowulf cluster. Like a personal computer, the cost had to be low -- our budget was $2500 -- and its size had to be small enough to sit on a person's desk. Joel and Tim named their system Microwulf, which has broken the $100/GFLOP barrier for double precision, and is remarkably efficient by several measures. You may also want to take a look at the Value Cluster project for more information on $2500 clusters.As of August 2007, the price to construct the cluster with the same hardware would be $1,255.80
I wish you all muslim brothers and sisters a glorious month of Ramadan and pray that you make the best use of it...
Yes, if you didn't know, here are the seven wonders of the IT world. :)
Sun intends to hook us on OpenSolaris like they hooked us on Java... They plan to serve it in both caffeinated and decaffeinated blends... Read more
I personally don't think they can beat Linux however with the rising popularity, and heaps of experience gained from industry, they will become one of the big players. What is your opinion?
Read this article on The Register about how attacker were able to hack the Bank of India website to infect its online customers with malware. You might re-think whether your bank is truly delivering on its promises for safer online banking... go through their policy statements... you might be surprised to find out exactly how much they claim liability if you get compromised while doing an online transaction.
The $84 million Internet porn filter implemented just recently by the Australian government has been cracked by a teenager in just 30 minutes :) Read more...
This maybe a lesson to some people that in the world of computer security, big bucks alone can't solve their problems...
Seagate will be releasing solid-state drives based on flash memory chips in its storage devices next year. You will be able to grab a Laptop or Desktop PC next year with this baby in it. Read more
Five of the eight Ubuntu community servers were compromised and used to attack other systems. The servers were shut down to deal with the compromise and are now back online. Canonical, the sponsor and manufacturer of Ubuntu, states the breach was due to more than 15 unpatched web applications running in parallel on the systems, out of date server software being used and the systems using unencrypted FTP.reported on SANS... read full article.
Now there are a lot of USB devices out there, but the items listed on this article, I didn't even dream would exist...
A fun read, I particularly liked the thumb size USB oil burner and the USB smoking accessories.
Check out the article on CIO.com : 20 USB Gizmos That Have No Place in the Enterprise (But You'll Love Just the Same)
This is an interesting article about e-passports and buffer overflows in e-passport readers.
I think since there are some countries introducing e-passports (Maldives issued its first e-passport to the president and first lady on July 26 this year) it is important to be aware of the security issues involved in them.
There have been a number of security issues (including hacks that were demonstrated to the public) involving e-passports especially in the EU and USA. Some articles talk about how people can actually read the information stored on these RFID chips from a distance without the knowledge of the owner. So imagine someone being able to steal your biometric information such as facial or fingerprint information and store it on his own e-passport and... Well you get the idea!
Original Article: Wired - Scan This Guy's E-Passport and Watch Your System Crash
Recently I came across an interesting post on Schneier's blog on how people can abuse the system, especially if such systems aren't designed in such a way to avoid such vulnerabilities.
I will just quote as it was in the original article which was also quoted no his post.
" Defense lawyers in a number of other terrorism suspect cases accused informants of solely seeking financial boon by creating so-called terrorists that did not exist.Original Article: Southern California InFocus: Is Big Brother at your mosque?According to court records, Eldawoody was paid $100,000 over a period of 3 years.
Since Siraj's conviction, Eldawoody has his rent covered and receives a monthly stipend of $3,200.
According to The Washington Post, a police spokesman indicated the direct payments to Eldawoody would likely continue "indefinitely."
With such incentives, critics argue, informants are likely to be created out of thin air to join the "inform-and-cash" industry.
Meanwhile, the Muslim community across the country is feeling the heat of being closely watched.
"This is creating mistrust between our community and law enforcement officials," Ayloush said.
In light of their extensive criminal records, Ayloush added, these individuals would neither qualify as police officers nor as FBI agents, yet they are on the payroll of law enforcement agencies and are allowed to do law enforcement work.
"We all respect hardworking law enforcement agents," Ayloush said. "But mercenary informants? Hardly." "
Since I first heard of the OLPC project I was very interested in the project and kept an eye on the updates.
"OLPC is a non-profit organization providing a means to an end—an end that sees children in even the most remote regions of the globe being given the opportunity to tap into their own potential, to be exposed to a whole world of ideas, and to contribute to a more productive and saner world community." - www.laptop.org
Here's how the laptops actually look.
"Intel is using predatory tactics against the One Laptop Per Child project." - read more on digg and olpc.tv
Recently I came across a very interesting article on CIO.com "Questions to Make You a Better Leader". This article talks about several questions you can ask yourself to keep you in-check and ignite the thought process so you can critically assess yourself and make things more clearer.
Here are the questions that were highlighted in that article.
"...all of us can benefit from a trusted associate who challenges us to think by asking good questions, and then pushing us to follow through"
I always wonder whether there is or whether there will ever be a magic pill for security. A one shot solution to protect from it all. With the direction the security industry is heading and the emergence of new threats, more intelligent, adaptive, and evolving threats, I do not think such a thing exists in the present or even in the future.
Maybe it is human nature, but we mostly tend to be in a defensive nature. We react only when things go wrong. I am not saying this just in the context of computer security. If there was a guy in the organization who thought differently and proposed ideas that are preventive of some sort, management sometimes fail to see the point and disregard it under the grounds of being wasteful of resources. It may also be that the guy failed to present the point across to the management in an understanding manner in the first place, but thats not the point I am trying to make here.
I have been noticing emergence of new technologies in the security arena, and some although not referred as new technologies, people have been coming up with new approaches to deal with viruses, malware and the like.
There have been several news recently on new startups that are whitelisting companies and I myself have posted and entry on this. The latest I came across is relating to malware.
A new startup by some previous Microsoft employees has released a beta version of a realtime malware blocking tool for the browser. It seems that they have entered a market dominated by big players such as McAfee's SiteAdvisor, Symantec's AntiBot, Exploit Prevention Labs' LinkScanner, and Google.
According to the company website, the tool can protect the user against malware while surfing social network sites and blogs (eg. facebook, blogger), watching embedded flash videos (eg. youtube), viewing sites with banner ads and widgets (eg. almost every site), clicking search engine results that unknowingly point to malicious sites (eg. while googling).
According to article on Techworld.com the tool has a multilayer strategy against the malware. The first layer works at the kernel level by monitoring dozens of windows processes and services amongst the API calls to the kernel and suspicious behavior from the browser. This realtime task is done by the identification and interception of the behavior based profiling algorithm.
The second layer protects by using blacklisting based on a database of malicious links and blocks the site.
As I have said before, these technologies aren't new technologies. Blacklisting and anomaly based malware detection has been around for sometime. And these technologies are being researched by academics even today. However I believe this tool is a one of a kind as there approach is different and obviously the implementation will be different from every other product out there.
It is indeed interesting and hopeful to see such attempts by people in the battle against the threats that exist out there. And such attempts are needed despite the many products that claim to be "the" magic pill to solve all your problems.
All images in this article have been taken from the Haute Secure website.
Original news article is from Techworld.com.
I was recently searching for some fantasy characters and came across this interesting website where it asks some questions and decide which fantasy character best suits you.
I checked it out and came up with Aragorn from Lord of the Rings.
Did you know that there are over 20 Windows Vista features and services secretly collecting your personal information and transmitting to Microsoft? Well it's true. Microsoft is not denying it and the users have no choice.
If you read between the EULA lines, you will find that Windows Vista provides Internet based services where Microsoft reserves full control to alter or cancel at any given time. These services can share and transmit the users' information without any notification. In fact the EULA has the following quote:
"By using these features, you consent to the transmission of this information. Microsoft does not use the information to identify or contact you."
I recently read an article on CNNMoney.com about an interesting question that was asked about backstabbing and what to do if you were in such a situation.
In this particular case the backstabber who happens to be the subordinate of the victim, approached the boss and proposed that he could do the victims job better than him. And unfortunately the backstabber happens to be a top performer and a favorite of the victim as well.
The following is a portion of the answer that was taken from the article:
1. If your performance review isn't due for a while, ask your boss to expedite it: "In a meeting that is specifically about your job performance, you should be able to tell where you stand and whether your boss is listening to the back channel."
2. If official annual or semi-annual evaluations aren't scheduled for any time soon, you can still always have review sessions with people on your team. "You should sit down with each of these team members individually and address how you want communications to work," he says. "Don't utter the words 'Do not talk to my boss behind my back,' but be clear about the communications protocols."
3. Call a team meeting and, without singling anyone out, let it be known that you want to create a culture of trust in your group "and that you won't tolerate behavior that is less than worthy of that standard," Moran suggests.
YouTube is truly the most popular service for sharing and uploading video from people throughout the world. It has become a way of life for some people as they spend hours and hours on channels viewing videos ranging for funny clips to those showing high school students beating up and bullying other kids.
Since this craze has been spreading among the Internet users like an epidemic, some people have been devising ways of using this to their advantage, and these people have alternative motives than to just share a visually appealing video clip.
Yes I am talking about the black hat hackers once again exploiting something that people use because they simply can. Security experts say that those video files that you view can be booby trapped.
A fake video file containing the Zlob Trojan has been planted on the video-sharing site. If selected, the Trojan bombards infected users with ads. It might also be used to upload other forms of malware onto compromised PCs. - The Register
1. Always go for 'win-win' negotiation, keeping everything neutral (emotions, egoism etc.)
2. Understand your fair interest and the interest of the person you are with negotiation
3. If you are a buyer and in negotiation with a seller on an offer/point of a discussion, always support with some benchmark or reference, it's easy for the negotiation
4. If both parties are not comfortable with the negotiation, take a time to come back later as it leaves both parties time to think
5. Avoid confrontation at any stage of negotiation
6. A good negotiation leaves a future merit for a business relationship, or even a good friendship
7. Keep your negotiation not more than half-an hour to an hour at a stretch, take a break, it gives some time to think through it before you reopen the discussion
8. Show your interest to open for new ideas
9. Treat everyone involved in the negotiation with great respect
10. Thank every one at the end of the negotiation, no matter if you made a deal or not
Read more on CIO.com
Check this out... this is hilarious. Some guy was able to validate Ubuntu as a genuine copy of Microsoft Windows. Makes one wonder of the greater things to come from this software giant in the future.
Get the full article from Slashdot.
Recently I read an interesting article regarding Anti-Virus (AV) technology. This article reports that the AV technology is dying and will be replaced by a technology called whitelisting. Some of the trends that we are seeing today is that major AV companies are trying to acquire the whitelisting technology, and the rise of new whitelisting startups. More on this article can be read on The Register.
One of the whitelisting vendors stated in the article was SignaCert. So I did some research on their site. The basis behind the concept of whitelisting is software authentication. According to SignaCert, a whitelist is a repository of identified authentic individual data elements (file signatures generated using cryptographic hashing techniques) that are used to validate the integrity of contents on devices (such as files stored on PCs).
For the whitelists to be effective, it should contain software signatures and metadata of a wide range of commercially available software relavent to an enterprise’s specific needs. These signatures and metadata should be based on the source and from verifiable authentic sources. The signatures and metadata needs to be continually synchronized against the continuous changes to the software by the vendors. It should provide simple and flexible mechanisms to extend the repository for these commercial and also internally developed custom applications. And flexible and easy to use mechanisms for organizing the whitelists.
The goal of all this and other fancy products they have are to ensure the integrity of the IT platform. Whether it is the files stored on the servers/PCs or configuration, registries, etc. Besides this there are other products out their which specializes in file integrity and one of the most widely used and popular one is Tripwire.
With all this, I wonder if the signature based virus detection will get obsolete and whitelist technology will takeover. Or would other technologies will come to surface as they gain more production value such as more adaptive and intelligent techniques in detecting such malware. One such interesting project I came across sometime back is Janus (the intelligent firewall) project by InSeon Yoo. This project has a non-signature based virus detection module.
Whatever the future holds, I believe this battle with viruses and other malware will never end unless more innovative and intelligent solutions are developed.
References:
Yep! That’s right… it’s yet another blog. So what, you are gonna read it anyway. Haven’t been blogging for a few years now. But it’s never too late to pickup from where I left off. Or from a new place.
Anyways, this blog is dedicated to blog just about anything, but hopefully of some substance. So here we go again!!!
