With the election coming up on Tuesday, the linked article discusses the changes made in the wake of the problems with the 2000 presidential election. To summarize: computerized voting machines are actually worse than the paper ballots that failed so dramatically in 2000.
Archive for the 'Computer Security' Category
Biometric identification systems such as fingerprint readers, retina scanners, etc. are supposed to make it harder for people to hack your computer. But in the case of the UPEK Protector Suite, the opposite is true. This is due to unsecure programming practices that make it trivial for someone to learn your Windows password. See the linked article for more information.
The DNSChanger trojan infected hundreds of thousands of computers worldwide and changed their DNS server settings to point to rogue servers. (Your DNS setting tells your computer where to go to look up a URL such as www.chadsnews.com. Without one, you’re effectively shut off from the Internet.) The FBI shut down the source of the malware but realized that turning off those rogue servers would have severe effects for those who were infected—they would lose Internet access. So as a stopgap measure, the FBI set up real DNS servers to replace the malicious ones. This Monday (July 9th), however, the FBI is going to permanently turn off those servers.
The FBI has a webpage with instructions on how to determine if your computer is infected. I suggest taking a few minutes now to verify that your DNS is okay. If you’re infected, and even if you’re not, this might be a good time to consider using OpenDNS as your DNS provider.
A new incarnation of an old virus is making the rounds, but this one has a strange feature. It prints pages and pages of garbage to your printer, and has already wasted thousands of pages for businesses that have been infected. According to the security experts who dissected the virus, the printing appears to be an unintentional side effect.
The Pwn Plug (for those who aren’t familiar with the term “pwn”, here’s a definition) is a miniature computer about the size of a large AC adapter. You plug it into the wall and connect it to a network. It will attempt to hack into the network and then communicate with you, giving you access to the compromised network. A great tool for illegal hacking activities, you might think, but they actually sell quite a few to corporations that use them for in-house penetration testing and remote network management.
So you’ve got something on your computer that you don’t want anyone else to see. To this effect, you’ve encrypted the hard drive. But then you’re put into a situation where an official requires that you unlock the computer so they can inspect the contents (this could happen at a border crossing, for example). That’s where Plausible Deniability comes into play. It’s a feature of TrueCrypt, where you have two hidden encrypted volumes on the same disk partition, and the password you enter determines which one you actually see. So you enter the decoy password, and it unlocks the decoy partition which contains no sensitive files. The other hidden partition appears to be empty space containing nothing but random data. Note that this probably won’t prevent a computer forensics expert from realizing that you have a hidden partition, but the casual observer will probably be fooled.
In the linked article, Wired has done some research into the beginnings of the computer password. It turns out that even back then they weren’t very secure.
Long-time Chad’s News readers will recall this post, where a man explains how his group pulled off an “impossible” diamond theft. In the same vein (and a la Sneakers), Jim Stickley is a security consultant who uses social engineering to infiltrate a bank’s computer network and steal confidential financial information.
I posted this topic just because the name is so neat. “Frankenmalware” describes the result of a computer virus infecting a computer worm. The worm then propagates the virus.
For those who find this confusing, here’s a short tutorial on the difference between a virus and a worm. A virus is malware that attaches itself to executable files on a computer. When an infected file is run, the virus code is also run. Viruses may or may not contain mechanisms to spread themselves to other machines. A worm, however, is a standalone program that propagates itself over a network by taking advantage of security holes in target machines. Unlike viruses, worms do not have to attach themselves to existing executable files—a worm is autonomous. Note that the distinction between viruses and worms is not perfect—some malware contains components of both—and we have a tendency to lump them all under the umbrella name of “viruses”.
So frankenmalware occurs when a computer that’s already infected with a worm gets infected with a virus, and the virus attaches itself to the worm’s executable file. When the worm spreads to another machine, it unknowingly carries the virus and infects the new computer. All of this is done without the intervention of the user or the knowledge of the people who wrote the virus/worm.
In the linked article, Kim Komando gives several good reasons for not sharing your wireless internet connection with neighbors. An important one being that if the neighbor does anything illegal, the police arrest you and confiscate your computer equipment. (On the other hand, if you’re the one doing illegal stuff over the internet, I’ve actually heard people suggest that it’s a good idea to leave your wireless router unsecured—so there’s reasonable doubt concerning who performed the crime.)
Google and Facebook are offering two-factor authentication to help prevent your account from being hijacked. In both cases, you give them your phone number, then when you log in using your normal username and password, they send a code to your phone. You must enter the code as part of the login process. Gmail does this for every login, while for Facebook it’s only when you log in from a device that hasn’t already been verified.
Thanks to Josh for this topic.