2004-09-29

(criminal) bait and switch, long term version!

Microsoft: To secure IE, upgrade to XP

"...a steep price to pay to secure a browser that swept the market as a free, standalone product."

Great business plan. Get the world hooked on a "free" browser riddled with security holes, wait for the internet to become truly dangerous, and then scare people into upgrading their entire OS! So now we know how "free" IE is...

As if you wanted any more reasons to switch to Firefox!


Other choice quotes from the article:

2004-09-22

(malware) terrorism isn't the only thing to worry about when we fly!

Microsoft software implicated in air traffic shutdown

"...five incidents where aircraft broke separation guidelines were reported. In one case, a pilot had to take evasive action."

2004-09-14

faq-o-matic versus twiki

faq-o-matic versus twiki

Read this article only if you care about collaboration software.

I once considered Faq-O-Matic (called fom in the rest of this document) as a replacement for my favourite web software, TWiki. So I installed fom on my home machine, and went through the entire documentation and assorted material to see what features fom has and how they compare to twiki.

Yesterday we had a discussion on these topics, so I pulled it out, reformatted it very slightly, and put it up on my website.

2004-09-13

for those who think WiFi is secure...

The only purpose of my blogging this page is as an example of what WiFi security is really like. If people at DefCon can get hit, what makes you think you're so special, pal?

2004-09-06

(malware) Microsoft's security program manager uses Mozilla Firefox

[there's a very ironic update to this -- see bottom of article]

Wired 12.09: VIEW

"Security is really an industry-wide problem. Just this morning I had to install an update to Firefox to block a flaw that would've allowed an attacker to run a program on my system."

I've been saying for a long time that people should not use IE unless you come to a site that insist on IE and you really, really need to access that site.

Here's a possible "open mouth, insert foot" comment from no less a person than Stephen Toulouse, Microsoft's security program manager, who essentially admits to using Mozilla Firefox.

Oh and by the way, he also says "We're two and a half years down a much longer road; it's more of a 10-year timeline", so dont expect serious security improvements in MS products for a while :-)


Hilarious update! The flaw that he was talking about applies only to the Windows version of Mozilla/Firefox. The irony is that, after mis-informed reporters made it sound like Mozilla screwed up, people realised that it was in fact a Windows problem, and that not only IE but even MS-Word and MSN Messenger were vulnerable!

Now, if only they could issue a patch as quickly as Mozilla did, and if it could be as small and quick to install...! (the Mozilla patch is just over 1 kilobyte, by the way!]

see http://www.infoworld.com/article/04/07/12/HNmicromozilla_1.html

2004-09-05

(malware) How an ordinary PC got "0wned" by hackers

This is a detailed account of a security expert unravelling the trail of malicious changes that are forced on a computer, simply by visiting a site called yahoogamez.com.

IMPORTANT -- if you are running Windows, please do not attempt to simulate any of this unless you know EXACTLY what you are doing.

Unless you've wisened up and use Firefox, of course!


Mini-glossary of terms used in those articles:
"0wned" -- hacker-speak for breaking into a computer permanently and being able to do whatever the hacker wants on it

"exploit" -- a known vulnerability that can be used as an entry point into a system

"UPX" -- a way to pack executable files


Follow the Bouncing Malware -- part I

http://isc.sans.org/diary.php?date=2004-07-23

I discovered that as far as the adware/spyware industry is concerned, you may be the one that plunked down a grand at your local consumer electronics store to purchase your PC, but THEY own it. They'll do whatever they want, whenever they want, and you don't get a say in the matter.

Part I starts by visiting "yahoogamez.com". Even before the user actually clicks anything, ads and other content on the page cause a chain reaction of malicious downloads and a CHM (Windows Help system, I think) exploit, ending with the IE home page and default search engine getting changed, and a piece of spyware getting installed on his machine.

Then the user clicks on a link that requires Flash, which he doesn't have so he comes back to the main page. At this point a trojan (identified by AV software as Win32/TrojanDownloader.Rameh.C) is downloaded!

Go to http://isc.sans.org/diary.php?date=2004-07-23 for the gory details.

And remember that's just PART I.


Follow the Bouncing Malware -- part II

http://isc.sans.org/diary.php?date=2004-08-23

So, what's the upshot of this whole mess? Well, Joe has had five new software packages installed onto his machine, redirecting his browsing, his searching, and his online purchases to suit the desires of the (no-doubt ;-) fine, upstanding people at ATPartners. His Internet browsing will now be "Simple, Exciting, and Personal" (ezula), he'll always know that "The Best Downloads are Free" (abetterinternet), his computer will show him the "Smart way to put money in your pocket" (TopRebates) and he needn't worry about adware/spyware any more because Virtual Bouncer has been installed to... uh... bounce it (Spyware Labs). Oh, and his online purchases will earn money for... uh... um.... someone. (SAHAgent). Joe should be so very, very happy.

Part II continues on the trail, showing exactly how all of the stuff described above happens! To add insult to injury, the "new" homepage installed in part I (see above) is a page that advertises... an anti-spyware program!!


And remember, part III is yet to come :-)