SHADOWS IN THE CLOUD

1. First time I heard this term...i thought its abt some movie...some crime thriller or may be some novel or book...but when I actually came to know about this...it was exploring a whole new world....this is abt a 60 pg brief on how cyber security can compromise you and your organisation secrets....wonderfully compiled...easy to understand...easy english....gr88888 ...

2. I got the copy from SCRIBD at http://www.scribd.com/doc/29493199/Shadows-in-the-Cloud-20100406

3. Must read for IT Security enthusiasts!!

I M IN "CHIP"- MAY MONTH EDITION 2010

1. Don't get me wrong for those of you who read only I M IN "CHIP"...i m not inside the regular chip...but have been able to find space in MAY edition of the Chip - India's Most Trusted Guide To Gadgets And Technology.Scanned copy attached.

2. Thanks CHIP

EAVES DROPPING RISK : EMR

1. Imagine someone sitting in a van outside a person's house can read the EMR that is emanating from the user's laptop computer inside the house and reconstruct the information from the user's monitor on a different device. Different devices have different levels of susceptibility to Tempest radiation. A handheld calculator gives off a signal as much as a few feet away, and a computer's electromagnetic field can give off emissions up to half a mile away. The distance at which emanations can be monitored depends on whether or not there are conductive media such as power lines, water pipes or even metal cabinets in the area that will carry the signals further away from the original source.

2. This problem is not a new one; defence specialists have been aware of it for over twenty years.Information on the way in which this kind of "eavesdropping" can be prevented is not freely available. Equipment designed to protect military information will probably be three or four times more expensive than the equipment likely to be used for processing of non-military information.Until recently it was considered very difficult to reconstruct the data hidden in the radiated field, and it was therefore believed that eavesdropping on digital equipment could only be performed by professionals with access to very sophisticated detection and decoding equipment. As a result, digital equipment for processing information requiring medium or low level protection, such as private and business information, is not protected against eavesdropping of this kind.

3. The EMR that is emitted by electric devices contains the information that the device is displaying or storing or transmitting. With equipment designed to intercept and reconstruct the data, it is possible to steal information from unsuspecting users by capturing the EMR signals. The U.S. government originally began studying this phenomenon in order to prevent breaches in military security. The government was using the technology to their advantage during WWII and realized that they needed to protect themselves against others using the same tactics against them. The name Tempest, or Tempest radiation originated with the U.S. military in the 1960s as the name of the classified study of what was at the time called "compromising emanations."

4. Today the phenomenon is more commonly referred to as van Eck phreaking, named after Wim van Eck, the Dutch computer scientist who brought it to general attention in 1985 when he published his paper "Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk?," in which he demonstrated that the screen content of a video display unit could be reconstructed at a distance using low-cost home-built equipment - a TV set with its sync pulse generators replaced with manually controlled oscillators.

5. Van Eck phreaking is a major security concern in an age of increasing pervasive computing. High-security government agencies are protecting themselves by constructing safe rooms that through the use of metallic shielding block the EMR from emanating out of the room or by grounding the signals so that they cannot be intercepted. It is possible, though costly, for individual users to shield their home computer systems from EMR leakage.

6. Thanks http://www.webopedia.com

Computer EASTER EGGs

1. Whats an easter egg post doing here? Well even this has an IT context.In the computer world this refers to an un documented lineament that is in a program that the makers of that program placed in the program for additional fun and credits. Easter Eggs are in no way destructive to any software or hardware within the computer and are usually meant for fun. For example an interesting computing easter egg is given below

- Type "=rand(200,99)"(without quotes) into the MS word and watch as around 567 pages get filled with random text!!

2. Thanks http://www.computerhope.com & Digit magazine subscriber edition.

7 years of Indian Cyber Law

1. While reading a recent article by Rohas Nagpal @ 7 years of Indian Cyber Law….i came across these cases which have been briefly but adequately discussed at length in the article by the author ie Rohas Nagpal. Must read …just for updated info……

- Avinish Bajaj vs State of Delhi

- Firos Vs State of Kerala

- Syed Asifuddin vs State of Andhra

- SBI vs Rizvi Exports

- State vs Mohd Afzal

- Is ATM a computer

- P.R.Transport agency vs UOI & others

2. For another link on similar info ,pls click here.

3. Thanks http://www.asclonline.com & Mr Rohas Nagpal,President Asian School of Cyber Laws

HOW TO HYPER LINK IN COMMENTs AT BLOGGER?

1. I was recently commenting at a blogpost and wanted 2 place a hyperlink..but could not find any option while right clicking or from any where.Thus googled and found this simple two step procedure here

2. Thanks http://mike.brisgeek.com

DATA RECOVERY FROM RAM?

1. If any one can just throw some light or post a link to any matter that exists on the web pertaining to limitations/possibilities of recovery of data from RAM inside a computer?

2. Thanks.

WiFi at home : Take precautions

1. Accessing WiFi at home is no more limited to tech geeks as the simple configuration has made it accessible to even a layman who hardly has any know how of how it works and what are the dangers floating around if he goes with the default settings.The two year back case of a hacker emailing from an open WiFi account in Mumbai reflects the deep dangers associated with such mishaps.Following are a set of desirable config changes any WiFi account holder at home and office whould take care of while configuring.....

Step 1: Change the default password

Step: 2: Change the default IP address

Step 3: Disable the DHCP service

DHCP (Dynamic Host Configuration Protocol) enables remote computers connected to the router to obtain an IP address and join the network without needing to know the IP and router address information. This is a simple and effective way of keeping intruders away. As far as possible, set up the computers on your network with static IP addresses. If you still want to use DHCP to make your own configuration easier, restrict the number of DHCP IP users to the number of computers on your network. For example, if you have five laptops running on the network, limit the DHCP IP addresses to 5 from the default 50.

Step 4: Restrict the network mode

Step 5: Change the default SSID

Step 6: Opt for WPA2 or PSK security over WEP

Step 7: Enable the MAC Filter

Step 8: Use the router’s firewall

Step 9: Use Internet Access Policies

Step 10: Disable remote administration

Step 11: Switch off the router when not in use

Step 12: Disconnect the Internet when not needed

Step 13: Position your router carefully

Step 14: Update the router firmware

Step 15: Scan for signal leaks from time to time

2. Also check out here.Thanks http://www.freealldown.com

CLEAR PLAY & DVD PLAYERs : E-CENSOR

1. A new technology that can CENSOR ALL POTENTIALLY UNSAVORY SCENES of a movie, making it watchable with children at home is all set to introduce it self to the parents.It invariably happens across the homes when one family sits down to watch a movie on a DVD thinking there’s nothing up ahead likely to cause embarrassment, only to find the stars undressing and making the set of family watching the movie awkward.

2. ClearPlay (patented) comes to the rescue in all such cases.This is an advanced parental control feature that allows filtering of regular DVD movies. ClearPlay is a technology that allows the users to skip over or mute undesirable content such as profanity, graphic violence, and adult content.

3. A ClearPlay-enabled DVD player is required, along with what are called Filter files. These files, which are created by ClearPlay editors, will know where the possibly unwanted content is located, even to the exact frame. This allows the ClearPlay DVD player to block offensive or undesirable content during playback of the DVD. The choice is also made available to watch the film in its original form, by turning the filtering off.

4. ClearPlay allows users to customize what they want to skip. There are twelve categories of content that can be filtered and with four different levels (none, implied, explicit and graphic).These categories include: Violence, Sex, Nudity and Vulgarity. You will also see a list, before the movie starts, of possibly questionable content that ClearPlay will not remove depending on the movie, scene and/or situation.

5. Thanks http://technochest.com

DANGEROUS PASSWORDS

1. According to a recent study,most dangerous passwords used across the cyber fora and continents are listed below :

123456

Tops the list.The study reveals that '123456' is the most ordinarily used password. Imperva found that nearly 1% of the 32 million people it studied were using "123456" as a password.

12345

The second most vulnerable password is 12345

123456789

Stands at a proud 3rd position

PASSWORD

The fourth most vulnerable password is the word 'Password' itself

iloveyou

Another easy one for remembrance and breaking.

princess

Stands at 6th position

Rockyou

The seventh most compromising password is 12345

1234567

Rockyou is followed by 1234567 at No 8

abc123

the last one as per study....

2. How many of you have or had from the list?be carefullllllllllllllllllllllll

3. Thanks Imperva and TOI.

MOZZILA Firefox & GERMANY

1. In another notable policy implementation involving IT aspect and signifying the importance of browser ,German government and administration has suggested computer users not to use Firefox and run an alternative browser instead, because of a critical security demerit. It has recommended that PC users stop using Firefox till Mozilla releases a fix.

2. The advice is based on studies and recommendations of BurgerCERT,a division of German Federal Office for Security in Information Technology. The reason why Germany is evoking such ostensibly forceful action is based on the presence of a critical vulnerability in currently available versions of Firefox that could be exploited by hackers to launch malicious code on users' computers.

3. For its part, Mozilla has acknowledged the security vulnerability, and has released the latest version of its Firefox web browser ahead of schedule because of security vulnerabilities found in earlier versions.Firefox 3.6.2 was due to launch at the end of March, but is already available to download from the Mozilla website.

4. Any advises or thoughts from the MOD(IT) INDIA.....none!!!!!!

5. Thanks http://www.computerweekly.com

Consequences of Google's China Exit

1. This is a uncoiled lift from http://www.theatlanticwire.com.I thought worth putting it in here.For original post please click here.

2. The post has shown the following 4 consequences of exit :

(a) Cripples the Work of Chinese Scientists

A Nature News survey of Chinese scientists found that 84 percent of them thought losing access to Google would “somewhat or significantly” hurt their work process. Like their American counterparts, Chinese researchers use Google and Google Scholar to find papers and related information.

“Research without Google would be like life without electricity,” one Chinese scientist toldNature... If events do continue in that direction, truly global enterprises like science could suffer as information becomes harder — even if only moderately — to exchange.

(b)

Puts the Onus on China to Liberate the Internet

Puts the Onus on China to Liberate the Internet

, says Leslie Harris, president of the Center for Democracy and Technology: "[We applaud] Google for following through on its commitment to protect human rights and for its continued effort to enable China's people with unfiltered access to robust sources of information from all over the world. Whether the Chinese people will be able to take advantage of Google search now rests squarely with the Chinese government."

(c) Fully Exposes China's Censorship

Fully Exposes China's Censorship, writes Dan Nosowitz at Fast Company: "Google almostexpects China to block the crap out of the redirect. They'll even be creating a new site to monitor exactly how much of their new services are being forcibly blocked by the Chinese government, updated daily. Google is also showing a little concern about the future of its 600-person sales staff in China, and issuing a bit of a challenge to the Chinese government: if they shut down the redirect to Google HK, Google will have to lay off a percentage of its sales team, as they'll not be needed."

(d) Cleanses Google's Reputation

Cleanses Google's Reputation, cheers Preston Gralla at Computer World: "China will become the world's largest Internet market, and in taking this step, Google is endangering its standing there. True, it only has a relatively small market share at this point, but that would have changed over time, and even a relatively small market share of a large market means a lot of revenue. It's rare that a tech company --- or any company, for that matter --- takes a stand this principled, and Google should be congratulated for it. Other tech companies, notably Apple and Microsoft, should follow suit, although all signs point to them continuing to cooperate with Chinese censors."

3. Thanks http://www.theatlanticwire.com

GOOGLE finally is OFF from China

1. In my earlier post at this,this and this,the subject matter was under decision making....finally the result is out....Monday night, the cyberspace gargantuan shut its Chinese site and repositioned its search engine services to unexpurgated Hong Kong after two months of confrontation with Beijing over censorship and alleged hacking attacks.

2. The decision has its set of PROs & CONs....this will allow opportunity for others to make an attempt to compete with google which has largely overshadowed the cyber space to a large extent with discussions like one discussed for Data retention policy between Google and Bing.This is going to make China lesser dependent on Google for a large number of things which unknowingly we all have become used to.This will disallow google to retain data as per their existing policies from the complete area of CHINA unlike others who are happily allowing them to retain all data and surfing habits.....now for the CONs....Chinese will not be able to search with the precision they used to(...although will be a temporary phase...they may come up with something better....)...is that the only CON??????I feel it is worth it!!!!!!!!!

3. Indian Sarkaaar....pls let your IT IQ refresh........thanks http://images.smh.com.au and http://www.hindustantimes.com

LIQUID COOLING IS IN - FOR CPUs & GPUs

1. I heard about water cooling concept in servers specific to data centers some years back.With induction of i3 and

continuing high end series, water cooling kits are no more visualization and futuristic components of enthusiast and fancier machines. Now water cooling is all set to reach your desktops.Thus with the execution levels of the core components increasing, keeping the heat levels under control has no more remained as a challenge.

2. The Aquagate Max is the first Enthusiast System Architecture (ESA) simpatico liquid cooling kit which allows some amazing features . With multicontrol connected sensors located all around inside the case the architecturte design eliminates the need to manually check that it works properly.Together with the Cooler Master Cosmos ESA case it allows the advantage of being able to mount the liquid cooling kit inside the system case with no external parts. More from figure below

3. Thanks http://www.coolermaster.com

OS CARD : For now just an idea sirjeeeeeeee!!!

1. Recently I came across this interesting idea article which introduced me to the OS Card.....yess...the operating system card....read on for some interesting info

(a) The "OS Card" would be inbuilt with a independant operating system that is installed or flashed onto a PCI-E card for computers.

(b) Complete operating system such as Windows/solaris/ubuntu etc would come preloaded one of these cards. Instead of booting and running your OS from your local hard drive, it would run most of the OS from the PCI-E card.

(c) The card would be read only, protecting vital system files from malware such as trojans or viruses. A small number of system files that would require read and write functions would be copied to your local hard drive where they could be modified and read by the card.

2. What would this do? For amateurs it would make installing an operating system much easier. Instead of having to deal with CDs, DVDs and serial numbers a person would simply buy the card and put it in their computer.

3. The best thing to be curbed is that this would be able to put a serious incision in piracy of operating systems. Furthermore, it would free up a considerable amount of space on your hard drive.

4. The OS Card could come with it's own independent CPU and Memory (RAM), which would completely remove the need for an operating system's system requirements. This would most likely speed up all other processes and events being run on the computer now that system processes are now no longer hogging PC resources.As on date some info on related product at http://www.gi-de.com

5. What an idea sirjeeeeeeee@ http://www.creativitypool.com