Social Icons

Sunday, November 11, 2012

FEDORA 17 & VIRTUAL BOX : Virtualbox Installs but won't load

1.   This particular problem kept me busy the whole day....and in fact I reached a point of frustration that I should switch back to Ubuntu that I was earlier using.......so the problem goes like when I install virtual box via the rps and yum commands ...I used to invariably get some odd message that mostly included the following :


Kernel driver not installed (rc=-1908)

The VirtualBox Linux kernel driver (vboxdrv) is either not loaded or there is a permission problem with /dev/vboxdrv. Please reinstall the kernel module by executing

'/etc/init.d/vboxdrv setup'

2.    I would not actually lie about it...but i checked about so many forums that gave relatively the same solutions that you would have mostly found out by now...but to no avail...so the two command simple solution that would make you VB run like a horse without any issues goes like this :


yum install dkms binutils gcc make patch libgomp glibc-headers glibc-devel kernel-headers kernel-PAE-devel

/etc/init.d/vboxdrv setup

offcourse you have to run this as a su -

3.   Do let me know if u r stuck on this again...the sets of commands that I run since morning as root are produced below for info only.BUt I am sure the commands above would solve your problem.

   21  wget http://download.virtualbox.org/virtualbox/rpm/fedora/virtualbox.repo
   22  yum update
   23  rpm -qa kernel |sort |tail -n 1
   24  uname -r
   25  reboot
   26  rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
   27  pwd
   28  cd /etc/init.d/
   29  ls
   30  cd vboxdrv
   31  /etc/init.d/vboxdrv setup
   32  cd /var/log/
   33  more vbox-install.log 
   34  cd /etc/yum.repos.d/
   35  wget http://download.virtualbox.org/virtualbox/rpm/fedora/virtualbox.repo
   36  yum update
   37  yum install binutils qt gcc make patch libgomp glibc-headers glibc-devel kernel-headers kernel-devel      
   dkms   
   38  yum install VirtualBox-4.2                                                                                  
   39  virtualbox                                                                                                  
   40  KERN_DIR=/usr/src/kernels/2.6.18-194.11.1.el5-x86_64                                                        
   41  export KERN_DIR                                                                                             
   42  yum update virtualbox-4.2                                                                                   
   43  aptitude update                                                                                             
   44  yum install dkms gcc                                                                                        
   45  yum install kernel-headers kernel-devel                                                                     
   46  /etc/init.d/vboxdrv setup                                                                                   
   47  more /var/log/vbox-install.log                                                                                                                                                                    
   49  wget http://download.virtualbox.org/virtualbox/rpm/fedora/virtualbox.repo                                   
   50  uname -r                                                                                                                                                                             
   53  rpm -qa kernel |sort |tail -n 1                                                                             
   54  uname -r
   55  service vboxdrv setup
   56  uname -r
   57  KERN_DIR=/usr/src/kernels/3.6.6-1.fc17.i686.PAE
   58  export KERN_DIR
   59  virtualbox
   60  usermod -a -G vboxusers duqu
   61  virtualbox
   62  apt-get install dkms
   63  wget install dkms
   64  uname -r
   65  rpm -q kernel-devel
   66  uname -r
   67  virtualbox
   68  /etc/init.d/vboxdrv setup
   69  more /var/log/vbox-install.log
   70  KERN_DIR=/usr/src/kernels/3.6.6-1.fc17.i686.PAE
   71  export KERN_DIR
   72  virtualbox
   73  /etc/init.d/vboxdrv setup
   74  uname -r
   75  yum install kernel-headers-3.6.6-1.fc17.i686.PAE
   76  exit
   77  yum install kernel-headers gcc
   78  /etc/init.d/vboxdrv setup
   79  exit
   81  yum install dkms binutils gcc make patch libgomp glibc-headers glibc-devel kernel-headers kernel-   
   PAE-devel
   82  /etc/init.d/vboxdrv setup


Saturday, October 27, 2012

Do all ANTIVIRUS companies research independently ?


1.   Ever wondered how a Antivirus signature is made? Not so difficult actually....the answer goes like you detect a virus and then make a anti dote for that and subsequently release it as a signature.But as you think at a slightly larger level...i mean signatures being released by various antivirus companies for the same virus.Does each antivirus company re invent the wheel for each virus every time a new virus is detected..... Do they actually work differently to first find and then create a signature separately....Are all the viruses/malware's created by various hackers and agencies detected independently by all these antivirus companies?I doubt...!!!!But if my doubt is incorrect, then it is a SAD issue.....Because with the speed of population explosion of these various malware's and viruses....there can not be so many separate fighters and if there is one way to fight this gigantic threat...these all antivirus companies have to fight together...We should indeed realize that the threat is not individually existing to you and me but it exists to US...ie not United States...but you and me together ie ALL OF US....:-)

2.  But fighting together will not be so easy as the Economics of this War will defy competition ...so is there a need of funding at national level or at cross country level?Will it one day become a UN issue....ha ha ha!...like poverty..food scarcity and other issues being undertaken by UN,will there be a day when UN funds these antivirus companies because global dependency on IT is increasing and so are all vulnerable to so many threats.....:-)

3.   The earlier this is made a common issue...the more safer will the world become in future...because this threat is common to world...so should be the solution...

Friday, October 19, 2012

New Ubuntu AD takes on WINDOWS 8 :-)

Nothing to EXPLAIN here...one popular ad doing the rounds ti promote opensource UBUNTU..although not at the original Ubuntu Home page!!!!This comes just a week before Windows 8 Release..........

New Generation Biometrics : YOUR EYE MOVEMENTS ARE UNIQUE


1.   New generation Biometric Techniques have always raised appreciating eyebrows across.Like when I discussed about EARS SPEAKING at http://anupriti.blogspot.in/2010/01/ when-ears-speak.html.Although there are so many unheard unique and being used biometric in the offering this is certainly that I read on simply on curiosity.The complete post is at http://www.techgig.com/tech-news/editors-pick/Soon-eye-movements-can-be-your-new-password-15633.


2.   Now in brief goes like this :

-   This biometric system identifies people by the way they flicker their eyes while looking at a computer screen. 

-   Discovered and innovated by Oleg Komogortsev, a computer scientist at Texas State University-San Marco, is making use of the fact that no two people look at the world in the same way . When looking at a picture, different people will move their eyes among points of interest in different sequences.

-   Even if two people trace the same paths, the exact way they move their eyes differs, the 'LiveScience' reported. 

-   Eye movements could become part of the next generation of a more established biometric iris scans.

Is your ANTIVIRUS spying you ?


1.    Now as the Cyber Crime grows exponentially,so has the world of antivirus companies....the list is pretty endless....now how do all these antivirus companies work.Do they all research separately and develop separate signatures for each virus/malware found or do they have such common platform or standard wherein they share each others views and technologies.As I see on Wiki about the list of antivirus companies,they originate in different countries.Details of the page showing a compare of all such antivirus companies can be seen here.Well....what I am going to discuss here is importance of the country origin.

2.  Lets say I have antivirus company by the name of ABC that has its origin and complete team of researchers and developers from India.Now there is a user in some XYZ Country that uses this antivirus.Now while installing the antivirus,while he accepts the terms and conditions(who reads it anyway?),who stops the ABC antivirus from issuing some malware/spyware for that user PC.In the scan it can not be detected since it is being scanned by the installed antivirus.Now with some vested interest, the ABC Company can actually play havoc with confidential info of the user without giving a cue to the user.Who knows what all signatures released by the company contain? Even while submitting a sample virus,it is done mostly in a encrypted or a bundled form!!!!

3. Although institutes like EICAR (European Institute for Computer Antivirus Research) are there,but they also do not have any control over such issues!!!!If any one  has some idea on the subject ...please let me know vide email or comment here.....

Thursday, October 18, 2012

Hacking a HEART : Lover's Dream vs Hacker's BEAT IT!!!


1.    I think this is yet to come even on screen...but has unfortunately happened in real life.So we have all heard of Pacemakers that keep connected to internet to provision live feed of diagnostic parameters to their doctors mobile phone!!!smart....veri smart.....so those of you who read this for the first time....the cardiac pacemaker's based on internet call essential parameters to assist in diagnosis and fine-tuning.The patient's data is sent automatically on a daily basis to their cardiologist. This greatly simplifies patient care and can improve quality of life significantly..but now read on whats the worry about.One top google search led me to this vendor St. Jude Medical.Details of such selling pacemakers at this site.


2.     So hacking a heart has been a lover's dream for ages....but in this age it can be hacked and controlled in all means.I read this article by Nick Barron at http://www.scmagazineuk.com and another one by GREGORY FERENSTEIN at http://techcrunch.com.

At a recent developer conference, a pacemaker was wirelessly hacked to send deadly 830 volt shocks. Even worse, it would be “100 percent possible” that virus could spread to other devices in a wave of “mass murder”.The demonstration showed how to rewrite the devices onboard software (firmware). 

3.   So now what?.....this means that all those light hearted guys who are surviving on such internet based pace makers for actually facilitating live feed to their respective doctors now also need to worry about eating Antivirus Tablets and wearing Firewall Clothes!!!!uuh!!!!Although the recipe bought out here 
makes a perfect movie story but is actually a pretty worrisome worry!!!

4.    The image shown above is for reference only for the readers to see how actually a internet based pacemaker looks like.Case in point hacking of the device has got no link to the company and any of its product.

Internet Freedom : ULTRASURF

1.     While I have earlier talked about TOR,Anonymous OS etc and maintaining privacy on Internet...likewise there is no dearth of such options on the net.Another hugely respected :-) and proven software is ULTRASURF.This software is available at http://ultrasurf.us/ offcourse as a free download. :-).
 
2.   This was originally created to help internet users in China find security and freedom online and has subsequently grown to become one of the world's most popular anti-censorship, pro-privacy software, with millions of people using it to bypass internet censorship and protect their online privacy.

3.    Among other features,few as I felt important are jotted below :

- Protect your privacy online with anonymous surfing and browsing.
 
-  Hides your IP address,clears browsing history, cookies,and more.

-  Using industry standard, strong end-to-end encryption to protect  data transfer from being seen by third parties.

-  Bypasses internet censorship to browse the internet freely.

- Only supports Windows OS.

- Works with IE like TOR with Mozilla.

-  One interesting thing is that the company keeps logs bare minimum information for anti blocking purposes. They  keep your logs for maximum of 30 days to comply by the exisiting law protocols of the hosting country.

4.  More at   http://ultrasurf.us/

Tuesday, October 16, 2012

Operation b70 : Microsoft Disrupts the Emerging Nitol Botnet Being Spread through an Unsecure Supply Chain

In continuation with the last post, here is more from Microsoft.Please go through this brave but honest confession from Microsoft.......ummmm!!!!I would not say confession but actually Microsoft's attempt to save millions of innocent users...must read for info at

http://blogs.technet.com/b/microsoft_blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx

Operation b70 : New OS from Mall comes preloaded with Malware


1.   For last few years since Cyber Crime has been making news,it has been always discussed that all free stuff on internet comes preloaded with some kind of malware or spyware or some kindda ware!!!Here's about a one month old news worth a share that defies this logic....it actually says that Malware comes inbuilt to the OS from the mall showroom from u where u made the purchase!!!!!!!!

"Microsoft’s Digital Crime Unit (DCU) has recently made this astonishing announcement.DCU conducted a study to get a sense of how much of the counterfeit software available is preloaded with malware.  Microsoft researchers purchased 20 new computers from PC malls.  These systems had counterfeit software preinstalled on them by the distributor. DCU examined the files on these PCs and found malware on four of the 20 computers that were purchased, a 20 percent infection rate.Several types of malware were pre-installed on the computers purchased from the PC mall.  This malware enabled the attackers to perform a range of actions including DDoS attacks, creating hidden access points onto the systems, keylogging and data theft.

The researchers also identified one type of malware found on these systems attempting to connect to the command and control servers of a known botnet.  The ensuing study uncovered that attackers were building this botnet by infecting digital products, like computers or software, that were then distributed through an unsecure supply channel.  The malware was also designed to spread via flash drive memory sticks. The subdomains that hosted the botnet’s command and control servers link to more than 500 different types of malware.  Some of this malware is capable of turning on cameras and microphones connected to infected systems."

4.   More on the story here. uuuuhh!!!!isn't it scary...a fresh piece of digital device that you buy comes with an inbuilt spy to spy on you and your data...... In fact it is a bold step and brave announcement by the Microsoft DCU...it could have been hidden but they found it ok to declare it open so that the user gets braver on its use...!!!

5.   DCU took legal action to disrupt the malware hosted in the subdomains, in Operation b70.  You can read more about Operation b70 and the DCU’s efforts here: http://blogs.technet.com/b/microsoft_blog/archive/2012/09/13/microsoft-disrupts-the-emerging-nitol-botnet-being-spread-through-an-unsecure-supply-chain.aspx

6.   Thanks Microsoft and http://blogs.technet.com

HATS OFF : Felix Baumgartner

1.   Its a real HATS OFF...SALUTE to Felix Baumgartner the guy who travelled at MACH Speed.... phenomenal achievement by all standards...

2.   My blog is generally full of IT Stuff.....but such things actually makes me feel really nice....a great feat...a link video here for info




Sunday, September 16, 2012

Print to PDF in Ubuntu 12.04 LTS

1.     This is a simple single line of command that u write at the terminal to install a third party app that will install a pdf printer in ur Ubuntu System.
sudo apt-get install cups-pdf

2.     This will be generally handy when u need to print your documents that are ready to print but u don't have a printer installed....actually create a virtual PDF printer on your ubuntu PC that lets you convert all your documents/images/anything into PDFs that you can subsequently send to print as and when u have the facility to print.

3.    Thanks http://ubuntuportal.com

Friday, September 14, 2012

Testing ur Broad Band Speed : The ISP Promise

1.    As a customer you are promised so much from your ISP....and the most important thing an ISP promises a customer is fultu speed...they have various packages and plans to offer that revolve around offering various speeds.But how do u find out if the plan is actually provisioning the speed that u were promised.So there are ...in fact thousands of online tools to give and test your Internet broadband speed.One that I have been a regular follower is the speedtest.net available at http://www.speedtest.net/.

2.   A simple interface that takes less than a minute to get started and conclude with the result.I got the following result for my ISP...and that was as per the promise by ISP....so u can check urs too at the site : http://www.speedtest.net/



Wednesday, September 12, 2012

Being CCCSP: CDAC Certified Cyber Security Professional

1.     There is no doubt that I have keen interest in cyber security issues and subjects.I stop anywhere I find some thing to read or see articles / videos related to cyber security...always grab opportunities like workshops and seminars that hold related events. But just reading and going through these was not going to be enough to make a small mark in the field.Thus I decided to go for a certification exam.Came across CISSP,CCIE,Comp-TIA etc....which were slightly heavier on pocket :-)...so looked for a Indian version and equivalent that is not only recognized but also accepted in government organisations.So I enrolled for the exam in the month of Dec 2011 last year.....and got the results last week....and I passed....became a CDAC Certified Cyber Security Professional.The list of certified professionals is given at the link http://esikshak.in/eSikshak/professional_certified.html


2.   So in this post I am going to tell you few key features of this informative and excellent course :

- Name : CCCSP ie CDAC Certified Cyber Security Professional

- Duration : 6 months

- Certification Fees : Rs 7500/-

- Conducted By : CDAC,Hyderabad


-  Written test conducted at identified CDAC centres across India.

-   Duration of the test is 2 hours.

-  Two sections, 80% of objective type and 20% of subjective in the examination paper .

- 60% score in each section must required

-  The minimum score to get professional certification on average is 70%.

3.    More details available about this course at http://esikshak.in/eSikshak/help/English/eSikshak/CCCSP.html

4.    The certificate issued by C-DAC on CCCSP (C-DAC Certified Cyber Security Professional) is valid for 3 years from the date of issue. This is introduced, considering the importance of updating on-self on the latest security issues. 

5.   Thanks CDAC,Hyderabad.

Sunday, September 09, 2012

Wireless Data Transmission from every Light bulb : HAROLD HAAS


1.   As we always hear,the future is always bright and the present is always keeps waiting to see the future.So here is another bright news for all those intersted in knowing the speeds and media for data transmission in near future(...how near...lets see...m sire most of us willbe able to see this...tech demo is seen in the video).Before I start telling you about what news I am sharing with you here,a quote from Harold Haas,the inventor of this technology :

"Everywhere in a day there is light. Look around. Everywhere. Look at your smart phone. It has a flashlight, an LED flashlight. These are potential sources for high-speed data transmission.”

2.    Imagine using your car headlights to transmit data ... or surfing the web safely on a plane, tethered only by a line of sight.Promoting the invent as the D-Light, that uses a mathematical trick called OFDM (orthogonal frequency division multiplexing) allowing it to vary the intensity of the LED's output at a very fast rate, invisible to the human eye.The signal can be picked up by simple receivers. As of now, Haas is reporting data rates of up to 10 MBit/s per second that is faster than a typical broadband connection), and 100 MBit/s by the end of this year and possibly up to 1 GB in the future.He says: "It should be so cheap that it’s everywhere. Using the visible light spectrum, which comes for free, you can piggy-back existing wireless services on the back of lighting equipment.".Please watch this video from the TED talks by Harold Haas himself wherein he explains the technology behind in brief and shows the demo to the live audience.Simply jaw dropping for me...:-)


3.    In addition to this researchers in Germany have created the first white-light data links, which they claim can transfer information at rates up to 800 Mb s–1. The team has demonstrated a simplified version of the technology in an office building, where it managed to broadcast four high-definition video streams from overhead lights.


Tuesday, August 28, 2012

Cloud Threat : Malicious Insiders


1.   A lesser known fact but a serious threat comes in form of a malicious insider ie the people who work for the organisation delivering the cloud services.In a typical organisation,one malicious insider can put the company in serious trouble and embarassment unless all are monitored by placing strict access controls and policies.Thus the threat multifolds in capacity of doing damage in case of companies who offer cloud models as service since all services and customers under a single management domain, combined with a general lack of transparency into provider process and procedure. For example, a provider may not reveal how it grants employees access to physical and virtual assets, how it monitors these employees, or how it analyzes and reports on policy compliance.To complicate matters, there is often little or no visibility into the hiring standards and practices for cloud employees. This kind of situation clearly creates an attractive opportunity for an adversary — ranging from the hobbyist hacker, to organized crime, to corporate espionage, or even nation-state sponsored intrusion. The level of access granted could enable such an adversary to harvest confidential data or gain complete control over the cloud services with little or no risk of detection. 

2.   Recommendations by CSA are put up below :

-  Enforce strict supply chain management and conduct a comprehensive supplier assessment.

-  Specify human resource requirements as part of legal contracts.

-  Require transparency into overall information security and management practices, as well as compliance reporting.

-   Determine security breach notification processes.

3.   Thanks CSA

Cloud Threat : Unknown risk profile


1.    The best thing all of us like and promote about cloud is that we have very little and reduced investment in software and hardware and also that the cloud user is able to focus on his core business.Like for a bank he should not be worried about what server should he buy or what storage should he provision...the bank should be able to focus on how to improve the banking procedures and profits.So this way the distraction is less for the prime user.But at the same time these benefits must be weighed carefully against the contradictory security concerns which are complicated by the fact that cloud deployments are driven by anticipated benefits, by groups who may lose track of the security requirements and musts.Would ever the Bank,in an case example,bother to know the Versions of software, code updates, security practices, vulnerability profiles, intrusion attempts, and security design ?I am sure no bank would do that once they have outsourced their worries to the Cloud.Details and Information with whom the same infrastructure is being shared becomes critical.One loose hole and u get compromised.Although this is not so easy....but we should know that the cyber criminals and hackers work more then us to keep all of us on toes and if successful then on Knees:-)

2. An old, 2009, real case example exploiting this specific threat is available at http://www.pcworld.com/article/158038/heartland_has_no_heart_for_violated_customers.html

3.  Recommendations by CSA :

-  Disclosure of applicable logs and data.

-  Partial/full disclosure of infrastructure details (e.g., patch levels, firewalls, etc.).

-  Monitoring and alerting on necessary information.

Monday, August 27, 2012

Cloud Threat : Insecure Interfaces and APIs


1.    How does a typical cloud user interacts,manages and configures his cloud ? This interaction is achieved with Cloud Computing providers exposing the user to a set of software interfaces or APIs.Thus the overall demand,settings,managing and all configuration is achieved using this interface and APIs only.Thus comes the aspect of security of handling and designing these interfaces and APIs.The security and availability of ANY cloud service is dependent upon the security of these basic APIs. From authentication and access control to encryption and activity monitoring, these interfaces must be designed to protect against both accidental and malicious attempts to circumvent policy.Not only this,but all the third parties often build upon these interfaces to offer value-added services to their customers. This introduces the complexity of the new layered API.The recommended remediation's vide CSA are mentioned below :

- Analyze the security model of cloud provider interfaces.

- Ensure strong authentication and access controls are implemented in concert with encrypted transmission.

- Understand the dependency chain associated with the API

Cloud Threat : Shared Technology Issues


1.   When a computer processor is designed/manufactured...viz core 2 Duo or quad-core processor or for this purpose any processor,the processor doesn't know what will it be finally used for....I mean it may be used as a standalone machine or a server machine!!!Here's the issue..ie this processor was not meant to be used for cloud....but how does this matter?This matter because from the security point of view this processor was meant to support strong ISOLATION properties which is not the case in routine manufacturing.Only dependent on the hypervisors for the regular interface as discussed at an earlier post here.In cases of cloud we have to handle two platforms ..one is the OS running like windows or any other OS which comes along with inbuilt and already exploited vulnerabilities that keep getting patched(what about Zero day???) and the other is hypervisor vulnerabilities(just google on hypersvisor vulnerabilities and u see what's in store to get surprised).Both of these combined together would be deadly if not taken care of...because in the cloud world, reacting to a damage would be like taking some one to hospital after an accident or a bomb blast whereas it should be the other way round....remove all possibilities of the accident and ensure 100% secure Areas....latter being too tough to imagine in current environment.

2.   I read about this few years back when I was not very much clear on Cloud Computing concepts(though still naive but better then past!!! :-),there was an incident involving a hypervisor breach that was not widely publicized.Now if u know about XBox 360(is a video game console developed by Microsoft that competes with Sony's PlayStation 3 and Nintendo's Wii),it has an embedded hypervisor (surprisingly not Hyper-V),so it was some time in 2007, that there was a documented buffer overflow vulnerability in this hypervisor which could be exploited to gain access to the hypervisor mode and thus, to the entire system. Microsoft immediately released a patch for this.Now unlike regular Windows OS Option, patches are not optional for Xbox users. Thus,the patch was applied the next time a user connected to Xbox Live or installed a new game. Proof of concepts quickly appeared that exploited the hypervisor vulnerability as well as online documentation on how people have used the Xbox “hypervisor exploit” to crack their systems.(...got this info from http://blogs.gartner.com/neil_macdonald/2009/02/20/hypervisor-attacks-in-the-real-world/)

3.   Thus arises a need for strong secured compartments to ensure that the individual cloud users are not compromised in a manner that would ensure unmanageable losses in monitory terms as well as brand devaluation.The CSA gives the following point wise remidiation format for designing the policy boundaries to counter Shared Technology Issues : 

-  Promote strong authentication and access control for administrative access and operations.

-  Monitor environment for unauthorized changes/activity.

-  Enforce service level agreements for patching and vulnerability remediation.

-  Implement security best practices for installation/configuration.

-  Conduct vulnerability scanning and configuration audits.

Cloud Computing : The Darker Side


1.            Cloud computing…the word has generated enough buzz already across the corporate…the techies…the possibilities in future but all this comes at a backend question on security. If there is one thing that stops 80% of possible users using this powerful technology,it is only one aspect of it and that’s SECURITY….The question that comes in an auto mode to any possible cloud service enthusiast like how safe will be my data stored with them…even if its private who controls the key generation algorithms code…who is the single point of contact and so many…but perhaps evry question on this comes under one umbrella by the name of SECURITY…..

2.            So …are they right in thinking so?…when a technology that’s coming up so strong and so globally accepted  is it possible that the giant rise comes without an inbuilt security module? Actually it goes like right they are…the users…their fears stand right when they think about their data ownership.Released by https://cloudsecurityalliance.org,  in Dec 2010,they have identified few imminent threats in the sphere of cloud computing which they have meticulously covered under few major heads as identified below.These are not in the sequence of severity of threat as no seniority levels in this have been identified by the CSA.The original version of this paper by the Cloud Security Aalliance is at https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf

Threat  1: Shared Technology Issues
Threat  2: Insecure Interfaces and APIs
Threat  3: Unknown Risk Profile
Threat  4: Malicious Insiders
Threat  5: Data Loss or Leakage
Threat  6: Abuse and Nefarious Use of Cloud Computing
Threat  7: Account or Service Hijacking

3.            Each of these security threats, I plan to discuss further in other posts within the week or as I am able to spare time….read some from CSA and put it in the manner I understand that.Thanks https://cloudsecurityalliance.org

Thursday, August 23, 2012

Bulk SMS Ban : Carry on India

1.    The government has recently banned bulk SMS and MMS messages for 15 days in view of the exodus of people from the northeast from cities like Bangalore, Pune and Hyderabad, following rumours that they would be attacked.

2.    Now how do u feel about this ban?...do u think it is going to be effective?.....certainly not if it were actually the bulk sms that did the damage.Does'nt the govt know about various sites offering these services of bulk sms for free on a simple registration? or do they not know about various smart phones applications that can still send bulk sms via a different mode.Is it not known to them that this ban is going to be effective for pre paid owners only?....and not for post paid owners.

3.    These orders come like axing the problem instead of putting in efforts to manage it. Read the following paragraph@http://www.hindustantimes.com

"The five-SMS-per-day cap is adversely affecting a group of unsuspecting victims, the hearing impaired.A deaf individual sends up to 250 messages per day on an average as it is their only mode of conversation. "The five SMS cap is a real pain for us. It is the only way I can stay in touch with my family or friends when I go to college. If I want to have a proper conversation with someone, I have to send at least 50 messages. It is easy for people who can call and stay in touch. For us, this is the only mode that boosts our mobility. It is insensitive of the government to discount the deaf community when they take these decisions," said Mahesh P, a hearing impaired Delhi University student."

4.   Everi one knows that it is wrong...it is not effective...but hey come on ...carry on INDIA....it is just another passe...


Anti Keylogger : KeyScrambler

1.   How would u ever know that all your key logs on the PC are not being logged by a key logger working incognito in the background?...if u r not the SMARTEST....m sure u will never know....so what can u do to avoid that when u know u r equally prone like anyone across the web space?...stop typing...or use OSK(on screen keyboard) or use KEY SCRAMBLER....which would encrypt every key stroke that u type on your pc immediately as you type....available in three versions....at this site at http://www.qfxsoftware.com/index.html.The good news is that one version is free that will take care of most of you.....

2.   Something about KeyScrambler.....is an anti-keylogging program that encrypts user keystrokes at the keyboard driver level, deep in the operating system. The scrambled keys are indecipherable while they travel to the destination app so that no keylogger can steal your passwords or other crucial information. Thus it defeats known and unknown keyloggers.The unobtrusive overlay window lets realtime encryption in process so you know how and when KeyScrambler is working. 

Image Courtesy : http://www.qfxsoftware.com/index.html (Click to enlarge)

HOW IT WORKS ?

-   As u type, this simultaneously encrypting your keystrokes at the keyboard driver level. Because KeyScrambler is located in the kernel, deep in the operating system, it is difficult for key loggers to bypass the encryption.

-   While the encrypted keystrokes travel along the crucial path, it doesn't matter if they get logged, or whether the keylogging malware is known or brand new, because your keystrokes remain completely indecipherable the whole time.

-   When the encrypted keystrokes finally arrive at the destination app, the decryption component of KeyScrambler goes to work, and you see exactly the keys you've typed.

Tuesday, August 21, 2012

Excellent posts on 3D Printing

Would like to share link to this wonderful site at              http://www.3dprinter.net/author/mark for the best info on 3D Printers.....

Unbelievable world of 3D Printers!!!

1.   I read about 3D Printers few years back and then just forgot to follow the developments...and now when I googled about these printers it was completely a happy shocking event for me.....what I saw was printing actual toys....printing real life machine components...just watch these videos below to see it with your own eyes of what could be in offering in the very near future now on but first see these videos :


(This one is original from BBC)
2.   Might as well have shocked you..but these are just few from the thousands stored on the internet already......now read further....shocking is yet to come....that allows eatable food to be printed

3.   Will not be a big thing if some one tells or u come to know from somewhere that Google  offers free meals to their employees in their onsite cafeteria...so whats the big deal about this...a billionaire company can afford that!!!!!now if I tell you that Google’s cafeteria has a 3D printer in the kitchen that prints out pasta.... With customized-everything all the rage, why not pasta? And of all places, of course it would be at Google. Chef Bernard Faucher says that since everyone has their own favorite style of pasta, he can program their 3D printer to create any conceivable, printable shape..........(I read this from http://www.3dprinter.net/mama-mia-google-cooks-up-some-3d-printed-pasta)

4.   3D printers in food applications have recently been in news,but this is a first of any kind...i know reading till this much would have let you believe all this to be a bogus....but its a fact...and it is just tip of the iceberg of whats in store for future....

5.  For more on 3D Printing...please google and shock your self!!!!!!!!!

Saturday, August 18, 2012

BARE METAL ENVIRONMENT & HYPERVISORS

1.   I had till now been playing around with Virtual Machines for quiet some time . I started with loading xp on Vista around 2006-7 and then tried networking,played around with basic linux OS....but what I did everi time was that I loaded the host OS first and then allocated the desired resources in form of some RAM and HDD and then booting the new OS....but then I was wasting the host OS Resource that actually is running the various virtual machines on it.....so how to use that, is where Bare Metal Environment comes in to rescue.

2.    Simply told,a bare metal environment is a system in which a virtual machine is installed directly on hardware rather than within the host operating system (OS). The term "bare metal" refers to a hard disk, the usual medium on which a computer's OS is installed.But then how come it is called virtual when the machine is directly running on the hardware? So actually a kind of  a pseudonym since a virtual machine running directly on bare metal would technically not be a virtual machine. In such cases VMs run within a hypervisor which creates the abstraction layer between physical and virtual hardware. So whats Hypervisor?? :-)

3.    A hypervisor is actually the virtual machine manager (VMM), or a virtualization technique allowing multiple operating systems to run concurrently on a host computer. Multiple instances of a variety of operating systems may share the virtualized hardware resources.The hypervisors are classified into basically two types as follows :

Type 1 refers to bare metal hypervisors that run directly on the host's hardware to control the hardware and to manage guest operating systems. 

Type 2 refers to hypervisors that run within a conventional operating system environment. With the hypervisor layer as a distinct second software level, guest operating systems run at the third level above the hardware.This classification can be made more clear with the help of figures below :

TYPE 1 : THE NATIVE BARE METAL TYPE
(click to enlarge)

TYPE 2 : HOSTED TYPE


(click to enlarge)
4.    Thanks Wiki and http://forums.hornfans.com

Wednesday, August 15, 2012

Cloud Computing & Virtualisation

 1.    Recently got an opportunity to give a presentation to a school/college audience about whats all the fuzz of Cloud Computing and Virtualization about?I tried building up the presentation from scratch to handling some secuity issues in the cloud.The copy is for you to see for reference : 

Cloud computing and Virtualisation

Power Searching with GOOGLE :Get Certified


1.   Few weeks back I came across a link in some blog that said the following :

"Google is offering a new free, 13 days, certification program on 'Google Power Searching' .The course is totally free and registration ends on July 16th. The course will sharpen your internet searching skill and help you learn advanced tricks to make internet searches. There are several short activities as a part of the course. Once the course is completed, a printable Google certificate will be emailed to you."

So the next thing I looked for was registering for the same....and yes it happened exactly the same way as was expected....the course started on time....i attended on line classes with wonderful simple videos to understand by google itself...became more crued up with the serch engine tools and tricks...appeared for the exams and i got the certificate as shown below.



2.  Would like to recommend this to everi one who googles....it really makes you a stronger searcher....for more details what else...u GOOGLE....

Saturday, August 11, 2012

FinFisher : THE LAWFUL INTERCEPTOR


1.  Some thing to read here about one security software named FINFISHER thats making some news...a sequence wise time line of events related to this is produced below : 

-  FinFisher is security software. 

-  Marketed by Gamma International to various government security officials assuring that it could be covertly installed on suspect's computers through exploiting security lapses.

-  In the name of Lawful Interception (LI), FinFisher was found in the Egyptian Secret Police Spy headquarters used to track people down during the revolution when Egyptian dissidents ransacked the office's of Egypt's secret police during the overthrow of President Hosni Mubarak 

-  Egyptian dissidents who ransacked the office discovered a contract with Gamma International for £287,000 for a license to run the FinFisher software.

-  A security flaw in so called "designed secure" applications like Apple's iTunes allowed unauthorized third parties to use iTunes online update procedures to install unauthorized programs.Gamma International offered presentations to government security officials at security software trade shows where they described to security officials how to covertly install the FinFisher spy software on suspect's computers using iTunes' update procedures.

FEATURES OF FINFISHER

-  FinFisher is able to record Skype and other voice over IP communications.

-  Logs keystrokes and turn on a computer's webcam and microphone. 

-  Can also steal files from a hard disk

-  Built to bypass dozens of antivirus systems.

-  Presently found across 12 C&C servers in 10 countries: the US, Indonesia, Australia, Qatar, Ethiopia, Czech Republic, Estonia, Mongolia, Latvia and Dubai.

-  Not confirmed by any govt agencies as being used officially but then who else would at such a large scale???

-  Expected to be particularly difficult to detect. 

-  Used to access target Systems to give full access to stored information with the ability to take control of target systems' functions to the point of capturing encrypted data and communications. 

"When used in combination with enhanced remote deployment methods, the Government Agencies will have the capability to remotely deploy software on target systems".............................extract from official finfisher site at http://www.finfisher.com/FinFisher/en/portfolio.php

Wednesday, August 08, 2012

Bitter Truth : If NOT on FB,u r INSANE!!!

1.   Read this article today vide a TOI post that says that if you are not on FB ur insane.Facebook revolution has become so important aspect in people's lives, that increasing number of employers, and psychologists, believe people who aren't on social networking sites, could be insane....does that bring a exclamation mark on ur face...it did to me.....the post is available here

2.   It is strange that such things come as a analysis/study reports from psychologists......it lets us know how psycho are these psychologists who r deeply gripped by the FB revol...

Monday, July 16, 2012

Cross OS Trojan : @ If...Then...else :-)

1.    Got this at THN.We often feel stronger when we use some kind of a open source linux OS instead of the regular pirated or even genuine Windows OS incl XP/WIN7 etc.But what i got here was a simple trojan dropper code that is based on the found out OS...IF LINUX then this trojan...or if windows then the other one....the snap shot from the original THN site is here @ http://thehackernews.com/2012/07/cross-platform-trojan-mac-windows-linux.html

2.    F-Secure has found this web exploit that detects the OS of the computer and drops the relevant trojan to match.The attack was first seen on a Columbian transport website which had been hacked by a third party. This malware is known as GetShell.A and requires users to approve a Java applet installation.It detects if you're running Windows, Mac OS X, or Linux, and then downloads the corresponding malware for your platform. The malicious files developed for each type of OS connect to the same Command & Control server that F-Secure has localized at IP address 186.87.69.249.

Tuesday, July 10, 2012

The Amazing Spider Man BINGS!!! does not Google

1.    Watched yesterday...the new spider man movie that's THE AMAZING SPIDER MAN...and noticed one special thing which few of you might not have...the search conducted by our hero was on the search engine Bing....and I could see the Microsoft guys smiling.....but it snapped quiet a funny number of tweets of which my fav one is this one by one Sarahtb0

The Amazing Spider-Man was pretty realistic until Peter Parker used Bing as his search engine.

2.   Now was this some kind of a tie up between Microsoft and Spider Man to lure audience further damage the Google proprietary in the search engine web....or was it scripted like normal..it could have been google also!!!!

Sunday, July 08, 2012

9TH JULY 2012 : R u a Victim?

1. All the fuss about 9th July that says about the risk of "DNSChanger" malware, which will result in your computer getting disconnected from the Web on July 9 if you don't clean it up. You won't be able to go online, and you'll need to contact your service service provider for help getting the malware deleted before you can reconnect to the Internet....strange it may sound...but it is true...even the FBI has given a warning sort at its link here at https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS

2.  Just to check if u r a likely victim,McAfee has created a link at www.mcafee.com/dnscheck for you to find out if u r a likely victim or not ? I checked out the same on my PC....it showed the following screen shot.....

3.   Do check out urs....and rectify if need be....

Wednesday, July 04, 2012

Cloud Computing : A dummies over view!!!! - 1


1.   Cloud computing is ALREADY the next stage in evolution of the Internet. The cloud in cloud computing provides the means through which everything from computing power to computing infrastructure,applications, business processes to personal collaboration — can be delivered to you as a service wherever and whenever you need.Cloud computing is offered in different forms:

- Public clouds
- Private clouds
- Hybrid clouds, which combine both public and private

2.   In general the cloud is similar to fluid that can easily expand and contract. This elasticity means that users can request additional resources on demand and just as easily deprovision (or release) those resources when they’re no longer needed. This elasticity is one of the main reasons individual, business, and IT users are steadily moving to the cloud.In the traditional data center it has always been possible to add and release resources but we all know how much effort generally goes in. 

3.   This doesn’t mean that all applications, services, and processes will necessarily be moved to the cloud. Many businesses are much more cautious and are taking a hard look at their most strategic business processes and intellectual property to determine which computing assets need to remain under internal company control and which computing assets could be moved to the cloud.

4.   The cloud itself is a set of hardware, networks, storage, services, and interfaces that enable the delivery of computing as a service. Cloud services include the following :

- IaaS(Infrastructure as a service) : Infrastructure as a Service is a provision model in which an organization outsources the equipment used to support operations, including storage, hardware, servers and networking components. The service provider owns the equipment and is responsible for housing, running and maintaining it. The client typically pays on a per-use basis.

- PaaS(Platform as a Service) : Platform as a Service (PaaS) is a way to rent hardware, operating systems, storage and network capacity over the Internet. The service delivery model allows the customer to rent virtualized servers and associated services for running existing applications or developing and testing new ones.

- SaaS ( Software as a Service) : Software as a Service (SaaS) is a software distribution model in which applications are hosted by a vendor or service provider and made available to customers over a network, typically the Internet.


6.   Now that goes as the most simple intoruction for a cloud computing over view...the main part starts now...how about the security aspects for each of these...that will be in slightly more detail in subsequent posts...

Sunday, July 01, 2012

The Hackers Conference: Delhi@29 July 2012


1.   This is a wonderful opportunity for those who wish to see the latest in the world of Hacking...if not the latest...u might hear few golden words from renowned speakers.This is about the HACKERS CONFERENCE @ Delhi on 29 July 2012.

2.   The Hackers Conference is a unique event, where the elite of the hacker world, leaders in the information security industry and the Internet community meet face to face to join their efforts to cooperate in addressing the most topical issues of the IT world.



3.   Conference will be held in New Delhi and aims to get together Industry, Government, Academia and Underground hackers to share knowledge and leading-edge ideas about information security and everything related to it.

4.   This will see a galaxy of renowned speakers presenting 0-Day Vulnerabilities, Exploits and Android/Blackberry/iPhone Hacks. Apart from Speakers presenting on WI-FI and Web Application Security the Special invitees from government Intelligence agencies will also speak on National Security Issues emerging from Scada Hacking. 

5.   More details at http://www.thehackersconference.com/

Mantralaya fire@Mumbai and Cloud


1.   The recent Mumbai Mantralaya Fire wherein few sad and undesired casualties took place and more then 2000 computers were destroyed is one example which shows the sad state of affairs in terms of fire fighting preparations and state of taking critical backup in important institutions like mantralaya's and ministries....Offcourse,the loss of human lives has no substitute and my sincere condolences to the berieved families...



2.   In the given case,no one would actually cry over the damage of 2000 computers...all would be worried about all the files and data that were stored on them(..infact few would have been happy to bid good bye to the 486 and celerons with 256 mb that they used to fight day in/out :-).....now had some one realised the importance of CLOUD here at some point of time earlier,the damage of data could have been averted.How ?


3.   It is indeed surprising for me that in the blog's five year existence,there has been very limited text on CLOUD COMPUTING....so let me start a Part series (in subsequent new posts)starting from Introduction to the advantages and the more important security threats that emanate on adopting the cloud.....

Tuesday, June 19, 2012

Internet Explorer : Vulnerable as always!!!


1.   Microsoft IE vulnerability CVE-2012-1889 is the latest to generate interest amongst avid cyber security readers. The special thing about this vulnerability is that it focusses on users using Gmail, MS Office and Internet Explorer. And the sad thing is that this is still a ZERO day exploit...... Rapid 7,Security software company,explains the vulnerability as follows:

“This is an uninitialized memory bug found in MSXML. According to Microsoft, such a component can be loaded from either Internet Explorer and Microsoft Office. This vulnerability is rumored to be “state-sponsored”, and what makes it really critical is it’s still an 0-day hijacking Gmail accounts. That’s right, that means if you’re using Gmail as well as Internet Explorer or Microsoft Office, you’re at risk. We expect this vulnerability to grow even more dangerous since there’s no patch, and it’s rather easy to trigger.”

2.    Whatever may say...majority of the users still by default keep using IE across the globe....when I see my own blog stats,about 60 % of the visitors use IE...and as we all keep seeing the exponential growth in the users of internet across the globe....but sadly the awareness level of how vulnerable they all are is unknown and is growing at a similar rate!!!

3.    Got the reference from here.Thanks https://community.rapid7.com.

Monday, June 18, 2012

FLAME on way to commit SUICIDE ?


1.    Further to my post on FLAME earlier which made a point wise summary based on my various reads across the web,here is something more interesting.....

2.    The creators of Flame have sent a 'suicide' command that removes it from infected computers ie  it has gotten orders to vanish, leaving no trace.As was mentioned in the post earlier that Flame may delete itself from systems that have been fully exploited without leaving any trace has come true soon......

3.   More on the subject at the link ahead and Thanks THN


Saturday, June 16, 2012

Zoomit : Incredibly Useful Tool from Microsoft


1.     In any of the presentations or on screen visuals on projections system to a live audience we invariably require sometimes to let the audience get focused on something we would like them to see only on the screen......I mean zooming on a portion of screen without getting into the practise of coming out of ppt or ur application and running magnifier or some similar third party application.....here's what zoomit does free for you without any major installation worries!!!

2.   ZoomIt is screen zoom and annotation tool for technical presentations that include application demonstrations. ZoomIt runs unobtrusively in the tray and activates with customizable hotkeys to zoom in on an area of the screen, move around while zoomed, and draw on the zoomed image. I wrote ZoomIt to fit my specific needs and use it in all my presentations.ZoomIt works on all versions of Windows and you can use pen input for ZoomIt drawing on tablet PCs.



3.  Download and start using it .....from http://technet.microsoft.com/en-us/sysinternals/bb897434.aspx

Monday, June 11, 2012

The Lightest Browser : BROWZAR

1.  In the world of browsers when we have chrome...mozilla...safari...opera..and many others.fight it out at ACID3 benchmarking levels...we have a small browser here....thats only in KBs....by the name of BROWZAR.Few good things and features are mentioned below :

-  Takes seconds to download

-  No installation

-  No registration

-  One of the smallest, fastest browsers in the world

-   Just download and go

-   Doesn't save Cookies, History, Temp files, Passwords, Cache

-   Secure delete

-   Great for Banking and Cloud applications

-   Carry it with you on a USB stick

-   Great for shared computers

-   Use it on a friend's PC, Internet Cafe, Work PC, on Holiday

-   Automatically cleans up when you've finished

-   Only 222Kb...u read that right!!!only 222Kb

2.   Test and Download at http://www.browzar.com/.

Powered By Blogger