| Edward's profile(tilii) Telling IT Like ...PhotosBlogLists |  Tools  Help |
(tilii) Telling IT Like IT Is !By: Edward P Gibson |
||||||||||||
|
|
|||||||||||
|
May 27 Exceptional Article About Your Unsecured Computer - “Not only are you a hazard to yourself, but you are a hazard to everyone on the Internet” @EdGibson2009
(Click on Graphic to enlarge) The graphic above shows the different reasons criminals may want access to your system. I've explained each category in more detail below:
Illicit Web Hosting: Cyber criminals commonly use hacked PCs as a host for a variety of dodgy Web hosting schemes, including: o Spam Web sites o Phishing Web sites o Malware download sites o "Warez" servers, or hosts for pirated software and movies. o Child pornography servers
Zombie Grunt Work: o Relaying junk e-mail o Participating in so-called denial-of-service attacks designed to extort money from Web sites by pelting them with massive amounts of bogus Web traffic if they refuse to pay protection money; o Engaging in "click fraud," which uses zombies to gin up fake mouse clicks for networks of phony Web sites that siphon money from advertisers. o Serving as a proxy through which bad guys route their Web traffic. o Providing computational power that criminals use to help solve CAPTCHA challenges, the squiggly lines of numbers and letters many free Web mail services require you to solve - designed to tell humans apart from zombies. E-Mail/Webmail Attacks: An infected PC potentially has great value to spammers and attackers beyond simply acting as a relay for junk e-mail. For example, compromised systems typically are harvested for e-mail addresses that will be sold and used in future phishing and spam attacks.
An attacker doesn't need to compromise an Internet user's computer to wreak havoc with their identity and online life. A compromised Webmail account, for example, can yield a bounty of useful information because many people often will use the same e-mail address and password for multiple services. (Even if the victim uses different passwords at each service, usually those passwords can be reset as long as the attacker has access to the victim's inbox).
Hacked Webmail accounts also frequently are used to scam the victim's friends. Sometimes, crooks will use a hijacked Webmail account to blast out tailored spam to all of the victim's contacts, usually recommending some no-name, bargain basement e-commerce site that is set up merely to steal credit and debit card information.
Another long-running scam involving hacked Webmail accounts goes like this: Scammers blast out a note to all of the victim's contacts, claiming that the victim has become stranded in some foreign country and desperately needs friends and family to wire money.
Account Credentials: Any stored credentials -- particularly user names and passwords for online services - are fair game on hacked PCs. Stolen eBay credentials often are used to abuse the victim's good reputation and used to list non-existent or stolen items for auction. Compromised Paypal records can aid in these bogus auctions as well, or drained of its funds. Credentials for voice-over-IP or Internet-based telephone services like Skype also are a hot item on underground cyber criminal forums, because they can be used to mask the caller's location and aid in a variety of scams.
Credentials that victims use to administer Web sites -- even social networking site Web pages -- can be of huge value to cyber crooks. A number of automated threats will scrape credentials that victims use to transfer files to and from any personal or professional Web sites they may administer. Stolen file transfer protocol (FTP) credentials, for example, give attackers control over the victim's site, which is often then use to host malicious programs or other illicit content that helps further a variety of online criminal schemes.
Finally, credentials that allow access to the network of the victim's employer or company can be of great interest to digital thieves. In many corporate environments, employees cannot log in remotely without having a special, password protected encryption certificate saved on their computer. Some families of malicious software -- including the Sinowal or Torpig Trojan -- will try to steal these certs from infected systems.
Virtual Goods: Virtual goods, those that have seemingly intangible value, are among the most sought-after commodities in the general hacking scene. Entire families of malware exist to harvest license keys for thousands of computer games and steal credentials that gain access to online games in which a player's worth is determined largely by the amount of virtual goods his or her character has amassed. There is a mature, multi-billion dollar market for these accounts, and the goods themselves, at least some of which is stolen from compromised PCs.
Financial Credentials: When casual Internet users think about the value of their PC to cyber crooks, they typically think stolen credit card numbers and online banking passwords. But as we have seen, those credentials are but one potential area of interest for attackers.
By Brian Krebs | May 26, 2009; 2:12 PM ET / Washington Post May 21 Robertson Road - The Beginning. . . had to tell him again. . . and again, moved closer to him to make sure he knew I wasn't joking. Why didn't he just get with the program. "Why do I have to spread 'em, you like what you see? This ain't a job to you, you love looking at it don't you." "Turn around, bend over and spread 'em," he said in the same nasal monotone that was distinctly his, completely bored, not even looking anymore, just a job, routine, knows there is no place us 'inmates' could hide anything. . . just a job. "Open your mouth", same voice, same disinterest. "Stick out your tongue, up and down - you know the drill." Oh yes, I knew the drill, after 14 years and who cares how many months, they didn't care, I wasn't going anyplace, life without parole, every day the same . . . "Hands up, fingers." He didn't see it . . .he didn't . . see . . it. Adrenalin, keep still, careful. . .hadn't felt that rush since the last drop, years ago. He didn't see it. Face feeling flush, careful, can't change, can't draw his attention. "Okay, dress. . .visitor bay, now!"
"Robertson Road - The Beginning". . .will change you forever. The above excerpt from inside Supermax, Florence, Colorado, the only supermax prison in the Federal prison system. The book continues to evolve. I'm going to miss a September milestone as life has gotten in the way. Stay tuned.
May 18 When The Inmates Have No Rules, The Inmates Will Make The Rules - Everything You Wanted to Know About Parliamentary ExpensesDon't know about you, but I am fed up with hearing about the MP Expense row. Not because of some of the crooked things we are hearing about . . . but what we are not hearing about. <what is that then Gibson as I shake my head in disbelief> It's the deafening silence when trying to hear what the Prison Warders are doing about the RULES that allowed all this to happen to begin with. When the inmates have no rules, the inmates will make the rules . . .and we need look no further than that. I suspect there was a time when the gentlemen of the Houses of Parliament 'just did the right thing' - the days when a handshake meant more than life itself (and yes, I do remember the days when a handshake meant honour, reputation, and who you were). But we are well past those days. 'No rules, we'll make the rules.'
Yes, it is sad to hear about the things that are going on. Jacqui Smith, Home Secretary - okay her husband had the taxpayers pay for a couple of porn movies - bad enough, but then Smith doesn't have the sense to stay away from a sex clothes shop (where her photo is taken of course) no less than 24 hrs within the span of time of the expose - that says more about her (lack of) understanding of the problem than her paying for her husband's porn movies - and by the way, was it him that really watched the porn movies or was he simply the fall guy? The two MPs who couldn't remember that they had paid off their mortgages. If there is one thing I will remember in life it's when I pay off my mortgage - but maybe I'm different.
But these stories, and many hundreds more like them miss two critical points:
1) If the claims were according to their RULES, then no one can complain about what they spent the money on. Yes, we may think certain of the purchases, or expenses don't pass the smell test, but if smell were the deciding factor we'd likely do away with A) Young males whose wealthy daddy's bought them very expensive cars which they think they can park anyplace they please because they are rich; B) Starbucks because they are everywhere and we don't like things that are in our face EVERYWHERE; C) The little soapies in hotel rooms that come shrink wrapped with celophane making it impossible to remove before use (why doesn't someone think of some way to make that wrapping stuff biodegradable so it dissolves in water); D) Marmite / Vegamite; E) and Toilets.
2) There were many MPs/ Peers who didn't abuse the RULES at all, but unfortunately they are being tarred with the same broad brush - don't let that small thinking happen to you. In this case, one bad apple (or many bad apples) don't ruin the lot. But it does throw a lot of mud on the good ones and we must remember to lay blame where due, not on the good apples.
One final thing - had the Peers in the House of Lords been caught out in any other country for taking bribes to influence legislation they would be facing prison time. In the UK however they get a 60 day suspension. What they did (if one can believe the video tapes) was nothing short of taking bribes (or close thereto) for influence. This is fraud and worse. Yet we moan, whinge in private, and think it is disgusting, but where is the public outcry? Where are the crowds on the Mall or in Parliament Square in front of the House of Parliament? No where to be seen.
If you are not part of the solution you are part of the problem. If you want things to change then you must replace the Guards in the Asylum to make sure the Inmates understand their are new rules in town. Until I see you in Parliament Square demanding change, then don't complain to me because right now I'm in line to collect my £22,000 annual stipend to pay for my £100 a month flat that is my family home inside Portcullis House.
Until next time, I'm furious! April 16 Paul Potts - you are a Star as well - Thank you!!!I was just telling my good friend Cliff Evans about Susan Boyle, whom he enjoyed watching. Cliff then told me to watch Paul Potts' appearance. I did, and here is one humble person who had worked at Carphone Warehouse - take a moment and listen to Paul Potts on Britain's Got Talent. If you have come across a videocast of someone like Paul, or Sally, let me know so I can post their appearance - tears welled in my eyes when watching Paul. I have great admiration for Paul and others who but for one chance on the podium . . . April 15 If this doesn't change your thoughts on judging a book by its cover, nothing will . . .I just saw Susan Boyle singing on "Britains Got Talent" and if this doesn't sway even the most hardened person who judges others by their 'cover' then nothing will. Before reading further please click on this video and see Susan Boyle Fulfill A Dream. Really - watch the video before reading further or the following won't make much sense.
Susan Boyle - you are the STAR! You are proud of who you are. You are proud of being 47, 'almost 48', and claiming to not ever have been kissed ('though that wasn't an advert'), you are real - you fulfilled more than just your dreams, you fulfilled the dreams of millions who aren't airbrushed in People mag, or 'Oui, or <fill in the blank with the name of any magazine that causes women to believe the 'cover' is more important than being able to talk, walk, and contribute to society - all at once>. I hope you make it beyond your wildest imaginations. The fact that over 6 million people have already downloaded just one of the many various video streams of your appearance on Britains Got Talent should be proof bar none that you are a dream come true. I am proud of you. March 28 Eggs - the story lives onWhy is it when you go to a restaurant you can order one egg and water for £3.95, and two eggs with water for £4.25? Don't you ever wonder what's wrong with the second egg? Eggs were good for us in the mid-60s, then bad for us in the 70s and 80s, and neither good nor bad in the 90s, and now they are good for us again. I feel bad for the chickens frankly. One day they are our friends, the next they are vilified. I wonder why the animal rights activists aren't all over chicken farms that require its chickens to lay LARGE eggs - can you imagine, it must be like child birth every day. Yes, animal rights people - unite. Unite against consumers of LARGE eggs and the bad chicken farmers that force such hard labour. Medium eggs - good for the chicken, good for you and me. Moscow - A City of . . .I had the wonderful opportunity to return to Moscow, the last trip was over 5 years ago. What a difference. Last time I carried my FBI credentials and was on FBI business. With that comes full time 'protection'. Okay, they would call it 'overt survillance' of a foreign service, but whatever term you want to apply - nothing was going to happen to me unless 'they' said it would - and if they said it would or wouldn't, it would . . . or wouldn't. My hotel room was likely 'bugged' with audio and video surveillance and no doubt once they reviewed the tapes they must have thought that if I was the 'typical FBI Agent' then surely they had nothing at all to worrry about. This time around - no 'protection'. Yes, the cold war was . . .
Skyscrapers - non-existent then, abound in the 'city center' today. This really shouldn't have come as a surprise. Hey, with all the Russian spam I'm getting in my junk folkder and in-box advertising Viagra and other extremity enhancers, no doubt the buildings were self-erecting . . .
One of my new friends in Moscow claimed the gov't was making great progress in making Moscow more tourist friendly. For sure, the first thing could be an entry process that didn't take 8-10 weeks for a VISA. He said the hope is in another 5 years the metro, train stations, hotels, would be marked in Russian and English, and incorporate more International standard markings for toilets, exits, stop/go, airports, train stations, the usual. Though at first I thought this would be a good thing, on reflection I hesitated. One aspect of going to a foreign country is the language, and it not being just like the place you left. If every country and city has a McDonalds, facilitates use of English, has similar currency, and is drowning in tourists can it retain the 'foreign' feel?
It was good to see a few of the old haunts and many new ones. And it was good to be on an airplane that didn't know the meaning of a TV on the back of every seat (or even in the entire airplane), hostile cabin crews, and seat cushions that had seen one too many butts. The crew were very friendly, the food was good, and the 4 1/2 hour flight from Heathrow 'flew by'. February 26 Have been radio silent for over a month . . . what's going on?What's that old saying, 'A recession is when your neighbor is made redundant; a depression is when you're made redundant.' It's all perspective. Right now I'm in a recession. Several of my neighbors (work colleagues) are in a depression. Whether you or I will be in a depression is anyone's guess. And the thing of it is we just don't know what's around the corner. It's that sickening feeling when the phone rings and the HR person is on the other end, or even worse, the Big Cheese. And if it's HR and the Big Cheese . . . well, you might just as well figure it's the big one. You ain't gonna be ridin' the promotion wave anymore. Though I've not ever been 'laid off' or made redundant, I've come close a couple of times and your life changes. The fear of course is debilitating. Any business that has had or has announced a certain number of redundancies doesn't just impact those who are made redundant, but the entire employee population will forever be on pins and needles. Once that fragment of trust is broken, trust created by a mutual bond between employee and boss, or employee and 'the company', it's forever broken. Because now every employee knows irrespective of job performance, the number of over time hours worked for no recognition, the many times you've skipped weekends 'for the boss', does not make a hill of beans - the next one could be you. You're gone, out, possibly even walked out of your office to make certain you don't take a few customer lists, or internal IP. . . you know the drill. Today you're the recipient of a 'gold star', tomorrow you're star ain't gold anymore, in fact, they don't even remember your star.
Unfortunately, it's a fact of life. We just hope it's a fact of someone else's life. Are you prepared? I am - I simply ain't taking calls from HR and the Big Cheese. January 20 OKAYYYYY....Today is Inauguration Day in the United States. . .. . . and I'm proud. January 20, 2009 is a historic day by anyone's calculation. An orderly transition of an Administration out and the new one in; not many countries are so fortunate. The UK is another with an orderly transition process, once it's decided when an election will occur, irrespective of whether the incumbent was 'elected' or not. I smile when I hear pundits against Gordon Brown complain that 'he was never elected'. Hmmm....as I understand the process in the UK no one (NO ONE) votes for any Prime Minister. Tony Blair wasn't elected, the party to which he signed up to was elected. And this process works well so long as 'the Party' sticks to one train of thought, and the opposition party sticks to its line of thinking. When I ask UK citizens why they would vote for an MP when they don't like that person, the response, "We vote for the Party, not the individual."
Okay, I get that! But how is it that when that person gets into office complaints become personal rather than against 'the Party' as a whole? I dare say irrespective of which Party a person belongs to they still have a mind of their own, right? To think otherwise would beg the question of why are there so many MPs (645+ depending on whether it's raining or the sun is shining)? If each member of THE PARTY is to toe the party line, then why not just have 3 MPS, one for each major party, and one from one of the fringe parties. Then when they voted on who would be Prime Minister, they would all be fired. Sound outrageous? What sounds outrageous is having 646 elections when it is the party being voted on, not the person, and supporting such a large infrastructure.
I'd love to hear your thoughts on this. Some of course will say I have no right to 'judge' the UK system because I'm an outsider. I'm not judging anything, but really would like to understand how people feel about it. Use the button below to send me a mail. January 19 Life is what's happening while you are waiting for something elseI've reached 'that age' of realization that I'm just not going to be able to do things I had wanted to do when I was years younger. And I'm not bothered by it - that's the unnerving part. Oh, I am still going to learn how to ball room dance, go to the Opera, learn how to play the piano, and if I can work up the nerve I'd love to take singing lessons. I can sing fairly good, but I want to be very good. Then life gets in the way. You see, in my mind I'm never going to be 'old' - therefore I'll have years and years to do all this stuff and more. The truth however - I am getting older - and some things just don't matter like they did even 5 years ago. On the flip side, there are things that matter a whole lot more than they did 5 years ago - and directly due to getting older. I guess each of us finds and replaces priorities in a different way, and at different times. Each of us does have one similar priority and that's to remember that all any of us has at the end of the day is our individual reputation. Each of us is someone's hero. You may never know or meet that person but you can be very sure your actions or words are impactful. When you look in the mirror do you see what that person sees? Start today by giving away as many smiles as you possibly can. Don't charge for them, no quid pro quo. Just give them away. Because we never know how many more tomorrows we have. |
||||||||||||
|
|
+Telling+IT+Like+IT+Is+!+-+Windows+Live&referrer=){kind=small}
