Join the God Side, Jesus is Coming…….

Archive for February, 2010

Free but invaluable security service

Source: pcworld

Since the vast majority of malware infections start with a Web download or e-mail attachment, the Web site offers an invaluable security service. It will scan any Web download, e-mail attachment or other file you send it with 40-odd different antivirus scanners to let you know whether it’s safe for your computer.

The free VirusTotal Uploader utility makes sending a file to the site a breeze by adding a new right-click option for any file.

VirusTotal’s excellent free service, a must-have for your security arsenal.


Facebook users ‘easy prey’


Facebook users have become easy prey for criminals as more and more people share personal information on the social networking site, says a computer anti-virus company.

Criminals are harvesting and selling Facebook users’ information, stealing identities, sending spam and planting viruses, according to AVG (AU/NZ).

“People put themselves at risk every day by carelessly clicking on invitations sent by ‘friends’ to join groups or write on their wall,” AVG marketing manager Lloyd Borrett said.

“They put all their personal information including date of birth and photos on their page. They even respond to fake Facebook requests for security details.”

To help people stay safe on Facebook, AVG gave 10 tips:

1. Think about who you add:accepting a friend request provides your new mate with access to posts, photographs, messages and background information about yourself.

2. Check privacy settings: Facebook recently got a face-lift, changing default privacy settings.

3. Why are you on Facebook? Is it just to share photos? Keep in touch with people? Share links and updates of your activities? Ask yourself what you want to achieve with your profile.

4. Be smart about your password

5. Be aware of where you sign in from: When signing in from a different computer, check that it doesn’t store your e-mail address and password.

6. Be careful what you say: once status updates and comments are posted, anyone can see, copy, and post it elsewhere.

7. Watch out for phishing attacks: there have been numerous attempts to get users’ login and passwords by tricking them with fake Facebook e-mails. Never select any e-mail links asking you to reset your password.

8. Take immediate action: If friends start receiving spam from you or status updates appear that you didn’t make, your account may be compromised. Immediately change your password. If you can’t log into your account, go to the Help link at the bottom of any Facebook page and click on “security” to notify Facebook.

9. Protect your mobile device: Many mobile phones have direct access to social networking sites, including Facebook. Be mindful about who has access to your cellphone and make sure you log off the sites.

10. Monitor suspicious activity: Watch out for suspicious activity on your wall, news feeds and Facebook inbox.

Bad account management leads to breaches

Source: fiercecio

Outside intruders from distant places may pose a great threat to company security, but there is often another culprit: Poor in-house account management.

Security experts say there have been a number of cases of former employees stealing proprietary information by using old account or login credentials that have not been changed. In some instances, hackers with no connection to a firm can find the old account information and use it to their nefarious advantage.

If companies seek to keep track of accounts, they often do so manually, and that is not always an efficient or successful way to operate.

Chip and PIN is broken, say researchers


Chip-and-PIN readers can be tricked into accepting transactions without a valid personal identification number, opening the door to fraud, researchers have found.

Researchers at Cambridge University have found a fundamental flaw in the EMV — Europay, MasterCard, Visa — protocol that underlies chip-and-PIN validation for debit and credit cards.

As a consequence, a device can be created to modify and intercept communications between a card and a point-of-sale terminal, and fool the terminal into accepting that a PIN verification has succeeded.

The researchers conducted an attack that succeeded in tricking a card reader into authenticating a transaction, even though no valid PIN was entered. In a later test, they managed to authenticate transactions, without the correct PIN, with valid cards from six different card issuers. Those issuers were Barclaycard, Co-operative Bank, Halifax, Bank of Scotland, HSBC and John Lewis.

The central problem with the EMV protocol is that it allows the card and the terminal to generate ambiguous data about the verification process, which the bank will accept as valid.

In particular, the terminal can record that a PIN verification has taken place, while the card itself receives a verification message that does not specify that a PIN has been used. The resultant authorisation by the terminal is accepted by the bank, and the transaction goes ahead.

Keep your machine cool

Source: NewHorizons-etips

The fans in your computer may not be able to keep your machine cool when you add higher powered cards. Increased temperature may damage your computer components. One solution is to add another cooling fan to your system, rather than try to upgrade what you already have. You can attach inexpensive ($10.00 – $20.00 range) exhaust fans to any open ISA or PCI slot in the PC case. The quiet, reliable little fan sucks all the hot air out of the box and blows it through the slot vent. The fans are powered by a standard connection to your computer’s power supply harness. A search for Expansion Slot Fan displays hundreds of sources for this type of device.

Protecting Portable Devices: Data Security

Source: US-CERT

In addition to taking precautions to protect your portable devices, it is
important to add another layer of security by protecting the data itself.

Why do you need another layer of protection?

Although there are ways to physically protect your laptop, PDA, or other
portable device (see Protecting Portable Devices: Physical Security for more
information), there is no guarantee that it won’t be stolen. After all, as
the name suggests, portable devices are designed to be easily transported.
The theft itself is, at the very least, frustrating, inconvenient, and
unnerving, but the exposure of information on the device could have serious
consequences. Also, remember that any devices that are connected to the
internet, especially if it is a wireless connection, are also susceptible to
network attacks.

What can you do?

* Use passwords correctly – In the process of getting to the information
on your portable device, you probably encounter multiple prompts for
passwords. Take advantage of this security. Don’t choose options that
allow your computer to remember passwords, don’t choose passwords that
thieves  could easily guess, use different passwords for different
programs, and take advantage of additional authentication methods

* Consider storing important data separately – There are many forms of storage media, including CDs, DVDs, and removable flash drives (also
known as USB drives or thumb drives). By saving your data on removable
media and keeping it in a different location (e.g., in your suitcase
instead of your laptop bag), you can protect your data even if your
laptop is stolen.

* Encrypt files – By encrypting files, you ensure that unauthorized people
can’t view data even if they can physically access it. You may also want
to consider options for full disk encryption, which prevents a thief
from  even starting your laptop without a passphrase. When you use
encryption, it is important to remember your passwords and passphrases;
if you forget or lose them, you may lose your data.

* Install and maintain anti-virus software

* Install and maintain a firewall

* Back up your data

Study on military homosexual ban – disappointing

Source: onenewsnow

A conservative military watchdog is disappointed that the Defense Department is going to conduct a study on the feasibility of lifting the ban on homosexuals serving in the military.

During last week’s State of the Union address, President Obama urged Congress to repeal the 1993 law known as Section 654, Title 10, which strictly prohibits homosexuals from serving in the military. In response, Defense Secretary Robert Gates announced before the Senate Armed Services Committee on Tuesday that he is launching a landmark study on how the military would lift its ban on homosexual service members.

Elaine Donnelly, president of the Center for Military Readiness, is disappointed that Admiral Mike Mullen, chairman of the Joint Chiefs of Staff, said that lifting the ban is “the right thing to do.”

“It’s very disappointing to see the chairman of the Joint Chiefs of Staff admitting in this open hearing that he really did not know how repeal of the law would work, but he has an opinion in favor of it anyway,” Donnelly comments.

She adds that she does not know if the study is ultimately going to be a rubber stamp for repealing the law. “I think the statements made by Admiral Mullen give the impression that he expects it to have only one conclusion,” she notes. “Another very disappointing element of this hearing, it was said several times not if the law should be repealed but what we should do when it is repealed.”

The Center for Military Readiness president says she is glad that committee member Senator John McCain (R-Arizona) announced during Tuesday’s session that he was “deeply disappointed,” and that he called the assessment “clearly biased” because it presumes the law should be changed.

Tag Cloud