i couldn't figure out facebook

A woman brought her laptop in running Norton 360 and Moon Secure antivirus. Moon Secure? Sure, Moon Secure.

When I saw this my first thought was, “Gross Norton!” but my second thought was if the program is legit. It is, I suppose. It’s based off the ClamAV virus definitions. ClamAV doesn’t do on access scanning, that’s what this Moon program adds. It’s limited in user control, there is no GUI, and it’s based on Clam… Why is she using this? Because someone said it was awesome. +1 for underground security solutions.

Removing it fixed the problems she had. I would have removed Norton and installed MSE but people get upset when you remove the bloatware they paid for at Best Buy.

All the security blogs I usually read are going crazy about full disk encryption. Their stories are all the same… Disk encryption foils investigators. Not news.

Whenever disk encryption is discussed (and comments allowed) it’s said that encryption has a shelf life. Sure, but it doesn’t go bad, it just provides less of a barrier between payload and attacker. And DES was never broken. Broken is an attack more effective than brute force, the break in DES is brute force. Though some would argue what the definition of is is. It’s an oldie but a goodie, but no one should use DES on data at rest. Just saying.

This post military job is much different than what I expected. The military was never driven by profit, or efficiency, or sense. Repairs were paid for by an unlimited source of money that came from somewhere. Problems were fixed after normal working hours. And no one really wondered why something took so long.

I used to get a lot of “while you’re here” requests. Like, hey, while you’re here to fix that network thing, come fix this printer. I still get that, except now it’s followed by “why should I have to pay for all the time you were here??” I didn’t fix anything in your office for my own amusement, ma’am.

Some customers are great, others I dread. That part is the same. I do have to call them customers now as opposed to users, apparently “users” is implying something.

Apparently the stuff on your iPhone is encrypted with AES 256. Elcomsoft announced that it found a way to brute force the phone’s 4 digit passcode. They use the API in a way that bypasses the “Wipe after 10 failed attempts” option, making brute force possible.

Not surprising, mobile security has always been weak. What is surprising, is that Apple encrypted the information in the first place. I had thought that the passcode screen was just that, a screen lock, and not a way of encrypting the phone’s contents.

So kudos to Apple.

Added 13 Aug: Your pin code or passphrase encrypts a key that is used to decrypt the file system. This is much the same way programs like TrueCrypt work and is very effective. Even when mounting the file system outside of Windows you are required to unlock the phone.

After my last move I have to keep a storage unit to store excess. Like most, I do not want my storage unit broken into. So I have done a bit of research into securing my unit.

The way most storage places are set up, there are two locks. One lock belongs to the storage company, and the other is there for your own lock. This way, you can keep the storage employees out of your property and they can easily lock you out of you fail to pay.

There are a few ways to get into the storage unit. However, brute force will likely be the method of choice. Bolt cutters are quick and silent. So the objective will be to stop the most common, most likely, and most reasonable threat. You need a stronger lock.

There are many locks with boron-carbide shackles. These shackles can be up to 100% harder to cut than standard hardened shackles. In practice, companies use improper amounts of each alloy and the shackle is only marginally more secure. Three foot bolt cutters will go through boron-carbide as quickly as they will hardened steel.

Disk, or diskus, style locks currently seem to be the best for storage. Non-disk shrouded locks are actually more resistant to cutting but do not fit most storage unit doors. Most lock manufacturers produce a disk lock. They’re usually pin tumblers. As we are not trying to stop a lock picker, the brand is not as important. Many people advocate certain brands and will disagree, but here’s my logic: My threat is a person trying to quickly enter and leave, robbing a storage unit takes time, time picking a lock is time not spent looting. If you buy a Master Lock D40 or D50, Brinks R70, or an Abus 20/70 you will have adequate brute force resistance.

The point is, don’t use a standard laminated steel padlock, it will be cut off. Look more difficult to a thief and let your storage neighbor file the police report down the line.