Archive for the ‘ security ’ Category

news

How did this get on here?

Whenever I remove a virus I get asked, “How did this get on there?”. The statement alone removes them from the process, it’s not their virus and it’s not even on “their” laptop… It’s on “that”.

A guy brought me his son’s laptop, it wouldn’t boot. So I fix it and he leaves. He comes back a week later saying it’s full of viruses and he wanted to know why. Will first there was no antivirus. But I opened Internet Explorer and looked at the history. Livejasmin, redtube, etc etc… So I have to tell him I have no idea how his son got these viruses on that thing.

Then I find things like Defender 15-n-1 System Whatever. He had the box and everything. It’s one thing to be tricked in an email but how did you go to a store and see legit products and leave with this?

Oh, before I hit post, boo SOPA and boo Facebook.

2012
02/04
CATEGORY
earth ftw
security
Write comment
rss

Garbage antivirus

A woman brought her laptop in running Norton 360 and Moon Secure antivirus. Moon Secure? Sure, Moon Secure.

When I saw this my first thought was, “Gross Norton!” but my second thought was if the program is legit. It is, I suppose. It’s based off the ClamAV virus definitions. ClamAV doesn’t do on access scanning, that’s what this Moon program adds. It’s limited in user control, there is no GUI, and it’s based on Clam… Why is she using this? Because someone said it was awesome. +1 for underground security solutions.

Removing it fixed the problems she had. I would have removed Norton and installed MSE but people get upset when you remove the bloatware they paid for at Best Buy.

2012
01/01
CATEGORY
networking
security
Write comment

O’rly?

All the security blogs I usually read are going crazy about full disk encryption. Their stories are all the same… Disk encryption foils investigators. Not news.

Whenever disk encryption is discussed (and comments allowed) it’s said that encryption has a shelf life. Sure, but it doesn’t go bad, it just provides less of a barrier between payload and attacker. And DES was never broken. Broken is an attack more effective than brute force, the break in DES is brute force. Though some would argue what the definition of is is. It’s an oldie but a goodie, but no one should use DES on data at rest. Just saying.

2011
12/03
CATEGORY
security
the web
Write comment
feedback

iOS4 Encryption Cracked

iOS 4 crackedApparently the stuff on your iPhone is encrypted with AES 256. Elcomsoft announced that it found a way to brute force the phone’s 4 digit passcode. They use the API in a way that bypasses the “Wipe after 10 failed attempts” option, making brute force possible.

Not surprising, mobile security has always been weak. What is surprising, is that Apple encrypted the information in the first place. I had thought that the passcode screen was just that, a screen lock, and not a way of encrypting the phone’s contents.

So kudos to Apple.

Added 13 Aug: Your pin code or passphrase encrypts a key that is used to decrypt the file system. This is much the same way programs like TrueCrypt work and is very effective. Even when mounting the file system outside of Windows you are required to unlock the phone.

2011
06/01
CATEGORY
security
Write comment
 
mail