Security

Top 25 Coding Errors

Posted by Andrew at 8:41 AM on February 19, 2010

The Mitre Corp has produced the 2010 CWE / SANS Top 25 Most Dangerous Programming Errors which identifies the most commonly encountered coding errors that can potentially lead to web sites being hacked or PCs being compromised. Some of the errors are well-publicised in the technical press, e.g. “cross-site scripting”; some are downright stupid, e.g. “use of hard-coded credentials” and others are the results of carelessness, e.g. “improper validation of array index”.

However, what makes this document better than the usual Top-X lists is that it provides guidance to programmers on how to prevent or mitigate the errors. For example, to avoid cross-site scripting it suggests, “Use languages, libraries or frameworks that make it easier to generate properly encoded output. Examples include Microsoft’s Anti-XSS library, the OWASP ESAPI encoding module and Apache Wicket“. There’s additional information for the technically-minded that goes through the different stages of software development starting with initial design, through to compilation, implementation and testing.

One of the best pieces of advice is in the discussion around checking for unusual or exceptional conditions, “Murphy’s Law says that anything that can go wrong, will go wrong. Yet it’s human nature to always believe that bad things could never happen, at least not to you. Security-wise, it pays to be cynical. If you always expect the worst, then you’ll be better prepared for attackers who seek to inflict their worst. By definition, they’re trying to use your software in ways you don’t want.”

So, if you are into web programming in any way, this has to be mandatory reading to keep the bad guys at bay. Even if you are not, the discussion elements for each of the errors is illuminating in showing exactly what is going wrong and why it’s bad. Just skip over the technical bits in between.

Tags: programming, Security, Web

Posted in Security, Technical

No Comments

Attention: Malware On Your Computer?

Posted by fogview at 11:55 PM on December 20, 2009

“Security center has detected malware on your computer.” Have you ever seen that message pop up on your computer? Have you ever seen it happen over Skype? Well, I’ve received that message three times in the last month as a Skype message. It tells me that my Windows software is infected and I need to install a patch. It even gave me a website (link) to go to to help me install the patch.

I may have fallen for the trick but I don’t know how a Windows patch would fix my iMac running OSX. I don’t run Bootcamp, or Windows in a virtual machine, nor does my iMac know what an .EXE or ActiveX file is. I’m sure if I clicked on this link and installed the patch on my Windows machine, my machine WOULD have been infected with malware! (For now Mac machines may be safer from malware infections but it’s wise to still be careful.)

I’ve written before about being safe on the Internet and not going to sites you don’t know or clicking on links in emails, but this is the first I heard of a message over Skype. If you look at the message box (on my iMac), it doesn’t even say it’s from Skype and the window title says. “Software Updates.”

What concerns me is that many people may fall for this trick. I know most readers of GNC and listener’s to Todd’s podcast are tech savvy enough that they wouldn’t fall for something like this, but what about mom (or dad) or your grand parents who get a web cam for Christmas and install Skype so they can talk to the grand kids? Would they click on this link and install the “patch” if this message box appeared?

Google is trying to find sites that install spyware and root-kit software on your computer, but you can’t depend on this for every “bad” website. Recently there was a SQL-injection virus that infected a large number of websites. The virus takes advantage of PCs running Windows that have not been patched with the latest updates. You don’t have to click on any links to get infected — just visit a site taken over by this malware software. It does this by linking to the site 318x dot com (please don’t go to this site). If you search for 318x dot com using google, the first search listing says “This site may harm your computer.” That because this site has been around for a while and has given enough time for Google’s security bots to find the site and determine that it’s up to no good. Here is the link for the Google Safe Browsing page for the 318X site: http://google.com/safebrowsing/diagnostic?site=318x.com/

Now back to my Skype message. I mentioned that this is the third time I’ve received this message in the past month. Each time I did a Whois search of the linked website and found that the website was created within one day of when I received the message. The website mentioned in the most recent warning message was created the same day I received the message. This tells me that the author of this warning message is changing the website URL to keep it from being flagged by Google and the security monitoring sites. If you do a Google search for this site it comes up clean. Oh, did I mention that the owner of this site (and the previous two sites) is from Prague, Czech Republic (outside US laws)?

As you visit relatives and friends over the holidays make sure everyone knows about safe surfing on the Internet. Don’t click on links in emails (or Skype message boxes) and make sure to keep your computer’s OS patched and up to date.

Happy Holidays.

73’s, Tom

Tags: 318x, malware, skype, Virus, Windows

Posted in Security, malware, skype

8 Comments

McAffee: .cm Top Level Domains are the Worst

Posted by Jeffrey Powers at 11:48 AM on December 2, 2009

McAffee put out their annual “Mapping the Mal Web” report. It is a PDF that lets you know how risky a website in a Top Level Domain (TLD) can be. Since the .com is so widely used, it’s easy to say it’s on the top of the list. But it’s not #1 – that dubious honor is left to Camroon – the .cm domain.

I always said that TLD’s in other countries are not the best way to go for a domain. Generic TLDs are controlled by the Internet Assigned Numbers Authority (IANA). These include .com, .net, .edu, .org, .biz and a host of others. This is because an individual company that holds a TLD could fold at any time and the TLD with it.

Take the case of .md – It was a TLD held by an independant company from 1995 – 2003. On May 20th, 2003, the IANA was informed that the parent company – dot MD, LLC – fell under chapter 11 bankruptcy. The TLD was in flux for a while, but eventually became sponsored (which is all you can ever do for a TLD) by MoldData.

In the case of .md, health care or those in Moldova, would use this TLD. If this was a TLD that really didn’t work for a country or a profession (let’s say .qq), it would have most likely been disbanded unless a new sponsor was found. Also, unless you were a doctor or one of 3.5 million residents of the country, this TLD would show small risk for malware.

The top 3 on McAffee’s list – .CM, .COM and .CN. The 3rd is the People’s Republic of China, but what’s more interesting is the fact that if you accidentally mistype, you could easily go to google dot cm or google dot cn.

McAffee stated in their report that 5.8% of all domains showed risk. Up from last years’ 4.1%. Seven of the twenty riskiest TLDs were in the Asia – Pacific region. .CM came in with a risk level of 36.7%, .com was at 32.2% , .cn was 23.4% and .info was at 15.8%.

On a good note, Hong Kong dropped from the top 10 in 2008 to 34th place. Therefore, some TLDs are doing a lot to make their areas of the web a little safer. Congrats .hk.

On the other end of the spectrum, .gov (Government), .jp (Japan), .edu (Education), .ie (Ireland) and .hr (Croatia) are the least risky. It makes perfect sense with .gov and .edu – because you need to be in government or education to have the TLD. However, Japan, Ireland and Croatia were a surprise – especially since with Ireland you can easily make words out of the TLD, like Carr.ie, bird.ie, coll.ie, yupp.ie and microsoft.ie (could point to MS’s Internet Explorer website).

McAffee checked sites on each TLD for Viruses, spyware and what they call “Potentially unwanted programs (PUPs). Overall, malware downloads decreased slightly in this last year. 2009 showed a 4.5% risk of downloads as opposed to 4.7% in 2008. Romania (.ro) topped the charts with 21% risk. .info had 17.2% risk for email malware.

Still, out of 27 million domains, only 5.8% had risk to them. It’s still up from 4.1% of 2007 and 2008, but McAffee did mention they changed their methodology to the report to show the 5.8%. They also mentioned that there are still “Hidden risks” out there that McAffee is determined to find.

So before you buy your next domain, check out the .pdf. It’s a pretty informative document on not only which top level domains are risky, but who your giving your money to. Did you know that .ly is the ccTLD (country code Top Level Domain) for Lybia? Did you also know that if you buy a .ly that you are helping the sponsor – General Post and Telecomunications Company?

Not to say it’s a bad thing, but it’s definitely something to think about.

Tags: .cm, .cn, .com, .edu, .ly, .net, iana, malware, mapping the mal web, mcaffee, PDF, Security, tld, top level domain, Website

Posted in Security

Comments Off

Shut that Forum down (or clean it up)

Posted by Jeffrey Powers at 2:07 AM on November 23, 2009

Before I got into blogging and podcasting, I ran a few internet forums. It was easy – setup a YABB (Yet Another Bulletin Board System) forum and let the minions have at. I had some pretty interesting forums in my day, and with it, a lot of controversy. Still, I kept things cleaned and tidy. Spammers were dealt with quickly and swiftly.

I still have one forum running. It’s more of a homage to those days, if anything. There are some that still come on to talk, so I keep it going.

Recently I have seen a lot of forums that have not been touched by a human. The story is the same – the forum owner pretty much abandons it, but keeps the registration simple. Within a couple months, the first spammer shows up. Maybe it’s a post about male growth pills. Maybe it’s about meeting up with girls. Nonetheless, it’s a spammer doing what they do best.

Now normally I wouldn’t care two hoots if you left your forum to deteriorate like an old shack in the middle of the woods. However, the spam starts to grow, and with it malware. Links to websites of naked girls are really sites that try to infect your computer. Links to cool videos turn out to be phishing schemes linking to misleading login pages.

Bottom line – you are infecting computers and allowing people to be swindled out of money.

We as a web community should be aware of what we do. After all, if you do own a house, you want to make sure that it is continually stable in it’s structure. When the power goes down, if the roof leaks, if the basement grows mold – you fix it. That should be the same mentality of a website.

Simple checks of your web domain(s) can keep things running smoothly. Forums that have been over run should be shut down or cleaned up. Deleting forum spam is an important part of being a webmaster.

Even newer websites should have some precautions taken. If you have a blog, make it so comments are moderated first. Install Akismet to block some of the malfeasance. Tie down some areas, including the registrations, so people don’t have to read or accidentally get malware or phished.

Part of keeping the bad stuff off the internet is to make sure the hackers and phishers don’t have a place to put their information – on your dime. And if you don’t have the time or energy to maintain a website, then either lock it down and clean it up or shut it off.

It’s ok to loose interest in something. Heck, I do that all the time. However, you should also clean up your mess you left behind. Otherwise, good people could be swindled out of $250,000 because they think they won a lottery. Good people could loose out just trying to find out about the new miracle male enhancement pill. Most important, you might just get blocked by Google, anti-viral programs, reporting services that keep an eye on the web and a lot more.

You never know when someone gets hit with hacking. Heck, it might even be your family or friends that get affected and infected. You don’t want that, do you?

Tags: forum, Hackers, malware, old, phishers, phishing, photos, Security, spam, websites

Posted in Security

Comments 1 Comment

How I made Vista work better.

Posted by Jeffrey Powers at 10:20 AM on November 12, 2009

I hear it all the time – Dang Vista won’t work. They still get frustrated over printer failures, slow programs loading and just basic aggravation to it’s performance. But what’s more interesting is how I fix the problem – and make the program run 200% better.

It’s all about a piece of software that has been a thorn in my side for the last 10 years. Ever since Windows 98, this much needed software has taken a step too far in it’s installation, and when other software gets installed, this software fights with Windows. Worst part is this software expires, which causes more problems than you can imagine.

Symantec.

The latest machine was a HP AMD laptop. The printer spooler was failing. I was getting popups from the Information window because Symantec took over the Firewall. Then it rounded off with a renew subscription error.

Ultimately, all these errors would make the startup time a good 5 minutes. Yeah, you can start after the initial boot-up and sign-in, but as you are working, you are getting all these stupid windows saying there are problems, when in all reality it’s a program you rely on.

Someone gets a new machine and Hey! there’s an anti-virus software you can install. But it’s more than anti-virus. It’s a webscanner. It’s a email scanner. It’s an anti-phishing device . It’s a swiss army knife you can use in any way – until the 1 year trial expires. And then you will get upgrade notices – months in advance – to buy another year.

That is the worst part: this software expires and most procrastinate. Most people I know just pass off on the box and continue. Two to three months after expiration when I look at their machine, I am surprised they haven’t been infected with anything else.

This laptop had one other problem. Within the year that they purchased the machine, they also installed AVG anti-virus.

So for anyone to check email, get on the internet or whatever, they have to run through an expired Anti virus, then one that is working. That’s like sitting in the doctors office and when your name is called, you move to a second waiting room, in where you wait for your name to be called again.

I have been taking Symantec off computers for 10 years. And, yes. For 10 years I have also been removing McAffee. This bloatware is only causing problems, then the user doesn’t want to pay for an upgrade, therefore making the situation worse.

I agree – If you are not in a corporate environment, you should be able to get a basic Anti virus that will not charge you to download the latest definitions. That is why I install a lot of programs like AVG and Avast on machines. I still have to follow up with the customer because of the expiration of the registration keys.

Symantec software (or McAffee) SHOULD NOT be on new machines. If anything, it should not be pre-loaded, but put on a CD that you physically have to insert and install. If you have to physically install the software, you understand it a little better than something you just have to “Activate”.

In my work, I have pretty much called Symantec more harmful than helpful. No matter what you throw at me in argument, I can bring back with “Yeah, but your software expires and causes more problems in computers”. No wonder people get annoyed with their machines. If I didn’t know about this, I would be swearing at my computer every time it loads.

If you have the software and it’s saying “Pay for another year”, then take some action. At least the un-install process isn’t as annoying as it used to be. I think with McAfee you still have to put in the password you created when you activated it. Hopefully you remember that.

I always say “Ignorance is no excuse”, but on the same token I can’t know everything. Otherwise I would be on Jeopardy answering Alex Trebek’s questions. Or is that asking questions to Alex Trebek’s answers…

Tags: bloatware, internet, mcaffee, Microsoft, performance, Security, Software, symantec, vista, windows 98

Posted in Security, vista

8 Comments

Are You Safe Surfing the Internet?

Posted by fogview at 8:32 AM on August 27, 2009

McAfee just released their annual report talking about the dangers of surfing the Internet. In the report they highlighted the most “dangerous” online celebrities.

Fans searching for “Jessica Biel” or “Jessica Biel downloads,” “Jessica Biel wallpaper,” “Jessica Biel screen savers,” “Jessica Biel photos” and “Jessica Biel videos” have a one in five chance of landing at a Web site that’s tested positive for online threats, such as spyware, adware, spam, phishing, viruses and other malware. Searching for the latest celebrity news and downloads can cause serious damage to one’s personal computer.

I know McAfee is a provider of anti-virus/malware software so they have a lot to gain by going public with this report. But software alone doesn’t make it less dangerous.

I’ve talked to a number of people who don’t worry about viruses or malware because they are using a anti-virus program and think they are safe. I even know someone who goes to sites to download music knowing that most of the downloads are infected (they get warning messages from their anti-virus program all the time). They think their anti-virus program will protect them.

No software on your computer can protect you completely. Operating systems are very complex and WILL contain bugs that hackers can exploit. Once vendors know about these holes they do try to patch them but it may be too late for some users. Anti-virus/malware programs try to protect you but they may not always be up-to-date or in some cases are not able to detect/fix the problem.

In the past most viruses/malware were spread by email attachments or clicking links in emails. Now, you can be infected by going to the wrong website. These sites take advantage of bugs/holes in the operating system or in applications like Adobe PDF reader, Flash player, etc. A while back there was a flaw in Windows where all you had to do was go to a website with an inflected photo, and your machine was infected. No piece of software on your computer would have protected you from that.

What can you do to keep from getting infected and stay safe? Buy a Mac (just kidding). Mac users don’t have the same issues with viruses and malware but that could change. Apple has put out a number of security patches for Mac OS 10.5 lately and there are rumors that they will include anti-virus software in the upcoming release of Snow Leopard. Reports on viruses for the Mac have been few but that may change as the number of users grow and hackers refocus their attacks.

So here are my tips to keep your computer safe (for both Windows and Mac):

Keep your computer Operating System (OS) up-to-date. Don’t disable or put off updates your OS vendor sends. Chances are they are patching a problem that is currently being exploited.
Keep your applications up-to-date. In the past you may have put off updating to the latest Adobe Reader because you didn’t see any problems with the one you’re using. Now the update may include a security fix too.
Don’t click on unknown links. Be careful clicking on links in emails or social sites (like Twitter and Facebook). If your bank sends you an email saying there is a problem with your account and says “click here,” close the email and enter the bank’s website address yourself so you know you’re going to the right place.
Don’t go to risky sites. Some browsers (i.e. Firefox) use a list of infected sites and will warn you if you about to go there. Google search does the same. http://googleonlinesecurity.blogspot.com/
Be careful when you get a message box saying that a program wants permission to install or access one of your computer’s resources. Don’t blindly hit Yes/Ok unless you know that is what you want to do.
Don’t believe message boxes that pop up when you go to a new website. A common popup is a warning that your computer is infected and you need to click this link to run a scan of your computer or download a program to remove the infection. Generally, the program you download (and install) IS the infection! Once, I ran this scan on my Mac and it told me my Windows computer was infected with a virus.
Don’t reuse passwords. A lot of sites require you to sign up for an account and create a password. Don’t use your email account password for your online banking account. Get a program to manage your passwords and use a different password for each site. Most of these password programs will generate a long random password that can’t be guessed. (I use 1Password for the Mac, and Personal Passworder for Windows.)
When going to secure sites, like banks or sites to purchase items, make sure you have a secure secure connection when you are about to enter sensitive information (i.e. credit card number, password, etc.). You should look for the small padlock symbol at the bottom of your browser window and make sure the URL to the site begins with HTTPS, indicating that you are using a SSL (Secured Sockets Layer) connection. The URL should match what you are expecting. If you go to the Bank of America website make sure the URL shows https://www.bankofamerica.com and not https://www.bankofamerica.com.myxyz.com.

I know the above list doesn’t cover everything that you should do to keep your computer safe, but I think it’s a good start.

If you’re a regular to Geek News Central, you most likely know what to do and what not to do to be safe. Do your family and friends a favor and send them a link to this post or, at the very least, talk to them about how to be safe on the Internet.

73’s, Tom

Tags: malware, spyware, Virus

Posted in Security, internet

2 Comments

Why You Need to Lie to be Secure

Posted by fogview at 2:25 PM on July 18, 2009

When you sign up for a new site that requires a logon with a password, it generally asks you to answer one or more security questions just in case you forget your password. These questions are simple ones like “What was the name of your first pet?”, “What street did you live on when you were growing up?”, “What city were you born in?”, “What month were you born?”. The idea is if you forget your password, you just answer the security question and it will reset your password and allow you access.

This is how Twitter was hacked last month and how someone gained access to Sarah Palin’s yahoo email account last year. More and more people are joining social sites like Facebook and Twitter and posting personal information. Because the Internet doesn’t forget, this information is pretty easy to find by anyone willing to take the time to look.

This is why you should lie when you answer these simple “security questions.” Having a strong password is not enough if you answer a weak security question. Some sites allow you to pick your security question or even make up your own. What I find disturbing is a number of sites asking the same security questions (i.e. What city were you born in?). You can lie and give them the wrong answer, but than you have to remember the answer if you ever need to reset your password. If you use multiple sites and they all ask the same question, you should answer each one differently, just in case one of the sites is hacked and they steal the security question answers. Now the problem is worst because you need to remember two lies.

I use both a Mac and a PC and have password programs for both machines. I make sure that I use a unique and strong password for every site that requires a logon so I really have no need for the security questions that some sites require. In fact, I wish I could disable the ability to have the correct answer to a security question reset my account. My password programs can generate and store away my logon information so I never run into the case of not having that information available (unless I forget my password logon information).

I can understand why you would need a way to reset your password if you are trying to logon to a email account but don’t understand why other secure sites do it that way. A number of sites have a “Forget your password” feature that sends your password to the email account that you used when you first created the account. As long as you keep your email account safe (strong, unique password and a non-searchable answer to a security question), not giving out your password information, or clicking on unknown links in emails, you should be fine.

More and more of our lives are spent online which means the more we depend on it for passing around sensitive information. Leaving a backdoor access at one site can mean a breach in the entire chain. In the case of Twitter, a hacker was able to guess the security question in an employee’s Gmail account, which opened the door to gaining access to Twitter. This should be a wake-up call for everyone to think about their own on-line security.

73’s, Tom

Tags: internet, Passwords, Security, Twitter

Posted in Security

1 Comment

Is it safe to go Home?

Posted by fogview at 2:36 PM on May 29, 2009

Garmin_gps I love my GPS and use it whenever I’m going to a new place. Last night I had to go photograph a band at a small club in San Francisco so I programmed the address into my GPS. I also used it to get home since the one-way streets in San Francisco can be confusing at night. Like most users I have a place called Home in my GPS address book. Handy, but is that really safe?

There was story in the news a few months back about thieves breaking into cars at long-term airport parking lots and stealing GPS devices from the cars. The thieves know the owner is away and may even have observed the family leaving for a family vacation. What better time to break into a house when the family is on vacation. Even better, if there is a GPS in the car, there is a good chance it has a Home favorite that leads directly to the goodies.

The take-away here is to not have a Home favorite or entry in your GPS address book. All you need to do is change the name to something else: Bob’s home; Doctor; Church. (If you travel a lot the thief may wonder why you’re going to Church every other day if he/she looks through your GPS Recent/History entries.) If you really want to be really careful, don’t use your GPS to lead directly to your house, but some place close. I changed mine to a shopping center two miles from my house.

It’s also not a good idea to have anything left in your car that has your home address. I think it’s safe to block out your address on your car registration and proof of insurance forms. If you are ever questioned, you can say you did it for security reasons.

Technology is a great time-saver but you need to be careful. Be safe out there!

73’s, Tom

Tags: airport, fogview, Garmin, GPS, safety

Posted in Security, Technology, Transportation

2 Comments

GNC-2009-05-15 #477 Monster Show Longest of the Year

Posted by geeknews at 10:06 PM on May 14, 2009

Monster Show tonight longest of the year audio comments and e-mails are flooding in keep it up. Voice Mail hotline is +1-619-342-7365 or email geeknews@gmail.com. Apologies on the last shows Audio it is squared away tonight. Jet Lag got the best of me on the last podcast! Huge tech line up tonight, I am still on the road..

Show Sponsors keep me fed so Please Support the Show Sponsors!
[Save 15% off Hosting at >GoDaddy.com!] use Code Geek5
Save Money with all our GoDaddy Codes see our Promo Code Page
[Try GoToMeeting free for 30 days at GoToMeeting.com/techpodcasts. No credit card needed.]

Follow @geeknews on Twitter http://www.twitter.com/geeknews
My Facebook Profile
FriendFeed GNC Room!!
Show Comments please call 1-619-342-7365 or e-mail geeknews@gmail.com

Listener Links:
Italian School Podcast
1,000,000 dollar T-Shirt on Ebay
MAC Update causes headaches
Shuttle Minor Damage

Show Topic Notes:
Cyberwarfare with China
Real Takes the Battle to the DVD Copy Association
FCC to run DTV test on May 21st
Sweden Government comes collecting to Pirate Bay
Boxee write up in Business Week
Gmail makes it easy to move from AOL, Hotmail and Yahoo!
Google Outage causes panic!
Fake Windows 7 Infected with Botnet
Space Debris misses Shuttle
HP Laptop Battery Recall!
Are you a Metal Gear Fan?
iPhone Slingplayer debate continues
Windows Mobile 7 Requirements
Will Hubble Replacement Match Up?
Clear to Launch in Atlanta Next Month!
The air is full of Drugs
Artist to get Paid by Radio
Three Strikes for everyone…
AT&T Network is Saturated whimper whimper.
Reporter should Loose cell phone like a child
Programmers that care about Users keep application size down!
Create your own Social Media Page
Bye Bye TechMeme
Amazon MP3 worth checking out.
Senate Blew it in Credit Card reform. No Guts
New Progress to ISS
Rover Stuck in the mud!
Hubble Spacewalk #1 so far so good!
Want to buy some Moon Junk?

Podcast: Play in new window | Download

Tags: AmazonMP3, aol, AT&T, Botnet, DTV, gmail, Hotmail, hubble, Network, Podcast, TechMeme, Windows 7, Windows Mobile, Yahoo

Posted in Podcast, Security

Comments Off

CAPTCHA on a Router?

Posted by Jeffrey Powers at 9:28 AM on May 12, 2009

D-Link has created the first router that makes you answer a CAPTCHA word before you can do anything on the router. It’s an interesting idea – you change the IP address, you add a CAPTCHA. It does thwart Bots from breaking into the system, but is it really necessary?

CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart” – of course it’s that annoying word (or words) you have to enter that is all distorted. You may have to enter it once, you may have to enter it every time you post or change settings. Sometimes CAPTCHA can get really hard to read – there are times you just have to refresh the CAPTCHA because the words are just not legible.

CAPTCHA has been broken, too. Using OCR the bots can read and relay the word. Therefore, the more blurred the word(s), the harder it is to break.

D-Link put out the following statement:

In response to the growing number of these attacks and subsequent user security concerns, D-Link has integrated CAPTCHA – a system, designed to detect whether responses are human or computer-generated – into its popular home and small office routers as an extra safety measure. CAPTCHAs are used to prevent malicious software from performing actions that degrade the quality of service on a network, such as those found in worms, viruses and Trojan horses.

So why CAPTCHA on the router? Well, this is mostly for those that use their routers on more than pushing out wireless access. I have my router set up so I can remote into my main machine if need be. I use the router to collect some data. I also have the router blocking certain things so people cannot do items like download torrents.

Unlike other brands, the majority of D-Link® routers are not as easy to be compromised since our design is proprietary. However, we’re excited to be the first in the market to announce we have taken the initiative to implement CAPTCHA into our routers, thus providing yet another layer of security to our customers,” said AJ Wang, chief technology officer of D-Link. Popular D-Link router models that now feature CAPTCHA include the DIR-615, DIR-625, DIR-628, DIR-655, DIR-825, DIR-855, DIR-685, and DGL-4500.

Design might be proprietary, but it just means it’s more of a challenge for the programmer to break. Then again, @_Good_P@s$w0rd_woRks_a_1ot_b3tter (a good password works a lot better). And believe it or not – a password like the one I just emulated here is just as memorable as “Password1″.

Personally, it’s not a selling point for me. Routers that focus on plugging their security holes and giving you more managability is what I want. Not an annoying word that I might not be able to read.

Tags: captcha, d-link, password, router

Posted in Security

Comments 1 Comment

Taking down 100,000 computers with a single command!

Posted by geeknews at 12:36 PM on May 8, 2009

BSOD This is what happened to computers infected with the Zeus/Zbot. The creator of the botnet built into the malware a Kill switch that causes the infected computer to “BSOD”

The botnet owner executed that Kill command recently essentially killing over a 100k machines by a single click of a mouse.

The sad thing the owners of those machines are probably still clue less. The kill command built into the malware does some major damage. Data may not be lost but OS will likely need to be reinstalled.

So have you seen a BSOD recently?

Posted in Security

4 Comments

Real or Imagined Threats?

Posted by Matthew Greensmith at 7:02 AM on April 2, 2009

Some news reports out today are leading the public to believe that the April 1st threat of Conficker has been a whole lot of nothing. Yes, the worm had a trigger date to take over machines on the 1st, and for machines that weren’t protected, that takeover happened. I’m currently working with a friend of my son’s on one of the computers in her household that ended up being infected with Conficker. For most people, because their machines were patched and their virus programs up to date, no problems were noted.

So of course follows lots of commentary about how everything was blown out of proportion, ala Y2K.

I completely disagree. In my mind, it is because of the publicity and news reports that the Conficker worm had less purchase and effect overall. People were paying attention, and they were making sure their machines were clean. If they didn’t know how, they tagged a geek who did, and made sure they were ready for this particular threat. Just because we were prepared for the threat doesn’t mean it was any less of a threat. There are still machines out there that are infected and will need to be addressed, but I believe the threat is a whole lot lower mainly because people were aware and doing what the needed to do to keep from being infected.

I know, sometimes to the rest of the world we geeks are running around hollaring about viruses and worms and oh-my-gosh-it’s-the-end-of-the-world, but the fact is, if we didn’t take these things seriously, there’d be even worse threats and worse infections turning machines into zombies for us.

This weekend I imagine I’ll spend a couple of hours trying to come up with a fix for my son’s friend’s machine. I’d rather have talked to a few people about the worm and how they should be protecting themselves, than spending my weekends and evenings fixing problems that could have been avoided with a little prevention.

Of course, on this blog, I’m preaching to the choir, aren’t I?