Digital Choke Daynotes

 Monday, March 13, 2005       mail    link   the story

This won't take long...

Here's some cartoons about identity theft.

And a link to another security blogger's info about how a java applet can infect your computer with spyware. Note that the user has to actively allow the java applet to install. And it's not clear if resident anti-spyware software will block the install.

 Tuesday, March 14, 2005       mail    link   the story

Did you realize that yesterday was "Pi Day"? Me either, and I missed all the fun.

And I just lost an hour of time on this site. It started out with instructions on "How to Destroy The Earth". Then started into his fiction. And several other places there.

So, you might as well go there and start using up your hour of lost time.

Happy St. Patrick's Day! The day when we all get to be Irish, or at least wear something green.

I was reading a report on how botnets work, from the German Honeypot project site. Even though a bit technical, I found it quite interesting, including the sophistication of some of the software used by hackers. There are some other interesting reports on that site, so a visit might be worthwhile.

And Bruce Schneier's site has some other interesting thoughts on information security. You may want to add that site to your regular visits.

The folks at F-Protect, who make anti-virus products, noted that Samsung is now making a phone with an anti-baterical paint coating. Doesn't keep the viruses out of your phone, though. The article is here. The F-Protect guys just opened up an office in San Jose (CA). Their Wednesday (3/16/04) post shows a picture of the lab. (You'll need to scroll down to see it; they don't have links to their daily entries.) The lab looks a bit interesting.

I visited my father yesterday. The lymphoma he has is causing high calcium levels in his blood, which make him quite sleepy and it is difficult to eat and swallow. They are doing a 'gentle chemotherapy' treatment today. They hope that will make him more comfortable, and a bit more alert during family visits for his remaining days.

 Friday, March 18, 2005       mail    lnk   the story

Short day at work today. Started off with a InfoSec presentation, then worked on a web-based version of that. Then I left about lunch time to visit Dad in the hospital along with some other members of the family.

They started the 'gentle chemo' today. Dad was mostly sleeping the whole time due to the high calcium levels. The current plan is to let that treatment finish, then bring him home on Monday for hospice care.

Security notice: there's a problem with McAfee products using older versions of their virus 'engine' (prior to version 4.440). See the Internet Storm Center for more info. So when I got home this evening, I VPN'd into our mail filter server and set up a new rule to block all LHA-compressed attachments. We don't get many of those, but a bit of pro-active protection is a good idea until the "fix" is in.

 Saturday, March 19, 2005       mail    lnk   the story

Interesting article at the Washington Post about how bot networks are being used by the spammers (and identity thieves) for profit. It appears that the virus writers are working with the spammers.

Just get your victim to install your virus/worm. Then you have control of the victim's computer. Send along some commands to relay spam mail, or other commands to download another program to harvest data from the victim's computer. Or a program that watches your keystrokes or web sites you visit, and when you visit your bank's site, grab the account number and login information.

Or, hire out your network of victim's computers to perform a denial of service against a competitor.

I've written about it before. Look at the "Chuck and Mom" report. Or my little "Digital Choke" story.

It's pretty easy to do. So tell your friends and family about those "Simple Steps" to protect their computers.