Digital Choke Daynotes

 Monday, June 6, 2005       mail    link   the story

A good site that keeps track of all the personal information thefts is "Emergence Chaos". You'll find some info about the big CitiBank Financial theft (almost 4 million social security numbers!) of a backup tape. The data on the tape was not encrypted, although they had planned to start encrypting in a few months. You'd think that they would have accelerated that project. Especially in light of their TV commercials on how they protect against identity theft.

That site also has information about other state's identity theft laws. Some are even more stringent than here in California. The result may be that companies will have to comply with the most stringent state laws, until the fed's get involved. One would hope that a federal law would not weaken state laws on identity theft.

And here's a site that discusses how Diebold's optical scanning ballot boxes were hacked. (It's rather long, and part of a forum discussion at "Black Box Voting" site. I've just looked at the basic report; some of the responses are a bit 'conspiracy theorist'. )

 Tuesday, June 7, 2005       mail    link   the story

Microsoft has updated their "Windows Update" to "Microsoft Update". It now includes one-stop updates for Windows 2000/XP, Office, SQL Server, and Exchange Server. It's available at http://update.microsoft.com/microsoftupdate.

It requires using IE, since there will be an ActiveX add-in that will need to be installed. Once you do that (very fast), the updates will now give you the Office and other updates and patches. Not sure yet how Automatic Updates will work with that -- need to look a bit deeper -- although it appears that AU will access the new Windows Update site. (I suspect that it might take one or two Automatic Update cycles to get to the new version of Windows Update. You can tell that you got it by the new "Microsoft Update" icon on your Start/Programs menu. )

Microsoft has also released the new Windows Software Update Server (WSUS), the replacement for the Software Update Server (SUS). This is the free application for corporate/business users that lets your server be it's own "Windows Update" site, where the administrator can control which updates are released to computers in their organization. It has some nifty new features in it. It also includes the Office /SQL / Exchange updates so those updates will be distributed to the end user.

Our (nameless) company has used SUS for quite a while, and it has greatly reduced our workstation patching load. The new addition of Office updates is a welcome addition to WSUS. Info about WSUS is here: http://www.microsoft.com/windowsserversystem/updateservices/default.mspx

Home/individual users are urged to visit the new update site to get their Windows and Office updates. Business network admins would do well to get the WSUS for their enterprise: it's free, easy to set up, and will keep all those Windows workstation's Windows OS and Office apps current.

This just in: Google's Satellite finds Stealth Bomber (see here). As you can see by the picture, it's wasn't very stealthy at that time.

 Thursday, June 9, 2005       mail    link   the story

Some interesting security news and thoughts found while wandering around that "Interweb"...

One of the daily 'handlers' at the Internet Storm Center was wondering about emerging threats to computers. A bunch of readers had some interesting thoughts about the direction of viruses, worms, and other attacks. The link is here. There's some good imaginations at work on that list ... and perhaps a bit of paranoia. Some of them are similar to the little story I wrote back in 2003. These pages get their title from the story's title ... Digital Choke.

I've been thinking that I might update the story to make it a bit more current, and perhaps expand on a few of the themes.

One of the things in the story is how a worm (trojan) can get into another computer system to perform some data grabbing. And how the program can respond to commands from the 'master' to perform other tasks. That's basically how 'bots' work, and was how that Israeli trojan was used for some corporate espionage. There's an interesting story about that on the MSNBC site here.

Last night, I reconfigured my wireless network at home. It was time to make it a bit more secure by changing the SSID, WEP password, and other settings. The impetus for this was some apparently strange access to the network that I found while looking at the wireless router's logs. There was one computer with a strange name that looked a bit "elite" (or "l33t"). It was possible that a neighbor was getting into the wireless connection, although I didn't think that was probable -- there aren't any teenage computer users in my neighborhood that I know about.

And the entries were at unusual times: late at night mostly. So I figured that a change to settings was in order.

Not hard to do, since access to the wireless router is all web-based. So I followed my own recommendations -- the Simple Steps for Safe Wireless Home Network, Once I got the wireless router done, I re-configured my iPaq to use the new WEP key.

Then I went upstairs to my daughter's computer. We have a wireless card in her computer, so I needed to reconfigure her WEP key. And while I was there, I looked at her MAC address, and it was the same as the 'l33t' user I found in the router logs.

Apparently, one of her friends at college decided to name her computer with an 'l33t' name. Although Stacy has some computer knowledge (and knows how to protect her computer from viruses), that was an interesting change to her settings that I hadn't noticed since she got home for the summer.

Oh, well. It was a good thing to do anyway. The WEP encryption can be hacked, if you have enough patience. All you need is a way to gather a couple of million data packets, and run a WEP cracking tools. On the average computer, that would only take you a day or two. So changing your wireless router settings, the WEP key, and other things is a good think to do with your home wireless network.

It's better than leaving everything at the default and unlocked settings that you get right out of the box. Like most of my neighbors have -- there are about seven wireless networks I can pick up in my back yard. And most could be easily accessed.

The problem with that is the liability if a 'bad guy' decides to use your unprotected wireless network for nefarious purposes. The investigators will come straight to your house, and you'll have to convince them that it wasn't you that did those nefarious things.