This is Post from: ZeroSource!

Tweets for week of 2010-02-07

On January 12, 2010 Google on its own blog, posted that it had been attacked and that it originated from China.  At the same time Google threatened “reviewing its business in China”.  On the same day U.S. Secretary of State Hilary Clinton released a statement condemning the attacks.

This weekend in Davos-Klosters, Switzerland started the World Economic Forum.  The one thing that was not brought up was the attack from China on Google. Lets not forget at this forum both China and Google was present and accounted.  You might say it was a big’ol elephant in the room.  People were asked about the attacks.  The Vice Premier Li Keqiang, of China made it clear “China did not want to discuss Google”.

So where does this leave us? Should this be forgotten for economic reasons? Is it at this time, we walk away and go “Well Shit Happens!”.

There was never a mass attack using this flaw.  It seem to be quietly aimed at certain US Companies.   I can tell you now, no one is going to know what all was taken and or compromised.  I believe these types of attacks will become more and more common, not just used by countries vs countries but individual groups vs whole countries.

This is Post from: ZeroSource!

Operation Aurora – Continues

• Operation Aurora – Chinese Government – More reasons to ditch Internet Explorer (0)
• April Fools, You’re Infected.. No Really.. Seriousl (3)
• Why Microsoft Hosted Exchange? (5)
• Zero-Day Exploit in Microsoft Excel (0)

This is Post from: ZeroSource!

Tweets for week of 2010-01-31

I believe Microsoft said it best about project Aurora.  And I quote:

Microsoft Security Advisory (979352) – Vulnerability in Internet Explorer Could allow Remote Code Execution

So what does this mean?  Well if you go to the right web page… just go to it.  Your computer can be compromised by an “Hacker”.  When Is say hacker, I mean the Chinese Government.  For the record, no one in the Chinese Government has come out to say they did it, but… well common sense says different.  We’ll get to that later.  You know whats funny, is I don’t fault nor do I blame them.  I blame Microsoft.  I will get to this later.

Lets look at the companies that where effected to begin with:

• Google
• Adobe Systems
• Juniper Networks
• RackSpace

unconfirmed but probably so:

• Yahoo
• Symantec
• Northrop Grumman
• Dow Chemical

So why do I blame Microsoft and not the Chinese Government?  Well its simple… as usual  Microsoft has know about this flaw for a while.  My simple research shows they have known about it since September of 2009.  That is four months to long for what should have been considered a critical flaw.  How many of you store not just your personal important but your businesses important data on computers running windows.   Now how many of them are being used with Internet Explorer as the default browser?  Now how does that make you feel?  This should have been put to the top of the priority queue for fixing.   It should not have waited till it was being exploited to be fixed.

To be continued…..

This is Post from: ZeroSource!

Operation Aurora – Chinese Government – More reasons to ditch Internet Explorer

• Operation Aurora – Continues (0)
• April Fools, You’re Infected.. No Really.. Seriousl (3)
• Why Microsoft Hosted Exchange? (5)
• Zero-Day Exploit in Microsoft Excel (0)

This is Post from: ZeroSource!

Tweets for week of 2010-01-24

So I’m sure you are wondering, what does this have to do with the Redneck Award?  Well the Austin Statesman has a Columnist aka Joke named John Kelso who wrote an article “As far as rednecks go, Alabama may have UT beat“.  Well he got it wrong.

You see under normal circumstances my family would have been “War Eagle” all the way, simply because that is where the majority of our family members have graduated and/or attended.  Being that Auburn was done for the year, had no chance of going to or seeing the National Championship, we stood behind the other team.  You see Auburn, is in Alabama the state.  Alabama the school is also in Alabama..

What I never expected to see was the disrespect, the total lack of loyalty to the state, and the complete ignorance that I saw on twitter and Facebook from Auburn fans!  One tweeter that was a stand out, and someone who thinks they represent Auburn was @WarBlogle.

At one time they say “Bama fans…you are the only reason we pull against your team. Not the players, not even the coaches. YOU.”  … hum really?

As a person looking from the outside in… let me just say Kettle let me introduce you to Pot.   So it is Auburn Fans that gets the Redneck award.  At least if I was handing it out.

This is Post from: ZeroSource!

Congratulation to the Crimson Tide! Who won the Redneck Award?

• City Stages 2009 (0)
• BarCampBirmingham v3.0 Wrap Up! (6)
• BarCamp Birmingham May 2nd (1)
• Why I did attend the Hoover Alabama Tea Party (0)

This is a small install that I run when I reboot my system.  It checks for updates and gives me a safe place to download them from.  I also use my favorite Windows Start editor (Crap Cleaner) and turn off and/or remove all other updaters that sit in the background waiting to update a single piece of software.  This gives me an updated and faster running machine. 

You can run FileHippo.Com Updater from your Start Menu –> Programs.  When you do you will be shown the following dialog.

Just let it run and it will provide you with a website list of all the updates it found for your software. 

Now lets go through the settings!

Settings for this program are pretty straight forward.  First we have the option of setting our browser.  This is important because, this is the browser that will launch when it finds an update.  You have the option of seeing or not seeing beta programs and it will show you where you have the program installed. 

Next one is custom locations, this one is for those that install the software in a “Special” place.  Not the standard place the software wants to be installed.  This is where you can tell the updater where to look for other programs you have installed.

After that it is a simple connections box.  This is pretty standard, if you use a proxy to access the web here is where you would put the information. If you don’t use a proxy or know what it is, then don’t worry about this.

Finally is the Advanced tab, I choose to have it close if there are no updates.  Simply when I reboot the machine it checks, if I have no outstanding updates close it.  The second it to actually run it when I reboot.  I choose to do this, and ever now and then I will run it manually if I know I haven’t rebooted my machine in a while.

This is one of the great services FileHippo.Com provides, I also use it find new software that I may not know about.  Visit the site http://www.filehippo.com and see for yourself.

This is Post from: ZeroSource!

How do you keep updated?

• Microsoft AntiVirus 2009, Virtumonde,Vundo Virus – Removal (9)
• Zero Top Windows Software of 2008 (1)
• OpenDNS – Protect your children, Period! (1)
• Hallmark, Coke, and McDonalds: VIRUS Alert (0)

Most of these E-Cards, even the legit ones, will end up collecting not only the person sending the E-Card to you but also your email address and selling these to spammers.  Some use tracking code in their images, links, java, and or flash.

Then there is the malware type, these are the ones that are sent to you.  They look legit but they are really from a virus/worm that someone you know has.  These cards are fake and will ask you to install and or run something.  Once done your machine is also now infected.  You get to join in the fun of slowing your company network, getting your company on a black list, and giving your IT Staff something more to do.

Lets face it, these are horrible things and we should all do our part to avoid falling into these traps.   So this holiday season if you wanna be in the know and do it the right way, let me recommend Send Out Cards.  These are high quality cards, they handle all the hassle of actually sending.  It cost about $1 a card.  It is actually as easy as using one of those stupid e-cards.  Except the final product tho, let me tell you, is a professional looking real card.  Give them a try, tell Beth I said hi when you do.

This is Post from: ZeroSource!

Holiday time approaches!

• Zbot Variants Spreading! (0)
• Conflicker is not Y2K Bug! (0)
• April Fools, You’re Infected.. No Really.. Seriousl (3)
• Conflicker, Downup, Downadup Microsoft Offers $250,000 reward! (1)

There are several ways to propagate a virus. One of them being social engineering.  This is what the Zbot variants are trying to do.  They are sending emails that seem to come from your service provider, Microsoft themselves, and or your system administrator.

How often do you really get an email from Microsoft telling you that there is an update?  For most people, this is never.  I have worked in the Information Technology field for almost 20 years and I haven’t got an email from them to tell me there is an update.   So why do you think they are doing it now?  Better yet, do you think they are keeping track of every user that has outlook some and their email address?

So are you the system administrator?  Do you actually email people from “System Admin”?  I mean really?  Security 101 tells you to change the administrator anyway.  You should not be emailing from System Admin.  So how often does your System Administrator email you?

So by tricking you to think you are going to a real website and downloading a real upgrade or settings change they are getting you to install the Zbot variant.

So what exactly does the Zbot Trojan/Virus do?   First off it is a trojan that disables windows firewall,  steals sensitive financial data (credit card numbers, online banking login details),  makes screen snapshots,  downloads additional components,  and provides a hacker with the remote access to the compromised system.

Zbot creates a file %System%\\sdra64.exe and the hidden files %System%\\lowsec\\local.ds and %System%\\lowsec\\user.ds in combination with a hidden directory %System%\\lowsec.  There were new memory pages created in the address space of the system process(es): services.exe, lsass.exe, alg.exe, iexplore.exe and svchost.exe.

This is Post from: ZeroSource!

Zbot Variants Spreading!

• Happy Valentine’s Day – Enjoy your Virus! (0)
• Conflicker, Downup, Downadup, Kido Spreading – Removal – Virus Alert! (6)
• Holiday time approaches! (0)
• Conflicker is not Y2K Bug! (0)

This is Post from: ZeroSource!

Fail Boat!

• No Related Post

This is Post from: ZeroSource!

Can’t touch this!

• No Related Post

So what do they offer?

Mail Collector.   This is a way to check and or get your other mail ie hotmail, gmail, yahoo mail all in one place.

Well I wouldn’t know see, when I went to it originally I was using Chrome the newest version of Chrome even.  This is what I ran into:

See they do not support chrome.  So I opened up IE 8 and was able to sign up.  This went pretty well.  The interface looks nice. It was easy to navigate.  The main login looks almost like a iGoogle page with widgets.   There are some good widgets, one for facebook, one for twitter.  Setting these up was easy and the login was fast.  The widget for twitter is Betwittered I believe.  I tried to setup my Gmail with the mail collector and it failed, wouldn’t connect to gmail.  So then I tried to setup my yahoo email and guess what, fail again.  So my next thing to try now that I have a username and password was to sign in with Chrome since it is my main browser of choice.   Fail again, username and password hit login and just sit.  At this time I have given up and try to close out IE 8 and it just hung.  Ended up having to cntrl + alt + del kill it.

Final Thoughts

So what does this say… lots of good ideas but maybe like Google did they should stick a Beta label on it.  I will give it a try again in a few months, see if they have any bugs out of it.  I’m always interested in new things.  Have you tried it? What did you think? Any issues with it for you?

This is Post from: ZeroSource!

A new Email Service – Not So Fast!

• Is it so bad to be E-mail Nazi! (0)
• Reasons NOT to send E-Cards (0)
• msnbc.com – BREAKING NEWS: VIRUS Alert (0)
• Why do people send spam? (2)

I was told when I first moved here, you don’t go to City Stages unless you want trouble.  It is horrible, the people are rude, it stinks and there is never anyone any good.

Wow where they wrong, lets see we are going this year to see  38 Special, Doobie Brothers, Styx, REO Speedwagon, and Lynyrd Skynyrd!  Yea that is a pretty good line up if you ask me.

FREE BYRD!

I will be there all three days, starting Friday at lunch.   I always purchase my tickets through UCP (United Cerebral Palsy) Bham Casual day.  While purchasing casual day T-Shirts are over for 2009.  You should still donate to the great organization that is UCP Bham!  Talk to your boss and participate in next years Casual Day.

So my schedule will change, check back to see who/where we are going.  Are you going? Who are you going to see?

I was going to use the Logo for City Stages in this post but I do not have permission to do so….

This is Post from: ZeroSource!

City Stages 2009

• BarCampBirmingham v3.0 Wrap Up! (6)
• BarCamp Birmingham May 2nd (1)
• Update to Zerosource, Bhampulse! (0)
• Congratulation to the Crimson Tide! Who won the Redneck Award? (1)

• Birmingham-Southern College – Greensboro Scholarship
• President’s Outstanding Academic Achievement
• National Honor Society
• Honor Graduate – Achieved a grade point average over 4.0
• Certificate of Excellence in Honors Anatomy
• Photography Student of the Year

She will be attending Birmingham-Southern this fall studying Biology.  She has pretty much know what she has wanted to do since she was very young.

People approach me like I should be sad, sad that she’s growing up.  It is not sad, it is a great thing.  My wife and I have accomplished the goals we set out to, and that is to raise a Strong Woman, A Free Spirit, a Philosopher in her own right, and a person with a keen eye.  Someone that I know will touch the world in some magnificant way.

Oh I’m so proud of her not taking the easy road, of long nights studing to get to where she wants to be.  I’m so proud of the way she deals with everyday issues and takes the time to think of worldly ones.

I will leave you with a poem, by Richard Wilbur that reminds me of the days of her studying alone in her room, late into the night.

The Writer
by Richard Wilbur

In her room at the prow of the house
Where light breaks, and the windows are tossed with linden,
My daughter is writing a story.

I pause in the stairwell, hearing
From her shut door a commotion of typewriter-keys
Like a chain hauled over a gunwale.

Young as she is, the stuff
Of her life is a great cargo, and some of it heavy:
I wish her a lucky passage.

But now it is she who pauses,
As if to reject my thought and its easy figure.
A stillness greatens, in which

The whole house seems to be thinking,
And then she is at it again with a bunched clamor
Of strokes, and again is silent.

I remember the dazed starling
Which was trapped in that very room, two years ago;
How we stole in, lifted a sash

And retreated, not to affright it;
And how for a helpless hour, through the crack of the door,
We watched the sleek, wild, dark

And iridescent creature
Batter against the brilliance, drop like a glove
To the hard floor, or the desk-top,

And wait then, humped and bloody,
For the wits to try it again; and how our spirits
Rose when, suddenly sure,

It lifted off from a chair-back,
Beating a smooth course for the right window
And clearing the sill of the world.

It is always a matter, my darling,
Of life or death, as I had forgotten. I wish
What I wished you before, but harder.

This is Post from: ZeroSource!

My Daughter

• Panel: Technology alone can’t protect kids online – No Sh*t! (0)
• OpenDNS – Protect your children, Period! (1)
• Busy… or lazy that is the question! (1)
• Vote for it! Thanks! (0)