Security blogs

Distribuir contenido
Some security blogs I followCNXriv2VjbgCfgont2013-07-01T21:55:27Z
Actualizado: hace 8 años 12 semanas

Changes to the Blog

Vie, 03/22/2013 - 18:46

I have made a few changes to my blog that I'd like to talk about.

The first is the various buttons associated with each post: a Facebook Like button, a Retweet button, and so on. These buttons are ubiquitous on the Internet now. We publishers like them because it makes it easier for our readers to share our content. I especially like them because I can obsessively watch the totals see how my writings are spreading out across the Internet.

The problem is that these buttons use images, scripts, and/or iframes hosted on the social media site's own servers. This is partly for webmasters' convenience; it makes adoption as easy as copy-and-pasting a few lines of code. But it also gives Facebook, Twitter, Google, and so on a way to track you -- even if you don't click on the button. Remember that: if you see sharing buttons on a webpage, that page is almost certainly being tracked by social media sites or a service like AddThis. Or both.

What I'm using instead is SocialSharePrivacy, which was created by the German website Heise Online and adapted by Mathias Panzenböck. The page shows a grayed-out mockup of a sharing button. You click once to activate it, then a second time to share the page. If you don't click, nothing is loaded from the social media site, so it can't track your visit. If you don't care about the privacy issues, you can click on the Settings icon and enable the sharing buttons permanently.

It's not a perfect solution -- two clicks instead of one -- but it's much more privacy-friendly.

(If you're thinking of doing something similar on your own site, another option to consider is shareNice. ShareNice can be copied to your own webserver; but if you prefer, you can use their hosted version, which makes it as easy to install as AddThis. The difference is that shareNice doesn't set cookies or even log IP addresses -- though you'll have to trust them on the logging part. The problem is that it can't display the aggregate totals.)

The second change is the search function. I changed the site's search engine from Google to DuckDuckGo, which doesn't even store IP addresses. Again, you have to trust them on that, but I'm inclined to.

The third change is to the feed. Starting now, if you click the feed icon in the right-hand column of my blog, you'll be subscribing to a feed that's hosted locally on schneier.com, instead of one produced by Google's Feedburner service. Again, this reduces the amount of data Google collects about you. Over the next couple of days, I will transition existing subscribers off of Feedburner, but since some of you are subscribed directly to a Feedburner URL, I recommend resubscribing to the new link to be sure. And if by chance you have trouble with the new feed, this legacy link will always point to the Feedburner version.

Fighting against the massive amount of surveillance data collected about us as we surf the Internet is hard, and possibly even fruitless. But I think it's important to try.

schneier
Categorías: Bundle Security blogs

Excessive Leave in the Federal Workplace: Disciplining Employees, Proving Charges Before the MSPB

Vie, 03/22/2013 - 17:06
06/05/2013 - According to the MSPB, your agency does not have to tolerate unauthorized or even authorized extended employee absences that impact the efficiency...(author unknown)
Categorías: Bundle Security blogs

Bug in EA’s Battlefield Play4Free allows attackers to hijack players’ PCs

Vie, 03/22/2013 - 17:00
A frame from a video demonstrating an attack that allows attackers to execute malicious code on older Windows systems that have Play4Free installed. ReVuln

If you play EA's popular Battlefield Play4Free game on an older version of Windows, a pair of researchers say they can hijack your system by luring you to a booby-trapped website.

The proof-of-concept exploit, demonstrated last week at the Black Hat security conference in Amsterdam, allows attackers to surreptitiously execute malicious code on default systems running Windows XP or Windows 2003 that have the Play4Free title installed. There are close to 1 million players of the first-person shooter game, and about 39 percent of Windows users are still on XP.

The webpage used in the exploit opens the game on a victim's computer and instructs it to load a malicious "MOD" file used to customize game settings and features, according to a document the researchers published Friday. Using some nonstandard behavior of a programming interface version found only in older versions of Windows, the MOD file is able to upload a malicious batch file that will be executed the next time the computer is restarted. The technique is successful because it overrides a whitelist that's supposed to restrict the sites that are permitted to load the Play4Free game.

Read 4 remaining paragraphs | Comments

Categorías: Bundle Security blogs

The Australian Government Online Learning Toolkit

Vie, 03/22/2013 - 14:41
06/19/2013 - This interactive one day forum brings together real world case studies from organizations who have navigated the challenges of developing a success...(author unknown)
Categorías: Bundle Security blogs

Cisco Hosting Amsterdam 2013 FIRST Technical Colloquium

Vie, 03/22/2013 - 14:03
There is still time to register for the upcoming  FIRST Technical Colloquium April 2-3 2013. The event has a very exciting program covering, [...]Gavin Reid
Categorías: Bundle Security blogs

Active Shooter Workshop-Pittsburgh, PA

Vie, 03/22/2013 - 13:49
04/30/2013 - THIS IS NOT A TACTICAL TRAINING COURSE Does your organization have a plan for an active shooter event or hostage taking? Given today’s ever-c...(author unknown)
Categorías: Bundle Security blogs

Gillibrand, Vitter, Coons, Blunt, Landrieu, Leahy, Warner, Murray Introduce Bipartisan Legislation To Expand Cyber National Guard

Vie, 03/22/2013 - 13:32
Legislation would, for the first time, establish Cyber and Computer Network Incident Response Teams(author unknown)
Categorías: Bundle Security blogs

Gillibrand, Vitter, Coons, Blunt, Landrieu, Leahy, Warner, Murray Introduce Bipartisan Legislation To Expand Cyber National Guard

Vie, 03/22/2013 - 13:32
Legislation would, for the first time, establish Cyber and Computer Network Incident Response Teams(author unknown)
Categorías: Bundle Security blogs

Fortinet To Acquire Coyote Point

Vie, 03/22/2013 - 12:31
Coyote Point provides enterprise-class application delivery, load balancing, and acceleration solutions(author unknown)
Categorías: Bundle Security blogs

Fortinet To Acquire Coyote Point

Vie, 03/22/2013 - 12:31
Coyote Point provides enterprise-class application delivery, load balancing, and acceleration solutions(author unknown)
Categorías: Bundle Security blogs

Review: Wireshark Starter

Vie, 03/22/2013 - 12:00

Here is a quick review of a book about the well-known network sniffer: Wireshark. This book is part of new collection called “Instant” edited by Packt Publishing. This is an interesting idea for people who don’t have time/don’t want to read a classic 200-pages book or that need to go straight forward to the minimum to start using a tool. This book has 68 pages and is of course cheaper!

What about “Wireshark Starter“? The sub-title says “A quick and easy guide to getting started with network analysis using Wireshark“. It describes correctly the book but I’d like to mitigate: Don’t expect being able to do network analysis after reading only this book! There is no coverage of the TCP/IP or others protocols basics at all. But you will be able to use Wireshark in the right way, that’s true!

The book is divided in a few chapters. After a classic brief introduction, the author starts a first chapter about the installation of Wireshark. Nothing fancy, download the archive, installer or package and install it. The installation from the source tree is also covered. In my opinion, this was not required. Except for specific usages, who will compile tools like Wireshark today?

The second chapter dives directly into the core function of Wireshark: the first packet capture: How to select the network interface? What are the core GUI components (capture panel, packet details panel and bytes panel? But, more important, how to work with filters to be sure to capture the right data. Good point: the author covers both filter types: the capture and display filters! Another great feature covered in the book: the coloring scheme and how to cutomize it to your needs.

The next chapter describes the top-5 features you need to know about Wireshark. They are:

  • Working with streams
  • Decoding packets and exporting objects
  • Getting stats of the captured data
  • Name resolution and packet reassembling
  • Command line tools (tshark, rawshark, editcap, mergecap or text2pcap)

The last chapter is a small exercise. The analyze of a pcap file (a malware analysis) is performed using Wireshark in a step by step tutorial (the URL with the pcap is written in the book). I found this a very good idea! Finally, some online references are listed with documentation, tutorials, forums, etc.

What to say about this book? Wireshark is a classic tool, used by many people from many different landscapes in IT: securiy analysts, system admins, network admins and more. If you don’t have an experience with Wireshark, one day for sure it will help you. The book is definitively for the beginners. It’s NOT a cookbook. As said before, it will not prevent you to have a knowledge in protocols!

A final remark: In the installation chapter, the author could add a note about the importance of Wireshark patches! Wireshark is a tool which works exclusively with data grabbed from untrusted sources and regularly new security issues are discovered in protocol decoders (mainly buffer overflows). Keep your Wireshark always up-to-date!

The book is available online here (many versions available).

Categorías: Bundle Security blogs

A Continual Evolution of Information Management and Governance

Vie, 03/22/2013 - 11:10
06/26/2013 - Summary: Understanding the changing landscape and creating an advantage through it Supported By: IAIDQ, ACS, EII and RIMPA. Description: A Continua...(author unknown)
Categorías: Bundle Security blogs

FBI Secretly Spying on Cloud Computer Users

Vie, 03/22/2013 - 10:10

Both Google and Microsoft have admitted it. Presumably every other major cloud service provider is getting these National Security Letters as well.

If you've been following along, you know that a U.S. District Court recently ruled National Security Letters unconstitutional. Not that this changes anything yet.

schneier
Categorías: Bundle Security blogs

Creating High-Impact Community Participation

Vie, 03/22/2013 - 09:57
07/08/2013 - SummaryThe 7th Annual Community Engagement ForumA complete community engagement toolkit for:Creating high-impact Community Participation.Descriptio...(author unknown)
Categorías: Bundle Security blogs

Transforming the Workplace Environment

Vie, 03/22/2013 - 08:07
05/22/2013 - Summary: Real world solutions for cutting costs, increasing productivity and improving efficiency in your workplace Description: Transforming the W...(author unknown)
Categorías: Bundle Security blogs

Threats and Legal Issues in Social Media

Vie, 03/22/2013 - 08:03
06/13/2013 - Summary: Facing and overcoming the internal and external issues of commercial social media Description: Threats and Legal Issues in Social Media On...(author unknown)
Categorías: Bundle Security blogs

Google Should Kill Chrome OS: 10 Reasons Why

Vie, 03/22/2013 - 08:00

Google and Chrome OS have suffered through a somewhat tumultuous life together. When the search giant announced the operating system, it was supposed to be the kind of product that would transform Google’s business, change the way companies and educators did their jobs and put serious pressure on Windows. Chrome OS, Google said, would be the cloud-based answer that everyone has been waiting for.

Tags: GoogleChromel33tdawg
Categorías: Bundle Security blogs

What?s going to work for you in: Transforming Your Library

Vie, 03/22/2013 - 07:59
04/22/2013 - Summary:Emerging technology, tools and strategies Description:What’s going to work for you in: Transforming Your LibraryEmerging technology,...(author unknown)
Categorías: Bundle Security blogs

US law enforcement biggest recipient of Microsoft customer data

Vie, 03/22/2013 - 07:58

Following the lead set by Google and Twitter, Microsoft has published its first transparency report, tabulating the number of requests for customer data made by law enforcement around the world, the number of responses given, and what kind of information was included in those responses.

Tags: MicrosoftPrivacyl33tdawg
Categorías: Bundle Security blogs

Temporary fixes released for Samsung Android lock-screen glitch

Vie, 03/22/2013 - 07:56

Two security vendors have released temporary fixes for a flaw in some Samsung Android phones that could allow an attacker to bypass a locked screen.

The problem comes from Samsung's implementation of the emergency call feature, which allows people to dial emergency services or reveals a contact people can dial if they find someone's phone, said David Richardson, a product manager at Lookout Mobile Security.

Tags: SamsungAndroidSecurityl33tdawg
Categorías: Bundle Security blogs