Security News Planet

Archive for January, 2010

Pandora’s box has been opened and the explosion of information both personal and non-personal seems to be limitless and increases exponentially. And according to the National Opinion Poll taken in January of 2007 half the UK harbors a “deep mistrust” due to security concerns. Not only is there a deep public mistrust but, the House of Lords Select Committee on Science and Technology are inquiring into the need for personal Internet Security because of the growing use of home computers, expansion of broadband, internet banking and commerce (Brent MacLean “A new look at Internet Security” Monday September 10, 2007).
Every one is talking extensively ( ISP Associations, Richard Clayton of the Cambridge Security Lab, John Carr of the Children’s Charities Coalition on Internet Safety, as well as Johnathan Zittrain of the Oxford Internet Institute and many others), gathering evidence of information and compiling it all for what? Sadly, most businesses and citizens still do not take the threat posed by cyber-insecurity seriously.
You would think with dependency of economies relying on certain infrastructures involving the Internet and information exchange between key service providers, that a disruption would certainly result in loss of lives, loss of property, and the collapse of public confidence globablly. Today simple domestic hacking is not the issue that will bring on devastating destruction like those designed by terrorist activities directed at nuclear plants, banking systems, hospitals, air traffic control as well as domain name servers, the possibilities are limitless. However, it is imperative to remove these personal and public computers from the arsenal of cyber terrorists as well as cybercriminals. With 225 million Internet users in North America (Nielson-Netratings), the personal computer dominates the Internet and at the same time is the most vulnerable. Millions of PCs are under the control of “zombie masters”. Red Herring, the technical business journal, estimated that in 2005 a 172,000 computers were hijacked and taken over each day and became “zombies” and under the control of a hacker. By 2007, Secure Computing, which tracks the Internet landscape, identified more than 500,000 new zombies per day that were hijacked and under the control of “bot” herders. Triple the level only two years earlier. The FBI says that because of their wideley distributed capabilities, botnets are a growing threat to national security, the national information infrastructure, and the economy.
The total number of compromised computers on the Internet is not known; however, Vince Cerf, Father of the Internet, estimates that about 150 million PCs currently connected to the Internet and are part of botnets. Based on FBI reports and other independent researchers the aforementioned number may be significantly higher. The typical home computer is attached to “always on” broadband facilities, severely compromised with malware (viruses, spyware, Trojans, keyloggers, etc.), usually without degradation of their ordinary capabilities and doing the bidding of their “zombie master”. Hacking, virus dissemination, denial od service (DoS), theft of personal data, ID fraud, keyloggers, spamming, distribution of pornography, spying through webcams, click fraud and many other cyber exploits are all now almost wholly orchestrated via zombie networks.
Computers weren’t designed for security; they were designed to perform complex work. As complex as computers are, each computer has 65,000 open ports (doorways) to the Internet; a simple element that leaves them vulnerable. You might wonder why an individual would want control of a herd of zombies, there are several reasons. For exploits whether it’s a denial of service, to bring down the servers of banks, major corporations, or a competitor. Inherently, whenever a computer says “hello” to another computer, that computer must respond with a “hello” back. A “bot herder” with tens of thousands of computers under their control has all of them say hello at the same time to your computer or a network of computers, what do think happens. Most likely the responding PC or server is overwhelmed and crashes, it simply can’t respond to that many hellos. A botnet can be purchased on the black market to carry out attacks. Zombie-making virus kits can be purchased on the net, requiring little or no technical knowledge and which provides the breeding ground for future international cybercriminals and the training ground for cybergangs (terrorists).
What are we to do? Implementing new laws when it’s already difficult to pursue and in some cases unenforceable and with cross-border criminal investigations not to mention the resources needed are vast and costly with little results.
How do we secure the Internet now? One idea is to improve administrative, regulatory, and technical solutions to produce a safer Net and then apply resources to fortify banks, airports, power plants from the insecure internet we have allowed to develop. It begins with securing the end-user and creating an awareness that we are all responsible for the safety of the Internet and we all need to “Become Responsible Cybercitizens”.
We the people have to make an effort to make sure our machines run clean and free of malware (viruses, spyware, trojans, etc.). That involves current patches, updates, upgrades, and professional software technologies. It also obligates everyone of us to make sure that we have not been compromised by having our computers serviced by a security technician and assured that there is no malware present. There is a service, the Invisus PC security service, that will provide a fully managed computer security service including unlimited security technical support plus several additional benefits that will earn you the title of a “Responsible Cybercitizen”.
Requiring ISPs to scan data traffic going to and from computers attached to their networks for unusual patterns of traffic and then deny them Internet access until it has been determined they are not zombies. We can also ask the ISP to provide remote patches, updates and software updates. However, the ISPs will bulk at the cost, liability, autonomy, support, and delivery. Or have our ISPs provide a value-added service similar to subscription-based services offered by the Invisus PC security service which not only provides for a hassle-free computing experience but, is a total security package locking down the end-users computer for a minimum monthly fee.
In order to succeed we must meld security and convenience. The consumer doesn’t want to be responsible for their security. All they want to know is how to turn their computer on and off. Unfortunately, we can’t have our cake and eat it too. The time has come to learn how to maintain a safe and healthy computer (saving the consumer both time and money) void of infections that keep spreading and infecting other computers. It’s not necessary to be technically savvy to operate a computer, like your automobile there’s no need to be a technically savvy mechanic but, it is important to make sure your car is in good operating condition not only for its performance but, for the safety of others. We have laws to assure us the security of cars and their owners are safe. Those who are ignorant of how to maintain the safety of an automobile are required to perform certain responsibilities to insure the safety of their vehicle for others as well as the owner of the car. To insure the safety of others we require a certain level of education and knowledge of the rules of the road. You can’t drive without insurance or a drivers license, which means that you have undertaken and understand some level of instructions.
You may disagree but, unfortunately as impossible as it may be practically, politically, and ethically, to require every consumer… including the ignorant, the poor, and even the wealthy, to be legally responsible for keeping their computer in a state of reasonable security, the fact is you are guilty until proven innocent. So, the next best approach might be to offer to try and educate them but we probably cannot impose a “computer-driving license”. Again, we may be able to offer an alternative by requiring the consumer to take necessary steps to assure that their computers are serviced and up-to-date with professional security software and that they are checked and given a clean bill of health; free of malware.

 

What is Computer Security?

Computer Security is a branch of technology known as information security as applied to computers. Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The objective of computer security varies and can include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy.

Technological and managerial procedures applied to computer systems to ensure the availability, integrity and confidentiality of information managed by the computer system

 

Computer security imposes requirements on computers that are different from most system requirements because they often take the form of constraints on what computers are not supposed to do.



Typical approaches to improving computer security can include the following:



Computer Security has three Layers:

o Hacking

o Cracking

o Phreaking

 

Hacking:

Unauthorized use or attempts to circumvent or bypass the security mechanisms of an information system or network.

Computer hacking always involves some degree of infringement on the privacy of others or damage to computer-based property such as files, web pages or software. The impact of computer hacking varies from simply being simply invasive and annoying to illegal.

 

Cracking:

The act of breaking into a computer system.

Software Cracking is the modification of software to remove protection methods: copy prevention, trial/demo version, serial number, hardware key, CD check or software annoyances like nag screens and adware.

The most common software crack is the modification of an application’s binary to cause or prevent a specific key branch in the program’s execution.

 

Phreaking:

The art and science of cracking the phone network.

 

 

Security by design:

The technologies of computer security are based on logic. There is no universal standard notion of what secure behavior is. “Security” is a concept that is unique to each situation. Security is extraneous to the function of a computer application, rather than ancillary to it, thus security necessarily imposes restrictions on the application’s behavior.

There are several approaches to security in computing; sometimes a combination of approaches is valid:

 

12 tips for computer security:



 

Regards, Kethy Wrightwww.perceptionsystem.com

Computers are an inseparable part of our lives today, life that has increasingly become technology driven. Besides work, we use computers for communicating, banking, entertainment, research – just to name a few. Besides hardware, security of the new-age machines is threatened by malicious software, viruses, Trojans etc. all designed to cripple a system. Loss of computer security leads to corruption or loss of data, misuse or theft of information, identity theft and unauthorized use of client information, transmission of computer viruses that can affect third parties and can lead to potential liability, services interruptions, security breaches at vital government installations that can threaten national safety. For corporate houses, loss of computer security can make vital difference in acquiring new work and sustaining current projects.

These are strong reasons to computer support the need for installing computer security systems. The first important requirement is licensed Anti-virus software. There are over 50,000 known viruses and 200 new viruses are discovered every month. The easiest method for spreading viruses is by e-mail attachments or instant messaging messages. Viruses can be disguised as greeting cards, funny images, or video and audio file attachments. The computer needs to get updated with latest threats and that is possible only with original computer security software as it gets automatically updated every time the machine goes online.

The next important requirement is Firewall Software. This enhances computer security by controlling communications from it, prevents unwanted accesses and is capable of blocking outgoing and incoming IP addresses.

Often computer security is compromised due to spyware that enters a machine by deceiving the user or through some software loopholes. Sometimes the user is tricked into unknowingly installing it or it piggybacks on desirable software. Hence, spyware removing software is a must in the computer security system.

A pop-up blocker is another important element in securing computers. Malicious attackers are likely to use pop-up windows that are concealed as special offers to set up a malicious code on a computer.

Besides all these installations it is important to ensure correct practises to ensure computer security when accessing the Internet. Never download email attachments from unknown persons, do not share your banking details and passwords with unknown people, do not click on links inside emails, for financial transactions – type in the URL each time on your browser and take care when sharing flash drives. These are just some additional measure to ensure computer security. Always buy licensed, original Operating System Software and Anti Virus Software. While there are cyber laws to help track and punish breaches in computer security, its better to be safe rather than sorry!

Computers are perhaps a highly technological irony. As long as secure servers are working properly, it can allow Internet users to transact business such as sell their products or make purchases without ever having to worry if their information is being hacked. Yet they are inherently vulnerable to hackers whenever connected to the Internet. That is why it is important to learn how to enhance computer systems security.The problem with Internet fraud is vastly growing, and it’s perfectly understandable. There are more and more people getting cleverer when it comes to computers. They can already go through the computer systems security to steal all the confidential information, which can then be used for illegal activities. Nevertheless, there are some solutions at hand, and anyone who is tasked to take care of these issues should know how to do the following things:1. Create a backup of files. Just because they’re stored on computers doesn’t mean that they won’t get lost. Especially when your computer systems security is very weak, you may, in fact, loose all of your important data and information. For all critical files, make sure that you can create backup copies. There are plenty of storage options available. These options include disks, flash drives, and even web-based storage media. Web-based storage media allows you to access your files through an Internet connection. 2. Control the number of people who have access to highly important information. There are a lot of benefits that you gain if you learn how to regulate the number of persons who can access main computers. For one, there will be more accountability. With a controlled system it is very easy to pinpoint the cause or the individual responsible in case there is breach in computer systems security. Of course, it also means that you will lessen the risks of having data stolen. 3. Change passwords as often as possible. The age-old method of Internet protection, the use of passwords, still remains very effective today. However, since there is already a number of software programs that can crack the passwords used to secure computers, it’s highly advisable to modify them at least once a month. To ensure an even higher level of computer systems security, it’s advisable that few people as possible should know about the password. 4. Improve your knowledge in computer systems security. Technology changes so fast and so does the different hacking strategies of scammers on the World Wide Web. It’s important to always be aware of their new techniques, as well as the new procedures and solutions to combat these types of problems. Ignorance should never be an excuse. People working on computer systems protection should be briefed well and study the internal policies and procedures company in running and monitoring computers. When very well organized and coherent procedures are in place, errors and possible hacker penetration can easily be avoided or detected.

This article is useful for all parents, company administration and any ordinary user who want to analyze activities of other person at their computer. Digitalpccare.com is no 1 website for computer surveillance application which helps you to find out truth about other user as record their email, chat rooms, Online dating networks, instant messages, web surfing, program logs, password and more in log file. The professional developer team of Digitalpccare.com creates smart email sending application to transmit log to specified email address. The invisible feature of this software makes hidden itself from all windows program and desktop.

You read and listen daily news, you seen that there are several problem in business or home computer like unauthorized access, abuse, pornography or illegal site, fraud etc. To analyze who is responsible for it, there is various monitoring application in market but they are costly and not properly work as compare to this (Digitalpccare.com) Keylogger.

Have you ever lost password of any email account or text of any document then you can reveal your typed text from log file of this application. From log file you can found your misplaced content in original format as you type with date and time.

The R&D and software development team of Digitalpccare.com provide various advance feature in this particular software. Some of them are described below:* High transparency and invisibility in the system: The person who uses the computer is unaware that their actions are being monitored.* Worlds best selling software for monitoring and recording every detail (online / offline) of computer: Selected by various expert PC users.* No language barriers, Security & Protection, Comprehensive and easy-to-use.* Compatibility: Compatible with all windows OS with any hardware specification.* Support: Customer support executive of Digitalpccare.com provide 24 hours worldwide online support.

I am a company representative and fully satisfied with this application to monitor my children and employee online activities.For more details about this software:Logon the website :–> http://www.digitalpccare.com orEmail at :–> dpcsub@digitalpccare.com