Here’s an idea. This is a little off topic to what my paper is on but it fits the description, kind of.

Google. An awesome company, come out with great ideas, (a little bit after the competition), but still good ideas. Example: Google Chat, came out after MSN messenger (now known as Windows Live Messenger, but will forever be called MSN) and wasn’t nearly as successful. Another example, Google Buzz, same concept as Twitter and Facebook message status, but not popular.

Why is this so? I’ve pondered and pondered and this is the answer I came up with. The Empire. Google’s empire has to do with single sign on. If you have one Google account you can access any service they provide? But what if you have an email address from another provider or say your own company? You can’t access Google’s services.

This used to be the case with MSN messenger, but not once they created the passport.net feature. Ever since that came out one could use any email address to create a passport.net account and access the MSN messenger service.

In the case of Twitter and Facebook, one can use any email address to access their services. Sure, you have to create an account, but once you do, you can just give everyone your own e-mail account instead of having to give them a new one. Chances are most people already have that e-mail account anyway.

Now, on Google’s side, they do have the best e-mail client I’ve ever used. Gmail makes life very simple and straight forward with the option to customize and complicate things to one’s liking. I would tell everyone to switch over (which I often do). Not to mention an amazing spam filter that keeps the viagra wannabe ads out of my inbox.

So here I pose another question, why don’t people want to switch to a better service?

An answer coming soon…

Social Networking

The paper I will be writing is entitled The Severity of Social Engineering. This paper will begin by breaking down the definition of severity as per the industry standard.   Companies such as SANS have developed security models such as the SANS Top 20 Cyber Security Risks.  SANS looks at various aspects including client-side vulnerabilities, internet-facing web site vulnerabilities, Zero Day vulnerabilities, etc.  This paper will look at what aspects are used to determine the severity of attacks to develop a definition of what the industry looks at to define severity.

The industry does not have an official definition for social engineering; therefore, this paper will look at the loose definitions of social engineering and develop a definition that can be used in the industry.  Social engineering has been around as long as social interactions have existed.  Attackers use human interaction techniques to persuade others into doing things for the attacker and/or providing information to the attacker.

With many human interactions now done online, social engineering attacks have been exceedingly prevalent around the internet.  This paper will then apply the definition of social engineering to the definition of severity and determine whether or not social engineering will be in the top cyber attacks in the immediate future.   This paper will also provide some recommendations on how to combat these attacks.

General

In continuing my research for my dissertation I found that the forensics reconnaissance aspect of it would prove to be very difficult. I would need a lot of data that companies would not be willing to share or are bound by privacy law to not share. So I have to cut out that aspect of my research paper.

Now for the second part. The primary question is how do I salvage social networking attacks. I needed to transform this into a new analysis.

In my research I found a few papers written on what can happen and what they do. However, I noticed that the severity of social engineering attacks are not being seen by as many security administrators as it could be.  I checked a few of the top rankings of threats and the threat of the human factor or social engineering was not in their top ranks. I believe that for the next decade, at least, social engineering will be a top threat that IT security administrators will need to look at.

Therefore, in my new approach to my paper I hope to start by defining the anatomy of a severe attack and then describe how social engineering fits that model.

My thesis will have to be a hypothesis that claims that the severity of social engineering attacks will make these attacks a top threat for IT security administrators for at least the next decade.

The phrasing needs some work but I think I finally have a working thesis that can be applied to my dissertation.

Dissertation

For the next year and a half I will be writing a dissertation or thesis paper.  Now my professor has dubbed this a master’s dissertation written for an undergrad degree.  Although I don’t get a master’s degree at the end of this paper, I will at least have a thick pile of paper that I can present to my employers and universities that I apply to for my master’s degree.

Once I came to terms with spending the latter part of my undergraduate term researching and writing this paper I had to decide on a topic.  Two things that interest me most, as seen in my previous posts, are viral intrusions and social engineering.  The parts that intrigue me most about viral intrusions are how they get in, what they take, and why.  Lately, I have been doing a lot of work on social networking which does tie into social engineering.

Now to put these two together, I have come up with the topic of “Forensic Reconnaissance of Social Networking Attacks”.

What does this mean you ask?  Well forensic reconnaissance is done once a crime has taken place.  A forensics team goes into a crime scene, takes the finger prints, in our case digital, searches for evidence and presents this evidence to the crown attorney and they choose whether to press charges or not.

Attacks on social networking websites have become more prevalent in recent months as identity thieves try to find new ways to gather information of their victims.  The SANS top 20 has described social networking as a key factor in their description of a real life HTTP client side exploitation example.

I hope to combine these two topics to see how attackers use social networking websites, what information they gather, and the application of the information they gain.  This paper will hopefully dive into the psyche of an attacker and examine previous cases of social networking attacks to give the defenders a better understanding of how to be proactive in protecting themselves.

Stay tuned and enjoy!

Dissertation

Hello Everyone,

I know I said I’d get around to this sooner, sorry for the wait.

Attached is the paper I wrote on social networking, which was based primarily on the research done based on those who participated in the survey on Facebook.

Once again, thanks to everyone who participated in the survey.  I hope you enjoy the paper!

Update: Facebook has agreed to make some changes to their privacy policy based on the privacy commissioner of Canada’s findings.  (I like to think maybe my paper had a little to do with it as well )

Click here to view

General

Hello readers!

CloudCamp is coming to Toronto July 22nd, 2009.

“CloudCamp is an unconference where early adopters of Cloud Computing technologies exchange ideas. With the rapid change occurring in the industry, we need a place we can meet to share our experiences, challenges and solutions. At CloudCamp, you are encouraged you to share your thoughts in several open discussions, as we strive for the advancement of Cloud Computing. End users, IT professionals and vendors are all encouraged to participate.” – CloudCamp

What: CloudCamp Toronto
When: July 22, 2009
Where: Toronto Marriott Downtown Eaton Centre (525 Bay Street)
Who: Anybody
Price: Free
Time: 5pm-9pm

For more information visit their website: http://cloudcamp.com/toronto

General

Hello everyone,

Thank you to all those who participated in the survey! The results will be posted in early August.

General

Hello Again Readers,

So many people have come to me when I tell them they’re infected and said something like, “Oh, I thought that was normal!” Well I’m here today to tell you some of the signs that you’re infected with some sort of malware. By no means is this a complete list, but I tried to pick out some of the more common ones. If you`d like to discuss this further, feel free to e-mail me and we can talk.

So the first one is that most variations of the Smitfraud infection install something that tells you that you’re infected. The fake antivirus post from Dec 29, 2008 is part of it. Those programs that say you’re infected are the most obvious.

Another obvious sign is when your desktop background changes to something like this:

Random shortcut icons like that look like virus or spyware removal programs also get added to your desktop. These icons are actually shortcuts to infected web pages that download more malware so your poor computer gets even more infected.

Tied in with this are random spam messages that pop up when you’re doing nothing. As seen below:

Please don’t click “Ok” it will only harm your computer. It may look real, but consult a professional.

Another key thing to notice is that when you type in something into your address bar, you end up going somewhere else or instead of the web page you want coming up, you get a search of the words you put in. This is a good indication an infection corrupted your host file. To view or fix this you could find the hidden file in your Windows system folders but it`s a bit of a pain if you don’t know what you’re doing.

An example is let`s say you type in www.hotmail.com. Trend Micro shows an image of a fake Hotmail page:

It’s a bit blurred but if you look carefully the page in the address bar is no longer “http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=10&ct=1231879587&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx%3Fn%3D1568145402&id=64855″ but instead something totally unrelated. Most people don`t even check to ensure that the address in the address bar is the same one they typed in once the page loads. Let this be a lesson to you, DOUBLE CHECK!

My next question to you is, if you look in the region of your address bar up at the top of this window, do you have a bunch of toolbars there? If so, uninstall them. If you can’t uninstall them, it’s an infection. Plain and simple. Also, when you’re installing software and it asks you to install something totally unrelated like the “Ask toolbar”, uncheck the box! They get annoying, take up a lot of space and memory, and are just plain useless. A common one that has been getting installed on users computers is called “Mirar” (Seen below) as described by Symantec, this toolbar needs to be manually installed and is a pain to remove.

Finally, a topic of consideration is when you think to yourself “Oh boy is my computer running slow!” This is a good indication that you have something else lurking in the background. Also, most computers have a little LED light on the front of the case that show when the hard drive is in use. If you`re not doing anything and that LED is going nuts, there`s a good chance something is going on in the background you can`t see.

So be safe, have a good antivirus program running, and remember to practice your safe surfing tips!

malware annoying, antivirus, Apple, common sense, danger, malware, Phishing, spyware, tips, Trend Micro

Hello readers!

Happy 2009! I get a lot of questions about these “safe surfing” practices I often refer to. Therefore I thought I’d start off the new year with the following article explaining what exactly I’m talking about. I’m going to assume that most people are using a version of a Microsoft’s Windows operating system for the majority of these, however when there is something that applies to other operating systems, I’ll be sure to mention it.

Safe Surfing Tip #1: Applies to Apple and Microsoft
Always buy your operating system!

The first and foremost reason for this is that companies like Microsoft and Apple constantly provide software updates and patches that are vital to your protection as a user of their software. These major companies put lots of money into taking care of their customers. It may not always seem like it, but they do. Everytime there is a loophole, the programmers are hard at work to fix it. If you choose to use a cracked version, you are A: (In most countries) Doing something illegal and B: Are missing out on critical updates to prevent malware and other types of attacks.

Safe Surfing Tip #2: (Applies mainly to Microsoft products, but more and more to Apple as well)
Always buy and regularly update your antivirus software!

Same sort of theory applies to this tip. If you don’t buy the software and use a cracked version or nothing at all, you are subjected to not having the updates and proper proactive protection needed when surfing the internet.

Also, choose one program and stick with that. No need for more. They just get in each other’s way. I’m not going to recommend one over the other, there have been many comparisons that can be found online if you’re willing to do the research.

Safe Surfing Tip #3: (Applies to all users of antivirus software)
Just because you have antivirus software, doesn’t mean you won’t get infected.

The first statement I get when someone comes to me with a virus issue is “but I have antivirus software!”

The main reasons that the virus got through the protection are as follows:
1) You disabled it
2) The “allow” button was clicked one-too many times
3) You allowed some program like Limewire through to download illegal music and downloaded something you thought was music, but was really a virus!

Well either those or you got tricked into opening a “male enhancement” attatchment because it was sent by a spoofed address that you thought was someone you knew.

Safe Surfing Tip #4: (Applies to everyone)
If you should be paying for something but you’re not, there’s always a chance you’re not getting what you expect.

This applies for many things, the main one being those users of torrents and P2P sharing programs. Like I mentioned in my little Limewire rant above, often files thrown into the mix of mp3s are malicious files that are mistakenly downloaded onto the system and run, thus hitting your system pretty hard with a wide variety of infections. This applies even more with software programs and keygens. Countless times I’ll check the browsing history of an infected computer and I’ll see search history for a keygen.

I’ll also mention one thing here I really can’t stand and that is people searching for pornography. In both real life and the virtual world, it’s a great way to catch a little more than a cold. I’ll leave it at that.

Safe Surfing Tip #5: (Applies to All)
When in doubt, don’t do it.

This is a common tip you hear in all walks of life. Unless you’ve got some neuropsychological issues, instinct is your friend. That gut feeling you get when you’re going somewhere you’re not supposed to be is telling you something. Listen to it.

These are just a few of the ways to stay safe when browsing the internet. Remember common sense is a lost art. Learn to use it!

General antivirus, Apple, common sense, danger, Mac, malware, microsoft, PC, Phishing, safe surfing, spam, spyware, tips, virus

Hello readers!

I know it’s been a while, but things have been busy with this influx of viruses.  I’ll keep this short and sweet but one of the main concerns I have are phishing schemes. There are many various rouge anti-spyware programs like “Antivirus 2008″ or “Antivirus 2009″ or “XP Antivirus”.  There are just too many to name!

Anyways so those of you who have already seen this have hopefully not signed up to pay for it. If you have QUICKLY CALL YOUR CREDIT CARD COMPANY AND PUT A STOP ON IT AND GET THEM TO ISSUE YOU A NEW CARD!!!!!

If you have not seen it yet and do sometime in the near future be sure to not sign up for it. Consult your nearest PC support centre to get it removed. Chances are if you have one infection, there are plenty more lurking in the background.

Though there may not be something blaring out at you in the open, there might be cases where you type in an address into Internet Explorer, it opens a totally random site, or something related but not quite the one you wanted. This is also a sign of an infection. Another common sign is pop-ups. Lots and lots of (or a few here and there randomly) pop-ups. They do get annoying, so if your pop-up blocker is going nuts or if you notice yourself closing a lot of random windows, there is a good chance you have a lot of infections.

So keep an eye out, practice safe surfing and if you notice anything suspicious, it’s a good idea to get some professional help.

Hope that helps!

malware annoying, antivirus, help, malware, Phishing, popup, scheme, spyware, virus