Tuesday, May 28, 2013
Privacy and Browsing: Does Google Know You Too Well?
Recently a colleague asked if I had any recommendations for maintaining some semblance of privacy when online. His specific concerns were web browsing, search, and email. In each of these cases, one or two well-known names have a reputation of knowing their users a little too well. How often do you see advertisements that seem to read your mind? Have you ever researched or purchased a product, only to see lots of advertisements for a related product or accessory?
Tags:
Hacking,
Practical Security,
Privacy,
Social Networks
Tuesday, May 14, 2013
How to crash a Windows shell
I typically
write about things I have experienced, or topics of interest I have researched,
but always something on which I have come to a conclusion. This week I am
taking a different approach: document something I discovered, but for which
getting to an answer goes beyond my skillset.
In July of 2010, I discovered a bug in Windows XP that allowed me to reliably crash a command shell. I reported the details to Microsoft's Security Response Center (any time you can force unexpected behavior in an application, there is at least a possibility that you can force your own arbitrary behavior). Microsoft's response was that while I was able to force cmd.exe to exit ungracefully, it did not indicate a security concern. That may well be true, but my curiosity brought it back to mind this week, and I was quite surprised to find that the bug still exists in Windows 7 with all current patches.
In July of 2010, I discovered a bug in Windows XP that allowed me to reliably crash a command shell. I reported the details to Microsoft's Security Response Center (any time you can force unexpected behavior in an application, there is at least a possibility that you can force your own arbitrary behavior). Microsoft's response was that while I was able to force cmd.exe to exit ungracefully, it did not indicate a security concern. That may well be true, but my curiosity brought it back to mind this week, and I was quite surprised to find that the bug still exists in Windows 7 with all current patches.
Tuesday, May 7, 2013
Being a “Paranoid” in a Social World
As the one responsible for LAN security in a major
technology company, I am paid to be paranoid. As one that has been involved in
security threat research for over a decade, I know there is good reason to be
paranoid. In fact, I dealt first-hand with a case of credit card fraud a couple of months ago. Computer threats have evolved
from pranks for attention a decade or two ago, to a major business that by one
account is more lucrative than illegal drugs. At the same time, our lives are
more Internet-connected (and accessible to bad guys) now than ever before –
smartphones, tablets, game consoles, DVRs, home security systems, even
household appliances and cars have network connections. A smartphone and a free app can become a
credit card skimmer. Bots can troll Twitter to harvest phone numbers, bank card numbers, and phone PINs. One "vendor" even advertises a fraud service right in the open on Facebook.It’s enough to make
a paranoid want to duck and cover, isn’t it?
Wednesday, May 1, 2013
Of Lemons and Prayer
One of my passions is leading an Awana club each Wednesday night. Awana is a Bible-based kids club that in our case is geared toward preschool through 6th grade students. We want to instill godly character in our kids through the gospel of Christ, Scripture memory, and Biblical lessons, all in a fun and exciting environment. Our core mission is to get as much of God’s Word as we can, as deep as we can, into the hearts of as many children as we can. One of the ways I make it fun is by injecting science experiments into the lessons I teach. Occasionally I document some of those lessons on my blog.
Most kids (adults too) have a variety of electronic devices. Cell phones, iPods, tablets, game systems, calculators, watches – all rely on battery power. Forget to charge the battery, and the device will not work. With many of these devices you may get a day or two out of them, but that’s about the limit. Once the battery dies, until it is recharged, the device is useful only as a paperweight!
Most kids (adults too) have a variety of electronic devices. Cell phones, iPods, tablets, game systems, calculators, watches – all rely on battery power. Forget to charge the battery, and the device will not work. With many of these devices you may get a day or two out of them, but that’s about the limit. Once the battery dies, until it is recharged, the device is useful only as a paperweight!
Subscribe to:
Posts (Atom)