Sponsored Links

NessusWX Development PDF Print E-mail
Tuesday, 03 March 2009 21:59

I've uploaded a text file giving detailed instructions on how to set-up a development environment under Windows for compiling the NessusWX client software. The document explains everything in excruciating detail and can be found in the files section. Have fun!

 
 
When will Microsoft learn... PDF Print E-mail
Tuesday, 03 February 2009 14:08

 

Once again, Microsoft has decided that when you install a "critical" security patch via their Update service, they can add unrequested software silently and it's not only OK, but no one will notice.

 Hah!

This time around it's the release of the .NET v3.5 Service Pack 1, which will also silently add a Firefox extension (even if you don't have Firefox installed, and yes that's possible). You will never be prompted if this is OK, and what's more, you can't easily uninstall it.

Yeah. Real cute.

So here's how they do it. Here is how to remove the offending extension if you are so inclined. And here's someone else who discovered the same thing, so props to him.

 

So what has Microsoft done wrong with this? Simply:

  1. Modified a user's third-party application without permission, from either the user or the third-party vendor (Mozilla)
  2. Created yet another potential channel for  unsolicited software installs (ClickOnce)
  3. Prevented the average end-user from being able to uninstall the unsolicited extension
  4. Deceived users by implying this was a critical security patch when in reality it is much more

Anyone who has any version of .NET installed will be offered v3.5 as a critical security patch when they use Windows Update. If you have Windows Update set to automatically update then you've just been given a new Firefox extension.

It does not appear that this is the case with Vista users, though that is not fully confirmed yet.

 
 
UPDATED: Annual Identity Checks article PDF Print E-mail
Friday, 23 January 2009 14:56
I've updated my article on performing an Annual Identity Check. It now includes details on requesting credit reports from Innovis, TeleCheck and more. And I re-verified all the phone numbers and website links. You can read the article here.
 
I never had these problems when I was a kid PDF Print E-mail
Friday, 02 January 2009 21:37

This Christmas my daughter got a Fisher-Price Kid Tough digital camera from a relative. It's an adorable pink camera of modest resolution with a USB cable to use for downloading the pictures to your computer.

And it comes with a free virus! Yay!

Fortunately, my anti-virus software instantly detected the malware and quarantined it. And I long ago disabled all Auto Run support in Windows. If I hadn't, the virus may have actually been able to run briefly. Malware needs only seconds to wreak havoc. In this case, it was a worm that installs backdoors, probably to open up a PC for eventual induction into a botnet.

Attempts to contact Fisher-Price (or rather Mattel) have been fruitless, but I suspect this is a case of the factory where they were being made using a crappy, infected PC for doing quality assurance checks. Other possibilities that come to mind are disgruntled factory workers, or even an organized attempt to increase the size of a botnet. It's not beyond the realms of possibility a criminal organization is paying off workers in factories to infect the devices being distributed.

Fortunately, all I had to do was format the flash drive and my daughter can go back to taking insanely large number of pictures of her toys.

 Hello Blurry!
 
SANS Community in Raleigh PDF Print E-mail
Monday, 13 October 2008 21:49

SANS will be teaching a high-level security course in Raleigh, NC this December. For anyone in the state, this is an excellent opportunity to get hands-on, detailed experience and knowledge about how to hack your own network, perform security assessments and learn to stay-ahead of the bad guys.

 [ Community SANS Raleigh Durham Winter 2008 ]