Protecting your Data from being slurped up!

How to protect your data from what the The Guardian calls as ‘ US border agents are doing ‘digital strip searches’? The only way I think this is possible in a fool-proof way in the near future is that every has to absolutely implement a two-factor-DDA-authentication. There is not better #security today - period! There ain’t no stinking #AI, #RNN, #DNN, or Boltzmann machine in the world, or #Quantum computer worth its #quibits which can crack this - at least not in the near future. ...

April 3, 2017 · Amit Bahree

Advice from NSA on how to protect your data from NSA

No, there is no typo in the Subject, this advice is from NSA and should be good if you want to secure your data from NSA. The Register had this excellent write up on Guardian could have protected Snowden. I also like what The Register say: Use an old-fashioned air gap. Be paranoid You also could Steganography , using something like SteganPEG , but that is more obscurity, rather than security. The advice from The Register is sound and essentially is good if you are interested in protecting sensitive data. There are essentially four steps parts to this. ...

August 23, 2013 · Amit Bahree

How not to handle exceptions!

Was trying to pay my Electricity bill online via a site called Bangalore One , which is the Governments, premier one-stop shop for Electronic Delivery of Citizen Services. I could not pay because it seems like some backend services they need for credit card payment is down. How do I know this? Because the site is revealing too much detail! See the exception details pasted below. ...

July 19, 2013 · Amit Bahree

Facebook and Security again

Facebook and my views of it in the context of Privacy and Security are well known. This conversation with one of their (anonymous) employees detailing a few internal processes and tools is actually quite scary. Now, I don’t know if this is true and how much of this is true; but if I was working for Facebook then all of this is quite logical and makes sense. And, technically all the things talked about is very feasible and not too challenging (of course am over simplifying here). ...

February 17, 2010 · Amit Bahree

Is it time to relook at Facebook again?

I still don’t get Facebook – despite being on it. If I want to talk to someone I will call them, email them, text them, meet them, have dinner with them - get the picture? I am quite worried about the security and privacy elements of it – or rather the lack of it. Those who know me well (anyone?) :-) know I was not always this paranoid but after attending a few Security courses – I cannot bury my head in the sand anymore. ...

January 6, 2010 · Amit Bahree

Cloud computing Risk Assessment

ENISA (European Network & Information Security Agency) – phew that is a mouthful have gotten together with a number of industry leaders and released a Risk assessment for Cloud computing . I have not finished reading this and only eyeballed this, but looks good.

November 27, 2009 · Amit Bahree

Implementing malware with VMs - Subvirt

Microsoft Research (MSR) along with University of Michigan have an interesting paper that showcases a new type of malware specifically for Virtual Machines and hosts running the VM’s (Hper-V, VMWare Server, etc). This malware installs a monitor underneath the host of the VMs as a Virtual Machine Monitor (VMM). All VMM’s run in Ring 0 (kernel mode). ...

November 27, 2009 · Amit Bahree

On Security

Security is a Social Construction - Andrew Martin

November 12, 2008 · Amit Bahree

New Worm (BlackAngel.B) spreading via MSN Messenger

Interesting new worm based on the likes of the movies such as the ring or feardotcom spreading via MSN. It is quite dangerous as it disables many security and antivirus software running such as antivirus, firewalls and even Windows programs like the Task Manager and RegEdit. It is easy to recognize, as you will get the following instant message - which downloads a avi (only that is an exe), when you run that your system is infected and all your contacts on MSN will be send the same instant message. ...

June 16, 2006 · Amit Bahree

Amex Trojan - Beware

If you use American Express, then beware there is a Trojan going around that asks for secure information when when logged into Amex’s secure site. Amex has provided a screen shot of what it looks like, check it out so you know in case you see it. You can read more on this at eweek here . ...

May 22, 2006 · Amit Bahree

Microsoft Journal (MSJ) Scam

Stephen Toub at Microsoft warns about a scam where people have been getting mailings (not emails) offering them MSJ - this a scam as MSJ is not published anymore! Don’t send them your hard earned money. 

January 7, 2006 · Amit Bahree

Santa Instant Message Worm!

Beware, there is a new IM worm that promises a picture of Santa, but instead delivers a rootkit! The initial message will appear to come from someone on your IM list and will include “santaclause.aol.com/a?|” DONT click on that link! The worm is called IM.GiftCom.All. Read more here .

December 21, 2005 · Amit Bahree

Combating rootkit with rootkit

While I totally agree with the concept of combacting rootkit with rootkit when it comes to the new generation of spyware, etc. (remember Sony’s need for control fiasco ), but my concern is there are many lazy programmers (yours truly included) out there and most companies are in a hurry to ship a product out the door without testing as thoroughly as one should, which means when dealing at the Kernel level for most end-users it could be a experience of more BSOD’s . ...

December 20, 2005 · Amit Bahree

More DOS Pings

Here are a few more DOS pings from last night, I think these are poor souls who don’t know they have infected machines (or lets hope so). There is one (218.201.43.148) from China belonging to someone called Ming Chen in Chongqing, might have to drop his/her ISP an email. inetnum: 218.201.40.1 - 218.201.43.254 netname: CQ-CHONGQINGYIDONG country: CN descr: Chong Qing Yi Dong IDC Yong HU descr: 40-43 Duan Qi Yong ...

December 20, 2005 · Amit Bahree

Sony Rootkit DRM Saga Gets Messy

From PCMag, Sony’s incredible gaffe - creating a DRM applet that loads prior to the operating system - has caused an incredible furor. Sony agreed to suspend the program , but that’s not all. Now the rest of the world is piling on. Microsoft now says it will delete the rootkit directly with its anti-spyware program, and it’ll be included in the December version of the Malicious Software Removal Tool. And it looks like the Macintosh, which is also affected by the rootkit , might still be at risk. ...

November 16, 2005 · Amit Bahree

Exploit code chases two Firefox flaws

Two vulnerabilities in the popular Firefox browser have been rated “extremely critical” because exploit code is now available to take advantage of them. The cross-site scripting and remote system access flaws were discovered in Firefox version 1.0.3, but other versions may also be affected, said security company Secunia, which issued the ratings Sunday. One flaw involves “IFRAME” JavaScript URLs, which are not properly protected from being executed in the context of another URL in the history list. A second vulnerability exists in the IconURL parameter in InstallTrigger.install(). Information passed to this parameter is not properly verified before it’s used, allowing an attacker to gain user privileges. This flaw could allow an attacker to gain and escalate user privileges on a system. ...

May 10, 2005 · Amit Bahree

Identity theft - done *legally* by cops...

Got this via internal communities at Avanade. Seems like in Ohio it is legal for cops to steal someone else’s identity as long as it is part of an investigation without your consent - quite scary I think.

April 14, 2005 · Amit Bahree

WEP Dead Again?

SecurityFocus has two part article that looks at the new generation of WEP cracking tools for WiFi networks, which offer dramatically faster speeds for penetration testers over the previous generation of tools. In many cases, a WEP key can be determined in seconds or minutes. Part one , compares the latest KoreK based tools that perform passive statistical analysis and brute-force cracking on a sample of collected WEP traffic. Part two , looks at active attack vectors, including a method to dramatically increase the rate of packet collection to make statistical attacks even more potent. ...

April 14, 2005 · Amit Bahree