seashell software: June 2007 Archives

« May 2007 | Main | July 2007 »

June 29, 2007

Rule #1

Don't talk about Fight Club...no wait, wrong Rule #1. In the world of e-mail, Rule #1 is:

Don't open attachments from e-mail senders you don't know, and even if you know the person, think twice!

This is why a new attack is rearing its head, trying to sucker you in saying you have an e-postcard from a friend or family:

The attack arrives as a spam with the subject line "You've received a postcard from a family member!" and contains links to one of several malware hosting sites, said SANS researcher Lorna Hutcheson in a SAN ISC security alert. The interesting part is just how multi-layered the attack is - it uses several different exploits, both technical and social.
It starts by testing to see if Javascript is enabled, and if it's not, it prompts you to download a file called ecard.exe and run it. If that fails, it tries three different exploits in sequence until it finds one that works, starting with a QuickTime attack, then a WinZip attack, and finally what the ISC calls the "hail Mary" WebViewFolderIcon exploit.

This is how "zombie" systems are created. With a solid zombie PC network under their control, professional spammers can send out those millions of canadian drugstore/viagra/penis enlargement e-mails you get daily.

There's always a temptation to open a suspected attachment when you've got good virus scanning software installed. DON'T!!!:

Perhaps the most dangerous part is that, when SANS ran it through 30 different anti-virus programs, only a quarter of them picked up ecard.exe as a suspect download.

The goal of the virus programmer is to come with stuff that commercial virus scanners aren't aware of. Just. Don't. Open. It.

Posted by Leader at 9:57 AM

June 26, 2007

Is it really all that contrarian of a philosophy?

Google doesn't do VMware, blade servers, and all the "new hotness" of server technology:

Google will continue crafting its own low-cost, relatively low-performing boxes to support its software-over-the-wire plans. The ad broker looks to focus on lowering energy costs, improving its parallelized code and boosting component life spans rather than messing with things such as VMware and GPGPUs (general purpose GPUs). So, those of you buying into the software as a service idea might want to have a think about Google's contrarian approach when the likes of HP, IBM, Sun Microsystems and Dell come hawking their latest and greatest kit.

That sounds more like KISS to me than some huge departure from the norm. What's also interesting is Google's "green-ness:"

While it used to dispose of data center metrics after a few weeks, Google now collects and keeps just about every tidbit of information it can on system and component performance. The ad broker studies obvious areas such as system utilization and power consumption. It also digs into more unique items such as monitoring the health of certain types of disk drives over their lifetimes. As part of this process, Google examines drives from various manufactures running at a wide range of speeds.

unlike hardware vendors or consulting firms like EDS that have large data centers, Google is truly a hardware consumer. Their product (and profit) resides almost exclusively on the hard drives of their data centers. Reduce the energy costs, increase the value to the shareholder. Again, KISS, but it's green at the same time.

Posted by Leader at 8:02 AM

June 20, 2007

This is a neat product

I don't know if I can bring myself to work lying down, but I do like the idea of sitting up on a bed and having better support:

Adjustable Aluminum Laptop Desk

There are times when I'd like to spread out on a hotel bed and work as opposed to a small desk/table in the corner.

Still, this is a bit on the lazy side, even for me:

Posted by Leader at 10:57 AM

June 8, 2007

Geek Humor

:-)

Posted by Leader at 5:25 PM

June 6, 2007

Julie Amero is free...

(crossposted)

So, Norwich, CT, substitute teacher Julie Amero has been granted a new trial:

NEW LONDON -- A Superior Court judge Wednesday granted a new trial for Julie Amero, 40, a Norwich substitute teacher whose faulty computer spewed pornographic images in her seventh grade classroom.
"I had a great team behind me,'' a tearful Amero said. "I feel very confident with the decision today.''

The new trial ordered by Superior Court Judge Hillary B. Strackbein comes after a campaign on Amero's behalf by computer security experts around the country, who offered evidence showing that Amero's computer was taken over by malicious "spyware" that caused a rapid fire sequence of pornographic "pop-up" windows to appear on the screen.

This has been a troublesome case from the start. So many people have been inundated with malware attacks, spam from porn providers, and web-based popup ads for porn sites that it was almost incomprehensible to me that someone would find something insidious about this incident. Still, Norwich had a cop with little-to-no computer training, much less computer forensic training, and allowed him to go after this poor woman.

Worse still, a criminal court judge allowed this detective to testify as an expert witness. Hell, I've been doing computer programming and support work for 36 years, and I don't think I could get certified to testify as an expert on web-based malware. Reporting by Steve Bass of PC World and Mark Rasch of SecurityFocus indicates that neither the prosecutor nor the "expert" witness really have a clue.

The rational for setting aside the verdict, frankly, scares the crap out of me:

In setting aside the guilty verdict, Strackbein ruled that the witness the state presented as a computer expert, a Norwich police detective, provided "erroneous" testimony about the classroom computer.
"The jury may have relied, at least in part, on that false information," said Strackbein.

The motion for a new trial was filed on Tuesday by Amero's attorney, William F. Dow. The motion said that evidence gathered after Amero was convicted in January of four counts of risk or injury to a minor casts serious doubt on her guilt.

The judge cited a forensic computer analysis conducted by the state police crime lab - conducted after the guilty verdict - to support the argument that the verdict should be set aside. She said the lab report "contradicts testimony of the state's computer witness."

They put this woman in the dock based on the affidavits and reports of an untrained police detective. A prosecutor ran with this knowledge and did his damnedest to ruin Amero's life. Now, the judge says this was "false information." Providing false information to a courtroom, under oath should have more consequences to this detective and prosecutor than a simple "oops, we fucked up." If the CT state police's lab and dozens of independent experts could present reasonable doubt in this case after the verdict why wasn't this evidence produced at trial? Would it have been so difficult to not simply take the word of an untrained police officer as gospel?

I don't know if Amero has any legal recourse against the detective in question and the Norwich PD, but I hope she can take them to the cleaners.

Another disturbing aspect of this case is reported by Andrew Kantor, a technology writer for USA Today. In his blog, he reports that the Norwich Bulletin, the paper of record for this case, is purging stories and blog entries where their support for convicting and punishing Amero was quite vocal. Of course, people who pull this sort of stunt are usually too dumb to realize that Teh Google has its neat "cache" feature, but still the "We are at war with Eastasia. We have always been at war with Eastasia" aspect of this is a concern.

In any case, the prosecutor will not re-try Amero, so hopefully she can put this ugly incident behind her.

(h/t to El Reg for putting this in the newsfeed)

Posted by Leader at 3:56 PM

June 5, 2007

1GB over plastic?!

Currently, fibre-optic transmissions are accomplished using very thin stands of glass (50-70 microns). Siemens has made a breakthrough in using plastic rather than glass:

Siemens researchers have demonstrated a data rate of 1Gbit/s over plastic optical fibre, a speed ten times higher than is possible with current products.
Sebastian Randel, the Siemens project manager, said the team sent an IPTV signal at 1008Mbit/s over a 100m connection in the lab, without errors or any flickering on the TV screen.

Anyone who's worked with glass fibre knows it's difficult to handle, and even more difficult to make custom lengths. I took Siecor fibre training some years back, and it took all day for me to accomplish a simple fibre splice. Plastic Optical Fibre (POF) will improve this dramatically:

POF's advantages include flexibility, robustness and ease of connection, all of which make it easier and therefore cheaper to handle - it can even be installed by us cack-handed end users. In particular, the optical core is much thicker than in glass fibre, so it is more tolerant of misaligned connectors, and it can be cut satisfactorily with a metal cutter, whereas glass needs a diamond cutter.

not to mention that plastic will be cheaper!

Posted by Leader at 5:09 PM

seashell software

New Orleans Computer Training, Consulting, UNIX/Linux, Storage Area Networks / SAN, Internet Development