Windows 8 security improvements

Microsoft Windows was never meant to be an operating system dedicated to tech-savvy users, a proof of this is the lack of the processes details in the default Task Manager. We can see only the running processes including services and we have as options only to kill a certain process or to set its priority to the CPU. How many of you were able to kill a malicious process for example a computer trojan from Task Manager in the recent days? I bet nobody. That’s because the real computer trojans does not appear in the Task Manager with a name as trojan.exe allowing you to simply kill its process, instead the …

Continue reading

Posted in Thoughts.

A Little Hacking History

In today’s world it is common for the hacker to find flaws that can be exploited in software allowing access where there should be none. Those being found for the first time and not already known are rare but are called zero day because there is no defense against it until it is understood how it is done and therefor how to block that method. Those that hack for bad (known as black hat), when getting a hold of such knowledge as unknown methods to access computers by weakness in code, will often sell the knowledge to others who will actually make use of it. It will compromise the security …

Continue reading

Posted in Thoughts.

American Corporate Software Can No Longer Be Trusted For Anything

American Corporate Software Can No Longer Be Trusted For Anything The discussions around SOPA have shown a very unfortunate side of United States policy making — that its policymakers are not the slightest afraid of legislatively ordering American-run corporations to sabotage their customers in order to further United States foreign policy. I have no idea if the article is from a reputable website or not. The issue it raises is valid even if it is a trash think tank for one of the political parties or someone with an axe to grind against Microsoft. Let me run a few items by to set up the discussion. The TSA (Transportation Security …

Continue reading

Posted in Thoughts.

Naval researchers pioneer TCP-based spam detection

A group of researchers from the U.S. Naval Academy has developed a technique for analyzing email traffic in real-time to identify spam messages as they come across the wire, simply using information from the TCP (Transmission Control Protocol) packets that carry the messages. http://www.itworld.com/networking/235527/naval-researchers-pioneer-tcp-based-spam-detection ———- So this begs the query of what do you do about spam? Spam has been with us so long that it literally became the main message passed in email. Microsoft teamed with several other security outfits to assassinate several botnets and remove their domains and command and control centers in the last several years. My answer to spam has been to drop email. I answer …

Continue reading

Posted in Thoughts.

What to do about the compromise of digital certificates?

I have no answers for the question, just examples and other questions. If you’ve been living under a rock the last year, malware writers have been finding holes to use digital certificates to slip in to computers. What are digital certificates? From Webopedia: An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply. http://www.webopedia.com/TERM/D/digital_certificate.html The Certificate Authority(CA) issues an encrypted message with a digital public key along with other information. The implication above …

Continue reading

Posted in Thoughts.

Researchers Warn of New Windows 7 Vulnerability

Researchers are warning about a new remotely exploitable vulnerability in 64-bit Windows 7 that can be used by an attacker to run arbitrary code on a vulnerable machine. The bug was first reported a couple of days ago by an independent researcher and confirmed by Secunia. In a message on Twitter, a researcher named w3bd3vil said that he had found a method for exploiting the vulnerability by simply feeding an iframe with an overly large height to Safari. The exploit gives the attacker the ability to run arbitrary code on the victim’s machine. “A vulnerability has been discovered in Microsoft Windows 7, which can be exploited by malicious people to …

Continue reading

Posted in Thoughts.

Avira Antivirus Premium 2012 free license key giveaway

Perhaps you, my readers, are tired(bored) to read articles about complicated malware analysis and how to disinfect the computer manually which sometimes is a tough job, so I thought it is a good idea to offer you an easier solution to keep your computer protected from malware.  My idea is to reward my website visitors with a free 1 year  license key for Avira Antivirus Premium 2012 — the license will be bought by me. Avira Premium 2012 is an antivirus that I love for its simplicity, its low computer resources usage and effectiveness. Who visit the underground forums know aswell that bypassing it is a nightmare challenge for virus …

Continue reading

Posted in Thoughts.