21-09-07

about teleworking

During the research about teleworking it became quite clear that

* Many of the documents are propaganda and have only one intention - that is to propagate teleworking

* Many of the documents online are also old, sometimes even very old

* Many of the documents have only a labor-relations or human resources aspect and it is hard to find advice for the ITsecurity man

Some things become clear

* The US government stated in march 2007 that it is forbidden for teleworkers to use their own pc's for telework. This seems the best practice because on companycomputers you can install whatever you want or need to optimize security and operations.

* The NIST finds that not only a software firewall but also a hardware firewall are necessary. This seems like a good idea because there is no way you can be sure that all those wireless routers people are using are secured

* You must do a pilotproject, subscribe the people, the documents and the workflows and have a helpdesk in place

And most of the time the telework will cost you more than its advantages, unless you don't invest in security and doesn't care a bit that your systems and files become compromised.

22:37 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

punx not dead and vinyl neither

As more and more old stars are trying to get a better pension by playing get together gigs for the 40 plus generation that wants to go to the concerts they weren't allowed to see when they were "too young" or for which they didn't have the money for, the sex pistols thought why not.

Why not ? punk is just another trend among so many others of which all revolt and resistance has been washed off. The only thing that rests is that even snobs nowadays have their hair straight up in the middle.

Well they are resorting the disc 'God save the queen' and the singles and even on vinyl. Good old vinyl. Nothing like vinyl. vinyl is for music lovers.

the thing is that they would like to buy the record so that just as so many years ago it would be pushed to the number one without any media promotion. It was the power of the street against the power of the media long before the internet powered the grassrootmedia with blogs and web2.0

Pitty that Sid is gone. I still love 'I'll do it my way'   Yeah I do around here, my way. Even when everybody things I am just a small everyday nobody. But I love to kick ass sometimes.

22:13 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

so you thought you were only on one server ?

Fiddler is a tool by Microsoft that works like a proxy between your browser and the internet and it intercepts and logs everything that happens. This is quite interesting to see and not only to find why applications aren't working as they should (or not as fast as they should)

So we went to http://www.demorgen.be  and what did we get ?

We didn't only went to demorgen but we also had traffic with or from the following servers

http://demorgen.metriweb.be/

http://sdc.hln.be/

http://ad.be.doubleclick.net

http://m.fr.2mdn.net/

http://www.keytradebank.com/

http://adbox.beweb.com/bwe/dsab.js

http://view.atdmt.com/

this is quite an innocent example but useful because you now know that if you block these domains, you won't give them any information also as it is nowhere clear how much information they get and keep about you.

 

15:11 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

19-09-07

Microsoft Updates becoming trojans, backdoors and ransomware

On the blogosphere there is much discussion about the stealth downloads that Microsoft has installed together with the latest updates and that weren't published. This isn't the first time as far as I know because windows 2003 servers that were cracked beyond their trial period because payment didn't go through fast enough were also desactivated only after an auto-update. They are now promising Vista prirates will be black-outed soon.

The update process has all the reasons to be trusted in every sense of its word. This is necessary to be sure that you can install the updates nearly automatically without having to worry much about side-effects. But now it seems that there are different changes that came along with this installment and it makes you wonder what would be next. Microsoft says that these changes were only to the updater process itself

At the same time Microsoft is trying to shut down freeware that uses the update fixes but gives the user more control over the installation. Autopatcher is such a freeware that was used by many as a control tool. For microsoft it is a way around WGA and thus gave unlicensed machines the possiblity to install patches they don't have the right to. (more info)

This is a very dangerous vision of patching. Machines are patched to be sure that they aren't used by the malware netwerk that is attacking all levels of the internetbusiness and -community. It is in the interest of no-one that only registered machines are protected. THe whole internet community is better protected if all machines are protected. For this reason the Microsoft update process has become a ransomware.  (pay or be unsafe)

Or is Microsoft preparing a paid subscription service in which you would have to pay for the security updates ? At the other side the updates from Microsoft are so easy if you compare it to other OS and their informationcampaigns about these updates are so wide and extensive that this aspect should be a standard for the whole of the software - industry (including Apple, Sun and Oracle). So these incidents are sidetracking this and can't be the main goal of the update process. Think again Microsoft and reconsider.

free alternatives

http://www.vulnerabilityassessment.co.uk/ctupdate.htm

http://sourceforge.net/projects/updater-cd/

http://wud.jcarle.com/UpdateLists.aspx

there are commercial alternatives also and they have the permission

You can also try to isolate the downloads in a sandbox

http://www.sandboxie.com/index.php?DownloadSandboxie  30 days

the alternatives of this product didn't protect against malware

or free personal virtualisation

http://www.trustware.com/virtualization/free.html

copy software http://fileforum.betanews.com/detail/AutoPatcher_XP/10671...

sign petition for autopatcher

 

10:39 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

17-09-07

film Bourne identity protected by new unknown mediadefender company

For “Bourne Ultimatum,” I can’t really tell who is protecting it because there aren’t obvious signs like interdiction (MediaSentry) or trackers using DynDNS (Macrovision).  They’re using somewhat obscure trackers that require registration.  Could someone from the torrents team tell me if these sites are legit and if so, can we use them to post our decoys?  This is one of the bigger Universal Pictures releases, so we’ll research it more and try to find out who is protecting it.

 

Here are some of the trackers they used for Bourne Ultimatum:

 

http://www.digdogdug.net

http://www.pythons-lair.com

http://movie-hogs.com

http://www.torrentlounge.com

 

Note: They also used Demonoid and PirateBay to post fakes.

 source http://jrwr.hopto.org/msg01394.html

13:49 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

are modempools like jaxtr.com the next bot tool

You should think so by reading this from mediadefenders

http://jrwr.hopto.org/msg03797.html

When Steve, our head of IT, gets back, you should hold a meeting about this. Jaxtr and Jangl have gotten their hands on thousands of phone numbers from 51 countries. I doubt they went country by country getting those numbers. We should look at what IT they might be using to accomplish this amazing goal.

 

13:26 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Are mediadefender firms distributing porn - you should think so

  • From: "Daniel Lee" <dlee@mediadefender.com>
  • Date: Thu, 6 Sep 2007 14:21:47 -0700
  • Authentication-results: mx.google.com; spf=pass (google.com: best guess record for domain of xxx@mediadefender.com designates 65.120.42.14 as permitted sender) smtp.mail=xxxx@mediadefender.com
  • Delivered-to: xxx@gmail.com
  • Thread-index: Acfwy+6U8DdTaV4KRJeORY30oS3uMw==
  • Thread-topic: TMG Competitor Analysis on eMule

  • For our competitor analysis on TMG, we tested the search string “Spiderman 3 FR” on eMule.  TMG’s protection was very noticeable even on real DonkeyServers.  They primarily used cross-named porn and a few inflated decoys for protection.

    --------------- end quote

    so mediaprotector films are renaming pornfilms as popular searched for downloads ?  First a problem of copyrights (of the pornfilm). Second a problem of the moral rights of the author (being distributed as a porn film). Thirdly not according to laws that oblige to do an age check.

    the fine line of the law

     

    13:15 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |