There are a few important rules to using the internet, and they apply to many other forms of communication: There are a few important rules to using the internet:

1. If it seems too good to be true, then it is most likely is!
2. If you receive email asking for personal or financial information, delete it! They already have your information, and if they really need your information they will probably do it through more personal contact.
3. Never give out your personal information to anyone, they can and possibly will use it to impersonate you.
4. Keep your antivirus up to date. A good free one for home use is Avast.
5. Keep your Windows installation up to date. You can do this from the Microsoft Windows Update site
6. Run a firewall. If you have Windows XP SP2 or higher you already have one, as long as it is enabled. There are third party firewalls like Comodo Firewall, but I personally find them too intrusive.
7. Use anti-spyware software. A reliable free one is Spybot - SD. Be very careful of sites that advertise anti-malware tools, many are scams that contain spyware and other forms malicious software, there is a good listing of this so called RogueWare at Spywarewarrior.com
8. If you receive an email claiming to come from, for example, your bank, do not click on the link within. Rather open your web browser and type the address in yourself. This way you can be more assured that you are not going to a malicious site.
9. Make sure the site login is using HTTPS and that the certificate is valid. You can do that by double clicking the padlock which is, in the case of pre IE7 and Firefox, in the status bar on the bottom of your browser or clicking on the padlock and selecting “View Certificates” to the right of the URL in IE7 and up. The URL of the site being visited must be the same as the Web site mentioned.

The first three points can also be used to protect yourself from mail, fax and phone fraud. There was an SMS making the rounds claiming that you had won a trip to the Rugby World Cup finals, but they wanted you to reply with your credit card and CVV number. Something most people did not notice was this SMS was coming from, in most cases, an international number and so replied to the message. In the first place the fraudsters where farming credit card information, and the number was also a premium rate one (i.e. it cost up to R50 to send). Definition of the term Phishing taken from Wikipedia In computing, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from PayPal, eBay, YouTube or online banks are commonly used to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a website. Phishing is an example of social engineering techniques used to fool users. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. For more information on these threats and terminology these links are good references:

• http://en.wikipedia.org/wiki/Computer_virus
• http://en.wikipedia.org/wiki/Malware
• http://en.wikipedia.org/wiki/Spyware
• http://en.wikipedia.org/wiki/Phishing
• http://www.symantec.com/norton/security_response/index.jsp is a good information resource.

For the more inclined the following are some of my favorite places to visit (warning geeks only)

• National Institute of Standards and Technology: Information Technology Laboratory
• US-CERT
• PaulDotCom - One of the most interesting, if not crazy at times, Security podcasts on the planet. They also have a Google Group at http://groups.google.com/group/pauldotcom

Changed spyware tool from CCleaner as CCleaner is actually a registry optimisation tool

Click to see full size

Click to see full size

EDIT: I have started the testing, but things at work just went waaayyyy wrong. These will be out as soon as I can get them done.

I really wish some days that I could get a 32ounce cuppa Jo here in “Sunny” South Africa

read more | digg story

I installed Windows XP SP2 on VMWare Fusion and applied all the patches available from our WSUS server. After installing the Benchmark application I created a SnapShot so that I could revert to the original install everytime with no deviations in installation, i.e. I was lazy.

I only encountered one major problem with running the Disk benchmark on PC Mark 04 when using TwoFish/RIPEMD160 encryption in TrueCrypt the entire benchmark would come up with the useless Windows Has Encountered a Problem message.

Platform Used

Apple MacBook Pro 15″ (2.4GHz, 4GB RAM, 120GB 5400 HDD, 8600GT 128MB)
Windows XP SP2
VMWare Fusion
CrystalMark 2004r3
Crystal DiskMark 2
PGP Desktop 9.82 Win32
TrueCrypt 5.1

Unfortunately I could not get a trial copy of Utimaco’s software. As soon as I can get one I will post an update.

Results

Click Image for a larger copy

Click Image for a larger copy

Download Raw Benchmark Data & Graphs

I did not expect to see such a large performance hit over unencrypted, even less so such a similarity in performance between TrueCrypt and PGP. Interestingly PGP had more of a hit on overall performance. Points of interest are the ALU and FPU scores, TrueCrypt AES being the least system intensive, and the fact that PGP has the best HDD performance.

Here it is flipped

l????d?l?/?o??p?????????//:d??? ?? ?l?s?no? ?? ??? ‘p?sn ???? ???? ? s??p? ?s??u???s ??? ?o ?uo ?lq?qo?d s? s???

EDIT: OMFG, doesn’t work here. Oh well, I tried :-O

1. Open a new tab and type “about:config” in the URL bar
2. Type browser.search.def
3. Double click the entry and change to “Google”
4. Type keyword.url
5. Double click the entry and enter “http://www.google.co.za/search?lr=&ie=UTF-8&oe=UTF-8&q=”

This will change searches to use www.google.co.za as this is the url for South Africa, but you could use co.uk for Google UK or what ever the tld is for your Google search. You can also change this to Live search, if you really want seeing is it is better than Yahoo. To do this use “Live” in step 3 and “http://search.live.com/results.aspx?q=”

Excerpt:
Computer scientists have discovered a novel way to bypass the encryption used in programs like Microsoft’s BitLocker and Apple’s FileVault and then view the contents of supposedly secure files.

In a paper (PDF) published Thursday that could prompt a rethinking of how to protect sensitive data, the researchers describe how they can extract the contents of a computer’s memory and discover the secret encryption key used to scramble files.

“There seems to be no easy remedy for these vulnerabilities,” the researchers say. “Simple software changes are likely to be ineffective; hardware changes are possible but will require time and expense; and today’s Trusted Computing technologies appear to be of little help because they cannot protect keys that are already in memory. The risk seems highest for laptops, which are often taken out in public in states that are vulnerable to our attacks. These risks imply that disk encryption on laptops may do less good than widely believed.”

Scary stuff, what frightens me even more is they figures out how to remove the RAM from a machine without it loosing it’s state

Excerpt:
Well, not so fast. Another interesting technique that Thursday’s paper describes is how to supercool the RAM chips with a can of compressed air held upside-down. Then the cooled memory can be physically extracted and inserted in another computer owned by the attacker. (If the memory is permanently affixed to the motherboard, there are still other methods [PDF] that can be used.)

The paper states:

Contrary to the expectation that DRAM loses its state quickly if it is not regularly refreshed, we found that most DRAM modules retained much of their state without refresh, and even without power, for periods lasting thousands of refresh intervals. At normal operating temperatures, we generally saw a low rate of bit corruption for several seconds, followed by a period of rapid decay. We obtained surface temperatures of approximately ?50 degrees C with a simple cooling technique: discharging inverted cans of “canned air” duster spray directly onto the chips. At these temperatures, we typically found that fewer than 1% of bits decayed even after 10 minutes without power. To test the limits of this effect, we submerged DRAM modules in liquid nitrogen (ca. ?196 degrees C) and saw decay of only 0.17% after 60 minutes out of the computer.

Gutmann, the New Zealand computer scientist, previewed this kind of attack in a 1996 paper that said: “To extend the life of stored bits with the power removed, the temperature should be dropped below -60 degrees C. Such cooling should lead to weeks, instead of hours or days, of data retention.”

Holy crap. Wish I had the time to actually try this, would be involving a good amount of hackery.

Translation: If you use an encrypted file-system and want privacy and security when you’re not using your computer, you need to shut down your computer and wait a few minutes for the RAM contents to vanish. Another option for sensitive files is to use an encrypted volume like a PGP disk and unmount it as soon as you’re done.

Something very important to take away from this is Sleep/Hibernate is very BAD. This makes me laugh at all those Apple fanboys that keep on saying I never turn of my machine, just put my Mac to sleep and when I need open it again. I will says thanks to Microsoft for the unreliabilty of their sleep technology I never (well almost never) use the sleep function if I am in motion. The only time I use sleep is when at home with my Macbook close by, not out of sight

I will be looking for some tools that can assist with wiping memory to prevent these “exploits” from actually working.

Me being clever: I doubt whether “Use Secure Virtual Memory” will help as that only works for the “Virtual Memory”, not RAM. What is needed is something that can encrypt the RAM before going to sleep and then put the machine in Deep Sleep with its suspend file encrypted. To wake up in this case should require dual authentication like biometric, smart card, usb dongle and a user/password maybe.

PAGE NOT FOUND

Sorry….but the page you are looking for cannot be found This could happen for several reasons:

1. The page may have been reached in error.

2. The page may have moved.

3. The page may no longer exist.

4. The page is on holiday and will be out of the office until next week or when it feels like coming back.

5. The page was considered redundant and was given a raise so it now works even less.

6. The page performed an illegal operation and was promoted to vice-president.

7. The page was on strike. We are busy negotiating with the unions now for better wages so it can come online.

8. The page is running late. This could be because the taxi’s need to collect at least another 404 passengers.

9. The page is sleeping . After all, this is African time we are talking about.

Was a great lol