Safe / Secure / Systems : Internet and Data Security for Regular People: November 2010

Tuesday, November 23, 2010

Firefox Saves the Day

I just got to see a new feature in Firefox 3 at work, and it's pretty cool.

I had an email in my GMail spam folder that looked like this:

Looks pretty legit, right? The link text appears OK. However, the actual link looks something like (part of the URL intentionally deleted):

http://smtp.cremadescalvosotelo.com/bankofamerica=JSPR53/e-online-banking...

So obviously it's at best a personal information phishing site. Well, I decided to see where that would take me, so I clicked on it. However, Firefox saved me from myself:

Clicking on the "Why was this page blocked?" button shows this:

I tried this in Internet Explorer and I'm happy (and a bit surprised) to report that it gave a similar "you really don't want to go there" message.

However, even though our browsers sometimes try to protect us from ourselves, links in emails should never be clicked on. If you get a message from your bank that wants you to log in for whatever reason, go to your browser and type in the URL that you know to be the correct one for your bank (if you don't have it bookmarked) rather than click on anything in an email.

Friday, November 19, 2010

Stuxnet Worm - still in the news

I have posted three times about the Microsoft Windows "Shortcut (LNK)" vulnerability since July. A lot has transpired since then; it's been found to be one of six security issues in Windows that are leveraged by the Stuxnet worm (some of which were previously unknown in the security community).

Stuxnet is in the press right now as being one of the most serious security threats ever unleashed, and is said to be a sort of "new animal" in cyber-warfare. I'll provide some links for further reading below, but the apparent intent and sophisticated behavior of Stuxnet is so, well, awesome (in a bad way) that I do want to summarize what's been learned:

Its targeted behavior is very specific - although it propagates via Windows (using USB memory sticks and/or network connections), its ultimate target is a particular brand of industrial controller computer made by Siemens, that are network-connected to those Windows systems
Not only is it Seimens "SCADA"-system specific, but its end target are "variable-frequency drives" made by two specific companies, that regulate the speed and operation of electric motors
Only motors that are programmed to run within a specific speed band are targeted
The speed band corresponds to speeds used by uranium refinement centrifuges
The end result is that Stuxnet causes those motors to periodically overspeed and underspeed

It's still not known who wrote Stuxnet, but there is universal agreement that its sophistication and complexity are unprecedented, and unfortunately is probably the first shot fired in a new level of cyber-warfare.

As promised, here are some links if you want to dig deeper:

I promise we have not heard the end of this "worm".

"Shall we play a game?"

Disclaimer

The information contained in this Site is provided in good faith by the author for general guidance on matters of interest only. Given the inherent hazards of electronic communication, there may be omissions or inaccuracies in information contained in this Site. As a result, the information on this Site is provided with the understanding that the author is not herein engaged in rendering any professional advice and services. As such, it should not be used as a substitute for consultation with professional and competent advisors. Before making any decision or taking any action based on the information contained in this Site, you should consult a professional who is competent in providing professional advice in information technologies.
While the author has made considerable effort to ensure that the information contained in this Site is accurate, the author is not responsible for any errors or omissions, or for the results obtained from the use of this information. All information contained in this Site is provided "as is", with no guarantee of completeness, accuracy, timeliness or the results obtained from the use of the information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability and fitness for a particular purpose or product safety of any kind. In no event will the author, his or her related partnerships or corporations, or the partners, family members, agents, employees or employers thereof be liable to you or anyone else for any decision made or action taken in reliance on the information contained in this Site, or for any indirect, consequential, special or similar damages including, without limitation, permanent loss or corruption of data, physical or emotional sufferings, moral standard corruptions, damages for loss of goodwill or self-esteem, loss of customers or market share, breach of security, permanent or temporary loss of employment, permanent or temporary loss of connectivity to the Internet, work stoppage, loss of income, computer related fires or other mishaps, computer failure or other malfunctions.
Certain links in this Site connect to other Web Sites maintained by third parties over whom the author has no control. These links are for general guidance on matters of interest only. The author makes no representations as to the accuracy or any other aspect of information contained in other Web Sites. The provision of these links should not be interpreted as constituting any kind of endorsement, whether implicit or explicit, of the views and/or contents of such other Web Sites.

Safe / Secure / Systems :
Internet and Data Security
for Regular People

Tuesday, November 23, 2010

Firefox Saves the Day

Friday, November 19, 2010

Stuxnet Worm - still in the news

Followers

Blog Archive

About Me

Disclaimer