Author Archives: Dale

Microsoft Security Essentials Beta Live… Free AV

1 Reply

So Microsoft’s Security Essentials Beta went live today, and I believe is limited to 75,000 users.
I got myself a copy from the MSE site, the beta is available only to customers in the United States, Israel (English only), People’s Republic of China (Simplified Chinese only) and Brazil (Brazilian Portuguese only). Obviously you may find ways around this.

I will install it later and give my opinions, but might want to grab a copy and see what its like.

Here is some information and screenies:

What is Microsoft Security Essentials?

You’re too busy to spend a lot of time worrying about protecting your PC. With Microsoft Security Essentials Beta, you get high-quality protection against viruses and spyware, including Trojans, worms and other malicious software. And best of all, there are no costs or annoying subscriptions to keep track of.

Security Essentials is easy to install and easy to use. Updates and upgrades are automatic, so there’s no need to worry about having the latest protection. It’s easy to tell if you’re protected รขโ‚ฌโ€œ when the Security Essentials icon is green, your status is good. It’s as simple as that.

When you’re busy using your PC, you don’t want to be bothered by needless alerts. Security Essentials runs quietly in the background, only alerting you if there’s something you need to do. And it doesn’t use a lot of system resources, so it won’t get in the way of your work or fun.

security-essentials-beta

mseb

Twinkini… Tweeting from my windows mobile.

Leave a reply

So I am new to all this Twitter stuff, but I do want to keep informed with whats going on whilst I am on the move.
I post a quick Tweet asking about what app to use and I get a response from wmdev. I visit the site they mentioned and I came across Twinkini, and installed the demo.

Seems like a good bit of kit, easy to use, good configuration, even has a tweety noise when someone tweets ๐Ÿ™‚ what more could you possibly ask for.

All being well this will be my mobile tweeting tool of choice, thank you Twinkini.

twinkini

Bing… and your search query is done.

1 Reply

bing http://www.bing.com/

So Microsoft has released a new search engine, and its called Bing. Now apparently we need a new search engine, because we have evolved as Intertube users, and the other search engines are just not cutting the mustard.

So Bing is not a normal search engine, its a decision engine. So this means its all intelligant and knows what I am thinking and might search for. Pitty its not good at helping me with my spelling like Google when searching ๐Ÿ™‚

Seriously though, it does what it says on the tin. I like the layout and the preview video bits you get a the top, and related searches on the left. The only thing that springs to my mind is, why do I use this and not Google? The answer, I dont think there is one.

I might spend the week searching in both, and see if I end up wanting to Bing instead of Google.

Cloud Computing, will organisations consider security?

1 Reply

So cloud computing is one of the current buzzes going around. So the idea is that you move your content and have services delivered over the Intertubes. There are the obvious benefits for an organisation, scaleable on demand services, possible reductions in cost, and someone else takes care of all the headaches.

Lots of companies have been doing this for a while, such as the likes of Message Labs and their offering of mail filtering in the cloud, and it is a good efficient service. Now more and more people are jumping on the band wagon, offering storage and various other services. So this is all great right……..?

Well, maybe its just me, and maybe I am miss informed, but it gets me a little worried. So lets take our valuable, business critical information, and hand it over to another organisation offering services over the Internet. So I now have a few quid in my back pocket, and I am a happy chapppy.

Then something goes wrong, some crucial data goes missing, the link goes down, the nightmare could take many forms. Not a problem, you have backups, you have logs to review, your know appopriate access controls are in place. Well turns out, perhaps your business didnt carry out enough verification.

I think alot of companies offering these in the cloud services, may not have the robust controls we know and expect in the enterprise, and when you come to carry out your post incident investigation, you may find your investigation is seriously imparred.

This comes down to not really knowing where your data is stored, who is having access, whats backed-up and when, the list goes on. I guess I am just paranoid, and some may argue there isnt much difference this and standard outsourcing. The important thing is to ensure InfoSec is given due consideration, plan ahead as to how you would handle an event / incident, what resources you will need. Also consider where the data will be stored, where ownership sits, legal implications, compliance and regulatory issues as well has how outages will be handled.

I am sure this all seems obvious to us as InfoSec professionals, however we know that organisations fail to take care of security basics like OS and applications patching.

Kon Boot. Modify the kernal and walk right in the front door.

4 Replies

Thanks to Patrick at Risky.biz a few weeks ago I heard about Kon Boot.

More info on Kon Boot is below, but in simplistic terms you can boot of the ISO via floppy, cd, or usb and Kon Boot will analyse the Linux or Windows kernel during the boot process. You can then simply enter with a “blank” password at the normal login process and your on as admin. Obviously this will not give you the password, it is simply a bypass mechanism, but I can certainly see how this will be handy, and could be a handly alternative to something like Ophcrack.

Obviously this will raise some concerns, so using techniques such as using a bios password, hard disk password, total drive encryption will add some hurdles in allowing this type of software to be used. That said its a great tool, and well worth experimenting with.

About Kon-Boot

Kon-Boot is an prototype piece of software which allows to change contents of a linux kernel (and now Windows kernel also!!!) on the fly (while booting). In the current compilation state it allows to log into a linux system as ‘root’ user without typing the correct password or to elevate privileges from current user to root. For Windows systems it allows to enter any password protected profile without any knowledge of the password. It was acctually started as silly project of mine, which was born from my never-ending memory problems ๐Ÿ™‚ Secondly it was mainly created for Ubuntu, later i have made few add-ons to cover some other linux distributions. Finally, please consider this is my first linux project so far ๐Ÿ™‚ Entire Kon-Boot was written in pure x86 assembly, using old grandpa-geezer TASM 4.0.

Updated – 30-6-2009. KonBoot can now Reset the Windows and Linux passwords:

No special usage instructions are required for Windows users, just boot from Kon-Boot CD/Floppy, select your profile and put any password you want. You lost your password? Now it doesnt matter at all.

Floppy Image รขโ‚ฌโ€œ FD0-konboot-v1.1-2in1.zip
CD ISO Image รขโ‚ฌโ€œ CD-konboot-v1.1-2in1.zip

Or read more here.

Adobisoft? Adobe are going to release quarterly updates on the 2nd Tuesday

Leave a reply

Over recent months Adobe have had several issues with Reader vulnerabilities, and have caused organisations no end of issues testing and deploying the updates.

Now Adobe have decided they need to take a similar approach to Microsoft and release routine updates, and they plan to do this on the 2nd Tuesday of each quarter, starting this summer.

The Adobe Reader issue sparked “a lot of conversation internally at Adobe from executives to testers and developers” and ultimately led to the permanent changes to Adobe’s software security approach, Arkin said. “Everything from our security team’s communications during an incident to our security update process to the code itself has been carefully reviewed,”

Read the Adobe and Microsoft Blogs to read more from the source.

Personally I think this is a good thing, I know we all laugh and joke about patch Tuesday, but at least its a reasonable approach to security patching, and its working, so I think Adobe have alot to gain from working with MS on this. I also think in some way it can make our job a little easier, as we can plan for the releases, or at least expect them.