[SecurityRatty] tag: recovery

Will technology drive global recovery?

Tue, 18 Nov 2008 21:00:00 +0000

In achieving these goals we all got sloppy and missed numerous opportunities to utilize technology to benefit society, our county, our daily lives and last but not least our employer.

Most Spam Came from a Single Web Hosting Firm

Mon, 17 Nov 2008 02:11:07 +0000

Really:

Experts say the precipitous drop-off in spam comes from Internet providers unplugging McColo Corp., a hosting provider in Northern California that was the home base for machines responsible for coordinating the sending of roughly 75 percent of all spam each day.

Certainly this won't last:

Bhandari said he expects the spam volume to recover to normal levels in about a week, as the spam operations that were previously hosted at McColo move to a new home.
"We're seeing a slow recovery," Bhandari. "We fully expect this to recover completely, and to go into the highest ever spam period during the upcoming holiday season."

But with all the talk of massive botnets sending spam, it's interesting that most of it still comes from hosting services. You'd think this would make the job of detecting spam a lot easier.

Lenovo Introduces Protection and Data Recovery Services

Thu, 13 Nov 2008 21:00:00 +0000

Lenovo Friday introduced two new service offerings -- PC protection service that insures Lenovo notebooks from accidental damage and Data Recovery Service that rescues users' data from a faulty hard disk.

i365 offers new backup capabilities for SMBs

Thu, 13 Nov 2008 02:00:00 +0000

Data backup vendor i365 is adding enterprise-class data backup and infrastructure disaster recovery capabilities to its products aimed at small and midsized businesses.

Barracuda bites into backup and disaster recovery

Wed, 05 Nov 2008 21:00:00 +0000

Security appliance vendor Barracuda Networks has bought BitLeap, a seller of backup and disaster recovery services.

Hardware Keyloggers use detection and mitigation Phreaknic Presentation slides posted

Sun, 26 Oct 2008 13:26:51 +0000

Phreaknic was a great time this year, as always. I've posted the slides from my hardware key loggers presentation at the above link.
I'd like to thank the following people:

Sky Dog and crew for making it happen.
Droops/Morgellon for their presentation on Arduino, time for some hardware hacking.
Sorteal for showing me the LiVes Open Source video editor.
Marie for the dance and conversation.
TRiP for an excellent talk on the legalities of wardriving.
HandGrip/Buttstock for the Open Source AK-47 talk.
All the folks who let me interview them.
DOSman and Zack form being DOSman and Zack.
Lee Baird and John Skinner for comparing mobile hacking notes with me (Yippy hacking with the iPhone / iPwn).
Ziplock for the encouragement.
Int 80 for the Nercore entertainment.
Scott Moulton for the talk "At Least TEN things you didn't know about your hard drive!" Go check out his forensics and hard drive recovery videos.
Nathan Hamiel/Shawn Moyer for "Satan is on my Friends List: Attacking Social Networks", looks like I need to get into some CSRF.
Darren, Shannon and Mubix of Hak5 for the interview.
operat0r for the Ettercap ideas.
Brian for driving me down.

And everyone else I'm forgetting. It was a great weekend.

Hardware Keyloggers use detection and mitigation Phreaknic Presentation slides posted

Sun, 26 Oct 2008 13:26:51 +0000

Phreaknic was a great time this year, as always. I've posted the slides from my hardware key loggers presentation at the above link.
I'd like to thank the following people:

And everyone else I'm forgetting. It was a great weekend.

Ex-Pentagon Geek Plots Disaster Relief 2.0

Thu, 16 Oct 2008 14:04:00 +0000

Linton Wells used to be one of the Pentagon geeks-in-chief. Now, he's trying to encourage the Defense Department to network with relief agencies, civic organizations and the private sector in order to reboot disaster recovery.

Symantec details grand product-integration scheme

Wed, 15 Oct 2008 00:00:00 +0000

Symantec's Open Collaborative Architecture is an ongoing project that combines its endpoint security suite and backup and recovery products with asset management offerings obtained via the Altiris acquisition late last year.

Debunking the Latest Fear Mongering News on WPA security

Mon, 13 Oct 2008 05:07:51 +0000

I had been meaning to write about recent exaggerated claims that WPA security had been hacked, but George Ou beat me to it. The buzz comes from Elcomsoft's Distributed Password Recovery. The innovation is that they use NVIDIA GPU acceleration for password cracking and can distribute the crack across a network to multiple clients and their NVIDIA GPUs. The GPU acceleration, they claim, "reduces password recovery time by a factor of 20." They also take the unfortunate approach, in a press release, of massive gains in cracking WPA and WPA2 protection, and that they can "...break Wi-Fi encryption up to 100 times faster than by using CPU only." 100 times! 2 orders of magnitude! That must be a lot, right? Well, probably not. This is where George Ou calls shenanigans. First, he points out that this only affects password protection systems that rely on password complexity, and that, as a general rule, the time involved is proportional to the complexity of the password. So if your password would normally take a million years to crack, it would take 10,000 years with this system. Draw your own conclusions. He also points out, just to get past the WPA buzzwordism, that this is a more general attack mechanism and could, for example, be used against certain VPN systems. With respect to WPA/WPA2 specifically, the attack is generally useful only against home users, because they are generally the ones using PSK (Private Shared Key) authentication. "It has zero affect enterprise mode WPA deployments which use TLS protected authentication such as PEAP or EAP-TLS. Internal LAN authentication schemes such as NTLM and LDAP are also significantly weakened. SSL authentication schemes are not vulnerable to this particular attack." If you are relying on password complexity for protection then his advice, and mine, is old news: first, if you're a business, perhaps you should be using a TLS-based authentication system. Also, you should make sure that your passwords are sufficiently complex and changed often enough. Ou has some specific advice about this in his column, but as he says, there are usually easier ways to get passwords (like offering people chocolate for them) than to spend years cracking them with thousands of dollars of computing power.