<<To subscribe to the newsletter>>
NEWSLETTERS
NOVEMBER 2006
Why and How to use security cables to secure computers and peripherals.
Cable description
There exists a variety of different anti-theft cables (cable locks), but mainly there are 2 families :
- Anti-theft cables with key-locks
- Anti-theft cables with numerical combinations
The tendency nowadays is numerical combination cable locks to avoid the managing of multiple sets of keys.
TOP 5 STOLEN EQUIPMENTS
- Laptops
- LCD screens
- Desktop computers (small form factor)
- Network hard drives (NAS), external, etc…
- Multimedia projectors
Why and by whom are these specific equipments stolen?
90% of stolen property buyers are adolescents or young adults that do not have the means to acquire new equipments.
- laptops and small form factor desktop : easy to steal, convenient to conceal, strong resell value, in big demand
- LCD screens : easy to steal, convenient to conceal, good resell value, to go with the week earliers stolen laptop or to replace an old burnt out monitor.
- Network hard drives and external hard drives : major components of a home entertainment system to copy and share DVD’s due to Gigabit and firewire connections.
- Multimedia projectors : to make your own panoramic home entertainment system
A new tendancy in student's dormitories is emerging
- illegal movie downloads (before or during the first week in theaters) and private showings
- The use of stolen color laser printers to make homework easier without even leaving your room (illegal copy center)
DIFFERENCES BETWEEN CABLES
CABLE LOCK WITH KEY
We suggest that you use cable locks with different keys and a strict management of the keys (keys in circulation and the doubles). This choice is more constraining but offers the highest level of protection, as long as you secure the box containing the keys.
CABLE LOCK (KEYED ALIKE)
Easy to manage… but in the case of a mishap, a loss or a theft of one key the whole system could be at risk. This solution is usually used for equipment that is inanimate (desktop computers, projectors, LCD screens, etc…)
CABLE LOCK WITH MASTER KEY
Each key is different for each cable but one master key allows access to every cable in case a problem occurs. Same security risk as with the keyed alike cable locks since the lock pattern share identical characteristics between all the keys. Which makes it easier to forge a master key. You must still rigorously manage a box of keys. In a few words choose a key-alike solution it is cheaper and easier to manage without aggravating the security level.
NUMERICAL COMBINATION LOCKS
No key management, but demands a database of all the combinations. For the STOP anti-theft tags (COMPUGUARD) users a simple (or complex) arithmetic operation allowing the user or the maintenance technician to find the combination by reading the anti-theft tag code. The I3RS secure database joined with the anti-theft tags offers a field to keep track of the combination numbers for each equipment. For organizations that use handheld barcode readers a simple scan of the barcode on the anti-theft tag will allow the maintenance technician to see the cables combination.
To this day, in our eyes, combination cable locks are a sure bet. They offer an easy management and a good anti-theft solution.
FACING THE DILEMMA
There exist many different types of numerical combination cable locks with 3, 4 or even 5-wheel combinations. All these systems are good, statistics prove this fact :
- either the thief is detered at the sight of the cable
- either the thief will use brutal force (by cutting, or ripping off)
- but the thief will never waste time searching for a combination
Except the thief will make bigger efforts to forge or steal a keyed alike or master key.
Watch out for technology traps (Gadgets)
Certain cables are associated to 120dB sirens that have motion or distance detectors (for traveling or displacements) There are 2 factors to take into consideration:
- Managing the replacement of the battery either on a fixed date or when it is empty
- To get the maximum efficiency the user must always activate the system when traveling.
These solutions are excellent against the “grab and run” except that after 3 involuntary soundings of the alarm the user will usually not turn back on the device since the alarm can be a nuisance to other travelers.
ANTI-THEFT TAGS vs CABLE LOCKS
Their respective strength to deter and stop theft before it happens are cumulative to ensure the protection of your property.
A damaged casing will not stop the buyer of stolen property if brutal force is applied on the cable to dislocate the security slot on the computer, .... but the anti-theft tag will make the computer impossible to resell and traceable by law enforcement agency.
*******************************************
OCTOBER 2006
Downloading and Rights : Legal risks of Hacking
If you do not respect the law, surrounding Internet downloading, you could be considered a counterfeiter. People who share their music illegally over the Internet are like thieves and run the risk of being sued by the licensees.
Hackers and counterfeiters are usually condemned in court.
If hacking is forbidden then is a private copy legal?
Generally in most countries, you can duplicate store-bought CDs or movies as long as it is for personal use and not for profit making (meaning resell).
Without infringing the law it is possible to make a compilation CD from several store-bought CDs or contents downloaded from a recognized distributors website .
As for music file downloads you may only download those that are legally distributed. This also applies to video files or video games that can also be available through P2P sharing.
Otherwise it is considered an illicit file and the reproduction of this file onto your hard drive becomes in itself an illegal act. Therefore you risk becoming a culprit of counterfeiting and concealment if you know the fraudulent origin of the files. Jurisprudence extends this concept of responsibility to the networks corporation or administrators who leave these contents at disposal on the LAN or WAN.
Note :
Always verify that the site you are downloading from is a recognized distributor and make sure that you do not make these same files available over the Internet without having received the proper authorizations.
Downloading and Computer security
Copying and transmitting music files exposes your computer to several security risks.
1- Viruses, Trojan Horses and other destructive elements :
Non-authorized files that are suppose to be music files are often of another nature. They can have within themselves programs, undesirable links or scripts that can damage your system.
2- Spywares :
Certain peer to peer (P2P) softwares can contain spyware programs that allows the user to collect information from your computer and will then send you non requested publicity and other files whose suppression is often long and damaging to your computer.
3- Firewall Rupture :
Peer to peer (P2P) file transfer programs may require the opening of certain ports (1214, 6346, 6347, 6666, 6699, 7777, 8888 and others) between your computer and your network. This will cause a glitch in the firewall that you normally are using to protect your computer and it will also expose your system to multiple risks.
4- Firewall bypass
Certain professions and organizations (newsrooms, grands reporters, ONG, etc.) leave more freedom to their traveling employees concerning the contents tolerated on their computer and in the methods of connection to the corporate network. Some machines may be infected by a clever program of "intermediary P2P" type to share contents protected by copyright.
Legal solutions for downloading :
In order to be certain of the musical or video contents you wish to download onto your computer, many legal websites now offer a downloadable version of the song for a payable now fee. This will ensure that the content you receive is protected against any risks.
Downloading alternatives :
Online radios offer an infinite variety of choices and types of music. There exists programs (for a reasonable price) that allow a whole corporate network to share safely and legally these radio stations.
Precisions on the DADVSI law (French) it means in english ''law on authors rights and related rights in the information society".
Following our part 1 in last months newsletter we have received many questions regarding this subject. We suggest that you verify with the judicial department of your organization to see what could be the impact on your operations.
Example :
A zone 1 DVD which belongs to your organization will not be legible in France!!!! The fact of having a software for "ripping" to "de-zone" your DVD and make it legible in France is totally illegal, even if the intention is not criminal.
Numerous expatriates continue remote training by using P2P software to share their resources with their students or to have acces to the universities resources ....... having possession of or using this type of software is illegal in France.
*******************************************
NEWSLETTERS ARCHIVES
ANNOUNCEMENT
Introducing the first Keylogger working on MAC & PC
September 27,28 & 29 - 18eme colloque annuel AICQ
Hôtel Val-des-Neiges, Mont-Ste-Anne, Québec, Canada
Or contact us
KEYPhantom USB Hardware Key Loggers :: WORKS ON A MAC!!!
KEYPhantom USB : The ideal key logger for internet monitoring. This stealthy USB keylogger works on USB keyboards for PC and MAC computers. KEYPhantom records every keystroke typed on your computer (over 256,000 strokes) including e-mail, chat, IM, internet addresses and more. The KEYPhantom USB key logger is the perfect solution for monitoring children, husband/wife/boyfriend or girlfriend and employees' online activities.
A KEYPhantom keylogger is the easiest way to monitor your PC or MAC. Simply unplug your keyboard and plug the KEYPhantom into the USB port. Then plug the keyboard into the KEYPhantom and it's ready to record. There is no software to install! As keys are typed the data is stored inside the device. When you want to see what's been recorded simply open any word processor or text editor (Microsoft WordPad recommended) and type your password. The KEYPhantom keylogger will display a menu allowing you to view what's been recorded.
System Requirements:
USB keyboard connector (works with both high & low speed USB). Works on PC (Windows) & MAC!
KEYPhantom - USB Hardware Key Logger
Features:
> World's only high & low speed USB key logger
> Plug & Play key logger - no software to install!
> Basic Encryption
> Records more than 256,000 keystrokes (about 164 pages)
> Works on PCs & MACs with USB keyboards
> Works with any word processor / text editor
> CANNOT be detected or defeated unlike software key loggers
Help Guard Against
Online Predators
Espionage
Low Productivity
Employee Fraud
Data loss from computer crash & power failures
Who's Using KEYKatcher ?
Concerned Parents
Forensic Investigators
Executives
IT Professionals
Schools
Private Investigators
Writers
Law Enforcement
*******************************************
NEWSLETTERS ARCHIVES
SEPTEMBRE 2006
DOWNLOADING LEGAL OR ILLEGAL?
How to download legally? Part 1
- Questions/Answers on peer-to-peer
- Downloading : definitions
- Downloading legal or illegal?
With the proliferation of freely accessible Internet contents, but not free of copyright, managers (IT, IT's security, etc...) must now take into account 2 types of vulnerability:
1- legal responsibility for detention, use and distribution of copyrighted material on a corporate network
2- proliferation of small autonomous programs that list multi-media contents of a LAN to place it on the Internet by using the network breaches.
Our objective for the next two months is to make managers aware about downloading, P2P, intellectual property and copyright concepts. To avoid these vulnerablities each manager must coordinate the corporate resources in order to establish new measures , protocols and controls .
Important notice for our readers who have business in Europe and France more particularly
the DADVSI law (French) it means in english ''law on authors rights and related rights in the information society". It is a bill reforming French copyright law, mostly in order to implement the 2001 European directive on copyright. From an anglo-saxon point of view this law is very coercive and can have an effect on the way that operations are handled in Europe.
Downloading : Definitions
1- What is <<Peer-to-peer>> (P2P) ?
Peer-to-peer (or P2P) downloading consist of exchanging files between computers through a specific software such as <<Kazaa>>, <<Morpheus>>, <<eDonkey>>, <<eMule>>. A P2P network allows it's users to exchange and share all types of files easily, but also continuous multimedia streaming contents such as videos.
2- What different formats are encountered when downloading?
Most common Internet formats are MP3's (music files), suitable for sound compression. We also find other formats such as Windows Media (<<.wma>>) or real networks (<<.rm>>).
For video files there are DivX formats (<<.avi>>) or XviD which are the same kind of formats. They allow you to transfer DVD information onto CD-Roms.
Important : To be able to read and support all these file types you must have the necessary software on your computer.
3- What are Royalties?
Royalties are typically a sum of money to be paid to the owner or Licensor of intellectual property IP Rights for the benefits derived, or sought to be derived by the user (the Licensee) through the exercise of such rights. Royalty (the word is usually used in the plural - royalties) may be paid for the use of copyright, patent, registered design, knowhow or trademark or a combination of all of them. However, the term royalty has also much wider application and can cover mining royalties, performing arts royalties, and many others.
Thus to be able to publish on a Web site numerical artworks, whatever they are (photos, tables, poems, texts, songs, etc), or to be able to copy them from the hard disk (for a use other than strictly private) or even to consult them (otherwise on a purely private basis), the user must obtain beforehand a written authorization of the rights holder of the artwork, which precisely mentions the authorized use.
Downloading legal or illegal?
1- Does every piece of music have rights?
All musical works and their recordings are protected by rights and royalties. Those of authors / writers fall in the public domain 70 years after their death. Those of artists or recording houses, 50 years after their recording.
2- How can I know if what i am doing is illegal?
According to the law, and except exception, it is prohibited to copy, adapt, translate, play, diffuse on the radio or to put at anyones disposal an Internet file without having the right authorization.
3- Do I have the right to copy music to resell it?
No. The fact of using art, even freely, requires the acquisition of preliminary authorization of the rights concerned.
4. Do I have the right to make copies for private use?
Yes. This is valid only for the copies you will make a strictly personal use. That means that once the copy is made it can not be given, or even less sold. Copying a disc to offer it to a friend is prohibited. The same applies for protected file sharing on the Internet as millions of people could reach your music. It is then under no circumstances a private copy, but a reprehensible public provision by law.
The term “copy for private use” applies only to videos or musical contents.
Software copies are strictly prohibited.
5- What can you legally do with a store-bought CD?
The CD belongs to you but not the contents inside. You are legally allowed to listen, lend or resell it, but you are not allowed to copy it for selling purposes.
6- I want to download some songs to know if I am going to buy the album.......
It is possible but only if you have the legal owners authorization. To avoid being illegal use online music stores that have demos you can listen to for free before making your selection (walmart). Whether you download one or a million songs it is still illegal.
7- Am i allowed to download a song if it is accompagnied by the terms "To be erased in 24 hours" or "For evaluation only" ?
No. This warning has no legal standing. Without the licensees permission no music file can be transmitted or downloaded.
8- So file sharing is completely illegal ?
If the file contains artwork protected by copyright laws, without the legal owners authorization it is illegal to download it.
On the other hand if all parties accept that a song or movie be shared publicly then it is considered a peer-to-peer file transfer. Peer-to-peer technology is not illegal it only allows you to share files that you have rights over such as personal photos or documents.
*******************************************
NEWSLETTER JUNE, 2006
WHAT IS A KEYLOGGER ?
A keylogger is a type of surveillance software or hardware that has the capability of recording every keystroke you make to a log file. A keylogger recorder can record instant messages, e-mails, and basically any information you type at any time using your keyboard. The log file created by the keylogger can then be sent to a specified receiver. Some keylogger programs will also record any e-mail addresses you use and website URL's you visit.
TYPES OF KEYLOGGERS
There are two types of keyloggers : hardware and software keyloggers
1- Hardware keyloggers are small inline devices placed between the keyboard and the computer. Because of their size they can often go undetected for long periods of time, however, they of course require physical access to the machine to retrieve the data. These hardware devices have the capacity to capture hundreds of keystrokes from the keyboard. Examples of these devices are Keykatchers, Kernels, Keyghosts, etc. Hardware keyloggers require no computer knowledge for installing and exploiting information, they leave no trace, they do not consume the systems resources and access is blocked by a password.
2- Software keyloggers are installed on the computers hard drive. By physical access to the machine or by installing an "exe" file sent by e-mail, a USB key installation or copied from another networked computer. The software records every keystroke made on the keyboard and saves them in a "Log" file that the hacker can later consult.
HOW TO PREVENT KEYLOGGING?
To protect yourself against keylogging there are many ways.
HARDWARE KEYLOGGERS
- Visually verify the presence of an unknown peripheral before every session.
PASSWORD PROTECTION
- Use a virtual keyboard to type in your passwords (application that works with the mouse)
- Touch screen with virtual keyboard
- Install a password manager that requires the user to type random characters of the password following the rules on the screen. The hacker could reconstruct the password by trying different combinations.
- Use a biometric access control
GENERAL PROTECTION
Install activity detection software
- Signature based anti-keylogger : these applications typically identify a keylogger based on the files or DLLs that it installs, and the registry entries that it makes. Although it successfully identifies known keyloggers, it fails to identify a keylogger whose signature is not stored in the database.
- Hook based anti-keyloggers : These keyloggers use the Windows function "SetWindowsHookEx" to monitor the system for certain types of events and record them. If you disable this function the keylogging software will not generate any logs at all of the keystroke capture so the hacker will only receive a blank document... Note : the network administrator will receive the same empty log file that won't help at all to manage the system or to resolve hardware and software conflicts.
- There exists Kernel-based-keyloggers - to this day they are still the hardest activity to detect and stop.
Keyloggers both, hardware and software, are basically designed to capture what a user types on the keyboard.
These recommendations also work for software recording computer activity. These softwares are very greedy with the systems resources and some basic measures can be taken to prevent it :
- Verify that the RAM was not addes on a suspected machine
- The machine becomes abnormally slow
- When possible lock the access to internal components using special screws or bolts
- Supervise the bandwidth used by the infected computer, since the keylogger must report back to the hacker.
- Buy software keyloggers and make sure your network activity controller analyzes all signatures. It will be easy to prohibit these actions, to isolate the "faulty" computer and to confirm the veracity of the alert by verifying the machine.
Integrated softwares such as anti-viruses, firewalls, anti-spywares are very useful in detecting suspicious activities on a computer. Common sens and few physical security measures help to keep buggers away from a computer because there is always a human activity behind a hardware or software keylogger, someone has to install it like a microphone that will retransmit conversations to a remote receiver.
CONCLUSION :
In this case cyber-criminality passes by traditional methods to ''bug'' the targeted computer.
Convergence of cyber security with physical security, it is imperatively necessary to work as a team to standardize the safety procedures, access control to a building, employee background checks, contractors, consultants, targeting people at risk (players, drinkers), CCTV information sharing, etc...
*******************************************
NEWSLETTER MAY, 2006
What is a Phishing scam?
Phishing is a form of online identity theft that employs both social engineering to steal consumers personal identity data and financial credentials. Social engineering schemes use "spoofed" emails to lead customers to counterfeit websites, most often they will imitate financial institutions designed to trick recipients into divulging data such as account numbers, passwords, social security numbers and user ids.
* Any HTML webpage can be modified to suit a phishing scheme.
Html-formatted messages can contain links or forms that you can fill out just as you would fill out a form on a legitimate website. The links that you are urged to click may contain all or part of a real company's name and are usually "masked" when in fact it takes you to a phony website.
Example : "click on the link below to gain access to your account"
These emails are generally sent out in large bulk mailings, hoping that a percentage of the recipients have an account with the real organization. A scam artist can then easily have access to your bank account. They can then transfer your money into another account or use the necessary data and intelligence to retrieve all of your personal information.
How to prevent phishing :
If you receive a message coming from your bank or your access supplier, it is imperative that you verify the following information
- Does this establishment have my email address?
- Does the message have any personal elements that allows you to determine the authenticity of the website (client number, agency number, known contact, etc...)
In any case of doubt it is recommended to follow these advices :
- Do not directly click on the hypertext link in the email, open it trough your web navigator bar by writing the address in by hand.
- Keep an eye out for financial forms. It is very rare (almost impossible) that a bank will demand personal information through your email account. Before filling it out communicate with your bank first to verify the authenticity of the form and the source.
- Always make sure that your navigator is in lock mode (security mode) meaning :
- That the webpage starts with "https"
- Check the security certificate when you are entering personal or financial nformation into a website. Before doing so you can check the lock icon on the status bar.
- That the name on the site corresponds to the one being announced (identical spelling).
*******************************************
NEWSLETTER APRIL, 2006
What is spyware?
A spyware is defined as any software that covertly gathers user information or navigation over the web through the user's Internet connection without his or her knowledge, usually for advertising purposes.
This harmful program needing an Internet connection for the transmission of data generally slows down your Web navigator, very often it will cause bugs and open safety breaches which can endanger your computer.
Spywares can also gather information about passwords. It also can steal from the user by using the computers memory resources eating bandwidth connections, crashing your system or just having general system instability.
Spyware exists as an independent executable (.exe) or DLL (.dll) program, its installation and execution mainly occurs when you download software known as "freeware", such as "Kazaa" for example, at the time of the ActiveX control installation or quite simply without your knowledge like a virus. This program is then carried out when starting up Windows and permanently mobilizes resources on your computer. In order to collect certain data, these spywares can be brought to modify vital files and lead to important dysfunctions.
They can also install other spyware programs, consistently relaying this information back to the spyware author who will either use it for advertising/marketing purposes or sell the information to another party
How to protect yourself from spyware?
This is truly a difficult task, anti-viruses cannot detect the presence of a spyware since it recognizes only the viruses whose signatures were identified beforehand. However, a spyware is not a virus.
A firewall will not detect spywares either since the general purpose of it is to analyze the incoming data and not those which are emitted by the computer.
The simplest way to detect the presence of a spyware is to proceed by indirect means such as looking at it's activity, the presence of a characteristic file or the name of a suspicious software.
There exists many websites indexing existing spywares and thus allowing you to detect possible presences on your machine. In order to detect the presence of spywares on your computer, there are available antispywares that are simple and easy to use. These programs are offered for free online but we suggest that you purchase (pay) one. These antispywares will offer an increased safetyrating in real time and allows the blocking of other unwanted spywares. Would you work well for free?
Also available for free, the Spybot antispyware which works along the same lines as Ad-Aware http://beam.to/spybot
There are also many antivirus fabricants who offer antispywares that are incorporated into their software (PandaSoftware) for example.
*******************************************
NEWSLETTER MARCH, 2006
What is a Firewall?
Firewalls make it possible to filter incoming and outgoing traffic that flows through your system (Internet or internal networks). Firewalls are to protect and insulate the applications, services. and machines of your internal network from unwanted traffic coming in from the Internet. They can also be used to limit or disable access from hosts of the local area network to services of the Internet.
A computer using more than 25000 ports to communicate (example : Port 80 is used for displaying web pages) has that many open doors into your computer.
A firewall allows you to close all those ports and make your computer virtually impossible to access by outside users.
For security purposes, firewalls have two main objectives :
1) To control and protect internal network computers
- Against non authorized divulging of sensitive information
- Against all different types of viruses
- Against the "Trojan" attackers
2) To protect Internet servers
- Against commands that are dangerous
- Against non-authorized modifications or deletion of your systems files.
How to prevent hacker attacks?
The necessity of protecting a computer against hackers usually means the installation of a firewall. A firewall allows you to protect the ensemble of your sensitive data in your computer (passwords, identities, personal data, etc...) against hackers who are looking to steal them or install softwares that can take control of your computer
In most cases firewalls restrict access to material and software resources to the only authorized personnel and denies every unauthorized users (such as hackers)
ATTENTION
Firewalls are setup by human operators. Since we need to work on our computers, It is impossible to block all 25 000 ports. By giving flexibility to the protection, the administrator of the network makes the system more vulnerable (they have a choice).
The statistics provided by a Firewall on it's own effectiveness is exact, but are far from being right!... in other words it is able to account for it's successes but not it's failures.
A redundant monitoring system must be installed.
A comparison
You unlock the garden's back door to allow the gardener to come and go as he pleases. Your wife finds it quite practical for walking the dog through the lane-way. Your children use it to bring in their bicycle since it is easier than the front door.
All goes well in a perfect world!
Your children invite their friends to pass by the back door, they lay their bicycles in your carrot patches and gather your flowers for their mothers! The firewall functions correctly, but your parameters do not.
******************************************* *******************************************
NEWSLETTERS ARCHIVES
NEWSLETTER, FEBRUARY 2006
WHAT IS SPAM?
Spam (or spamming, junk-mail), is the action of sending publicity or promotional e-mails, generally in bulk mailings, to people who did not accept to receive them.
Generally speaking spam is described as any received messages from mailing-lists, newsgroups or personal electronic letter-boxes , in order to "promote publicity".
Thus they are messages sent in large numbers without prior consent of the recipient. One also more generally speaks about "non-solicited electronic mail".
"Whatever the nature of the message (commercial, political, religious, etc), the prospection by e-mail is irregular if the people concerned did not express their consent through a direct and personal contact for the use of their electronic address at such ends."
HOW TO PROTECT YOURSELF FROM SPAM?
1- Never respond to a spam
Even if it is said there is a unsubscribe option, this is usually not the case.
The spammer is only trying to find out if the e-mail address is valid. If a response is made, the e-mail address will be sold to other spammers who will in turn spam that same e-mail again.
2- Never give your e-mail address on a personal website.
Spammers scan the web with what they call "Robots" (software scripts) and collect e-mail addresses they find and sell them or use for their own personal spamming.
3- Never give your e-mail address to Newsgroups or Forums.
Spammers also collect e-mail addresses from Newsgroups.
4- Never give out your e-mail address without knowing the purpose of it's use
If an e-mail address is requested, it's probably cause the demander is planning on doing something with it. It is always preferable to read the user conditions and respect notices on personal information security on the websites before entering your e-mail information. If there are no notices or warnings on the page it is better not indicate your e-mail address.
5- Use a spam filter or an anti-spam software
An anti-theft software helps to manage electronic messages that you receive and filters out the spam e-mails before they reach your inbox
6- Never buy or use a service that is advertised by a spam
Not only will the spammer know that your e-mail is a valid one, they will also have collected personal information on you (such as your mailing address or your telephone number) that can be used or sold for more interesting uses such as tele-marketers, salesmen or even scam artists.
7- Simple and efficient tips
Spammer's software will look for the easy and obvious addresses first.
When you must leave your email address the automatic Robot will not be able to spread your address throughout the spammers it obliges a manual treatment from the operator.
Example : claude.maillet@nospam.stopoxygen.com or claude_dot_maillet_arobas_ stopoxygen_dot_com
Remember to keep reporting spam to your Internet service provider so they can track key offenders. If we all work together, spam may again become just a canned meat product!
**************************************
Newsletters 2006
Best wishes, health and success to all our clients in 2006
In this edition :
- The following programs for the next 6 months
- Viruses, definitions and protection
Here are a few explications to better understand the vocabulary that is linked to computer security and a few common sense measures to protect yourselves*.
Jan 2006 : What is a data-processing virus and how to prevent them
Feb 2006 : What is spam and how to avoid it
March 2006 : What is a firewall and how to prevent being attacked by hackers
Apr 2006 : What is a spyware and how to prevent them
Mai 2006 : What is Phishing and how to prevent it
June 2006 : How to legally download? (Part 1)
- Definition downloads (viruses)
- Downloading, legal or illegal?
July 2006 : How to legally download? (Part 2)
- Downloading rights : Judicial risks of hacking
- Downloading and your computers security
- Legal download solutions
- Useful links
What is a data-processing virus?
A virus is a program located in another body, once executed this program loads into your memory and instructions from the author of the program are spread throughout your system.
The definition of a virus is as follows: "any computer program able to infect another computer program by modifying it so that it can in its turn reproduce''.
Viruses multiply (for the majority) and insert themselves into your files which you execute since they are present in your memory. The name given to a virus is ' APC' or ' Auto-Propageable Code', by analogy with the medical field, the name "virus" was given to them. Viruses go from the simplest ping-pong ball which suddenly crosses your screen, to the destructive data virus. This last form being most virulent. Being given the range of viruses having very diverse actions, those are not classified according to their damage but according to their propagation and infection.
We can distinguish 3 big virus families :
* Worms are viruses that are capable of spreading throughout a network.
* Trojans (Trojan horse) are viruses capable of creating a rift in your system (generally these viruses are to allow the author full access and control of your system).
* Logic bombs are viruses able to start following a particular event (date system, distant activation...)
For a few years now a new phenomenon has arrived, hoaxes. They are advertisements received via e- mall (for example advertisements with the appearance of a new destroying virus...) accompanied by a note specifying to send the message to all your close relations. The purpose of this process is network clogging as well as misinformation.
How to protect your system from viruses?
Viruses multiply by infecting "host applications", i.e. by copying an achievable portion of executable codes within an existing program and are programmed to not infect several files at the same time. Then the virus integrates into the infected application a succession of bytes enabling them to check if the programs were infected beforehand: it acts as their viral signature.The most effective way to secure possible viral attacks is to install an "antivirus" software onto your computer. This software is able to detect the presence of a virus on your computer before it has time to infect your whole system. To do so, the "antivirus" software uses the specific viral signature attributed to each virus by carrying out a search for those signatures (scanning) within the whole file system of your computer.
After a trace of a virus is found, the antivirus software will then dispose of the virus threats lurking in your system. Once the virus has been eradicated you will then need to follow the procedures of the software for proper cleaning of your computer files.
Choosing an antivirus
We advise you to choose a paying antivirus and which was proved reliable. It is necessary to buy it, renew its subscription each year and to program it for daily virus definition downloads.
Tip:
Viruses propagate from east to west following the course of the day. Check on other continents the availability of good antiviruses. By respecting a basic logic: for an resident of the East coast of America having a European antivirus the chances of receiving an antidote at 09h00 when it arrives at the office are very high... Europeans are 6 working hours ahead in their day (it is not the only criterion to be taken into account)
******************************************* *******************************************
NEWSLETTERS ARCHIVES
NOVEMBER 2005 - SPECIAL ISSUE NEWSLETTER
LITHIUM BATTERY DETECTORS. URBAN LEGEND OR REALITY?
Criminal organizations who specialize in theft and resale of portable computers have lithium battery detectors to locate concealed computers (such as in a car trunk).
Because of this statement we did an investigation with our experts coupled with external experts specialized in chemistry and advanced technology.
Using the periodical table of elements, our knowledge in chemistry and a study on the structure of computer batteries.
- Lithium is a soft silvery-white metal. Lightest of metals. Reacts slowly with water and oxygen. Flammable. Can ignite in air. Reacts with water to give off a flammable gas.
- Lithium does not give off any signs of radiation therefore it is impossible to detect even with a Geiger counter or the equivalent.
- Lithium is used in an inert form when fabricating batteries
- Since computer batteries are sealed lithium can not react with oxygen and even less with water to cause a gas which is detectable by an explosimeter or other gas detecting apparatuses.
To conclude, after consulting with the Montreal Polytechnics School (http://www.polymtl.ca), Zodiac Aeronautics (http://www.zodiac.com) and our specialized ''weird technology'' friends at Thales (http://www.thalesgroup.com).
- YES - solutions exist in laboratories to determine the concentrations, quantities or lithium presence in alloys.
- NO - there is no portable, affordable or instant reading tools to locate weak signs of lithium in a concealed area.
Beware of wireless technologies!
There exists other means of detecting and locating a concealed portable computer.
Despite the metallic mass and conception of an automobile which gives the protection of a Faraday cage, it remains that the radio transmissions are still perceptible even from a few meters away.
Caution to IT administrators and managers. Certain computers continue to emit in cellular radio mode, WIFI or Bluetooth even when in sleep mode. When the communication material's internal circuits stay supplied they continue to emit certain pulses per minute to know if a server is available or another apparel is ready to be matched up in it's operating range.
Why is sleep mode not really a sleep mode? Just to satisfy our personnal needs to instantly have all our services available to us.
Unfortunately we do not have a list of "half sleep" computers available, we advise managers to communicate with manufacturers for more details or to have these functions prohibited by their technical services department.
Beware with Bluetooth
Because of the limited range (approximately 10 m) we have a tendency to feel secure.
Error?
By means of a special antenna it is possible to intercept Bluetooth exchanges from an important distance.
This device is not free but affordable and very profitable for material and information thieves.
The danger comes especially when the apparatuses stay in visible and pairing mode because the systems authenticity is not infallible before connection. So beware of mobile telephones, personal assistants, organizers, etc... Contact the manufacturer to download free security patches.
We advise you to never leave Bluetooth in visible mode, use authenticity codes that are long and complicated, regularly check your paired equipment list, encrypt when transferring files.
For a reasonable budget of approximately 10 000$ an individual with bad intentions will technically be able to intercept this type of communication from out of transmission range.
Once again use an encrypting program when transferring files.
An excellent article on this subject is available at : http://www.securityfocus.com/infocus/1830 and at : http://www.securityfocus.com/infocus/1836 (english version).
Infrared reminder
To avoid untimely communications use a piece of opaque adhesive tape to cover the infrared lens when not in use (infrareds communicate directly in alignment with the lenses, which limits the document access possibilities but not the signal interception when pairing or transmitting).
To conclude:
- Stop the supply to the communication peripherals when in sleep mode.
- Download security patches for Bluetooth
- Encrypt all radio communications and re-enforce authenticity procedures
- Never leave a wireless communication system in pairing mode (same thing for infrared systems)
- For executive reunions and isolated negotiations rounds add to your security device list : Cellular, WIFI, Bluetooth communication jammers.
If you have any questions do not hesitate to call us
This information was written by Jean-Christophe Boitard
514-932-0485
jc.boitard@stopoxygen.com
*******************************************
Preventing Laptop Theft (PART III)
No place is safe
Never assume your laptop will be safe just sitting around. Treat as if it were $1,000 in cash lying around, and lock it down using a cable lock or secure docking station. Qualcomm's CEO has his laptop stolen from him during a news conference while he was standing no more than 30 feet from it. A State department employee had his stolen from a conference room and lost his job. Despite a $25,000 reward it was never returned. Never assume that your laptop is safe.
Use a non descript carrying case
Nothing says "Steal me" like walking around a public place with a leather laptop case with the manufacturer's or your company's logo stamped to the side. Consider buying a form fitting padded sleeve for your laptop, and carrying it in a backpack, courier bag, briefcase, or other common non descript carrying case. For men, backpacks make it easier to keep you laptop with you when you go to the bathroom. (A prime target area for laptop thieves in hotels, bars, airports, and convention centers). If you are traveling in airports and train stations, consider putting small locks on the zippers of your case (especially backpacks) so no one can simply reach into your bag and rip you off as you are standing in line.
Beware of payphones...
Cell phones are great if you are within your calling area, but the lack of a nationwide standard means that business travelers often have to use the payphones in airports, restaurants and hotel lobbies. Incidentally, these are also places that thieves like to hang out . While you are worried about covering up you credit card number as you dial the keypad, opportunistic thieves are waiting to see if you set your laptop case down. If your traveling with someone else, use the buddy system to watch each others backs instead of making calls at the same time.
When traveling by air....
There are a number of sophisticated professional crime rings that prey on business travelers carrying laptops. They look for brand new, high end laptops and often shadow the airport curb side check in, airline and rental car check-in counters, airport shops and security checkpoints. Anywhere where you might set your laptop bag down for a minute to attend to other things, thieves may lay in wait . There is a well known two person scam that attempts to steal a business travelers laptop as they pass through the security checkpoint. If the thieves can't steal your laptop while you are occupied with the security process, they will often wait until you have a seat in the waiting area or in the airport bar. A good rule of thumb is that if there is a sudden diversion in front of you, a laptop thief is probably behind you. A common scam is for a beautiful young lady to walk behind you, smear mustard on the back of your shirt (without you knowing it), and then stop you and gleefully offer to help you clean it up. While you are occupied with the shirt stain, her accomplice is standing a few feet behind you waiting for you to set down your laptop bag. Another 2 person scam involves one person dropping a semi-valuable item in front of you in the hopes that you'll chase them to return the item. While your back is turned, their accomplice calmly walks away with your laptop case.
When traveling by car...
While I was working for a large international oil company, 5 executives went on a business trip to Australia and rented an SUV. On their first day, they stopped at a restaurant to have lunch, put all 5 brand new $4,000 Dell laptops in the back of the Ford Explorer and went in to eat. An hour later they came out to find the back window smashed in and all 5 laptops were gone (along with their passports). This illustrates 2 points. Always rent a car with a locking trunk (not a hatchback/minivan/or SUV) and never leave your laptop in a vehicle where a passing thief can see it through the window. If you do place your laptop in the trunk, use your cable lock to secure it to the trunk lid so that they still can't take it easily even if they manage to open the trunk. If possible, rent a car with an alarm system and no external stickers identifying it as a rental. Thieves target popular lunch spots with crowded parking lots, and they often look for rental cars. If you store your laptop in the vehicle for any period of time, keep in mind that the extreme temperature ranges within the vehicle could wreck havoc with your laptop. In the summer, the inside of a parked car can reach temperatures that will melt your laptop's components. In the winter, LCD screens can freeze solid and split.
While staying in a hotel...
Savvy road warriors already know the hazards of leaving valuables in hotel rooms, and professional thieves know that business travelers almost always have a few goodies that can be sold for a quick profit. If you keep your laptop in your hotel room anchor it securely to a metal post or fixed object. Consider a motion alarm for your laptop as well as one for your room. When not in your room, consider locking your laptop up in the hotel's safe. (Make sure you get a receipt).
When attending conventions and conferences...
Laptop thieves target business conferences and conventions because they know you'll feel more comfortable around your peers. They look for events that use the same facilities for a few days, because they're counting on you to become lax as you become used to the surroundings and start to feel safe. Most conventions only check ID's at the beginning of the morning. By the afternoon when you're tired and have let your guard down, thieves can walk in and out of conference rooms without being challenged or even noticed.
Make security a habit
People are the weakest link in the security chain. If you care about your laptop and your data, a healthy dose of paranoia will help keep it safe. (We hope we haven't made you too paranoid!) Get into the habit of locking your laptop up when you're working with it, or when storing it. (A cable lock takes less time to install then it does for your PC to boot.) Use common sense when traveling and try to stay in physical contact with your laptop at all times. If you are traveling with trusted friends or business associates use the "buddy system" to watch each others back (and laptops). A determined thief or industrial spy may still be able to get your laptop if they set their mind to it, but why make it easy for them?
NEXT MONTH - SECURITY CHECK-LISTS WHILE TRAVELING & IN THE OFFICE
*******************************************
PART II
PROTECTING SENSITIVE DATA
Use the NTFS file system
Assuming your using Windows NT/2000/XP on your laptop, use the NTFS file system to protect your data from laptop thieves who may try to access your data. FAT and FAT32 File systems don't support file level security and give hackers a big wide open door to your system.
Disable the Guest Account
Windows 2000 finally disables the guest account by default, but if you didn't build the image yourself, always double check to make sure the guest account is not enabled. For additional security assign a complex password to the account anyway, and restrict its logon 24x7.
Rename the Administrator Account
Many hackers will argue that this won't stop them, because they will use the SID to find the name of the account and hack that. Our view is, why make it easy for them. Renaming the Administrator account will stop some amateur hackers cold, and will annoy the more determined ones. Remember that hackers won't know what the inherit or group permissions are for an account, so they'll try to hack any local account they find and then try to hack other accounts as they go to improve their access. If you rename the account, try not to use the word 'Admin" in its name. Pick something that won't sound like it has rights to anything.
Consider creating a dummy Administrator account
Another strategy is to create a local account named "Administrator", then giving that account no privileges and impossible to guess +10 digit complex password. This should keep the script kiddies busy for a while. If you create a dummy Administrative account, enabled auditing so you'll know when it is being tampered with.
Prevent the last logged-in user name from being displayed
When you press Ctrl-Alt-Del, a login dialog box appears which displays the name of the last user who logged in to the computer, and makes it easier to discover a user name that can later be used in a password-guessing attack. This can be disabled using the security templates provided on the installation CD, or via Group Policy snap in. For more information, see Microsoft KB Article Q310125
Enable EFS (Encrypting File System)
Windows 2000 ships with a powerful encryption system that adds an extra layer of security for drives, folders, or files. This will help prevent a hacker from accessing your files by physically mounting the hard drive on another PC and taking ownership of files. Be sure to enable encryption on Folders, not just files. All files that are placed in that folder will be encrypted.
Disable the Infrared Port on you laptop, WORKS FOR BLUETOOTH TOO.
I don't know anybody who actual transmits data via the infrared port on their laptop, but we have been able to use the IR port to browse someone else's files from across a conference room table without them knowing it. Disable the IR port via the BIOS, or simply cover it up with a small piece of black electrical tape.
Backup your data before you leave
Many companies have learned the hard way that the data on your computer is more expensive to replace than the hardware. Always backup you laptop before you do any extended traveling that may put your data at risk. This doesn't have to to take a lot of time, and you can use the built in backup utilities that come with Windows 2000. If your network doesn't have the disk space to backup all of your traveling laptop users, you may wish to look into some of personal backup solutions including external hard drives, CD-R's, and tape backup.
Consider using offline storage for transporting sensitive documents
Backing up your hard drive before you leave can help you retrieve your data when you return from your trip, but it doesn't do you any good when you're still out in the field. There are several vendors that offer inexpensive external storage solutions small enough to fit into your pocket. By having a backup of the files you need with you, you can work from another PC in the event your laptop is damaged or missing.
Take basic precautions such as :
- Encrypt the whole volume of your computer
- Always keep your backup with you, never leave it alone
- Never put your backup with your laptop
- If you are afraid of losing your data when you go through airport security check points you can always have your backup mailed to you wherever you are staying.
Avoid WIFI connexions in public areas
It is always pleasant to travel while staying connected, but beware because your computer is easy access to strangers.
Our guidelines :
- never connect to the internet using a WIFI when in public areas
- when you must connect use proper security measures from your organisation
- do not improvise, if the measures don't exist ask for them
Other measures and equipments exists on the market, if you have any experiences to share with us or you need advice..... don't hesitate to contact us.
*******************************************
LAPTOP SECURITY GUIDELINES
Laptops have become thief magnets, attracting everything from common thugs and dishonest housekeeping employees to sophisticated conmen, hi-tech crime rings, and industrial spies. Every year thousands of computers are stolen and thousands more are simply misplaced. The most common are left in hotel rooms, restaurants, airports, cabs or even coffee shops by busy employees rushing around to get their work done. Protect your capital investment and your company's secrets by following these guidelines to better laptop security.
For our clients and website visitors there will be publications of these guidelines over the next three months, separated in 3 different articles, regarding computer safety. These newsletters will include advice and tips for everyday use of your laptop to insure full security at all times.
The articles will be presented as follows:
1- Basic Security Measures and Physical Security
2- Protecting your Sensitive Data
3- Preventing Laptop Theft
Newsletter Part 1
BASIC SECURITY MEASURES
First rule to follow: never let the pressure of hierarchy or the fashion trend get to you. Following a theft you should never choose a solution before having analyzed the situation.
Second rule to follow: forget your education, forget your honesty and your logic, to find a parade of thieves you need to think like a thief. No technology, just psychology.
Choose a secure operating system and lock it down
If you care about your data, pick an operating system that is secure. Windows 2000 Professional and Windows XP Professional both offer secure logon, file level security, and the ability to encrypt data. If you are running Windows 95/98/Me, anyone who picks up your laptop can access your data.
Enable a strong BIOS password
Foil would be data thieves right from the start by passwords protecting the BIOS. Some laptop manufacturers have stronger BIOS protection schemes than others, so do some homework before relying on this alone. Find out from your laptop manufacturer what the procedure is for resetting the BIOS password. If they absolutely demand that you send it back into the factory and don't give you a "workaround", you'll have a better chance of recovering the machine and maybe even catching the thief yourself. Also find out if the BIOS password locks the hard drive so it can't simply be removed and reinstalled into a similar machine.
Asset Tag
Permanently marking the outer case of the laptop with your company name, address, and phone number may greatly increase your odds of getting it returned to you if you happen to carelessly leave it in a hotel room. There are also a number of metal tamper resistant commercial asset tags available that could help the police return your hardware if it is recovered. According to the FBI, 97% of unmarked computers are never recovered. Clearly marking your laptops deters casual thieves and may prevent it from simply being resold over the internet via an online auction.
Register the laptop with the manufacturer
We've become so used to throwing away the registration cards for all of the electronic items we buy every day, because we've learned that it just leads to more junk mail. Registering your laptop with the manufacturer will "flag" it if a thief ever sends it in for maintenance, and increases your odds of getting it back. It also pays to write down your laptop's serial number and store it in a safe place. In the event your laptop is stolen, it will be impossible for the police to ever recover it if they can't trace it back to you.
A number of management software allows you to manage your tracking numbers or you can use the international website www.anti-theft.org.
Physical Security
Get a cable lock and use it
Over 80% of the laptops on the market are equipped with a Universal Security Slot (USS) that allows them to be attached to a cable lock or laptop alarm. While this may not stop determined hotel thieves with bolt cutters, it will effectively deter casual thieves who may take advantage of you while your sleeping in an airport lobby, leaving a table to go the bathroom, etc., Most of these devices are between $30 - $50. In addition to the quality of the cable, consider the quality of the lock. And remember: They only work if you use them properly. Tether them to a strong immovable and unbreakable object.
Use a docking station
Unbelievably, almost 40% of laptop theft occur in the office. Poorly screened housekeeping staff, contractors, and disgruntled employees are the usual suspects. You can help prevent this by using a docking station that is permanently affixed to your desktop and has a feature which locks the laptop securely in place. If you are leaving it overnight, or for the weekend, lock your laptop in a secure filing cabinet in your office and lock your office door.
Lock up your PCMCIA cards
While locking your PC to a desk with a cable lock may keep someone from walking away with your laptop, there is little you can do to keep someone from stealing the PCMCIA NIC card or modem that is sticking out of the side of your machine. When not in use, eject these cards from the laptop bay and lock them in a safe place. Your docking station should have a NIC card built into it at your desk, and if you are traveling you won't be connected to the network anyway. Even when they aren't being used, PCMCIA cards still consume battery power and contribute to the heat levels within your laptop while they are left inserted into their slots.
If you have an office that is locked by key make sure it is locked everytime you leave the office.
Use a personal firewall on your laptop
Corporate networks protect their Servers and Workstations by configuring a firewall to prevent intruders from hacking back into their systems via the company's internet connection. But once users leave the corporate buildings and connect to the web from home or a hotel room, their data is vulnerable to attack. Personal firewalls are an effective and inexpensive layer of security that take only a few minutes to install. Although Windows XP comes with a personal firewall, it does not attempt to manage or restrict outbound connections at all. We recommend using a good third-party personal firewall to secure your Windows XP workstations. If you want to test how much information your personal firewall "leaks out" to the web, try the online leak test at http://grc.com/lt/leaktest.htm
Consider other devices based on your needs
Since laptop theft has become such a big issue, the market has been flooded with a variety of security gadgets and gizmos. Motion detectors and alarms are popular items, as are hard drive locks. Biometric identification systems are also being installed on some laptop models which allows your fingerprint to be your logon ID instead of a password. Consider the cost and bulk of these items along with your risk of theft before you go all out on a security solution.
Use tracking software to have your laptop call home
There are a number of vendors that offer stealthy software solutions that enable your laptop to check in to a tracking center periodically using a traceable signal. In the event your laptop is lost or stolen, these agencies work with the police, phone company, and internet service providers to track and recover your laptop as soon as possible.
Warning! This software is not an anti-theft program. Since we must run after your computer, go and get it and restore it, you will be neglected of your computer for an undetermined period. These softwares are very efficient even though there are minor inconveniences.
Preventions and good habits are the best way to stop theft before it happens.
*******************************************
PRE-ANNOUNCEMENT - AVAILABLE JANUARY 2005
STOPOXYGEN IS PROUD TO INTRODUCE THE NEW COMPUGUARD DESIGN
Same anti-theft specifications than COMPUGUARD for laptops and desktops, but with stylish shapes and colors to meet owners of mobile devices expectations.
Efficiency
of
COMPUGUARD
in a 17 x 35 anti-theft concentrate
ANTI-THEFT
GUARD*
for Cell
phones, Ipods, Ipaqs, Pagers, Blackberry, Palms, Symbol
Pocket PC, Video cameras, Cameras, GPS, MP3 players,
pocketable data vaults, etc ...
*******************************************
INTRODUCING
KEYKATCHER MINI WORLD'S SMALLEST KEYSTROKE
RECORDER
OXYGEN INC announces world's smallest keystroke recorder
What's
4cm long and has the ability to monitor days of computer
use? ... Keykatcher mini the world's smallest keystroke
recorder. Keykatcher mini is 27% smaller than previous
models, yet has the ability to hold over 65,000 keystrokes.
Public sales of the device will begin on January, 2004.
Keykatcher products have done well, primarlly due to their
ease of use. Simply plug it in to the keyboard port and it
begins recording instantly. Even parents who feel
intimidated by computers can use it to watch what their
children are doing online, or they are speaking with chat
rooms. All typing is stored in non volatile memory wihich
means that it will retain data even if the device is
unplugged, or if the computer is turned off.
Why are Keykatcher products better than the ty