The Technical Exorcist

The McCain campaign really fouled up the selling off of their surplus IT equipment.

When we charged them up in the newsroom, we found one of the $20 Blackberry phones contained more than 50 phone numbers for people connected with the McCain-Palin campaign, as well as hundreds of emails from early September until a few days after election night.

Besides Blackberries, they had un-wiped laptops out for people to look at and purchase. The staff claimed the laptops would be wiped before they were sold, but it doesn’t matter. Everyone knows laptops on display are just begging to be stolen. There is no excuse for having them pawed over by the public when the data hasn’t been destroyed yet.

Full article on Fox: McCain Campaign Sells Info-Loaded Blackberry to FOX 5 Reporter

Western Digital makes a huge Network-Ready hard drive that blocks all music formats from being shared with other users. This means you can pull music files off your hard drive, but you can’t let anyone else pull music files off your hard drive. There are legal, legitimate reasons why I could want to share my files with other users. I guess I’ll be preferring Seagates drives.

More information can be found on their website, or on this Register article.

The commentator Chronos is full of you-know-what when he says WD has to cover their asses due to Common Carrier laws. Common Carrier laws apply to “organizations that transport persons or goods”. Western digital does not transport data, they provide tools that may be used to transport data, so they are no more liable for what gets transported than a boat manufacturer.

I was working on some new Acer PC’s at work, when I noticed something that struck me as rather suspicious. The default profile is named “Acer User” as you might suspect, but in the Windows Directory structure, it is named “Lenovo User”. As you might already know, Acer and Lenovo are fierce competitors in the computer field. Why in the world would Acer have the words “Lenovo User” in their directory structure?

The only other times I’ve found the Profile name and the Directory structure do not match is when you change the name of a profile. Is Acer using Lenovo disk images, and then renaming the profile?

Has anyone else noticed this kind of anomaly on an Acer? Does anyone have any explanation?

We have a new resident here in the Ethereal Land. I just got him moved in tonight. He writes about what he sees as he watches the trades. Check out his cabin on the main map, or visit him here.

This is the last thing they want to hear after the resounding slap of Vista’s face hitting the pavement.

Piling on top of Sony’s many sins, it seems that the Sony VAIO customer service is abysmal. It furthur demonstrates that Sony is not a customer oriented company, and that has practical implications.

Google has just added a feature to Google Maps that improves it to the point were I don’t think the competition has much of a chance unless they follow suit. You can now alter your driving directions with a simple click and drag interface!

Read the article on The Register Here

According to The Register, The US Department of Defense is creating a simulation of the world to model how various countries and peoples will react to various “stressors”—acts of God, Wars, etc. Reading the article, it sounds like a very interesting concept. I doubt it will be very accurate, though. When you’re working on that scale, everything is so complex I don’t see how the program could harvest sufficient information to be even close to correct.

Recently I was trying to explain to someone why there was no point in installing a software firewall on a PC that was already protected by the hardware firewall on a NAT router. We both agreed that there was no point in having a software firewall monitoring incoming traffic. The router performs the same port controlling functions as the software firewall, and provides NAT services as well, effectively hiding the connected workstations. Since the hardware firewall is more difficult to penetrate, neither of us thought it likely that anything that couldn’t be stopped by the hardware firewall would be stopped by the software firewall.

The value he saw in the software firewall was that, unlike the hardware firewall, it would monitor outgoing traffic. He postulated that this “program control” would provide a second layer of security. If a malicious program eventually made its way onto the system, and then tried to phone home, the software firewall would warn him, and he would get a chance to deny it access to the internet, limiting the amount a damage done. This is one of the angles the vendor pushed the product from, and it passes the common sense test, so it is a fairly reasonable conclusion to come to—if you only spend a brief moment thinking about it.

My objection is that it is so stone-cold simple to get around program control, anyone clever enough to break through your other security measures would slip by it as easy as a rear-wheel drive car slips on ice.

The easiest method is for the hacker to change the name of his piece of malware to match another program on their system that requires internet access, for example “Internet Explorer”, or “Yahoo Messenger”. If they looked closely, the might see clues that something was amiss, but programs like these are always being updated, so it wouldn’t seem out of the ordinary that they needed permission again. The user would click allow without bothering to look twice.

But there’s another easy method that won’t cause any alert to display. All the hacker would have to do is load his little joke as a plug-in for your favorite browser. Web browsers typically don’t notify you when a new plug-in is added. It’s assumed that you added it, so of course you already know about it. A plug-in almost never alters the programs executable, so it would not be detected as a change in the program by a software firewall’s program control. It would get access to the internet just by piggy-backing on the rights of your web browser. Don’t believe it could work? You can prove it does. Just download and install a plug-in that accesses a remote server for your favorite web browser, and see if your software firewall picks it up as a change. You could try Forecastfox for Firefox.

And those are just two easy ways off the top of my head. A real nerdy hacker might try to insert the information he’s trying to send into unencrypted packets being sent out by other applications, and then intercept them on the other end. If I can come up with three ways of doing it without trying, you know your favorite enemy can come up with sixteen.

From my viewpoint, calling a software firewalls “program control” security is analogous to calling a T-shirt body armor. They both offer approximately the same level of protection.

This guy made a flashlight that gives off 4000 lumens. That’s a lot.