Category Archives: Security

XP Still Not Completely Dead to Microsoft

 

msohtmlclipclip_image001

Today I fired up an old XP box just out of curiosity to see the security status of XP anno June 2014, and lo and behold I have one Security update which in this case is the Malicious Software Removal for June 2014.

Then I thought while we are at it, lets see the status of MS Security Essentials, and yes, it is still being updated daily by MS as you can see below:

msohtmlclipclip_image002

Like I initially reported and contrary to popular opinion, MS has not completely abandoned XP users, it is still making sure they are not the Internet Trojans everyone is purporting them to be after EoL.

Of course this doesn’t mean that you should still sit on XP, it is a dead OS. You may be making the Net unsafe for all of us as is. You don’t want to come to a Gun warfare with a knife. Get off of this time bomb called XP now while you still safely can.

About these ads

How to Turn-OFF App Recommendations in the New Store

image

Unless you’ve been living under a rock, you would have noticed people are raving seriously about the new Windows Store for the new and improved Windows 8.1 Blue. There have been lots of articles about the new Store on various Tech sites that I don’t feel compelled to write another about it here. That’ll be unproductive and a waste of your time. But one thing I want to mention out is the new Recommendation feature of the Store.

As you might have read, the Store is now powered by the awesome engines of Bing. For better or for worse, we are being followed everyday by the Search Engines we use, whether you belong to Google or to Microsoft or whatever, there’s no denying it, our lives is being interpreted by these AIs (almost AI then, have it your way!). So unless you don’t use the internet, there is no denying it that these machines know one thing or other about us. So, we have the advantage in this case that due to your usage and search patterns, these engines knows what it good for you. So you have recommendations of Apps that the AI think will be interesting to you.

But you may not want your patterns to be recorded, and the new Recommendation features of the new Store turned OFF, well how you do it is right there in that picture. Microsoft, worrying about your privacy as usual, has added an Option for you Tin-foil wearing conspiracy theorists to turn off machine recommendations. Not that it matters, the NSA has got your backside via PRISM, so you might as well leave the darned option ON and enjoy the discovery it brings to the Store. :-)

5-0 Radio Police Scanner App in the Store for old and new Radio Amateurs

image

Well, here is a blast from the past! Internet has spoilt us all, and some of us have forgotten what we used to do back then when there was no Internet. Believe me, some of us have lived in that timeframe where there was no Internet. You asked what did we do to communicate and keep ourselves entertained? We were Radio Amateurs, we send and receive radio signals to long distances to communicate and make new friends, the longer distance you bridged the better; and we listened to Police and Fire Department communications. We knew what was going on before the average Joe knows it. Those were good old times when you had to hunt for information :-). Now, we are overwhelmed with information via Internet, and it has totally wiped out this fantastic human invention from a golden era.

That is why I jumped for joy when I saw this app. Radio amateurs have obviously moved on from basic analog only rigs to digital receivers that are able to stream their signals to the internet. So now, the net is full of these amateurs streaming their receptions. You don’t have to have an expensive rig anymore to listen in to Police communication. I just love this app. I am listening to 10-24 right now in New York Binghamton/Tioga. This is awesome.

The app not only stream scanners, you can also listen to regular radio stations all around the world. Get the app while you can, its free of charge. Here is an excerpt from the Store:

Description
5-0 Radio is a free, all-in-one digital radio and police scanner service that lets you listen to police, firefighter, ambulance, airport, railroad, music, comedy, talk, news, and sports radio stations.
Listen to your stations in the background while you use other apps
Share stations with your friends and family who can listen to them on their own devices
Search stations by music artists, location, name, genre, and songs playing
Save your favorite stations onto presets

Features
Listen to your favorite radio stations including NYC’s Z100, Howard Stern, ESPN, Opie and Anthony, Alex Jones Infowars, idobi radio, 181.FM, and many more.
Tap into the largest collection of real-time police scanners streaming live from all around the world.
Chat with other listeners to talk about what you’re listening to
Get details about the song that you are listening to, such as lyrics
Decode local police codes while using the police scanner

Download now via the Source link below.

Source: Windows Store

TechCrunch, Scroogled: Why Not?

It’s a slow day today, so TechCrunch asked “Scroogled: Why So Negative, Microsoft?” with a post trying to bash MS for its rather un-Microsoft-like way of competition against Google. I mean everybody is used to everyone bashing Microsoft, while they happily turn their other cheeks. So where is this new aggressive Microsoft coming from?

The question that TechCrunch should have asked is “Scroogled: Why Not?”. There was a time Journalism was established as the public Third Arm of Democracy, in which Journalist were the Sentinels of Truth in the society, to tell the story the way it is after an investigative effort. They are supposed to keep the Government and businesses realms healthy by exposing what we’ve all commonly agreed to be against social norms being practiced by these entities. The World Financial Collapse is an attestation to the failure of Journalists in their role.

Today, journalism is a joke, the line between a journalist and a fanboy has merged. Journalist are now rather opinion shapers instead of harbingers of truth. Where was TechCrunch when Apple was raiding anything Microsoft with the Switcher Ads? Every soul that knows its salt in IT and Computing knows all the claims of Apple in the Ads were just one big crock. The claim of Apple that its devices don’t get viruses prompting massive run for Macs have been proven to be an illusion. Where where all the Tech journalists then that should have called Apple to its senses and exposed the fraud in the Ads. No, they where all cheering Apple on and empowering the Distortion Field further. Now Apple has removed virus-efficacy claim from its sites. MacOS is just another susceptible OS as any other.

imageAnd this brings me back to the question in focus. “Scroogled. Why Not?” The question is whether MS assertion is true or not. If the Journalist are failing to warn the masses about the dangers of using Google’s products, who is going to do it. Yes, there is inherent danger in using Google’s product. You mum has told you when you were small, nothing comes free in life; something has to give. You just don’t think Google as a commercial company is working for Santa Claus did you? Where do you think they are making those billions they declared recently as profit? Have you ever seen a Non-Profit organization declare billions in profit?

Yes, you are all paying for it by using Google’s products. Those Android Phones, Chrome Browsers and Chrome OS all phone home by using them. They are telling Google everything you’re doing. That is how they get to know you more than your mother does. To sell you things you don’t need. If you pitch your tent with an Ad company, you need to be aware of the consequences. That is what Tech Journalists are failing to do. They are failing to educate the masses about the dangers of exposure. Privacy Advocacy is not there for nothing, there are people that have been bitten by having their lives exposed online to all and sundry. You may think you are safe for now, but the incessant attack we are witnessing against big American companies these past weeks attest to the fact that security is an illusion. You can say you don’t mind Google knowing everything about you, but what happens when Google is hacked and brought to its knees by enemies, what is going to happen to you? These are the questions that Tech Journalists should have been asking, but almost all of them are fanboys in this age and time. Most of them have vested financial interests in these companies that they’ve lost their objectivity.

So, is it right for Google to be reading your mail, scouring you HDD and looking at everything you type on your computer. If a Virus does this, we are all up in arms, but it is OK for Google to be doing it. Just think about that for a while. The masses need to be aware of these issues and they need to be educated to be able to make informed choices. But how can the masses be educated when the Journalists are busy making money and cheering and hating at the same time. There was a time Journalism was devoid of emotion so as to maintain factual integrity, but these days we all read our news from fallible and raging fanboys. Obviously you’re doing one right now, but I don’t pretend to be a journalist. I just ask you to stop drinking that Cool-aid for a while and think; for Pete’s sake!

MS SurfaceRT Security Broken–Now you can run ANY Desktop App

surface-tablet-windows-rt

We knew it’s a matter of time, in fact I am surprised it took this long, but it has finally happened. Someone has found a way to circumvent the built-in Security of Surface preventing arbitral running of Desktop Apps on SurfaceRT devices. Its all about a Byte in the Kernel, and a hacker going by the handle of Clrokr (@Clrokr) has found it as below:

SeGetImageRequiredSigningLevel+0x18
LDR R3, =0x59FFA6 This is our byte, 0x19FFA6 at 0x400000 image base
LDRB R3, [R3]
CMP R3, #4
BHI loc_HighSigReq
B.W loc_LowSigReq

Here is what he said about it:

Finding the right spot

The minimum signing level determines how good an executable’s signature is on a scale like this: Unsigned(0), Authenticode(4), Microsoft(8), Windows(12). The default value on x86 machines is of course 0 because you can run anything you like on your computer. On ARM machines, it defaults to 8.
That means that even if you sign your apps using your Authenticode certificate, the Surface or any other Windows RT device (at this moment) will not run them. This is not a user setting, but a hardcoded global value in the kernel itself. It cannot be changed permanently on devices with UEFI’s Secure Boot enabled. It can, however, be changed in memory.
Finding this byte in the kernel takes a while, there is no exported symbol for it and not even in the symbol database at MSFT. I found it using WinDbg and a machine running Windows 8 Pro, creating processes and watching how the system behaves when the signature checks happen all the way through CI.dll and back. Because Windows 8 and Windows RT are so similar, locating it in the ARM kernel was not hard…

He provided the sample exploitation code on his blog. But what does it all mean to you as user? First, this is not for the faint hearted, you must know what you are doing. Second, someone will probably write a code to automate the jailbreaking. But the question is would you run this code on your ARM device?

I personally will like to to see how SurfaceRT performs after jailbreak. Remember the version of Office on SurfaceRT is specially crafted and optimized for the RISC architecture and its small power environment. So, will you be able to run the likes of AutoCAD/Photoshop now on Surface, I doubt it, you will be frustrated possibly with the performance speed. We will be keeping an eye on developments for you and report back if anything new come up around this story.

It’s a brave world out there, once again, it has been proven that nothing is secure by default. If it is written by man, it will be broken by man, period. Now that you can jailbreak SurfaceRT, what are you going to do about it? The decision is yours and yours alone.

You can read the rest at Clrockr site: http://surfsec.wordpress.com/2013/01/06/circumventing-windows-rts-code-integrity-mechanism/

[Update]
I have been made aware of the fact that you can’t run “ANY” desktop Apps on ARM devices like the hacker’s post suggested, but even after this jailbreak, you still have to compile your standard Desktop App for ARM before it will run in a jailbroken desktop. So, with this news, we can expect Google and the likes to start compiling Chrome and other apps for Windows RT desktop. And of course all the security risks and exploits will follow. Hopefully people will not be blaming Microsoft for their misfortune then.

original

Snapchat: Does it Really Disappear?

snapchat

If you’ve ever used Snapchat before you’ve most likely known that all media sent and received disappears after the alloted time set by the sender, right? Well, Buzzfeed has found out a hack that allows those recieving to view the videos forever. So how’s this happening? Continue reading

Microsoft is Moving Family Safety Service over to Outlook.com

 

Dear Family Safety customer,
Family Safety

We’re making a change to Family Safety, and are contacting you because you’re monitoring or managing one or more children’s Microsoft accounts (formerly known as Windows Live IDs).

There are many different email programs your children can use to communicate with others. But until now, Family Safety has only been able to help parents monitor their children’s email contacts through Microsoft-owned programs like Outlook.com using Family Safety Contact Management.

Starting on 3/18/2013, we’re switching your children’s monitored accounts to Outlook.com’s “exclusive” mode. These settings work for all email programs, so now you can help keep your children safer across any email platform they use, not just those created by Microsoft. The change affects three things:

  • The contacts you currently manage for your child will be added to the Safe Senders and Domains list. Emails from people on the list will go directly to your child’s inbox.
  • Emails from people not on the list will go directly to your child’s junk mail folder. (They can still view these messages there, though, so it’s important to be cautious.)
  • Your child will be able to add their own new contacts.

These accounts will be affected by the change:

  • Kid Account1
  • Kid Account2

Note that these new settings don’t affect your child’s communication in Messenger. However, if you want to block online communication, we recommend setting the Family Safety web filter to “General interest”.

You can also visit Microsoft’s Safety and Security Center page for tips on helping your children use the web more safely.

Thanks for your understanding and patience as we update our services.

Sincerely,
The Family Safety team

NRA-techtronica

NRA’s silence on the WWW

NRA-techtronicaBefore beginning this post I’d like to personally express my condolences for those involved [in any way] with the tragedy that struck the town of Newtown, Connecticut. One of the highly discussed topics during these difficult times is the statements of different organizations against “unnecessary” gun limitations and the ones that believe they are necessary. As of late, the NRA [National Rifle Association] has gone into hibernation on the WWW. This story has made headlines on both CNN & USA so far and continues to become a more talked about subject. Continue reading

MX Apps Security and Devs’ Income Jeopardy

image

Since today is turning out to be a Plea day to Microsoft, I might as well add the following points that Devs have raised to me, and the points I could really understand looking from Devs perspective.

MX Apps (Metro Apps if you live in the past) have great promise for Microsoft and End-Users alike. They are highly portable, highly manageable and secured; if we could believe Microsoft on their promise for WinRT environment of Windows 8. Apps can be built with next to nothing experience, even script-kiddies are now top-notch coders on Windows 8. Its all fine and dandy till bread and butter comes into question. If you are a hobby developer, you wouldn’t mind what MS does with your code the moment you submit it to the Store, all you care about is to see your App published, hopefully featured in the Windows Store.

But when your app is your bread, and preferably your butter too, you do seriously mind what MS does with your code in the Store and on Users devices. MX Apps are scripted Apps, they are managed Apps, you either code in Javascript or in .NET both of which are translated Apps. This means there’s a file of yours somewhere with readable code for everyone who has the will and the intent. Here you are slaving away at a particular difficult routine in your app. You need to implement that killer feature that will differentiate your app as professional Dev, ergo, this is the source of your income! It took you two days to do the plumbing and debugging of this difficult routine, now it is part of your code for your app, submitted to the Store, and globally readable.

Of course you’ll feel cheated. Anyone who find your app awesome and wants to know how you carried out that impossible feat can now dive into your code and read how you did it, gone is your professional advantage. This will be an awesome scene in about 50 years when we don’t work for money anymore, the era of Star Trek has broken upon us where everyone works just for the pleasure of it. There is no hunger anymore, need has been banished by the Federation. This will probably remain in the realm of my dreams and many of you.

But for now, you need to pay your bills, but how could you if people could easily pilfer your code and earn money with it while you go hungry. So this brings me to my point. Microsoft, we know you protect MX Apps with Encryption from hackers and the likes, and that you can’t just copy and run apps on other machines, but what’s with people readable code. Why aren’t you protecting Devs labour? Why not encrypt Devs’ codes and files before publication so that only the system can unencrypt it at runtime? Why does my files have be readable to all? If you think I am joking read this from a concerned dev:

Hi McAkins,

I just want to explain, the security problem in Windows 8 store app, that can lead to another security problem:

First of all, when we install windows 8 store app, it will reside on %ProgramFiles%\WindowsApps folder, although the folder is hidden

by default, but through ‘folder options’ we can show the folder, and we access it after we take ‘ownership’  of the folder (we don’t need special tool to take ownership of the folder, only through windows explorer we can take ownership), after that, the problem begin;

1. All the application that we installed, user can take all the assets we use in our app. (Images, Sound, Video, and other assets). because we can access all the windows 8 store app application folder, for JS app we can see the code clearly if we not minified that code first before published to the store.(like skype app, I attach the source code I take from my laptop,).

2. Let say we develop windows 8 store app using JS, and use Windows Azure mobile service to push the notification to the user, or even worse if we have storage or other cloude services, the ‘client secret’ to access our Windows Azure service, can be seen by the people or malware, and then they can abuse our cloud servce / windows azure services.

3. Another problem if we develop using C#, we can decompile it also using .NET reflector or other related app. (but this is the nature of .net app either Desktop App or Windows 8 Store app).

Thanks

<Concerned Dev>

And here is the Skype Source Code he was talking about:

skype source code

How about that?! Even MS own Software is not protected! But then they can afford to loose a dollar or two to a script kiddie.

So there you have it, if you write in JS, you’re screwed as professional Dev. You are basically plumbing for other people. Period. This is not acceptable and should be mitigated Microsoft. The only way to guarantee App privacy right now is to hide your code in C++  dlls with JS as frontend, or to a lesser degree to code in .NET, at least it takes a bit of effort to get to the decompiled code. So here we are MS with another plea. Please either obfuscate publish codes or encrypt all JS and .NET files. That’s the only way Devs can resign from their day job and take up coding full time if they are guaranteed income source in the future. Do it now! Yes you can!

Thanks all for your attention.

– McAkins

Windows Outbound Firewall Settings

Windows Outbound Firewall Settings
How To Activate Outbound Firewall Protection in Windows 8. Click on Picture so see the whole instruction.

This post was prompted by the need of someone on Twitter who is having issues with ZoneAlarm on Windows 8. Of course ZoneAlarm is broken in Windows8 because ZoneAlarm has been known to dig too deep into the Kernels, and that is not possible anymore. MS is having everyone keep their paws away from the Kernel. So his argument was that there is no Outbound Firewall protection in Windows, told him there has been Outbound Firewall protection in Windows since Vista, only most people don’t know it. Even if you know it, its going drive you crazy if activated since windows will be asking you every second if you want to allow an outbound traffic. At least this shows Windows has Outbound firewalling feature.

For anyone that is driven to this kind of solution, you may be actually better off by running a Network Monitor tool that shows you what is going on in your Network. I have two tools for this, MS Sysinternal’s TCPView and the big gun MS Network Monitor. This tools are more effective in identifying scrupulous apps on your network instead of blocking outbound traffic which can be a pain.

Has Your Spam Wished You A Merry Christmas?

Ever notice how around the holiday times you see a sudden rise in email? Doesn’t ‘Act now and you’ll receive 40% off at this store’ or ‘buy this item and get a second item free with the purchase of that item’ get a little annoying to you after a while? Well it sure gets to me. The sad thing is that I’m not addressing Viagra-type spam email in this article. I’m talking about respected businesses we all shop from.

For about the past month I noticed that I was getting a lot of email from folks like Amazon, ALK Technologies (the folks behind Co-Pilot Live on Android and iOS) and Zinio Digital Magazines. Most of you all know at least something about these companies. At least every other day I’m getting email from them. And although I have spam filters in my Gmail account set to delete emails that have the word ‘unsubscribe’ in them (with exception to emails from Twitter, Facebook, etc.), these emails still get in. Although I’m annoyed enough at that fact, there is still one aspect that gets to me even more. Why do I only hear from companies like these around Christmas?

During any part of the year (even some other holidays) I hear nary a thing from my harassers. Maybe an occasional sale here or announcement there may come across, but why be bombarded with emails now. Yes I know most of you are saying right now that it’s because of the holidays and now is the best time to try and get people to spend more money. While yes it’s a good strategy, it’s also turning people off from them at the same time.

At this point, it’s looking a little dismal for me as I have to decide whether to set up more spam filters or choose the painstaking task of having to go through emails and click unsubscribe. I’d hate to do that as some of these companies have legitimate emails that come out, but also send out many irritating ones. Thus are the email marketing campaigns of the 21st century.

I would like to propose an ultimatum to these companies. You can send your emails out promoting your new products, announcing changes, and revealing sales, but can you please restrain yourselves from email blasting us ad nauseum? Else you will lose my client-ship forever.

I know I can’t be alone in this. If you have had any experience with this or just have comments or thoughts, use the comment box below.

image.png

PlayStation hacked, Now Microsofts XBox now has phishing?!?!

Well some of you might know that Sony has recently been hacked and has affected PSN/Oriocity Services. Now Xbox has now been I guess you could say “hacked” If you play Infinity Wards game MW2, your the target. Below is a screen shot of  the service alert Microsoft posted

Xbox's Service Alert
Xbox’s Service Alert

I will be continuing coverage for this and look out for the updated symbols

*DATE*

clip_image005_thumb.jpg

Predator, USB Security

 

Today I am going to review a program called Predator, I saw it a while back when I had Linux on my laptop, it is only for Windows, so now I got Windows and finally got the program. The software is basically you key a flash drive so it can be used to lock/unlock a computer. The good thing about this program is you can have many flash drives keyed to one computer or one flash drive paired to many computers. I could see this program being used in a work scene, with each person having their flash drive keyed to their computer and then the manager having one keyed to all the computers.

 

I downloaded the program and installed it. When it finished and ran, it wanted a password so if you lost the drive you could get back into the computer. Then it went through some settings like when it scans for the drive, what to do when it unlocks and the lockdown mode. After getting this set up, it has some other options that are only availble in the pro version which is 30$, like when someone tried to get in with a wrong password it could send a twitter message or one to the direct person. When I got done with the settings I tried it, I removed the flash drive and within a few seconds it had seen that the drive was removed and it went into lock mode. I put it back in and instantly it unlocked and showed me a log of where i locked it and removed it with the drive. Then my sister came into my room and I removed the drive, and a bit longer it locked, then I had her to try and log in with the password and it did the alarm and then I logged in with the drive and it showed me that she tried to get in.

 

I like this program and recomend it to anyone who will be taking their computer many places or in an open area. I have a feeling I will be using this alot. I just wish it had one option, to take a picture with the webcam when someone unlocks it either way, so you could easily see who has been on the computer.

 

[review pros="Easy to set up, easy to work with, great for multiple computers" cons="Slows things down a bit when scanning more often" score=95]

 

clip_image006.jpg

WordPress.com: Largest DDoS Attack in its History

Earlier today popular blog hosting site, WordPress.com, was undergoing a distributed denial of service attack. A denial of service attack, or DDoS, is where major amounts of data are sent to a server with the intent to overwhelm it and shut down the site. During the attack when the server(s) went down several of the VIP sites like: TechCrunch, the National Post, and Financial Post were shut down. Not only that but the millions of other blogs that are hosted with them were unavailable. Matt Mullenweg had told TechCrunch that this was the largest attack WordPress.com has ever seen, and was likely to be politically motivated:

“There’s an ongoing DDoS attack that was large enough to impact all three of our datacenters in Chicago, San Antonio, and Dallas — it’s currently been neutralized but it’s possible it could flare up again later, which we’re taking proactive steps to implement.

This is the largest and most sustained attack we’ve seen in our 6 year history. We suspect it may have been politically motivated against one of our non-English blogs but we’re still investigating and have no definitive evidence yet.”

It is unknown as of now the source of the attack, but there are some obvious ideas. (Anonymous/4chan).

Now of course everything is back to normal and everyone can once again blog away to their hearts content. But boy did it make the headlines, it made the headlines of several big blog companies. It did not matter if they were on WordPress.com or not.

Did you like this post? Don’t forget to share this article around the web!

-Until next post, peace out.