Microsoft Security Essentials – Beta

Anti Virus(AV) and Anti-Malware software has always been a necessary evil to me. I managed to go on for years without installing any type of such protection because I believed that if you are an experienced enough user, you won’t be infected. I saw no reason for installing an additional piece of software on my system that would eat up precious RAM and instigate disk activity without any direct benefit to me except protection from some “unknown and harmful software”. Years passed by and I got non the wiser while malware kept on developing and eventually I broke down and … Continue reading Microsoft Security Essentials – Beta

Hyper-V security guide

  This Solution Accelerator provides instructions and recommendations to help strengthen the security of computers running the Hyper-V role on Windows Server® 2008. It covers three core topics: hardening Hyper-V, delegating virtual machine management, and protecting virtual machines.   Download

Let the Panic begin?! (or maybe not…) [MS08-067]

Yesterday, Microsoft has released an out of band patch (in other words, not through the standard cycle of releases,which means it’s really important and there is no time to wait for the next cycle) for all Windows version. Such a release, obviously causes concerns (as does everything that is not routine). The patch is intended for all Windows versions, and it is supposed to plug a hole in the Server service (specifically RPC) that might allow an attacker to run arbitrary code under the system account (it also seems that the vulnerability is wormable). Enter PANIC!!! (or maybe not) First … Continue reading Let the Panic begin?! (or maybe not…) [MS08-067]

DEP and ASLR in Vista circumvented?

Two researchers claim to have found a way to circumvent both Data Execution Protection (DEP) and Address Space Layout Randomization (ASLR). These techniques are meant to protect the way information is stored in RAM, ASLR is relatively new and it randomizes the way that DLLs are loaded on startup dealing a sever blow to anyone that would try to estimate which space in RAM a worm would need to overwrite during a buffer overflow attack. The researchers (Mark Dowd of IBM Internet Security Systems (ISS) and Alexander Sotirov, of VMware Inc.) will discuss the weaknesses they have found at the … Continue reading DEP and ASLR in Vista circumvented?

Doomsday DNS flaw!!! (or is it?)

The last few days(actually almost a month now) have been very exciting in the relatively “boring” world of DNS. In that world nothing much changes…DNS has been around for quite a while now and it has always helped us translate friendly names into long and daunting numbers (IP addresses). It did so in a reliable and predicable manner. Yet that soothing effect of predictability seems to have gotten it into trouble. According to security researcher Dan Kaminsky, a vulnerability exists in the NDS implementation itself (affecting all vendors) that allows cache poisoning (in other words, an incorrect IP address will … Continue reading Doomsday DNS flaw!!! (or is it?)

Perception is everything or who is more secure: Microsoft or Apple

Continuing my Microsoft fanboy weekend- In an article called: Microsoft vs. Apple: Who patches zero-days faster? (by Computeworld) the writer describes a research done by the Swiss Federal Institute of Technology. The research looked at how many times in the pastsix years did the two vendors (Microsoft and Apple) have a patch ready for a zero dayvulnerability. In other words they tried to designate (using statistics) which of the two companies isbetter to react when a vulnerability is discovered. Well the result was/is surprising to manyas it turns out that according to the results Apple lags in patching. An additional … Continue reading Perception is everything or who is more secure: Microsoft or Apple

MacBook Air Hacked in 2 minutes…

Ok,so as a Microsoft fanboy it is my turn to gloat. Vista Ultimate still stands strongafter the 2nd day of the PWN 2 OWN contest. Basically the contest provides threelaptops that have Windows Vista Ultimate, OSX 10.5.2 and Ubuntu. The hacker receives a prize of 10k and the laptop he hacks… After the first day(only network attacks were allowed) all three systems were still standingon the 2nd day contestants were allowed to instruct organizers to work on thesystems…Charlie Miller (responsible for the first iPhone hack) pointed one of the organizersto a website-and that was it (2 minutes). Ok,so I am … Continue reading MacBook Air Hacked in 2 minutes…

Mandatory Integrity Control (What,how and why do we care?)

The theory Mandatory Integrity Control (MIC) is an additional layer of security built into Vista andWindows 2008. This particular layer helps Windows protect itself from harmful intentional and unintentionalchanges to important objects. Among the objects protected we can find files, directories, registrykey, printers, and actually any object that has a security descriptor. The beauty of MIC is that it has been there in the background all along protecting you, yet you never knewit existed. You might have actually encountered it by trying to change a file that is protected by it, and eventhough you had the permission you couldn’t… The … Continue reading Mandatory Integrity Control (What,how and why do we care?)

Temporary e-mail address

Anonymity is a commodity that most of us have lost in this age. At times though, you maystill attempt to seek anonymity so you can avoid being hit by a barrage of junk or due to thefact that you do not trust a specific website(that requires you to register using a valid e-mail address)that you wish to use (oxymoron,but curiosity did kill the cat-who can blame him?!). For such cases I have found the following service:10 Minute Mail. You will be provided with an address for 10 minutes and a web interface to manage received messages. Note that you can prolong the validity period but I … Continue reading Temporary e-mail address

iPhone runs everything as root?

This might be somewhat old but it still strikes me as odd. It seems that every processon the iPhone runs as root, which basically means that if one process is breached it willhave full access to the whole system. When looking at this situation, on one hand you might be confident that your softwarehas no security flaw, thus you have nothing to worry about or you have made a mistake. A process/user should not run with higher privileges then the ones he really needs, evenadministrators should be limited- if they need to use their admin privileges it should bedone in … Continue reading iPhone runs everything as root?