Archive for March, 2007

Security Roundup

Lots of security stuff to comment on today, so I thought I would do a news post with links to them all, save us all some time.

Spamdexing “R” Us A researcher is curious as to how many times a user can get hit with a driveby download and malware infection just by clicking on a Google search result. He took the AOL search data that was released accidentally by AOL and tried to figure it out.

A Fresh Look at Password Thieves Security Fix is still looking at the damage caused by VisualBreeze or “Vbriz” Trojan, it’s also known as “Dimpy.Win32VB.” Thousands of people are affected.

Malicious Web Site / Malicious Code: MS07-009 Exploit Code Released A full exploit was released for MDAC vulnerability MS07-009. Patch is available here.

Windows weakness can lead to network traffic hijacks IE still looks for proxy servers when it starts up, a malicious employee inside your network could take advantage it, here is how and how you can avoid it.

Many net users ‘not safety-aware’ Less than half of the UK’s internet users believe they are responsible for protecting their personal information online.

SANS to certify programmers for security nous The SANS Institute has assembled security vendors to create a secure coding assessment and certification exam for programmers. Participants have the option to sit through four exams leading to GIAC Secure Software Programmer (GSSP) status. The four examinations cover a specific programming language suite: C/C++, Java/J2EE, Perl/PHP and .NET/ASP. Visit here for the new website.

Trend Micro Moves Security into the Cloud Trend Micro’s products rely on a dynamic database of IP addresses that are updated constantly to prevent users from accessing sites that are known to distribute the malware used to build botnets. This domain reputation database maps over 300 million domains daily, and every five minutes there is a new entry.

OpenOffice.org Security Several security vulnerabilities have been reported on in the media in the last week, where users’ PCs could be open to attack if they opened certain documents or websites.

Vulnerability Summary for the Week of March 19, 2007 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week.

Windows Vista News 3/26/2007

Here are some of today?s, and maybe yesterdays, Windows Vista news.

Microsoft investigates exploitable flaw in Vista e-mail A bug in Windows Vista email client, Windows Mail, can allow attackers to run malicious code, or even some local code on a users machine just by clicking a link. If run locally, just clicking the link will run it, while, a program hosted elsewhere requires the user to click OK.

Microsoft cuts Vista prices by 10 percent UK users and small businesses are getting a 10% price cut from Microsoft if they purchase additional copies of Windows Vista.

Is Vista’s security all it’s cracked up to be? Backward compatibility still hampers Windows, although, it has come a long way baby.

Windows Vista Debuts with Strong Global Sales More than 20 million copies of Windows Vista sold in the opening month.

Dell Refunds Vista/Works With Two Emails Although you still can’t buy a Dell PC with no operating system, a user from Germany got his money refunded for the Basic version of Windows Vista.

In case some of you haven’t been looking, lots of Windows XP videos as well as many other videos are available in our video section, like this one here from Chris Pirillo comparing Windows XP to Windows Vista.

Windows Vista News 3/24/2007

Some news making the rounds concerning Windows Vista.

Apple reportedly to postpone Leopard to support Windows Vista Apple is expected to push back the release of the next version of their Operating System, Leopard, to give them a chance to support Vista using an integrated version of Boot Camp.

Microsoft announces more discounted Vista licensing Microsoft has announced the Windows Vista Additional License Program, which gives discounts to people who already have a version of Vista installed.

Exploit-for-sale hacker pins bug on Vista’s e-mail app A security “researcher”, who two weeks ago was touting a exploit for sale service, says a bug in Vista’s built in email program can be used to run malicious code.

Make New Icons for Windows Vista Latest verions of ArtIcons supports Windows Vista Aero-style icons.

A Vista driver case study Ed Bott bitching about the scanner he bought a year and a half ago.

New Version of Warezov Spreading via Skype

Websense Security Labs announced that a new version of Warezov/Stration set of malicious code is spreading through Skype, the code does not infect the machine, but it does send a url with a link to download the code to the user’s contact list. The code, once ran, opens backdoors on the system and downloads more malicious code.

“Spammed” users receive a message that says Check up this and sends them a link to download the code. If a user clicks on the link, they are redirected until they eventually download a file named file_01.exe and they are prompted to run the program, as you usually are when you download something. The Trojan tries to send an email message through a Yahoo mail server, probably trying to contact the creator to let them know they have infected another computer, but the message fails because the mail server is not active.

Source: Malicious Website / Malicious Code: New Warezov spreading via Skype.

This is the same method of attack as this notice on the F-Secure site, it is using a new release of the code and new download urls.

Google Maps API adds KML and GeoRSS Support

Google Maps has added some cool new formats to their API, KML and GeoRSS. Currently, they support points, lines, polygons, styles, icons, and network links (without view-based refresh) in the KML files, and they will be adding ground overlays, screen overlays, folders, and visibility soon. More information can be found in the Google Maps API documentation. So now you can create a KML file using Google Earth and load it up in Google Maps, so you can see exactly where they are.

To start we now support GeoRSS as a data format for geographic content in Google Maps. We want to enable users to create data in whatever format is most convenient for them, and feel that by supporting both KML and GeoRSS we can enable a wider variety of people and applications to contribute content to Google Maps. We’ve built support for the Simple, GML, and W3C Geo encodings of GeoRSS — all you have to do is enter the full URL of a GeoRSS file into the Maps query box to load the file. For example, take a look at SlashGeo’s GeoRSS on Google Maps.

Most importantly, we’ve extended support for displaying geographic data — both KML and GeoRSS — into the Google Maps API. Now in addition to programatically adding content to a Maps API site, you can create your content as KML or GeoRSS and load it into the Map with a simple function call. This means that the more than 1 million KML files that are available from all over the web can easily be mashed up with the map on your site. For example, you can add some vacation photos from Japan with the following code:

var gx = new GGeoXml(“http://kml.lover.googlepages.com/my-vacation-photos.kml”);
map.addOverlay(gx);

This makes it easier for API sites to maintain content in a flexible format that can be accessed via the API or in a number of other tools directly, and makes it simpler to create a rich API site with declarative content, instead of a lot of code. Source: KML and GeoRSS Support Added to the Google Maps API

The O’reilly Radar site, says this will help KML become an OGC standard, and they expect Google to soon accept GeoRSS as a layer, and that they will probably start showing up in Google Earth’s web search.

Additionally, KML is on its way to becoming an OGC standard (and as you can see from this Slashgeo poll it’s a popular idea). It’s great for them to begin accepting this other OGC standard as they begin that process.

I expect this means that GeoRSS will be accepted as a Google Earth layer soon and that GeoRSS will start showing up in Google Earth’s Web Search. This would provide even further incentive content sites to join the likes of Flickr (as an aside compare with Flickr’s map feature with a Google Map consuming the same feed – I think Flickr’s is cleaner, but it does not have Google’s flexibility) and Upcoming by exporting in GeoRSS (as if today’s announcement wasn’t enough). WordPress bloggers can start using the GeoPress plugin (Radar post) right away (I already do on the Ignite Seattle blog — it’s very easy to use). Source: Google is Supporting GeoRSS

Lots of stuff coming out for Google Earth lately, be sure to check some of the other articles below.

Microsoft Security Roundup

Major Nelson says we weren’t hacked, in reference to accusations that some accounts were hacked into and taken by other users, and says there is no evidence that there was any compromise at all of their security on Xbox Live.

Despite some recent reports and speculation, I want to reassure all of our 6 million Xbox Live members that we have looked into the situation and found no evidence of any compromise of the security of the Xbox Live Network or Bungie.net. There have been a few isolated incidents where malicious users have been attempting to draw personal information from unsuspecting users and use it to gain access to their LIVE account. This is a good time to remind our members that they should never give out any of their personal information. Additionally it may be a good idea to download this free PDF file from Microsoft.com ‘ Help Protect Yourself Against Identity Theft? that gives you some excellent information and tips on how to protect yourself. Source: Xbox Live Security

But this website, Security Focus, lists how you do it, and it is a simple social engineering technique, you call them up and say hey, my Xbox crashed or my friend changed my password, of course, they won’t do it for you right off the bat, you need to keep calling and picking out bits and pieces of the info that you need.

“We here at Infamous steal at least 10 accounts a day depending on there (sic) levels,” claimed a site belonging to Clan Infamous, which bills itself as “the best account stealing + boosting clan” in Halo 2. “If you talk s**t we will mod on your account until it is banned. If the levels on it are good, we will use the Credit Card on your account to then change the gamer tag.”

The clan’s Web site, however, does detail the method its members use to steal accounts. Rather than hacking computer servers, the clan’s account stealers claim to rely on social engineering to convince support personnel at Microsoft—and its subsidiary Bungie Studios, the creator of the Halo game series–to help the attackers take control of the accounts. To do so, the players spin a story about something going wrong with their account–from a crashed box to a sibling changing the password–and ask for help “recovering” the data.

“You call 1-800-4my-xbox, pretend to be that person, make up a story about how your little brother put in the information on the account and it was all fake,” stated the Clan Infamous Web site. “You might get one little piece of information per call, but then you keep calling and keep calling, every time getting a little bit more information … once you have enough information you can get the password (and) the Windows Live ID reset.” Source: Account pretexters plague Xbox Live

So, no, they weren’t hacked, technically, but they are being socially engineered out of the info and helping them take the accounts. One would think that Microsoft would keep record of the calls made about each account, then it would be easy to tell if this is really happening.

And other news I’m sure Microsoft is just loving, they were declared Most Secure OS by Symantec, a company who isn’t to happy with Microsoft right now because of the Patch Guard stuff. The report is Internet Security Threat Report, and it is summed up nicely on the Internet News site.

The report found that Microsoft (Quote) Windows had the fewest number of patches and the shortest average patch development time of the five operating systems it monitored in the last six months of 2006.

During this period, 39 vulnerabilities, 12 of which were ranked high priority or severe, were found in Microsoft Windows and the company took an average of 21 days to fix them. It’s an increase of the 22 vulnerabilities and 13-day turnaround time for the first half of 2006 but still bested the competition handily.

Red Hat was next requiring an average of 58 days to address a total of 208 vulnerabilities, Mac OS X had 43 vulnerabilities in Mac OS X and a 66 day turnaround on fixes and HP-UX from Hewlett Packard and Solaris from Sun, HP-UX had 98 vulnerabilities in the second half of 06 and took 101 days to fix them, while Sun took on average 122 days to fix 63 vulnerabilities. Sun said they don’t know where Symantec got their numbers because they were way off.

Wi-Fi Mesh and Google Earth

It must be Google Earth day around here, lots of interesting stuff I have found so far today. Download Google Earth by clicking this link,

Skypilot has integrated SkyControl with Google Earth mapping service, and using the GPS positioning capabilities they can provide automatic and dynamic mesh network visualization, which means they can actually see which nodes are functioning, etc, so they can see power outages, and much more. This will also allow them to visualize all of the networks before they actually install them, so they can be sure of complete coverage. Here is the press release.

Here is what they had to say at GigaOm has to say,

Indian network operator LifeStyle Networks relied on Google Earth to plot and rollout a 20 square kilometer network for 500,000 residents in Mumbai using Strix hardware, according to Light Reading (LifeStyle plans to cover the rest of the city in 6 months). The company used Google Earth to decide where the radios should be placed so that the whole city could be covered with a signal, and then used GPS-based location data of the hardware to create an online network map over Google Earth.

The article says the company can feed info from Strix?s network management software into Google Earth to see the details of the connections of the nodes ? if they?re live and if any radios are not operating correctly. Source: Google Earth Meet Wi-Fi Mesh

Meraki, who use Google Maps for it’s dashboard management tools, says you can just enter it into Google Maps to see your network, and they are going to allow you to see your network in real time by exporting that data into Google Earth in the next release. That would be some pretty cool Google Earth Layers.

Google Earth Tutorials and Help

If you haven’t looked around there is all kinds of stuff available for Google Earth, Google has some great tutorials, help, support, forums and more. I’m going to list as many as I can here, if you know of a good resource for Google Earth, drop it in a comment and I will add it to this post. Download Google Earth by clicking this link, to get the latest version of Google Earth.

Google Earth Tutorials from Google:
Navigating on the Earth

Searching for Locations and Businesses

Marking Locations

Making Movies in Google Earth Pro and EC

Here is the Google Earth User Guide, which lists everything you can do while using Google Earth.

The Google Earth FAQ This is the list of frequently asked questions.

The Google Earth Help Center.

Having trouble with Google Earth? Google Earth troubleshooting.

Check out the huge Google Earth Community from keyhole.

You can check out the Using Google Earth Blog.

And you can check out everything we have posted about Google Earth and all of the Google Earth Layers we have listed.

Updated Google Earth Layers

Google has some new and some updated layers for Google Earth, and they are already in Google Earth, top that. If you really haven’t explored Google Earth, you can find some great content that is already there waiting for you by browsing through some of the available layers and other cool stuff they have listed there. Download Google Earth by clicking this link,

A new folder called “Global Awareness” under “Featured Content”:
World Wildlife Fund (WWF) Conservation Projects
Appalachian Mountaintop Removal

New Zealand Roads
National Geographic expanded content: now includes Australia, New Zealand, Oceania, Poles

Updated content in:
Geographic Web: Wikipedia
Geographic Web: Best of Google Earth Community
Featured Content: Yelp Reviews
Featured Content: Tracks4Africa
Populated Places, Islands and Borders
Google Earth Community
Worldwide Panoramas
Volcanoes
Digital Globe Source: New and Updated Layers – 10th March 2007

Here are all of our articles tagged Google Earth and Google Earth Layers.

Google Releases Picasa Web Albums Data API

Google has released the API for the Picasa Web Albums, you can add, request, update and delete albums, photo and tags, and using this script here from Googlified, you can embed Picasa web albums on your site. Download Picasa by clicking this link,

The Picasa Web Albums team is pleased to announce the release of the newest member of the GData family, the Picasa Web Albums data API.

Now you can access your albums, photos, comments and tags through a common GData API. Have a great idea for integrating your photos and tags into a semantic network? Want to add a slide show of your favorite photos to your homepage and include user comments? How about autotagging your photos based on image analysis or photo description or title? Or allowing users to pick a Picasa Web Albums photo from inside your application? The possibilities are endless. Source: GData for Picasa Web Albums