Cleanup On Aisle 9…

Well, it has been roughly 6 months since my last system wipe.  It’s almost time for me to do it again.  Every 3 to 6 months, depending upon the project that I am running with at the time, I like to do a little PC maintenance. 

Why do I consider PC maintenance a security item?  My system tends to accumulate a variety of junk and gunk as most systems do, and my curious nature takes me to some fairly dark places.  I do take precautions, but if you regularly download and install/uninstall, surf to known malware sites, knowingly follow spam links, and/or receive information from all manner of “security” sites, all the Virtual Machines and security precautions in the world won’t guarantee PC cleanliness.  I’ve done this little dance for years and years, and probably won’t stop until I finally buckle down and get a thin-client for home use.  Actually, I should probably drop that particular want onto my Christmas list this year!

So, what are the steps that I follow when I start the “clean PC mambo”?

Continue reading


Fedora Servers Breached

The Register reports that servers belonging to the Fedora Project were breached over the weekend by an unknown attacker who gained access though a team member’s account.  The compromise of meant that the attacker briefly had the ability to push changes to Fedora’s SCM system.  There’s no evidence any such updates were made or that Fedora’s systems were subject to any vulnerabilities or exploits.  Action was taken quickly to freeze the account and forensic investigative work began immediately upon notice.

The Register

OTA Incident Readiness Guide Published

Few events can damage a company‟s reputation and cause the loss of consumer trust faster than the misuse or breach of personal and sensitive data.  Once that damage has been done, it is very difficult and time resource consuming to turn the boat around.  Over 525 million records containing sensitive personal information have been compromised due to breaches in the last 5 years alone.  The Online Trust Alliance (OTA) has just announced the release of their 2011 Data Breach Incident Readiness Guide to outline key questions and recommendations for businesses to consider integrating into their baseline framework.  

The OTA’s mission is to develop and advocate best practices and public policies which mitigate emerging privacy, identity and security threats to online services, organizations and consumers, enhancing online trust and confidence.   By facilitating an open dialog with industry, business and governmental agencies to work collaboratively, OTA is making progress to address various forms of online abuse, threats and poor security practices. 

Depending on your industry, size, and the type of data collected, your requirements may vary, and you should consult with specialists to aid you in planning.  This document provides a comprehensive framework, outlining key questions and recommendations to help businesses build breach prevention and incident management practices.  OTA has expanded its annual report to address the emerging security and privacy threats impacting businesses throughout the world.  With the White House, members of Congress, Commerce Department and the FTC calling for greater privacy controls and breach notifications, the OTA guide represents a significant self-regulatory effort to enhance data stewardship, consumer trust and ultimately the long-term vitality of commerce.

According to the OTA’s 2011 Data Breach Incident Readiness Guide, the true test for organizations and businesses should be the ability to answer key questions such as:

  • Do you know what sensitive information is maintained by your company, where it is stored, and how it is kept secure?   
  • Do you have an incident response team in place ready to respond 24/7?   
  • Are management teams aware of security, privacy and regulatory requirements related specifically to your business? 
  • Have you completed an audit of all data collection activities, including cloud services, mobile devices and outsourced services?
  • Are you prepared to communicate to customers, partners and stockholders in the event of a breach or data loss incident?  

Continue reading


Kaspersky Screensaver

Kaspersky has released a screensaver that updates malware stats and details every 12 hours.  I like these types of screensavers, and have used the Symantec version for years.  Both screensavers display a global view of malware infections and security issues, and then go through a series of breakdowns by country and region.  The intent is to provide a day to day overview of the threat landscape at a high level, and comparatives for how things look in your area of the world.  Information is presented for “hottest” threats, trending and attcker geo-location.  Scrolling banners also provide any attention worthy outbreak alerts. 

Things that I have never liked about these screensavers include:

  • They are not interactive.  Yeah, it’s a screensaver.  I would love to see one of these vendors actually invest the time and effort to give the app a “clear” button so that I can move my mouse around and continue to view the intelligence.
  • They are not very configurable.  I would appreciate being able to focus my intelligence display to spend more time on North America, drill down to Canada, and even the GTA or Greater Toronto Area.  This would be relevant to my business and customers.
  • The intelligence presented is canned.  Everyone sees the same material, malware, attacker, victim stats.  I would like to select the information that I want to see at a given time, based on what my internal sensors are indicating, or based on the current scrolling/statistical information presented.
  • Further drilldown should be provided.  If you are going to present the top 5 threats, let me click on them to get more information on characteristics, indicators of infection, how to detect and prevent infection, etc.