Category Archives: Uncategorized

Getting bombarded with political calls tonight? Don’t hang up–hit #

I read this trick today. So far, hitting # worked on the political calls I’ve been getting tonight. Or, if in doubt, hit #0* as one of those key combinations usually works to kill the call.

And if any candidate calls after 8 PM and wakes up my kids, I automatically write in the name “Fidel Castro” instead of voting for them. Not that any of them are reading this. I’m pretty sure a good percentage of them can’t read…

More later, I hope.

I got a new side gig

I’ve been talking a lot with WhiteQueen at Rabbit-Hole lately, and learning a lot. It’s one thing to learn security from textbooks and learn enough to pass a test. It’s one thing to patch servers and make sure my servers pass annual security audits. It’s quite another thing to talk to someone who actively seeks out hackers to study their movements and try to keep them out. Or who stands up servers just to see how difficult it is to get in by force instead of through the logon prompt.

Both WhiteQueen and RedQueen have tons of ideas and tons of knowledge in their heads. But neither likes to write. After I banged out a 600-word article this week based on a five-minute conversation with him, WhiteQueen approached me with the idea of posting security-related articles on Rabbit-Hole. We think having quality, useful articles going up over there on a semi-regular basis will help them build a larger audience, and I’d never attract that audience working on my own. I’ll be learning as I go, and sharing what I learn in the process.

I’ll continue to write here about whatever it is I feel like writing about. I must have a half-dozen things not related to security that I’m working on right now anyway. When I post something over there, I’ll link to it from here to make it all easy to find.

My first Windows 7 build

I rebuilt a friend’s Windows 7 system this week.

The system includes a 30 GB SSD to boot from, and a RAID 1 mirror of 1 TB drives for storage. Aside from the two 1 TB drives, it’s basically a collection of $100 components. $100 Asus motherboard, $100 video card, $100 CPU. It seems like right now, no matter what individual system component you’re looking at, $100 buys you something really nice without going too far over the top. I’m sure certain aristocrats might disagree, but any reasonable person ought to really like using this system. Continue reading My first Windows 7 build

MyDoom/Novarg Gloom

Just in case anybody is curious, my employer’s virus scanners filtered roughly 3,000 copies of Novarg (a.k.a. My Doom) during working hours yesteray. If that’s not a record for us, it approaches it. I know we weren’t the only one.I’ve heard Novarg/MyDoom/My Doom called the fastest spreading virus yet. I don’t have statistics on prior viruses with me, but suffice it to say, its impact certainly felt similar to the big names from the past.

Although SCO would like people to believe it was written by a Linux zealot, I’m more inclined to believe it was created by organized crime. Maybe the creators hate SCO, or maybe the anti-SCO DDoS was just an added touch to throw investigators off.

LoveLetter was the first virus outbreak to really have much impact on my professional career, and I noticed something about it. Prior to LoveLetter, I never, ever got spam at work. Not once. After LoveLetter, I started getting lots of it. I don’t believe LoveLetter’s intent was to gather e-mail addresses for spammers, but I do believe that more than one spammer, probably independently, noticed that viruses were a very efficient way to gather a large number of e-mail addresses.

I got spam before LoveLetter, and I saw viruses before LoveLetter. But I started seeing a lot more of both very soon after LoveLetter.

I don’t buy any giant conspiracy to sell anti-virus software, nor do I buy any giant conspiracy against SCO. I do believe in bored people with nothing better to do than to write viruses, and I also believe in people who can profit off their side effects.

I’ve said it once and I’ll say it again. If you run Windows, you must run anti-virus software. You can download Grisoft AVG anti-virus software for free. Don’t open unexpected e-mail attachments, even from people you know. Even if it looks safe. Don’t send unexpected e-mail attachments either–you don’t want anyone to get the idea that’s normal. Quite frankly, in this day and age, there’s no reason to open any piece of e-mail that looks suspicious for any reason. I told someone yesterday that this is war. And I think that’s pretty accurate.

If you’re an intrepid pioneer, there’s something else you can do too, in order to be part of the solution. If you join the Linux revolution, you can pretty much consider that computer immune. Macintoshes are slightly less immune, but certainly much less vulnerable than Windows. Amiga… Well, I haven’t seen the words “Amiga” and “virus” in the same sentence since 1991 or 1992. But one thing is certain: a less homogenous field is less susceptible to things like this.