Archive for the ‘security’ Category

Security News

Every day I use Google News to provide me with updates on whatever particular subject I am working or thinking about at the time. Over the past few months I have been looking at the effects of “phishing” and online fraud that have been plaguing online financial institutions over the last 18 months or so.

Every now and then I will see an article that is expressing a new idea or opinion I think is worthy of some feedback. It was with some surprise that today Google news roundup on “Phishing” returned my very own comments.
I am not sure what to read into this:

a) my comments matter
b) Google can find anything anywhere
c) Google’s news sources are more limited than first guessed

I think that the answer is a combination of b & c. Some day I may be able to claim with more authority that a) applies but I think that will require more people either strongly agreeing with me or strongly disagreeing. Just responding in some way will do.

Monday, January 17th, 2005

security No Comments

E-Genie

While at my current job I have been writing for the monthly newsletter under the guise of the E-Genie. This time I thought that I would post my latest creation here as well.

There have been an increasing number of security threats that use email as their way of getting onto your home computer. These threats have used features and in some cases security weaknesses in the email software to launch their attacks. The software makers have responded to these problems by adding security features to their email readers. This month we will deal with some of the side effects of these features.

Question:
“I received an email that I was expecting and the information I needed was sent as an attachment. When I tried to access this it received a message stating I was denied access to an “unsafe attachment”. Others I talked to received the same attachment with no warnings and no consequences to their system.”

The problem here is that the email program is assuming that the attached file is dangerous and will not allow it to be used. This is based on the file type and not the contents of the file. File types that are considered dangerous include .exe, .zip , .scr, .pif, .bat, etc. Also applications like Word and Excel that can contain macros will also be considered unsafe.

To access these files you will need to change the security settings of your email program. It is best to do this only when there is a particular file that you want and that you are expecting. This way the software forces you to think twice before clicking on a dodgy attachment. For example in Outlook Express (version 6.0) go to “Tools –> Options” then select the Security tab.

Uncheck the box next to “Do not allow attachments to be saved or opened that could potentially be a virus”. You should now be able to open the file but don’t forget to re-check this setting once you have opened your file.

All the best from the E-Genie!

Monday, May 17th, 2004

security, technology, work No Comments

Bill’s dream to can spam.

I have to say that i love the ego of Bill Gates. By the time he no longer wants to, he will rule the world. This week he has stated that he will stop spam. I love that kinda talk because I hate spam. I have an easy to spam email address, and at last count I am getting over 500 spams every day. I use a number of tools to combat this so I still deal with it in a way that has not yet stopped me from using the email address. In fact here it is - nick@bigpond.com. Bring it on. I will not be beaten by spammers.

However there is one thing that does send a shiver down my spine and that is how Bill is going to stop the spam. Better filters, bigger bounties, lobbying law makers? Somehow I dont think so, because all of these are reactive, and that is not Bills way. So I think to myself how would I make spam go away if I was Bill Gates.

Assumption 1 - I am Bill Gates and I own and control Microsoft. (ps i know there are other share holders but this is a dream, ok)
Assumption 2 - I own all of the computer desktops and servers that I care about. I don’t care about those silly unix or linux systems, or those annoying little fruity things (apples).

Idea… Why don’t I add a patch to Windows email software that only accepts messages from other Windows email applications. Well at least the ones that require product activation so that I know that there is a unique system to use it. It can even be optional. My customers don’t have to use it, but if they want to get rid of spam then maybe they will want to.

It is hot where I am sitting but this idea makes me feel cold. We need a better solution that one that Bill dreams up.

Thursday, February 12th, 2004

security, technology No Comments

Next Entries