University of Glamorgan Blog
If you see Trojan:Win32/Popureb.E or something called Popureb [1] in your Antivirus software then start making backups and look for your PCs restore CDs/DVDs to restore your system.
[1] – http://www.computerworld.com/s/article/9217953/Rootkit_infection_requires_Windows_reinstall_says_Microsoft?taxonomyId=85
Reading the article about Japan’s Nuclear reactors[1] and the issues the country is now facing because of a number of critical failures that occurred; with this post I would just like to point out how this, in a similar fashion, applies to computer security.
Bill says “As we learned in the global financial crisis as well, instruments and devices thought of as separate entities can all “go south” as the result of a single underlying cause, upending estimates of how serious and consequential any one failure would be.” [1]
Focusing on the all it takes is one failure, which in turn will kick things off, will or can lead you to a chain reaction of undesirable events occurring after that. Be that a specific vulnerability, a weak password etc being the failure point, if all possible matters are not looked at in depth, reviewed and addressed (e.g., penetration test) appropriately then information can go missing and systems will get compromised.
Many a times it is hard to explain to people what the consequences are when the failure does occur and how it will affect them in the long run. In this case with the nuclear power plants the consequences are quite dire for the population (short and long term). Whereas in the computing realm only unless the issues cross into the physical realm (e.g., lost work hours leading to lost revenue, products can not be delivered etc.) do people start to pay notice. Demonstrating the short sighted on look onto long term effects of possible consequences.
[1] – Japan Nuclear Accident: Worse than Worst, Again by BILL SWEET - http://spectrum.ieee.org/energywise/energy/nuclear/japan-nuclear-accident-worse-than-worst-again
Cyber attacks are on the increase. Not just because I say so, it is a fact [1,2,3]. Cyber criminals are turning to the virtual world and usually the figures demonstrate their success in doing so.
Some countries are even thinking of having their own operating system, ie India [4], as if that will block cyber attacks. It will slightly reduce the amount of automated attacks but it will only be a matter of time until these are also targeted.
What we do need is an increase in user awareness and a better understanding of the security issues that we face every day. In the same way that we look left and right before crossing the road, we need to double check and double guess if a file is suspicious or not.
Certainly an expected increase in salaries[5], in the USA, for IT Security Professionals is a step in the right direction.
Links Used:
[1] - Terrorist cyber attacks are a growing threat to the nation, says GCHQ chief – http://www.telegraph.co.uk/technology/internet/8060641/Terrorist-cyber-attacks-are-a-growing-threat-to-the-nation-says-GCHQ-chief.html -
[2] – Australian military reveals 230% increase in cyber attacks in 2010 – http://www.computerweekly.com/Articles/2010/10/11/243285/Australian-military-reveals-230-increase-in-cyber-attacks-in.htm
[3] – Cyber attacks on utilities tipped to soar – http://www.securecomputing.net.au/News/234954,cyber-attacks-on-utilities-tipped-to-soar.aspx
[4] – India Plans Indigenous Operating System to Thwart Cyber Attacks – http://it.tmcnet.com/topics/it/articles/108048-india-plans-indigenous-operating-system-thwart-cyber-attacks.htm
[5]- IT Salary Guide Shows Increase in Salaries for IT Security Professionals – http://www.securityweek.com/it-salary-guide-shows-increase-salaries-it-security-professionals
The ISRG group has two PhD Studentships out, apply before the deadline on the 30 September 2010.
PhD Studentship – Awareness in a CNO Situational Environment
http://inform.glam.ac.uk/jobs/details/783/
PhD Studentship – Cyberwarfare Operations
http://inform.glam.ac.uk/jobs/details/784/
Be warned: We can not be held responsible for any damages you commit to your devices. Proceed at your own risk.
I have managed to find the secret combination of AT commands [1] that will allow you to save an incoming message to the SIM card and then you can read it on the iPad.
You will need the following commands in order to receive SMS to the SIM card.
at
at+cmgf=1
at+cnmi=0,1,0,0,0
at+cpms=”SM”,”SM”,”SM”
at+cmgl=”ALL”
You can make use of the sendmodem [2] code to make life easier. You can use minicom too!
Example:
./sendmodem at
./sendmodem at+cmgf=1
./sendmodem at+cnmi=0,1,0,0,0
./sendmodem at+cpms=\”SM\”,\”SM\”,\”SM\”
./sendmodem at+cmgl=\”ALL\”
Known problems:
There is an awful time out issue. To start this process you will need to run ‘./sendmodem at’ until you get OK and then quickly send the rest of the commands. I have hacked away on the original sendmodem to include all the above commands in one executable. Will post it later on.
Also, once you have reached the maximum number of messages you will need to start deleting them. More information in later posts.
Enjoy!
Refs:
[1] – GSM AT Commands example (good ref really) -http://www.arcelect.com/GSM%20Developer%20Guide%20-%20GSM%20AT%20Commands%20-%20Rev%20%20A.pdf
[2] – sendmodem - http://code.google.com/p/iphone-elite/wiki/sendmodem
This solution is only for Mac’s. Use the following information at your own risk.
If you have an iPad (I would imagine it is the same for iPhones) and you have recorded something with Smart Recorder (or Smart Recorder Lite) and the iPad has been synced with a system there is a way to successfully recover your audio recordings.
First find your backup location. This will be in /Users/[user_name]/Library/Application Support/MobileSync/Backup/ (replace the [user_name] with your account’s username) and in backup you will have a number of folders with semi-random names. These are your backups. Find the latest one and go to this directory in the Terminal (e.g, cd /Users/[user_name]/Library/Application Support/MobileSync/Backup/).
We will now use grep to find the header of the recordings: grep AIFFCOMM *
The output of the grep search will be the files you want to copy off into a new folder and you can rename them to .aif . These can be tested then with VLC.
You could probably find any other documents in a similar fashion (e.g. for PDFs: grep PDF * ).
Happy hunting.
Like milk, when data is stored in our refrigerated data storage facilities it should have an expiration date. Imagine a milk that degraded in your fridge and disappeared after the expiration date. The perfect solution to taking out the trash and having to deal with milk that has gone off.
In the same fashion would it be wonderful to be able to have the ability to submit your information on a form and set an expiration date on them. This way you know that the information will only live for the required time-period set.
From a legal point of view this is very well justified and supported. The Data Protection Act clearly states that data must only be kept for its intended purpose and deleted afterwards. And many organizations do not adhere to it or have very relaxed regulations about when data shall be deleted.
The article by the BBC [2] also talks about fading data. This is looking at data from another perspective. This is one that data is not deleted but abstracted to other forms of information i.e,generalized.
Restrictions
The current restrictions that I can see are:
There are probably many more, certainly I can imagine a number of people who would love this feature of having data that expires. We must be careful though because once it is gone then there will be no way to retrieve it again and in some very rare occasions forgotten information can be handy.
Links Used
[1] – Harold van Heerde - http://www.vanheerde.eu/
[2] – Fading data could improve privacy - http://news.bbc.co.uk/1/hi/technology/10324209.stm
As mentioned on the old blog we have moved to our new system (faster and no loading errors). A new feature of interest is the twitter feed on the right which is in sync with any tweets the group makes. This does not include any re-tweets. You can follow the ISRG at http://www.twitter.com/isrgUniGlam
We have also setup a Facebook group (http://www.facebook.com/group.php?gid=115019145200805 ) for Alumni Postgraduate students that have successfully finished any one of the following Postgraduate degrees (past and present):
MSc Computer Systems Security
MSc Computer Forensics
MSc Information Security and Computer Crime
MSc Information Security and Corporate Intelligence
Keep in touch,
ISRG @ Uni. of Glamorgan
Uni. of Glamorgan’s ISRG group will be at #InfoSec10 Europe located at Stand R93 or at the Uni. Pavilion: http://goo.gl/blZk
Hey everyone,
I have finally found a reason to have twitter. It aint the best medium but it is the fastest way to say something, which can be followed by an article on a blog etc.
For now I will maintain my own twitter, so if you want to track anything I track or write (tweet) that is security related checkout: https://twitter.com/kxynos