Known as the "Father of Software Quality" Watts Humphrey, founder of the Software Process Program at the Carnegie Mellon Software Engineering Institute (SEI) and recipient of the National Medal of Technology, died Thursday at his home in Sarasota, Florida. He was 83. One of my favorite I.T. related Quotes: "The problem of software process change are often complicated by the fact that no one is responsible to make it happen. If software process improvement isn't anybody's job, it is not surprising that is doesn't get done! If it is important enough to do, however, someone must be assigned the responsibility and given the necessary resources. Until this is done, software process development will remain a nice thing to do someday, but never today." Watts Humphrey
This seemed a little low to me until I saw the specifics: 2.15 million bot infections were detected and removed the 2nd quarter of 2010.
AND 2.16 million bot infections were detected and removed the 1st quarter or 2010.
These are just the ones found by Microsoft, and only the ones they removed. Again, this doesn't include ones they didn't remove (or didn't detect). Also it doesn't include any other vendors.
Now it sounds more like the numbers I was thinking of...
Not a good idea. To me this comes under the heading of "If you outlaw it only outlaws will have it." If it's technically possible, the criminal crackers will be the first to do it; therefore we will have no secure communications. New York Times reports that:
Federal law enforcement and national security officials are preparing to ask Congress to require all services that enable communications — including encrypted message transmitters like BlackBerry, sites like Facebook and messaging software like Skype — to be technically capable of complying with a wiretap order.
The mandate would include being able to intercept and unscramble encrypted messages.
The U.S. National Science Foundation (NSF) is funding studies at more than 30 institutions across the United States in an effort to make Web surfing safer. For example, Carnegie Mellon University researchers, in collaboration with researchers at Boston University and the University of Wisconsin, are building an Internet framework to accommodate yet-to-be developed technologies. Meanwhile, a University of California, Los Angeles team is focusing on securing data no matter where it exists, instead of securing host computers. Rutgers University researchers are examining improving the security and reliability of information produced by mobile devices, instead of desktop computers. And University of Pennsylvania scientists are analyzing ways to increase the speed, availability, and security of cloud computing. "We hope to have a collaboration among the project researchers," says NSF's Darleen Fisher. Pittsburgh Tribune-Review (PA) (09/13/10) Cronin, Mike
There is a new fake Microsoft Security Essentials doing the rounds! This Microsoft Security Essentials Alert is basically a Trojan which tries to trick you into buying one of the 5 rogue anti-virus programs that it is pushing. When the fake alert pops-up, it says that a malware has detected on your computer. It will list this Trojan as Unknown Win32/Trojan and will then prompt you to clean your computer using any one of the 35 listed anti-virus programs, 30 of which are legitimate anti-virus programs and the 5 following rogues that the Trojan is distributing:
Red Cross Antivirus Peak Protection 2010 Pest Detector 4.1 Major Defense Kit AntiSpySafeguard or AntiSpy Safeguard
During this fake online scan only the 5 fake anti-virus programs listed above will state that this supposed Trojan is an infection. It does this to scare you into clicking the "Free Install" button next to them that will install the rogue program onto your computer and then reboot your computer.
Detailed instructions for Removing the Fake Microsoft Security Essentials Alert Trojan and AntiSpySafeguard are Here
Finally the companies that produce the most commonly exploited software apps are doing something that may actually help. Microsoft & Adobe are working on having Adobe Reader run in a protected mode.For more details read the full article.
Dell has released a tool for Secure Browsing based on virtual machine technology using Firefox.I would say this is a great way do do your online banking. You can download it free and give it a test drive. Full Story at Redmond Magazine
This is the latest email threat. If you get an invoice email from Buy.com delete it!
Stay tuned for more info. For now it appears the best solution is to configure a non standard IP range for your internal network, and as always set a secure default password for the Admin account. Original Ars Technica Article
TrueCrypt, my favorite disk encryption product released a major update today. Version 7 features are hardware-accelerated AES support, the ability to configure a volume to be automatically mounted, favorites organizer, and more. For more info visit TrueCrypt.org
If you have Any of these you may benefit. Follow the link for the details: http://www.zdnet.com/blog/microsoft/microsoft-rolls-out-new-software-services-for-apple-nokia-phones/6602?tag=nl.e539
A new SPAM email is making it's way to everyone's inboxes. It is faked so that it appears to be a normal facebook notification email. One easy way to tell is if you receive it to an email account that facebook doesn't know about. Also, only giving facebook one of your email addresses is a great idea if only for this reason.
Here are a few more clues:
1) It's from facebookmail.com - not facebook.com
2) If you hold your mouse over either of the long links at the bottom the real link will show up. It show's it will go to peimantarabar.com which is a really bad site.
3) Normally a facebook email will show a preview of the message. This one does not show you anything in an attempt to get you to click the link.
So, what should you do? I'm glad you asked. As with all emails that have imbedded links, NEVER CLICK THEM. You should open a new web browser and type in the URL yourself. Then in this case you would see that you don;t have this message waiting for you on facebook.
Happy & safe web surfing!
The Washington Post reports that the Pentagon's newly formed cyber command will, if faced with a cyber attack, be able to respond in kind. Lt. Gen. Keith Alexander's exact words were It is "reasonable to assume that returning fire in cyberspace" is lawful, as long as any actions comply with the laws of war. What do you think?
According to a new research paper published by Christopher Soghoian an Sid Stamm from Indiana University, that is not the case anymore. Read Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL
Djibouti was an experience worthy of writing about. It's too bad I'm not a writer. The flight to & from alone are worth thousands of words. I was at Camp Lemonnier in Djibouti, Djibouti. Yes I meant to type that twice. The US Navy Base is the headquarters for the Combined Joint Task Force - Horn of Africa (CJTF-HOA). I worked for the DoD in a Navy office with an ID card that said US Army. Go figure.
Long days, hard work, but I learned a lot and meet some great people.