It's time to remove Skype

So Microsoft has shown they are not honoring the original purpose Skype(communications encrypted from point-to-point). The patent after the purchase, and recent news from H Security have proven to me that it should be uninstalled from my machines. I will also be making the same recommendation to my clients.

For more info read H Security's article:

OR HNS's Article

WSJ says it's a "Long Wait for RSA Security Tokens"

In an article by The Wall Street Journal, Computer security firm RSA Chairman Arthur W. Coviello Jr. said the company offered to provide security monitoring or replace the SecurID tokens "for virtually every customer we have." Most Customers and the press thought that meant RSA would replace all of the physical tokens for free. Well, it looks like they are only offering that to 30% of their customers. You're not impressing anyone with this position RSA.

I recommended on the day the news of the hack broke that all my customers switch immediately. Most did. I can give you a friends name at VeriSign if anyone's interested.

Read more:

It is with great sadness that I report that Watts Humphrey has passed away.

Known as the "Father of Software Quality" Watts Humphrey, founder of the Software Process Program at the Carnegie Mellon Software Engineering Institute (SEI) and recipient of the National Medal of Technology, died Thursday at his home in Sarasota, Florida. He was 83. One of my favorite I.T. related Quotes: "The problem of software process change are often complicated by the fact that no one is responsible to make it happen. If software process improvement isn't anybody's job, it is not surprising that is doesn't get done! If it is important enough to do, however, someone must be assigned the responsibility and given the necessary resources. Until this is done, software process development will remain a nice thing to do someday, but never today." Watts Humphrey

Botnets control more than 2 million PCs in the U.S.

This seemed a little low to me until I saw the specifics: 2.15 million bot infections were detected and removed the 2nd quarter of 2010.

AND 2.16 million bot infections were detected and removed the 1st quarter or 2010.

These are just the ones found by Microsoft, and only the ones they removed. Again, this doesn't include ones they didn't remove (or didn't detect). Also it doesn't include any other vendors.

Now it sounds more like the numbers I was thinking of...

U.S. Tries to Make It Easier to Wiretap the Internet

Not a good idea. To me this comes under the heading of "If you outlaw it only outlaws will have it." If it's technically possible, the criminal crackers will be the first to do it; therefore we will have no secure communications. New York Times reports that:

Federal law enforcement and national security officials are preparing to ask  Congress to require all services that enable communications — including encrypted message transmitters like BlackBerry,  sites like Facebook and messaging software  like Skype — to be technically capable of complying with a wiretap order.

The mandate would include being able to intercept and unscramble encrypted messages.

Carnegie Mellon University Researchers Work on Web Security and Access

The U.S. National Science Foundation (NSF) is funding studies at more than 30 institutions across the United States in an effort to make Web surfing safer. For example, Carnegie Mellon University researchers, in collaboration with researchers at Boston University and the University of Wisconsin, are building an Internet framework to accommodate yet-to-be developed technologies. Meanwhile, a University of California, Los Angeles team is focusing on securing data no matter where it exists, instead of securing host computers. Rutgers University researchers are examining improving the security and reliability of information produced by mobile devices, instead of desktop computers. And University of Pennsylvania scientists are analyzing ways to increase the speed, availability, and security of cloud computing. "We hope to have a collaboration among the project researchers," says NSF's Darleen Fisher. Pittsburgh Tribune-Review (PA) (09/13/10) Cronin, Mike

Web Link

Beware of fake Microsoft Security Essentials

There is a new fake Microsoft Security Essentials doing the rounds! This Microsoft Security Essentials Alert is basically a Trojan which tries to trick you into buying one of the 5 rogue anti-virus programs that it is pushing. When the fake alert pops-up, it says that a malware has detected on your computer. It will list this Trojan as Unknown Win32/Trojan and will then prompt you to clean your computer using any one of the 35 listed anti-virus programs, 30 of which are legitimate anti-virus programs and the 5 following rogues that the Trojan is distributing:

Red Cross Antivirus Peak Protection 2010 Pest Detector 4.1 Major Defense Kit AntiSpySafeguard or AntiSpy Safeguard

During this fake online scan only the 5 fake anti-virus programs listed above will state that this supposed Trojan is an infection. It does this to scare you into clicking the "Free Install" button next to them that will install the rogue program onto your computer and then reboot your computer.

Detailed instructions for Removing the Fake Microsoft Security Essentials Alert Trojan and AntiSpySafeguard are Here