Now Make Your Own Vlog


Targeting the millions of people who blog around the world today, "Serious Magic," developer of gen-next video software and communications tools, has announced the immediate availability of Vlog It, that helps users quickly and easily add video to their blog, or create a "vlog," in minutes.

Marsk Randall, president and chief magician, "Serious Magic," said, "Text blogs have given people a great way to share their personal thoughts, opinions and news with others online. Vlog It adds a new dimension by letting bloggers share sights and sounds - instead of just text - with audiences."

With Vlog It, users can combine media-video clips, digital photos and music with narration to achieve a video.

To create a vlog, users need to drag-and-drop photos, video clips and music into Vlog It. They can also add cool TV-style transitions and sound effects. Bloggers can even go for the complete "newscaster" look, using Vlog It's live webcam recording and teleprompter to add narration. They have to then click "Publish" and drag-and-drop the video thumbnail into their blog. When visitors to the blog click on the thumbnail, the video will automatically play.

With Vlog It, "Serious Magic" says, events are tied to words and ideas instead of seconds and frames. Vlog It drastically cuts the time required to capture, edit, render, compress and upload video, making it a radically easier and faster way to share video on the Web.

Vlog It introduces consumers to the vlog-creation process with a three-step Wizard, so novices can access a variety of newscast-style themes. Each theme includes coordinated graphics, titles, lower-third graphics, backgrounds and music so videos look as if they were created inside a television newsroom. Experienced users can go directly into the advanced interface for greater control and more options.

For those that wish to appear on camera, Vlog It takes live input from standard webcams and camcorders. To put themselves on camera, users need to simply place their camera on their computer monitor and plug it into their PC. When reading their text blog from Vlog It's on-screen teleprompter, it appears the user is looking directly at the camera while they are reading.

Vlog It also offers the ability to replace a background with an image or video. This is useful for the blogger wishing to appear "on location," such as in front of the White House discussing political views, or in an actual newsroom commenting on the day's events. To utilize this feature, users place any green or blue fabric behind them or purchase a green screen backdrop from Serious Magic's Web store.

"Because Vlog It lets people make their own online videos quickly and easily, we expect bloggers to create personalized mini documentaries, video diaries, news shows, reality-TV shows - and even entirely new show formats that they'll conceive to express themselves and share their world with others," said Randall.

Vlog It is now available via electronic download or CD at www.seriousmagic.com and through resellers for $49.95.

Microsoft Plans Six Versions of Vista



Microsoft has announced the product lineup of its upcoming Windows Vista operating system.

Scheduled for release later this year, the Microsoft Windows Vista product lineup consists of six versions, two for businesses, three for consumers, and one for emerging markets: Windows Vista Business, Windows Vista Enterprise, Windows Vista Home Basic, Windows Vista Home Premium, Windows Vista Ultimate and Windows Vista Starter.

The number of offerings is the same as the number of offerings currently available for Windows XP. More important, the lineup is designed to deliver to a broad range of customers - home PC users, small and medium-sized businesses and the largest enterprises - and is aimed at bringing 64-bit, Media Center and Tablet PC functionality into the mainstream.

Mike Sievert, corporate vice president - windows product management and marketing, Microsoft, said, "We live in a digital world that is filled with more information, more things to do and more ways to communicate with others than ever. The PC needs to give people the clarity and confidence to handle this 'world of more' so they can focus on what's most important to them. With our Windows Vista product line, we've streamlined and tailored our product lineup to provide what our customers want for today's computing needs."

Consumers can choose from three versions that deliver exciting new experiences for the home PC user - Windows Vista Home Basic, Windows Vista Home Premium and Windows Vista Ultimate.

For consumers who want to simply use the PC to browse the Internet, correspond with friends and family through e-mail, or perform basic document creation and editing tasks, Windows Vista Home Basic promises to deliver a safer, more reliable and more productive computing environment. It will provide new tools and technologies for making the PC more secure and enjoyable, including features such as a new Search Explorer, Sidebar and Parental Controls.

Windows Vista Home Premium will help consumers use mobile or desktop PC functionality more effectively while enabling the enjoyment of new, exciting, digital entertainment experiences. It includes everything in Windows Vista Home Basic. Windows Vista Home Premium integrates search throughout the operating system, helping customers organize and find large collections of documents, pictures, movies, videos and music. Windows Media Center capabilities turn the PC into an all-in-one home entertainment center. Consumers can use Media Center to record and watch TV shows (even high-definition TV), and access new kinds of online entertainment content. It also provides the ability to connect Windows Vista Home Premium to Xbox 360, extending the Media Center experience to multiple rooms in the home.
Windows Tablet PC technology, which enables interaction with the PC with a digital pen or fingertip instead of a keyboard, is also available in this edition of Windows Vista. Integrated DVD burning and authoring allows users to seamlessly burn personal videos, photos and files to video or data DVDs.

Microsoft is touting Windows Vista Ultimate as the edition of Windows Vista that has it all. It is the first operating system that brings together all the entertainment features, mobility features and business-oriented features available in Windows Vista.

All new versions are available for either 32-bit or 64-bit systems, depending on the needs of the customer.

Microsoft also will offer Windows Vista Starter in emerging markets. Windows Vista Starter, according to Microsoft, is designed to empower families and entry-level PC users in these markets to experience the world of social and educational benefits that personal computer technology and the Internet makes possible. A 32-bit operating system designed specifically for lower-cost computers, Windows Vista Starter enables popular beginner PC activities and provides an easy-to-use and more affordable entry point to the Windows Vista family of products.

Al Gillen, research director - system software, IDC, said, "Windows Vista is going to be a significant release for all Windows customers - including enterprises, small and medium-sized businesses, as well as consumers. Microsoft's strategy to address different customer segments with versions of Windows Vista optimized for their needs should be well received by these diverse user segments."

All versions of Windows Vista are scheduled to be broadly available in the second half of 2006.

Kamasutra Virus Strikes:

Sex sells and the new internet worm (Nyxem-E) nick-named the "Kama Sutra worm" because it spreads under the guise of pornographic content, has leap-frogged lesser viruses reaching top-spot on world virus charts.

Nyxem-E aka Kama Sutra is a mass-mailing worm which attempts to disable security-related and file-sharing software and destroys files of certain types. When run on a Windows PC, the worm copies itself to shared network locations, and sends itself to e-mail addresses found on the target computer. Nyxem-E, according to F-Secure, is programmed to disable anti-virus and firewall software, and delete certain files including Office documents, on the third day of every month.

The Kama Sutra worm arrives as an e-mail attachment, with different subject lines including "School girl fantasies gone bad," "The Best Videoclip Ever," "A Great Video," "give me a kiss," "Fwd: Photo," "Fw: Sexy," "You Must View This Videoclip!" "Miss Lebanon 2006," etc. The text differs; it may include references to the Kama Sutra - the ancient Sanskrit book on sex and related matters.

F-Secure has reported a steady stream of Nyxem worms from all over the world, and has said that at last call the worm showed 510,000 infected systems.

Graham Cluley, senior technology consultant, Sophos, said that the Kama Sutra worm uses a dated technique to entice users by promising pornography, and that the worm lacks the sophistication of recent Trojan horse-style viruses.

Security experts have advised users to keep their anti-virus software up-to-date, and be wary whilst opening e-mail attachments.

Kama Sutra Virus Causes Little: Damage

The worm, known as "Blackmal" and "Kama Sutra," hides inside email attachments and contains a time-activated payload due to execute on the third day of each month, first occurring on Friday.

Once activated, the worm will try to spread itself, attempt to stop anti-worm software from running and try to delete all Word, Excel, PowerPoint and PDF file types from an infected PC.

Rather than disabling up to 500,000 PCs that were expected to be infected, the virus had hit only a few thousand computers by midday in continental Europe, mostly from individual consumers, according to several computer security firms.

Advance warnings by virus security firms and enterprises to their customers and employees appeared to have worked.

"This is certainly not a disaster," said technical consultant Graham Cluley at British virus fighter firm Sophos.

Rival security software firm Symantec confirmed "the worm is not spreading wildly and infections are relatively low."

The virus is also known as "Nyxem," "MyWife," and "Tearec."

New PS3 details emerge

When it comes to online console gaming, Microsoft has clearly led the way in recent years - let's face it, Xbox Live is a far superior service to Sony's, er, what's it called again?

But Sony is determined to change all that with its next-generation console, according to the latest issue of US magazine PSM. Scans of an article posted on the PlayStation.com forum (sorry, no link - it's the law, you know) reveal that Sony is hoping to "go way beyond mimicking Xbox Live" with an all-singing, all-dancing online service. And that's not all - some very interesting details regarding the PS3's multimedia capabilities have been revealed, too.

Apparently the new online service, titled PlayStation Network, won't just offer matchmaking and ranking lists. You can expect an iTunes-type store that lets you download films and music, and you'll be able to use the console as a Location Free Player. Which means you'll be able to upload stuff from your PS3 onto your PSP, and watch Blu-Ray and DVD movies on your handheld.
Advertisement

Rather excitingly, the PS3 will act as a digital video recorder, so you can digitally store all your favourite telly programmes just like with Sky+ and TiVo. Plus, you'll have the option to control the DVR function using your PSP.

As previously announced, the PS3 will play Blu-Ray discs, but apparently that shouldn't push up the price too much. It seems the Cell and RSX can take care of things for the most part, so you won't be paying what you would for a standalone Blu-Ray player on top of your basic console price. Whatever that may be, of course...

Other snippets include news that the final PS3 dev kit is running faster than was initially predicted, and that there are loads of games currently in development for the console which have yet to be announced - "many more than people realise." Plus we're told that the PS3 will get regular firmware functionality updates, just like the PSP.

The question still remains as to when we can expect Sony's new baby to arrive. According to PSM, US developers are being told to prepare for a "fall" release - which, if past history is anything to go by, translates into European as "Some time before summer next year, if you're lucky."

So just how much of the PSM article is accurate? Who knows - looks like we'll just have to wait and see what they come up with at E3...

SOME SCREENSHOTS:
POSSESSION

KILLZONE 2:

New 3D Graphics Card Features in 2006

Introduction

Without special effects, the 3D environment and textures are portrayed as being crystal clear.


Shader effects on water surfaces become astounding with DirectX 8. One of the earliest graphics cards to attempt to make use of them were the Geforce 4 and Radeon 9600 in the game Morrowind. For the first time, the water realistically reflected the 3D landscapes in the waves. Even better, the effects on the water were there to admire throughout the entire game. Running or swimming through water even created displacement, causing waves on the reflective surface.

After this, however, the paths of shader versions diverged. NVIDIA stayed with Version 2, while ATI upgraded its new graphics boards to support PixelShader 2.1. Since the introduction of Geforce 6, DirectX 9 effects with the PixelShader 3 have become mainstream. The new richness was first seen in the game Splinter Cell 3 - Chaos Theory.


The latest graphics chips from ATI and NVIDIA now ensure adequate 3D performance, permitting smooth enjoyment of the graphics quality they provide. The Radeon X1000 series and the Geforce 7 now come complete with PixelShader Version 3 support, and form the basis of a new generation of graphics capabilities. From now on, terms like parallax mapping and HDR rendering will be part of the 3D vocabulary. The obvious improvements in the new shader are found in light and shadows, optical distortions, and reflective or animated surfaces. Here are some examples of current graphics effects.

"Bullet time", as the slow-motion function in PC games is known, produces environmental time-based distortions. Bullet time first made its appearance in the film "The Matrix". The trajectories of single pistol bullets were visualized in the form of small shockwaves. On PCs, the effect made its debut in the game Max Payne. Among the latest games, F.E.A.R. creates a rush of adrenalin by optically distorting the range of vision.
"Bullet time", as the slow-motion function in PC games is known, produces environmental time-based distortions. Bullet time first made its appearance in the film "The Matrix". The trajectories of single pistol bullets were visualized in the form of small shockwaves. On PCs, the effect made its debut in the game Max Payne. Among the latest games, F.E.A.R. creates a rush of adrenalin by optically distorting the range of vision.


The shockwave produced by a grenade is visualized in F.E.A.R. by an optical distortion bubble.

Passwords - Common Attacks and Possible Solutions

While the majority of organizations and almost 99% of the home users still rely heavily on passwords as a basic form of authentication to sensitive and personal resources, the insecure maintenance, creation, and network transfer could open the front door of any organization or personal asset to a malicious attacker.

Management staff with outdated mode of thinking still believe that passwords are the most essential, user-friendly way to identify a user on their network or database, while the fact is that users are frustrated with the fact that they need to change their password, that they need to create a "secure" password, or follow instructions on how to keep it as secret as possible. The results are a large number of crackable passwords, the same passwords on multiple systems, and "post it" notes with passwords even including login names.

On any given system, certain users have privileges that the others don''t and shouldn''t even have. By identifying yourself on your computer or any given web site, you are granted with access to your work environment and personal data, data which you define as sensitive and data you wouldn''t want to make public, the way a company doesn''t want to give a competitor an access to its intranet, for instance. Abusive scenarios posed by exposing accounting data are:

* Identity theft

Identity theft might occur once your accounting data is somehow known to another person using it to impersonate you in order to get hold of you digital identity. This might result in both financial damages, as well as personal ones.

* Sensitive data exposure

The content of your e-mail correspondence, personal projects, documents and photos, could be exposed to a malicious hacker or someone targeting especially you as an individual.

* Company data exposure

Unethical intelligence by getting sensitive confidential internal information through a badly maintained and kept accounting data would have an enormous impact on the company you''re working for. I doubt you would like to be the one who exposed the next 6 months'' marketing and advertising plans to a competitor.

* Involvement in criminal activities

The use of your account could be used in various criminal activities if not well maintained and kept secret. Remember the trace leads back to your account.
The Most Common Password Exposure Scenarios

* Physical security breach

A physical breach of your computer will completely bypass even the most sophisticated authentication methods, even the most secure encryption ones. A keylogger, both software and hardware might be installed, your secret PGP key might as well be exposed, thus all your accounting and encrypted data will be compromised. It doesn''t matter how long, or secure your password is as physical security breaches are one of the most critical ones.

* Unintentionally shared

A user might share his/her accounting data without even realizing that by exposing it at the risk of a potential break-in nincreases. A password is usually shared with friends, bosses, family under different circumstances. A "benefit" considered by some users is the convenience for two persons or more, to know certain accounting data in order to gain access to a certain resource. Passwords might also be shared in an informal talk with coworkers discussing the latest company''s password policy, or the way they choose their passwords, how they maintain them and in some cases how the management will never find out about their thought to be secret ways of storing the accounting data. One of the most critical and easy to conduct ways of obtaining sensitive data is simply to ask for it, both in a direct or an indirect way, which is what social engineering is all about.

* Cracked

Sometimes in case of a partial break-in, the encrypted password file of a company might be exposed to a malicious attacker. If it happens, the attacker will start password cracking the file, namely trying all the possible combinations with the idea to find the weakest passwords and gain privileges later on. In case the company is aware that its passwords'' file has been compromised, it should immediately notify all employees to change their passwords, so even if weak passwords are exposed, they wouldn''t be valid ones anymore. However, if the company is not aware of its password file exposure, it should constantly try to crack its password file just like an attacker would do and filter out the weakest passwords.

* Sniffed

Are you aware how many employees are accessing sensitive data through their already breached computer or their friend''s one? Having strong password doesn''t guarantee its integrity when it''s not securely transmitted over the Internet. Don''t give your employees the ability to choose between plain text or SSL authentication; instead, enforce all network communications in encrypted mode. Another highly recommended option would be to provide everyone with "last login from.." feature, so that in case they notice an unauthorized login, they would report it right away.

* Guessed

A large number of users are tricking the established password policies by somehow creating a believed to be strong, while weak or common sense password. Although nowadays this method is rarely used compared to the ones we''ve already discussed above, it should be kept in mind that certain users are still choosing passwords based on objects or brands around their desk.
The Most Common Password Maintenance Mistakes

* Auto fill feature

The majority of applications will allow you to remember your passwords and accounting data, but unless you''re sure that the computer is reasonably protected from possible physical security breaches, you''re strongly advised not to have your passwords remembered in this way. Make sure this option is not used at public access places like netcafes'' etc.

* "Post it" notes

Passwords are often written down and even worse, posted next to the monitor or around the desk. This could easily be observed by malicious attackers or insiders, so avoid it.

* "The secret place"

A lot of people believe they have found the secret place under the keyboard or anywhere around the desk, which is very unacceptable considered the fact that if observed enough, they would reveal their believed to be secret place, get distracted and have their accounting data leaked out. Even so, a large number of people keep certain accounting data on papers, PDAs etc.,so a possible strategy until they remember their accounting data and get rid of the note they keep with them all the time would be the following; have at lest 6/7 different and fake passwords around the real one, you might even cross a couple of them, even the actual one. This would be very beneficial keeping in mind that hopefully two/three false logins will lock the account, and in case your note gets exposed, it would be still a matter of luck for the attacker to use the right one. Although this method provides no guarantees, and is not recommended at all, it is a very short solution to remember your password and get rid of your note right away!
How to Choose a Secure Password

Choosing secure passwords consists of knowing what their insecurities are, how passwords are cracked and what''s behind the "at least 8 characters long, consisting of lower and capital letters, special characters and a number" requirement. Basically, the shorter the password, the more opportunities for observing, guessing and cracking it. A password cracker would try to guess all the possible combinations of letters, numbers and characters until he/she finds the right one. Given the number of letters in the alphabet and the amount of numbers(0/9), the second, namely a numbers'' based password, will give the attacker less opportunities to crack. Another commonly used technique is the use of a dictionary file against the encrypted passwords database, so that the weakest and most obvious passwords in terms of words listed in a dictionary will get exposed; this is why a longer password consisting of letters, numbers and characters would make it a little bit time consuming for an attacker attempting to crack the stolen passwords file. Whenever you create a password, consider the following:

* make it at least 7 characters long, combination between small and capital letters, at least one number and special character like !@#$%^*()_+
* do not simply use a dictionary word or a logical sequence of characters like aaa555ccc, 1234567890 etc.
* try not to use a password you have already used on another system, ignore have the same password on all assets you have access to at any cost

A combination of the following strong, yet easy to remember passwords techniques you may use are:

* choose a dictionary word like success, then reverse it sseccus
* add numbers in front or at the end of it 146sseccus or sseccus953
* consider adding at least one special character like !@#$%^&*()_+ anywhere
* the use of at least one capital letter would increase the crackable possibilities even more
* replace certain characters with numbers that you associate with them, security would be s3cur1ty where e stands for 3 and i stands for 1
* separate each letter with a number, security would be s1c3u2r4i6t5y

How to Remember Passwords

Remembering several passwords for different assets is a huge problem for the majority of users.That''s why they either ignore remembering, thus writing them down, or create weak, but easy to remember passwords. Whereas, remembering passwords might not be such a difficult task if the majority of users stop thinking of them as a combination of bulk characters, but as a way to identify themselves the way the do when taking money from a cash machine. In this case, it''s all their company''s and personal data they should try to protect.

* Associate them

Association plays an important role in the memorizing process. Given a certain period of time, someone can teach you Japanese if he/she finds out the way you memorize and, most importantly, associate things. Visualization of the password is another important aspect of memorizing it, and within a short period of time you would be entering it even without thinking what you''re entering - a temporary habit, given the fact that the majority of organizations require constant password change.

* Explain them to yourself

For instance the password Y13#tiruceC basically represents the word security backwards, where the first and the last letters are capital, and the first capital letter is followed by your best friend''s birth date, plus a special character. Instead of representing a bulk of characters like it used to be, now your password is your own encrypted language.
Possible Solutions

When enforcing authentication methods on both network and security policy levels, the majority of users proved to be unreliable in storing and creating strong passwords. The service desk is often too busy to handle "forgotten passwords" requests, and unless the company doesn''t undertake a passwords awareness initiative, the problem will continue to grow.

Passphrases

Passphrases were thought with the idea to be easier to remember, but virtually impossible to crack. The majority of encryption softwares require you to use a passphrase for your private key instead of a password. Passphrases are usually something that you always remember, either a quote, favorite sentence and a combination of both numbers and special characters. Although virtually impossible to crack due to their length, both passwords and passphrases can be logged through the use of a keylogger, or sniffed if transmitted over plain text communication channel.

Biometrics

Biometrics is the next generation of authentication methods. Although it''s still in its early implementation period due to the associated costs, and sometimes the number of false results, biometrics will change the way we authenticate ourselves, hopefully with 99% accuracy. Simply, biometrics cannot be stolen, cannot be forgotten, neither can they be given to another person. Biometrics systems may include fingerprint systems, voice recognition systems, Eye/Retina scanner systems, hand geometry systems and handwriting systems.



Passwords - Common Attacks and Possible Solutions

Public Key Infrastructure(PKI)

Public Key Infrastructure(PKI) functions give entities, namely employees or servers the ability to communicate, authenticate, sign and verify identities by creating digital certificates, each of which containing private and public keys. The public key is available to anyone wanting to exchange data with the entity and the private key is the only way for the entity to decrypt,or identify itself properly. PKI is very useful when communicating over insecure networks like the Internet and both on the internal servers.

Although passwords will continue to represent the most common authentication method for a long time to go, companies and users that have already realized their weaknesses are slowly switching to other possible alternatives. Encryption will be the next big thing for the majority of small and middle size companies as well as the adoption of various biometrics methods.

Malware - It's Getting Worse




Latest Malicious Code Events

Yet another worm is in the wild. As usual the media quickly picked up the story and turned it into another "ILOVEYOU" industry. But why do I use the word industry? Basically, because such large scale security implications for the Internet usually create a "marketing window" opened for security companies and anti-virus vendors who quickly start capitalizing on them by placing sponsored links or offering clean-up tools on their web sites, and as long as information and removal tools are free for an accident like this, there's nothing wrong with that. But there's something else to consider, it keeps happening again and again, and still nothing changes. The scenario repeats itself, over and over again; another worm is in the wild, exploiting a recently discovered vulnerability in a popular software, or relying on nothing more than peoples' naivety. The recent MyDoom Worm successfully infected enough victims in order to shut down SCO's web site, followed by new variants that targeted Microsoft's web site. This paper isn't intended to discuss the motives of the author, instead it will help you understand how worms enter your network, how you can block them before they even reach your internal network, and how to act in case they get in.
Why it's getting worse?

Sense of anonymity

A couple of years ago the Internet was quite an anonymous environment, even the novice Internet user knows that once connected he/she can send anonymous e-mails, chat or visit web sites without having to worry about his/her privacy. Malware authors are believed to be advanced computer users, and with minor exceptions they're aware of how the Internet works, thus they believe they can be anonymous while doing their job. What motivates them the most is the lack of cooperation, even understanding between law enforcement officials and the ISPs worldwide. Another factor that deserves serious attention is the lack of computer crime laws in the author's home country, no matter what you do, you won't get busted. Out of my personal observations of such countries, I can say that malware authors or hackers try to maintain a balance and preserve this situation for as long as possible by not damaging or attacking their country's computer networks, although they're aware that laws are going to be implemented sooner or later. All of these and many other factors only contribute to the increasing number of malware authors around the world.

Increasing "How To Hack" resources

The Internet can't be controlled, but it can be proactively monitored. During the past two years, a large number of countries joined the Internet (and more are expected to join), which soon they'll start creating local hacking scenes, papers on how to hack and how to code a virii/worm. It's part of the Internet and no matter how scary it may sound to the novice Internet user, this information is out there for free. You can't stop its dissemination, but you can monitor where it starts to disseminate from. Does the originating country has computer crime laws etc.?
How do worms hit your network?

E-mail

The majority of Internet Worms spread through the Internet's most popular (and most abused) communication service - the e-mail. The company's e-mail is one of the first entry points for malicious software and social engineering attacks, so its security should be reasonably discussed.

You're strongly advised to keep the confidentiality of your company's e-mails as protected as possible, thus you'll significantly limit the amount of malware entering your network. Establish an e-mail policy pointing out that the company's e-mail, should be used for business purposes only, not for personal use, it should not be used for posting in USENET groups and forums. You might also regularly search the Internet for exposed company's e-mails, or hire a company to do this.

Instant Messaging Software

Are such programs allowed on your network? Then they represent a threat to your entire anti-malware strategy, because they only go through the desktop's anti-virus software, let's not mention the level of trust established between the staff member and the other party, it's much different than the one established through e-mails. If such software is allowed, receiving attachments of any type should be forbidden. But honestly, does the use of Instant Messaging Software making your staff more productive?

Peer-to-Peer Networks

Extremely dangerous in the hands of an inexperienced staff member due to the fact that the majority of worms spread on such networks as well. Block the installation and use of such programs because they're in no way going to do any good for your company, but waste time and bandwidth.

Hostile Code at the Desktop

Once a malware reaches the desktop, it should have successfully passed all the previously discussed protection measures. Now it's up to the staff member's vigilance and awareness. HTML, JavaScript and ActiveX should be disabled in the user's client, thus limiting the execution of hostile code. All e-mails should be read in "Offline" mode as well.

Content Filtering

A large number of attachments that are dangerous and unrelated to any of your business functions can be blocked at the server level. Who needs to receive .exe .com .bat or .vbs from a fake e-mail, an e-mail that doesn�t' even resolve properly? Blocking a worm that's spreading in the wild, can be done by matching the MIME encoded attachment for the most popular extensions. These are often provided by anti-virus vendors, or system administrators can analyze received messages to accomplish the task.

How spyware & adware programs threaten network security & performance




Homogenous environments are dangerous because they are easy to predict. As time goes on programmers find creative ways to collate useful data that can reflect patterns about the user and the way the user interacts with his/her machine. Where the user clicks and where the mouse hovers most of the time becomes a strong statistical point that analytical programmers may use. This information may be used to increase sales by means of placing the banners in the area where the mouse pointer may hover the most. This information can even be profiled customizing the webpage so that when you specifically browse the webpage the banner is placed where your mouse pointer sends its most time. More personalized data has started to be transmitted and this is what needs to be publicized and known. Spyware and adware are small unnoticeable windows based applications that transmit data to vendors about habits and personal information that is stored on your local machine. The whole problem with spyware is that data is collected and transmitted to the vendor or 3rd party without the users knowledge. The data is typically sent back to the vendor in a spare channel or related port to make it look less conspicuous and to avoid detection and being blocked by firewalls. The information that is transmitted belongs to the organization where from it originates. If searched for on the internet a list of spyware can quickly be put together for policy purposes.

Spyware is software that records keystrokes; this includes passwords, confidential and private information. This software can be installed by the user deliberately or by an internet based vendor. The internet vendor traditionally only records historical data, comprising of habits and mouse co-ordinates. User installed spyware is normally software that monitors other users using the same machine, or can be used by companies to monitor conspicuous employees. The spyware that this document will focus on will be aimed at the type installed by the user unknowingly by using freeware or shareware. The collected information can be stored on the user�s hard drive for inspection by the spy at a later stage.

Adware is an application that is funded by the adverts it supports and displays, the application has an area where continuous adverts are shown to the user. The user benefits by the free services supplied and the sponsors benefit from user hits. However information that is transacted is not only advertising information but information that has no relation to the advert. Information like how the user browses the internet has been found to be transacted. Most adware works on user profile data principle reporting data that can be used for statistical commerce use. Most of these applications are not only resource intensive but also consume bandwidth costing the organization money. So that free application that has been downloaded to download shared mp3 files is not only illegal but also costs the organization money in bandwidth and time spent online terms.
Where do these programs come from?



Developers have creative ways of enticing users and persuade them to download and install their software. The common selling point is freeware this type of software is produced and supplied free of charge without requiring a licenses. An example of this would be a very popular mp3 downloading utility. These utilities have adware packages attached to them and may also have spyware lurking in the installation code as well. Some software has hidden viruses and Trojan horses installed that also get distributed when you install such software. Cookies can be classified as spyware as confidential data can be read by 3rd party websites with normal scripting technology available to millions of people on the internet. Ever wondered how when you visit a web mall it is fascinating how they always have something that you have been searching in search engines on the net. Well that�s done in cookies, or specific user data that has been recorded about you. Ever wondered how those banner ads keep referring to things that interest you? These organizations may sell this statistical data. Furthermore they are not obliged in anyway to keep your personal activities confidential. Does this concern you or your organization? It should. Data is not dangerous if it is not used to your disadvantage but by having specific habits analyzed and choreographed it becomes less of a challenge when marketing something to someone. This puts the vendor at an unfair advantage that was gained without knowledge of the user or organization.
Protection

1. Only install reputable software form reputable vendors.
2. Keep your antivirus software up-to-date and ensure that spyware and adware applications have been added to virus list.
3. Check your network sniffer regularly for any strange traffic occurrences and check this traffic for conspicuous traffic that streams form a machine without user activity. (A good time to investigate this will be at a time when your users are not using the network.
4. Install good intrusion detection systems these systems counter Trojans and other foul play that may be taking place and market leaders are starting to include adware and spyware activity as part of their pattern file interception mechanism. Spyware servers often attempt to contact the slave machine to instruct commands.
5. Disable cookies, Cookies are contentious and full of user info that takes up storage on companies machine and serve 3rd party organizations more benefit than they serve the user.

Applications like Ad-Aware have been developed to scan your computer hard drive and find known spyware. After this application is run on your machine you will find that there are a multitude of applications that invade your system. Companies like Aureate, Cydoor, New.Net. and gator have these applications bundled with freeware and this is the way they disseminate much like a fruit tree uses birds to disperse the seed. Please note that there are over 800 known spyware applications and in time this can slow your organizations bandwidth down by a significant amount. By visiting www.infoforce.qc.ca/spyware/enknownlistfrm.html you will be able to check the latest list of latest and known spyware. These spyware and adware locators list and give you the opportunity of deleting the offensive software. Some of the applications run real time and will alert you to the fact that adware or spyware is attempting to install itself. Please note that some companies produce the problem and the solution when it comes to spyware. Lookup broadcast utility in a search engine and you will find some links that give you a better idea of what may be happening.

Please note that after running the adware/spyware removal utilities if you chose to delete the adware/spyware in most cases you will lose the functionality of the freeware as the advert Dll files are combined with the application. There are ways to overcome this, one effective way is changing your hosts file to point to your own IP address this points the spyware application to itself and no data is sent out and your freeware still works. An application that can do this for you is Silencer.

There are organizations actively studying spyware and adware activity. Emulation systems have been designed that emulate the spyware/adware server and the applications have been found to respond and exchange data and receive commands from the central server. This bandwidth consumption is at the organizations expense and is divulgence of private data and will cost the organization the value of the bandwidth used. If you have a network of 1000 users and 80% of them have the software installed if each machine only transmits a few kilobytes a day you will be looking at a significant performance loss, if there is more than one spyware/adware application on each machine now you can begin to see why it becomes a mammoth problem.

The latest trend is that companies that produce adware have now started alerting users to the fact that they will be reported on and that they can either opt in and install the adware or opt out and not install the adware and in some cases that will also not allow the installation of the freeware. The issue with this is that a person wanting to download a file off the internet will install this application very quickly without reading the agreement in most cases, if they read the agreement they do not clearly understand that by installing this free software will mean that in fact it is not free and that the payment is in information and in bandwidth. Who is to say that the company is indeed disclosing exactly what the software will be reporting on and how can a normal user trust this company? How do we know that the company is in-fact not gathering locally stored sensitive information and transmitting it unencrypted over the internet? It has been found that some applications once installed function even if the freeware is not in use, consuming bandwidth without user benefit.

Antivirus vendors are researching and implementing pattern files that look for adware on the initial scan and then report if there is an attempted installation of the software. Virus software normally flags adware and spyware as Trojan viruses. Further more the firewall installed linking the machines to the network should be setup to block open net transitions and it is important that you do not socksify the connection as this will enable a spyware/adware application to bypass the firewall blocking mechanisms. Set your network sniffers to look at any communication that is on non standard ports and then trace the IP address. If you find that it belongs to a spyware vendor that appears on the spyware/adware lists remove that application from the machine if you feel that you need to. If privacy is a big thing to the organization it is recommended that any conspicuous software be removed.

On the internet many free applications are released daily, it would be in the interest of the organization that any new application installed goes through a stringent test and authorized for use. Make a list of the applications and the process allowed on the machine and if other applications are run ensure that it is reported and that these applications get removed. It is in no ones best interest that your privacy be compromised. Instead choose an application that that does not use the adware/spyware principle. It is good practice to remove any software that transmits any personal information unencrypted and without user consent. Some organizations incorporate this statement into their security strategy for user protection.
Web browsers are at risk.

Where does it stop you ask? It doesn�t! Some web browsers like IE are affected by web applications that can load by merely visiting a website. When visiting a website with a non mainstream web browsers like Mozilla yu may find that a script will not load and functionality is lost, even though the browser is compatible will all internet browsing standards. What is happening here? Well some companies load applications onto your machine without you knowing about it. These applications load themselves onto your local machine and typically report on topics of interest and habits that a user may have via http only when you are browsing making them very difficult to detect. Recommendation: set our browser security settings to high. By doing this you gain security and lose some functionality but privacy is worth more than functionality to some.

Risk of Trojan infection.

Some applications have been found to contain Trojans that could be used as backdoors into networks. These applications were quickly distributed and it was found that thousands of users had these applications installed within corporate networks. W32.DlDer.Trojan was one such Trojan and it was found to be bundled with a very popular entertainment application. Once it was found that this Trojan was distributed the company was confronted. By this time it was stated that it would not be in the newer version and that the older version was not being distributed any longer. This scenario displays how the company gathered information anyway and then was not bought to task as it quickly stopped distribution after being discovered. Recommendation: keep your antivirus software up to date and do not install un-trusted, un-known software.
Website resources

http://www.spywareguide.com/ is a good website that takes you in the world of Spy vs spy. This is a game for the most updated players and if you are not a step ahead you are loosing, it is in your interest to keep abreast of the latest adware and spyware threats. There are some basic symptoms that a machine is infected with a piece of spyware or covert adware, these symptoms are listed below.

1. Look for sluggish performance.
2. Frequent machine restarts caused by memory leaks, this is caused by badly written software that very often results in being spyware.
3. System is stalling and exception errors reporting unknown exe�s. This is also attributed to badly written software.
4. Screen flicker this is a sign or screen scrapping.
5. Mouse stutter and gibberish response this is sign of resource hungry adware.
6. Observe your machines paging activities and how much paging happens when the machine is idle.
7. Be aware that warez sites and other unscrupulous websites are known to contain malicious spy and hackware.

How Computers Are Destroying Your Eyes


Computer Vision Syndrome on the rise.

so, How Do Your Eyes Feel?

The 2001 U.S. Census Report stated that over 98 million American workers spend time at a computer every day. Both the American Optometric Association (AOA) and the National Institute of Occupational Safety and Health report that a full 90 percent of workers who use computers with CRTs will experience eye strain and vision problems. They suffer from Computer Vision Syndrome (CVS), which is characterized by eye fatigue, blurred vision, dry eyes, and headaches. The AOA reports that over 10 million patients a year schedule eye exams due to computer-related vision problems, and that correcting such problems can cost employers, health plans and workers a combined $2 billion a year. A Cornell University survey showed that eyestrain is the number one physical complaint of office workers. The AOA reports that CVS now holds the distinction of being “the number one occupational hazard of the 21st century.”

The Eyes Lead The Body To Pain

When vision is impaired, other functions will also be adversely affected. People who have problems focusing frequently hunch over to see better and therefore CVS is often accompanied by neck, back and shoulder pain. And for those who spend more than three hours a day at their computers, these symptoms are precursors of more far-reaching problems of low morale and decreased productivity. Laboratory studies cited in articles appearing in the Journal of the American Optometric Association indicate that with even smaller amounts of visual degradation productivity is decreases anywhere from 4 to 9 percent, costing businesses money. On a $40,000 salary these losses can be as high as $3,600.

CRT Flickering Punishing To Your Eyes

How do CRTs cause CVS? The CRT screen is a very different visual environment from the printed page. Made up of tiny dots or "pixels," the computer screen is difficult for the eyes to focus on steadily. There is a “halo” effect wherein the beam of light from the cathode ray tube bleeds around the pixels creating a slightly fuzzy image. Poor definition of these images, compared with the clarity of a printed page, causes the eyes to work harder. This forces the eye muscles to refocus continuously, subconsciously while we look at the computer screen. In addition, each time the CRT refreshes – hundreds of times per second – it flickers, causing further eye strain. All of this amounts to thousands of strenuous focusing cycles in a typical workday.

Flat Panel Monitors To The Rescue

In offices across the world, bulky old flickering CRTs are being replaced with new sleek Flat Panel Monitors (FPM) with liquid crystal displays (LCD). These new monitors are not only great looking; they are a great improvement for your eyesight. The benefits of new flat panel monitors with LCD screens include:

* There is no screen flicker with flat panel technology, minimizing eye strain.
* FPMs have a polarizing filter which sharpens the contrast behind the transistors or pixels, eliminating the “halo” effect.
* FPMs minimize glare, greatly improving legibility under any kind of light.
* The new technology creates significantly higher brightness, color, and contrast ratios that improve resolution to create crisp images and text.
* Unlike curved CRT screens, FPMs produce minimal distortion.

Benefits Are Greater With Monitor Arms

As good as a flat panel monitor is over a CRT, it is still limited when it is sitting on the work surface in a fixed position. However, when mounted on an articulating the monitor can be ergonomically adjusted to the correct focal distance and axis of vision. There are monitor arms with up to five axis position adjustment and pneumatic counterbalance so the height, depth, and tilt angle can be easily adjusted as desired. It’s easy to see why a flat panel monitor mounted on an arm creates the perfect new ergonomic tool for your work station and your eyes.

Police Shut Down P2P Server


In a major crackdown on peer-to-peer (P2P) networks that circulate illegal material on the Internet, joint raids by police in Switzerland and Belgium have shut down the Razorback2 server - a popular server of the eDonkey file-sharing network.

The police arrested Razorback2's Swiss owner, and seized Razorback2 machines from a Brussels-based Internet hosting firm.

The Motion Pictures Association of America (MPAA) said in a statement, that the Razorback2 was one of the largest of the 200-odd index servers on the eDonkey P2P network, and that it held eDonkey's most widely used indexes of pirated movies, games, TV programs, music tracks and software.

Unlike several other file-sharing servers, Razorback2 was run as a business and generated cash for its owners via advertising and donations.

Earlier raids have shut down eDonkey's most popular servers in the US. Commenting on the latest raid, Dan Glickman, chairman, MPAA, said that this is a major victory in MPAA's fight to cut-off the supply of illegal materials being circulated on the internet via P2P networks.

All said and done in a scenario wherein studies find eDonkey becoming increasingly popular - especially in countries like South Korea, Italy, Germany and Spain, it is not clear as to how the shutdown of Razorback2 will affect the overall filesharing figures.

Typically it is observed that file-sharers simply switch to other networks such as BitTorrent, Usenet, etc, following such raids and shutdowns.

The history of hacking and the computer underground

As is always the case, it is important to understand the history of hacking in order to understand the present and the future. Modern hacker culture came about as the result of the combination of two separate movements. First, the term hacker in its present sense surfaced at MIT in the late 1950’s into the 1960’s in which it originally referred to students who built model train switching and power systems. They invented their own words and a “hack” was a feat that must be imbued with innovation, style, and technical virtuosity. Thus hackers were some of the more productive people on the team. These same students who were interested in the electronics of model railroading, soon turned their attention to programming computers. Not long after, the students were using the term hacker in conjunction with computers. A new subculture soon sprang up with its own Hacker Ethic: “Access to computers and anything which might teach you something about the way the world works should be unlimited and total. Always yield to the hands on imperative”.
The second movement that modern day hackers can trace their origins to is the 1970’s hippie anarchist movement known as Yippies. One of the most famous Yippies was Abbie Hoffman. Yippies liked to get many things for free or “ripping off”, such as electricity, gas, and especially phone service. In 1971, Youth International Party line (or YIPL), a Yippie newsletter, began being published. It was designed to spread these rip off techniques. Al Bell, one of the publishers of YIPL, dropped out of the Yippie movement and changed the name of the newsletter to TAP or technical assistance program. The newsletter soon became filled with articles about telephone switches and computers, even including reproduced Bell System’s manuals. With these manuals, hackers can get an understanding for how systems work and where the exploits are. This still holds true today.
The MIT Hacker movement and the Yippie movement seem to have converged into a new generation of hackers in the early 1980’s. The primarily catalysts were Bulletin Board Systems and a movie. To Internet users who never knew life before instant messaging and the world wide web, Bulletin Board Systems or BBSes, may sound very foreign. A BBS is a computer which serves as an information and messaging center for users dialing-up over the phone lines. These types of BBSes were first designed in 1978 and by 1985, there was an estimated 4000 boards in the U.S. Boards could be accessed from across the country and allowed users to play games and more importantly chat, use message boards, and share files and even email. It is on these boards that many of today’s computer underground norms, customs, and values were forged through the various forms of interaction offered. The use of pseudonyms, hacker groups, zines, misspelling of words, jargon, etc. all owe their growth in popularity to the BBS days. Although there were a decent amount of BBSes catering to the computer underground, the explosive growth can be directly linked to the 1983 release of the movie War Games. In the movie, the main character played by Matthew Broderick, uses a computer with a modem to randomly dial phone numbers to find various computer systems from boards to companies to the military. In fact, the use of an auto dialer program in this fashion became known as a war dialer, after the title of the movie. After the release of the movie, many soon to be computer hackers purchased a modem for their computer and soon either got in touch with an underground board or created their own.
Over the next ten or so years, the use of BBSes by all types of computer users would continue to grow. Also, the number of computer underground boards, groups, and zines would grow as well. Zines such as Phrack became an important method for these groups to compile their knowledge and thoughts and spread it to users across the country. The design of BBSes encouraged these files to spread. Some BBSes were connected to each other through networks such as Fidonet or a user would simply download files from one BBS and upload it to another, to “share the knowledge”. BBS time was usually limited because it could only handle a small amount of users once. Thus, users who max out their daily or weekly allotment on one could go to another. Upload/Download ratios, which only allowed downloads after a certain amount of files or bytes were uploaded, also helped increase the spread of information. This period of time saw some interesting events such as Operation Sundevil and other high profile hacker arrests (which were detailed in Bruce Sterling’s the Hacker Crackdown), the first Internet worm, and the MOD-LOD wars. These times, at least part of them, are seen as the golden era of hacking by many. The underground would truly be underground until the mid 90’s.
America Online started to gain popularity in the mid 90’s especially among people into warez. America Online made it easy, but expensive, for anyone to gain access to the Internet and more importantly with AOL, chatrooms. On these chatrooms, AOL seemed to have freely permitted the exchange of warez and much more illegal activity. The warez scene became very popular especially because little knowledge was needed. You went into a chatroom where someone was running a bot (a program) that mailed out files to everyone that typed in a trigger such as “123” or “give me warez”. Within a few minutes, the bot sent out a mass mailing to everyone who signed up and dozens of free programs were now in your mailbox. However, not just content with downloading warez, users wanted to cause havoc and in late 1994, a person named ‘Da Chronic’ created a program called AO Hell. This allowed people to create fake AOL accounts, use macro’s in chat rooms, and use other features to annoy or even kick off or “punt” users.
Now these warez users were starting to like the feeling of “hacking” other users on AOL, even though most self-respecting hackers disdained such “lame” computer users. Aside from pornography, the Internet was dominated by hacker websites, in which, like BBSes, they shared their libraries of text files, zines, and programs. Some sites catered to H/P/V/A/C or hacking, phreaking, viruses, anarchy, and cracking. These sites also helped to turn some users who were initially seeking keys to unlock software or a textfile on pipebombs to learn about hacking and phreaking. Soon thereafter in 1995, the movie Hackers came out in theaters. The movie glamorized, hyped and over simplified some hacking methods and made hacking look “cool”. While the hacking underground may have had mixed feelings about the movie, if not total hatred, it spawned countless numbers of “zero cool” wannabees, referring to the main character’s pseudonym.
The hacking underground, already dealing with an influx of warez doodz and zero cools, was dealt a major blow in late 1996 when America Online offered unlimited access for $19.95 compared with the previous allotment of only 20 hours for the same price. This allowed warez doodz, zero cool wannabees and many other types to explore everything the Internet had to offer, including hacking and phreaking. In the past, hackers as a whole were intelligent because it generally required a degree of intelligence to even want a computer, understand how to use it, and then find your way onto a bulletin board and be able to hold your own with this new underground society. Now, understanding the complexities of the computer on switch, the mouse and the keyboard was all that was needed to find your way to a search engine which would eventually put you in touch with all the text files and hacker programs you need, without understanding the methods behind any of it.
The last ten years hasn’t been all bad though. The hacker underground has evolved and become more diverse, hence the term computer underground. Children, students, hobbyists and professionals are now interested in various computer underground topics and individual communities have sprung up to support them. Specifically with the hacking community, some of the older hackers who started in the early 80’s and stuck with it, have found lucrative jobs in computer security firms. Wi-Fi and Linux have created new frontiers for the computer underground to explore. While the quality of 2600 magazine has declined, the publishers have become more political and have started a radio show called “Off the Hook”. Hackers have also been increasingly meeting face to face at local 2600 meetings, which have been around for some time but have seen an increase in the number of meetings in the last decade. Conferences or “Cons” such as the annual Defcon’s and the HOPE con’s put on every few years in New York by 2600, have become very popular.
Unlike the mid 90’s, the pendulum may be swinging the other way. The hackers of today and tomorrow may be smarter than the hackers of the early 80’s. Classes in school and camps in the summer are exposing children to computers and even advanced topics such as computer programming as early as five or six years old. Spam, terrorism, the fight against illegal music downloading, child pornography and fraudsters all have pushed hackers aside from their role as enemy number one on the Internet. When a hacker-type crime does occur, it becomes lost in this sea of other crime that dominates the Internet in terms of frequency and importance

Hackers

Out of all the different groups that comprise the computer underground, ‘hackers’ are the most complex to specifically identify. Typically, the term is used in the media to define someone who breaks into computers, usually illegally. Some hackers even divide themselves into white hat, gray hat and black hat hackers; the use of a colored hat being a nod to the western movies. White hat hackers only use their skills to expand their knowledge and the knowledge of the community by following the law. This is usually done through testing exploits and other techniques on their own systems or on other systems with permission from the owner. Black hat hackers primarily break the law and may use their skills for personal gain or destruction without contributing to the community. Black hat hackers are usually labeled as crackers. Gray hat hackers fall in the middle where they do not intend to break the law but they will not let that stop them if it will increase their knowledge. For example, a gray hat hacker would not intend to break into a to cause damage or steal files, but instead to test their skills. A majority of hackers may be considered gray hat hackers. Note that all of these people may call themselves just “hacker” and then follow that up by saying, well I’m a (white, gray, black) hat hacker if asked.
1. A person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum
necessary.

2. One who programs enthusiastically (even obsessively) or who enjoys programming rather than just theorizing about programming.

3. A person capable of appreciating hack value.

4. A person who is good at programming quickly.

5. An expert at a particular program, or one who frequently does work using it or on it; as in "a Unix hacker". (Definitions 1 through 5 are correlated, and people who fit
them congregate.)

6. An expert or enthusiast of any kind. One might be an astronomy hacker, for example.

7. One who enjoys the intellectual challenge of creatively overcoming or circumventing limitations.

8. (Deprecated) A malicious meddler who tries to discover sensitive information by poking around. Hence "password hacker", "network hacker". The correct term is cracker.

The term "hacker" also tends to connote membership in the global community defined by the net (see The Network and Internet address). It also implies that the person described is seen to subscribe to some version of the hacker ethic.

It is better to be described as a hacker by others than to describe oneself that way. Hackers consider themselves something of an elite (a meritocracy based on ability), though one to which new members are gladly welcome. Thus while it is gratifying to be called a hacker, false claimants to the title are quickly labeled as "bogus" or a "wannabee".

The Free On-line Dictionary of Computing, © 1993-2003 Denis Howe

a. Hacking Techniques

Although this guide does not focus on specific hacking techniques, it is important to briefly discuss the three main techniques that are used throughout the computer underground so that there is some context for the rest of the guide. Most techniques can be classified as an exploit, brute force, or social engineering. Exploits have become the most popular technique. An exploit is a vulnerability in software that can be used to attack a system or to defeat the security of system (by bypassing or breaking into it). Usually, a program or piece of code is used to take advantage of this exploit. For example, most worms take advantage of an exploit in Microsoft operating systems or programs in order to propagate and cause damage.
Brute force is the systematic attempt at trying to accomplish a goal, usually breaking a code or password, by trying every single combination or possible solution. Programs that try every single combination until the right one is found is often used, although manual brute force is not unheard of. However, brute force does not always mean that no thought is involved. For example, a dictionary attack can be used to reduce the amount of time it takes. War dialing can also be considered a type of brute force although in a different sense.
Finally, the most over looked of all hacking techniques is social engineering. Put most simply, it is the use of knowledge to trick someone into giving up trusted information that can then be used to eventually gain access to something, usually a computer system. This was made to look too easy in the beginning of the 1995 movie Hackers. Most social engineering is done by phone. Knowledge gained from the Internet or dumpster diving is used to impress upon the target that the person calling is legitimate. The person calling usually poses as a specific person or a fictitious one with a real title. Also, not all of the pieces of information need to be gained at the same time. The target may feel less reluctant to give up a piece of information instead of all of it. Several phone calls are made to gather each piece of information. Then, the person places a call and relays all of the information to a target which makes the person seems much more believable. Passwords, URLs, and phone numbers are the usual targets of social engineering. This information is then used to subsequently carry out an attack.

ABOUT THE COMPUTER UNDERGROUND

The Computer Underground is an umbrella term used by this author to describe the online world of hackers, crackers, phreaks, script kiddies, computer security enthusiasts and professionals, and other fringe groups and individuals that loosely overlap in the sharing of common norms, values, and activities. One common theme is the social nature in which they interact in order to learn, boast, or just talk. The term computer underground is preferred because
labeling everyone that belongs to it as a hacker would be an over generalization. Because hackers dominate the computer underground, the terms hacker and hacking will be used often in this guide.
Another problem is that it is a community that anyone can belong to, as there are no membership cards handed out. Even though a victim may claim that they have been “hacked”, this does not automatically mean that a computer underground type suspect is involved. Disgruntled, former employees should not be overlooked. These people may just be involved in one time attacks and not part of any type of online social group. By understanding the different aspects of the computer underground and looking at the motive of the crime, the investigators should be able to identify if the computer underground is involved and if they should focus the investigation accordingly.
A. Definitions:

As it was difficult to define the computer underground, it is likewise difficult to define the different groups that are associated with it. Since there is no governing body that determines what the definitions of these groups are or how they should act, you can have two different people each identifying themselves with the same group, and yet are completely different. Therefore, the descriptions of these groups, provided below, should only be considered as generalizations. The important thing is to be able to understand these terms when they are encountered in an investigation. Understanding the different patterns of behavior of these different groups may lead to a better understanding of the suspect himself. For example, if it is suspected that a script kiddie is behind the crime, it can then be deduced that the person is most likely young and not part of a more professional criminal organization, but is instead motivated by the desire to cause mischief.

History of Computers

History and information about computers. The first electronic digital computer was called "ENIAC" built in 1945 in Philadelphia. It used so much electricity that lights in the nearby town dimmed every time it was used!

The first electronic digital computer was called "ENIAC" built in 1945 in Philadelphia. It used so much electricity that lights in the nearby town dimmed every time it was used! What a long way we have come in a half-century, with personal computers in homes, offices, and schoolrooms across the world.

After the arrival of the microprocessor, many different computer companies appeared and began developing their own microprocessors and microcomputers. Companies such as Apple, Compaq, and Commodore started during this period of confusion. At the conclusion of the timeline is the first home personal computer or PC, by IBM in 1981.

Computers began to steadily and rapidly increase in speed and power while becoming more compact and more user friendly from the early 1980's on. The progress, however came in many small steps, rather than fewer major events like earlier years.

From the start of the decade to today, PCs in the home have become immensely popular. Computers have increased their role from professional and business machines to entertainment and educational tools. Telecommunications advancements such as the Internet have shown themselves to be useful both in education and business.

Hard disks or Computer hardware were invented in the 1950s. They started as large disks up to 20 inches in diameter holding just a few megabytes. They were originally called "fixed disks" or "Winchesters" (a code name used for a popular IBM product). They later became known as "hard disks" to distinguish them from "floppy disks." Hard disks have a hard platter that holds the magnetic medium, as opposed to the flexible plastic film found in tapes and floppies. At the simplest level, a hard disk is not that different from a cassette tape. Both hard disks and cassette tapes use the same magnetic recording techniques.

A typical desktop machine will have a hard disk with a capacity of between 10 and 40 gigabytes. Data is stored onto the disk in the form of files. A file is simply a named collection of bytes. The bytes might be the ASCII codes for the characters of a text file, or they could be the instructions of a software application for the computer to execute, or they could be the records of a data base, or they could be the pixel colors for a GIF image. No matter what it contains, however, a file is simply a string of bytes. When a program running on the computer requests a file, the hard disk retrieves its bytes and sends them to the CPU one at a time.

The Internet was the result of some visionary thinking by people in the early 1960s who saw great potential value in allowing computers to share information on research and development in scientific and military fields.

The Internet, then known as ARPANET, was brought online in 1969 under a contract let by the renamed Advanced Research Projects Agency (ARPA) which initially connected four major computers at universities in the southwestern US.

The Internet was designed in part to provide a communications network that would work even if some of the sites were destroyed by nuclear attack.

The early Internet was used by computer experts, engineers, scientists, and librarians.
E-mail was adapted for ARPANET by Ray Tomlinson of BBN in 1972. He picked the @ symbol from the available symbols on his teletype to link the username and address.

As the commands for e-mail, FTP, and telnet were standardized, it became a lot easier for non-technical people to learn to use the nets.

Most Internet Service Providers or( ISP�s ) make use of these protocols in E-mail, Usenet newsgroups, file sharing, the World Wide Web, Gopher, session access, WAIS, finger, IRC, Mud�s, and Mush�s. Of these, e-mail and the World Wide Web are clearly the most used, and many other services are built upon them, such as mailing lists and web logs. The Internet makes it possible to provide real-time services such as web radio and web casts that can be accessed from anywhere in the world.

The Internet is also having a profound impact on knowledge and worldviews. Through keyword-driven Internet research, using search engines, millions worldwide have easy, instant access to a vast amount and diversity of online information. Compared to encyclopedias and traditional libraries, the Internet represents a sudden and extreme decentralization of information and data.

A current trend with major implications for the future is the growth of high speed connections. 56K dialup modems are not fast enough to carry multimedia, such as sound and video except in low quality. But new technologies many times faster, such as cable modems, digital subscriber lines (DSL), and satellite broadcast are widely available now, and growing fast. The rapid growth of local networks, even in homes, has increased the demand. Common methods of home access include dial-up, broadband and satellite communications.

As the commands for e-mail, FTP, and telnet were standardized, it became a lot easier for non-technical people to learn to use the nets. It was not easy by today's standards by any means, but it did open up use of the Internet to many more people in universities in particular. Other departments besides the libraries, computer, physics, and engineering departments found ways to make good use of the nets--to communicate with colleagues around the world and to share files and resources.

We have come a long way in computer technology since the ENIAC. Now eighty percent of American households have at least one computer, and most households have one computer exclusively for the use of PC games, music, videos, and surfing the web.

FYI: "The American PC game market is a $1.2 billion business. Five years ago a talented programmer and an artist could make a hit. Today a state-of-the-art game is a multimillion-dollar collaborative product."

The Ten Commandments for C Programmers

The Ten Commandments for C Programmers


This is still wise counsel,
although many modern compilers
search out many of the same sins,
and there are often problems with
lint being aged and infirm, or una-
vailable in strange lands. There
are other tools, such as Saber C,
useful to similar ends.
``Frequently'' means thou shouldst
draw thy daily guidance from it,
rather than hoping thy code will
achieve lint's blessing by a sudden
act of repentance at the last
minute. De-linting a program which
has never been linted before is
often a cleaning of the stables
such as thou wouldst not wish on
thy worst enemies. Some observe,
also, that careful heed to the
words of lint can be quite helpful
in debugging.
``Study'' doth not mean mindless
zeal to eradicate every byte of
lint output-if for no other reason,
because thou just canst not shut it
up about some things-but that thou
should know the cause of its unhap-
piness and understand what worri-
some sign it tries to speak of.

2 Thou shalt not follow the NULL pointer, for chaos and
madness await thee at its end.
Clearly the holy scriptures were
mis-transcribed here, as the words
should have been ``null pointer'',
to minimize confusion between the
concept of null pointers and the
macro NULL (of which more anon).
Otherwise, the meaning is plain. A
null pointer points to regions
filled with dragons, demons, core
dumps, and numberless other foul
creatures, all of which delight in
frolicing in thy program if thou
disturb their sleep. A null
pointer doth not point to a 0 of
any type, despite some blasphemous
old code which impiously assumes
this.

3 Thou shalt cast all function arguments to the expected
type if they are not of that type already, even when
thou art convinced that this is unnecessary, lest they
take cruel vengeance upon thee when thou least expect
it.
A programmer should understand the
type structure of his language,
lest great misfortune befall him.
Contrary to the heresies espoused
by some of the dwellers on the
Western Shore, `int' and `long' are
not the same type. The moment of
their equivalence in size and
representation is short, and the
agony that awaits believers in



November 25, 1992





- 2 -


their interchangeability shall last
forever and ever once 64-bit
machines become common.
Also, contrary to the beliefs com-
mon among the more backward inhabi-
tants of the Polluted Eastern
Marshes, `NULL' does not have a
pointer type, and must be cast to
the correct type whenever it is
used as a function argument.
(The words of the prophet Ansi,
which permit NULL to be defined as
having the type `void *', are oft
taken out of context and misunder-
stood. The prophet was granting a
special dispensation for use in
cases of great hardship in wild
lands. Verily, a righteous program
must make its own way through the
Thicket Of Types without lazily
relying on this rarely-available
dispensation to solve all its prob-
lems. In any event, the great
deity Dmr who created C hath wisely
endowed it with many types of
pointers, not just one, and thus it
would still be necessary to convert
the prophet's NULL to the desired
type.)
It may be thought that the radical
new blessing of ``prototypes''
might eliminate the need for cau-
tion about argument types. Not so,
brethren. Firstly, when confronted
with the twisted strangeness of
variable numbers of arguments, the
problem returns... and he who has
not kept his faith strong by
repeated practice shall surely fall
to this subtle trap. Secondly, the
wise men have observed that reli-
ance on prototypes doth open many
doors to strange errors, and some
indeed had hoped that prototypes
would be decreed for purposes of
error checking but would not cause
implicit conversions. Lastly,
reliance on prototypes causeth
great difficulty in the Real World
today, when many cling to the old
ways and the old compilers out of
desire or necessity, and no man
knoweth what machine his code may
be asked to run on tomorrow.

4 If thy header files fail to declare the return types of
thy library functions, thou shalt declare them thyself
with the most meticulous care, lest grievous harm
befall thy program.
The prophet Ansi, in her wisdom,
hath added that thou shouldst also
scourge thy Suppliers, and demand
on pain of excommunication that
they produce header files that
declare their library functions.
For truly, only they know the pre-
cise form of the incantation
appropriate to invoking their magic
in the optimal way.
The prophet hath also commented
that it is unwise, and leads one
into the pits of damnation and sub-
tle bugs, to attempt to declare
such functions thyself when thy
header files do the job right.

5 Thou shalt check the array bounds of all strings
(indeed, all arrays), for surely where thou typest
``foo'' someone someday shall type ``supercalifragilis-
ticexpialidocious''.
As demonstrated by the deeds of the
Great Worm, a consequence of this
commandment is that robust produc-
tion software should never make use
of gets(), for it is truly a tool
of the Devil. Thy interfaces
should always inform thy servants
of the bounds of thy arrays, and
servants who spurn such advice or
quietly fail to follow it should be
dispatched forthwith to the Land Of
Rm, where they can do no further
harm to thee.

6 If a function be advertised to return an error code in
the event of difficulties, thou shalt check for that


November 25, 1992





- 3 -


code, yea, even though the checks triple the size of
thy code and produce aches in thy typing fingers, for
if thou thinkest ``it cannot happen to me'', the gods
shall surely punish thee for thy arrogance.
All true believers doth wish for a
better error-handling mechanism,
for explicit checks of return codes
are tiresome in the extreme and the
temptation to omit them is great.
But until the far-off day of
deliverance cometh, one must walk
the long and winding road with
patience and care, for thy Vendor,
thy Machine, and thy Software
delight in surprises and think
nothing of producing subtly mean-
ingless results on the day before
thy Thesis Oral or thy Big Pitch To
The Client.
Occasionally, as with the ferror()
feature of stdio, it is possible to
defer error checking until the end
when a cumulative result can be
tested, and this often produceth
code which is shorter and clearer.
Also, even the most zealous beli-
ever should exercise some judgement
when dealing with functions whose
failure is totally uninteresting...
but beware, for the cast to void is
a two-edged sword that sheddeth
thine own blood without remorse.

7 Thou shalt study thy libraries and strive not to re-
invent them without cause, that thy code may be short
and readable and thy days pleasant and productive.
Numberless are the unwashed heathen
who scorn their libraries on vari-
ous silly and spurious grounds,
such as blind worship of the Little
Tin God (also known as ``Effi-
ciency''). While it is true that
some features of the C libraries
were ill-advised, by and large it
is better and cheaper to use the
works of others than to persist in
re-inventing the square wheel. But
thou should take the greatest of
care to understand what thy
libraries promise, and what they do
not, lest thou rely on facilities
that may vanish from under thy feet
in future.

8 Thou shalt make thy program's purpose and structure
clear to thy fellow man by using the One True Brace
Style, even if thou likest it not, for thy creativity
is better used in solving problems than in creating
beautiful new impediments to understanding.
These words, alas, have caused some
uncertainty among the novices and
the converts, who knoweth not the
ancient wisdoms. The One True
Brace Style referred to is that
demonstrated in the writings of the
First Prophets, Kernighan and
Ritchie. Often and again it is
criticized by the ignorant as hard
to use, when in truth it is merely
somewhat difficult to learn, and
thereafter is wonderfully clear and
obvious, if perhaps a bit sensitive
to mistakes.
While thou might think that thine
own ideas of brace style lead to
clearer programs, thy successors
will not thank thee for it, but
rather shall revile thy works and
curse thy name, and word of this
might get to thy next employer.
Many customs in this life persist
because they ease friction and pro-
mote productivity as a result of
universal agreement, and whether
they are precisely the optimal
choices is much less important. So
it is with brace style.
As a lamentable side issue, there
has been some unrest from the
fanatics of the Pronoun Gestapo
over the use of the word ``man'' in
this Commandment, for they believe
that great efforts and loud shout-
ing devoted to the ritual



November 25, 1992





- 4 -


purification of the language will
somehow redound to the benefit of
the downtrodden (whose real and
grievous woes tendeth to get lost
amidst all that thunder and fury).
When preaching the gospel to the
narrow of mind and short of temper,
the word ``creature'' may be sub-
stituted as a suitable pseudoBibli-
cal term free of the taint of Pol-
itical Incorrectness.

9 Thy external identifiers shall be unique in the first
six characters, though this harsh discipline be irksome
and the years of its necessity stretch before thee
seemingly without end, lest thou tear thy hair out and
go mad on that fateful day when thou desirest to make
thy program run on an old system.
Though some hasty zealots cry ``not
so; the Millenium is come, and this
saying is obsolete and no longer
need be supported'', verily there
be many, many ancient systems in
the world, and it is the decree of
the dreaded god Murphy that thy
next employment just might be on
one. While thou sleepest, he plot-
teth against thee. Awake and take
care.
It is, note carefully, not neces-
sary that thy identifiers be lim-
ited to a length of six characters.
The only requirement that the holy
words place upon thee is uniqueness
within the first six. This often
is not so hard as the belittlers
claimeth.

10 Thou shalt foreswear, renounce, and abjure the vile
heresy which claimeth that ``All the world's a VAX'',
and have no commerce with the benighted heathens who
cling to this barbarous belief, that the days of thy
program may be long even though the days of thy current
machine be short.
This particular heresy bids fair to
be replaced by ``All the world's a
Sun'' or ``All the world's a 386''
(this latter being a particularly
revolting invention of Satan), but
the words apply to all such without
limitation. Beware, in particular,
of the subtle and terrible ``All
the world's a 32-bit machine'',
which is almost true today but
shall cease to be so before thy
resume grows too much longer.