And than there was silence

Yes, I've been silent for a while (a lot of work, of course)
A lot has been going on here in Germany, as the IFPI, more or less the german version of the RIAA does the same thing thier US leaders do - they sue their customers. Well only one picture.

Let us do it the same way the Canadians do it - private music sharing is free; we pay a fee for copying music with every CD/DVD burner and every recordable CD we buy - but we also live in a country where the lobbys win - most times, sad thing.

BTW, no music was illgaly downloaded creating this posting.

By mrtoto at 02:15h| 0 Kommentare | Comment this

 

Even Big Brother uses Mac ;-)

This article on SecFocus cought my eye.

Dave had some surprises up his sleeve as well. You'll remember that I said he was using a ThinkPad (running Windows!). I asked him about that, and he told us that many of the computer security folks back at FBI HQ use Macs running OS X, since those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box.

So Big Brother runs Mac - almost ironic considering the 20th aniversey of a Computer whose story began in an ad campaign with an ad which uses the big brother theme ;-)

Dave also had a great quotation for us: "If you're a bad guy and you want to frustrate law enforcement, use a Mac." Basically, police and government agencies know what to do with seized Windows machines. They can recover whatever information they want, with tools that they've used countless times. The same holds true, but to a lesser degree, for Unix-based machines. But Macs evidently stymie most law enforcement personnel. They just don't know how to recover data on them. So what do they do? By and large, law enforcement personnel in American end up sending impounded Macs needing data recovery to the acknowledged North American Mac experts: the Royal Canadian Mounted Police. Evidently the Mounties have built up a knowledge and technique for Mac forensics that is second to none.

I can hear somone in Redmond sing "Blaaaaaame Canada! Blaaaame..." -- almost.

Via IT&W

By mrtoto at 14:07h| 0 Kommentare | Comment this

 

Black market

"The MP3’s on a full 40GB iPod have a retail value of $10,000. An iPod weighs in at 160 grams, so that’s about $60 gram or approximately the street price of cocaine."

From New RIAA via IT&W

They got more funny stats, but this clearly made me laugh :-)

By mrtoto at 13:53h| 0 Kommentare | Comment this

 

One for the night - Postcard mail

About e-mail, encrypion and why noone uses it

Starbucks makes good coffee indeed. Yes expensive, but good.
And ofcourse they all have WLAN (powerd by T-Mobile - I did I mention that I hate mangenta). Because T-Mobile is afraid that WLAN will eat up their UMTS margin and bacause all Mobile Providers seem to think, that we will pay their gigantc prices for data traffic (just look at the GPRS prices).
So to push their WLAN service it is free again (from April-November 2003 you had to pay for WLAN at Starbucks - in this time I can only remeber one person actually using the WLAN - they don't get it Internet is just a additional gimmick, people will preferr the coffe house whick has it, but they will not pay for it.)
Free WLAN means that there are actually people using the WLAN - most of them don't seem to know about the securety issues (although they have checked the "there is no privat informaton" button). This means people are sendig out e-mail - over a non-SSL connection of course.
This is not ver suprising, although most (free mail, and thats what people are using) providers are offering SSL-encryption people don't use it. Even if it is offerd for free (at least for POP, but you can still sniff all passwords and you can still read every outgoing mail like a postcard) you can't blame anyone for not using it - most "users" do not know anything about what a POP server is or that it is unencrypted. And if you ask them: "hey, do you know, that everyone here at Starbucks, and even the people in the office at the opposite side of the street can read all of you mail and even get you password?" Most people respond like: "Ohh, but who want to get my password, I don't get any interesting e-mails. I don't care."
Well I guess for that you can blame the people or the people who tought those users how to use email and the web. The point is that if I don't care if the door of my home is locked, everyone will blame me that someone went into the front door and took my stereo away.
So please no complaints about that.
The only thing you can complain about is that the email providers don't seem to care either. I tried to find one provider who would offer me a SSL POP3 and SSL for SMTP together with secure authentification (something like MD5 Chalange/response at least) for free - it doesn't cost anything mor than offering the same without security, but you have more, uhm,...security.
That one thing I don't understand: they don't offer all of those things to the people who actualy pay them for their mail-accounts. Too bad for them, they have one customer less.
But I always wanted to get root-server for keeping my mail and hosting my website, so thats what I'll do.

By mrtoto at 21:19h| 0 Kommentare | Comment this

 

Worms world party

Was origially posted at bitfever.blogspot.com on Wed Jan 07, 08:53

Today I recived the following e-mail (german), wich is of course a mail sent out by sobig.c:

From: anotherone@jofeofefxsw.it
Subject: Du hast einen Trojaner drauf!
To: forthespambots@qwertzgdfs.it

Juten Tach,
habe mal einen internet port scan gemacht. dabei konnte
ich deinen rechner sehen und einsteigen.
deine mail adresse hab ich auch auf deinem pc gefunden.

bei dir ist der trojaner lsass.exe am wüten. deshalb kann
jeder auf deinen rechner zugreifen!
du kannst ja mal den taskmanager öffnen, und versuchen ihn zu beenden.
du wirst aber feststellen, das er sich nicht beenden lässt.
solltest du windows98/me haben, siehst du ihn erst gar nicht im task!

dieses hartnäckige miststück hatte ich auch mal drauf, 3 tage
hat es gedauert, bis ich endlich ein programm zum entfernen
gefunden habe. ich hab's dir mal mit beigetan. wenn fragen,
meld dich einfach."

This is a very common thing (and always something entertaining for Mac user) nowadays, but the that fact really concerns me, is that i scanned the attached file witn Norton AntiVirus 2003 (for Windows of course) using todays signatures; given the fact that Sobig.C is not a very new thing, i thougt it will catch it without problem - but in fact it reported that it found nothing.
Of course I do not execute files that i don't know the sorce of or that even came in an email, but almost every average computer user would have thogt this: "So Norton found no Virus? Good, so lets double click it.". He maybe would have checked upon the lsass.exe (wich of course exists, because it is a vital part of Windows 2000/XP) before, but he would have used it - and got another sobig infected user!
I always wonderd how fast these viruses spreaded, even if they said in the evening news: "Don't click .exes!". This will not be the main reason (cause most people don't bother running a virusscanner) - but it concernes me a lot. Poor Norton, shame on you.
The main reason a virus/worm workes obviously because the human nature itself. It is often argured that all those Windows/Outlook bugs are the main reason for the fast spreading of worms. Those bugs of course encourage it and make it easier for the crackers and worm authors, but there would be worms without those bugs.

Besides, this concernes me, but it doesn't suprise me that Norton AntiVirus fails.
Have you ever looked at the so called "Norton Utilities"? One of the poorest software packages i know of - it costs a lot, claims to be "Designed for Windows XP" but some features, e.g. the Rescue Boot Disk on the CD, just don't work properly. The Rescue CD boots a DOS, but cannot use NTFS drives at all, wich makes it inusable for a lot of Windows XP installations! And the progam doesn't work at all if you are not logged in as an Admin user. This is everything, but not "Designed for Windows XP".

By mrtoto at 17:56h| 0 Kommentare | Comment this