The RDV Group InfoSec Blog

Monday, April 19, 2010

Great Cloud Article in today's NY Times

Brad Stone and Ashlee Vance have a must-read piece in today's (Monday 4/19/10) New York Times Business section about how companies, in particular Netflix, are moving to a full cloud computing model. As Dr. Ronald Krutz and I are finalizing our most recent text for John S. Wiley and Sons: Cloud Security: A Comprehensive Guide to Secure Cloud Computing (due out this August), it's heartening to see such a clear and direct description of the drivers for an organization's adoption of cloud computing in the popular press.

One section is especially succinct, as it describes Netflix's seemingly incongruous adoption of a rival's technology:

"Kevin McEntee, Netflix's vice president of engineering, said Netflix switched in order to 'focus our innovation around finding movies, rather than building larger and larger data centers.' As for tethering Netflix's future to a rival, Mr. McEntee said, 'It's in their interest to make us successful in the cloud. That's why we felt comfortable."

Cloud computing will make for some strange bedfellows, but the assurance of the preservation of the three tenets of information systems security (confidentiality, integrity and availability) will have to be continually addressed in a manner that makes more companies comfortable about the move.

Friday, January 08, 2010

Software Flaws Let Xmas Bomber Through

Wired's consistently excellent "Danger Room" has a must-read piece: Software Flaws Let Christmas Bomber Get Through. In the article they follow up on the Administration's recent review of the intelligence failure, and describe how "Crappy government software -- and failure to use that software right -- almost got 289 people killed in the botched Christmas day bombing."

These problems include search engine failures, data correlation inabilities, and user incompetence. The commercial sector tackled these problems years ago with more success; maybe it's time to take air safety as seriously as on-line Christmas shopping.

Monday, June 01, 2009

Fundraising efforts for pianist Diane Moser to continue with special concert event Sunday afternoon, June 14 in Montclair, NJ

Composer, pianist and bandleader Diane Moser has been a leading light in jazz and new music in the New York-New Jersey Area for nearly 20 years. As a writer the Montclair, NJ resident has received acclaim for her compositions, including a prestigious composition grant by Chamber Music America and a fellowship with the MacDowell Artists Colony. As a pianist, she has appeared with numerous top-flight musicians, such as Charles McPherson, Mark Dresser, Gerry Hemmingway among others, always lending her singular voice to the music. As a bandleader she has led numerous groups, most notably her Composer’s Big Band. Now she faces a new challenge, as she recovers from a rare form of cancer, in form of a gastrointestinal stromal tumor (GIST) and faces tremendous medical costs. In April her Composers Big band held the first of several fundraisers to help defray her medical expenses. A special concert benefit involving members of her local community as well as artists of international stature will be held on Sunday afternoon, June 14 at the Central Presbyterian Church in Montclair, NJ from 2:00-6:00 PM. There will be live auctions and a host of other activities that day to raise funds for Diane Moser.

Performers will include legendary jazz pianist George Cables, Double Bass Virtuoso and new music titan Mark Dresser, as well as several stalwarts of the NY-NJ Jazz scene (see below for full list) Additionally, several of Diane’s piano students will perform as well. Such a wide range of performers reflects Moser’s gifts as a performer, composer, and educator-in all these guises she has shared her love and enthusiasm for music.

A Celebration and Fundraiser for Diane Moser

Sunday June 14 2:00-6:00 PM

Central Presbyterian Church

46 Park Street Montclair, NJ 07042

There is no admission, but donations are encouraged

Guest artists will include: George Cables, Mark Dresser, Anton and Nicki Denner, the Mike Kaplan Nonet, the Diane Moser Quintet, the Erick Storckman Septet, and piano students of Diane Moser

For information, call 201-259-5865

For directions to Central Presbyterian Church, visit www.centralpresbyterian.net/contacts.html or call (973) 744-5340

Donations to cover Diane Moser’s medical costs can also be made online at

http://d-mo-zone.blogspot.com/. Just click on the “Donate” button in upper right hand corner to start the process.

Thursday, May 07, 2009

Jazz Fundraisers for Pianist Diane Moser



If you're in the Montclair New Jersey area May 11th, or the San Diego area May 12th, you might be interested in attending a special jazz event that's being held in each of those cities The band leader Diane Moser is recovering from a rare form of cancer, and since Moser has always been the first to help out artists who need help in paying onerous medical expenses, the music community gets to return the favor, with two special benefit concerts. The performances will reflect the many sides of Diane Moser, most notably the joy that is a trademark of her music and life.

Club/Date Info:

Monday, May 11, 8:00 PM
$10 cover, no minimum (full menu)
Trumpets
6 Depot Square
Montclair, New Jersey 07042
973.744.2600
Guest artists will include: Jim McNeely, Howard Johnson, Nicki Denner, Oliver Lake, Mike Kaplan, Russ Vines and others.

Tuesday, May 12, 7:00 PM
$20 cover
Dizzy's
San Diego Wine & Culinary Center
Harbor Club Towers ground floor
2nd & J Street
San Diego, CA 92169-1990
858.270.7467
Guest artists will include: Charles McPherson, Daniel Jackson, Mark Dresser, ESP Quintet, Rob Thorsen, Dave Millard, Mitch Manker, Duncan Moore, Yale Strom, Tripp Sprague, Gunnar Biggs, & more.

About Diane:
Composer, pianist and bandleader Diane Moser has been a leading light in jazz and new music in the New York-New Jersey Area for nearly 20 years. As a writer, she has received acclaim for her compositions, including a prestigious grant by Chamber Music America and a fellowship with the MacDowell Artists Colony. As a pianist, she has appeared with numerous top-flight musicians, such as Charles McPherson, Mark Dresser, and Gerry Hemmingway among others, always lending her singular voice to the music.

As a bandleader she has led numerous groups, most notably her Composers Big Band. Diane Moser’s Composers Big Band is a 17-piece big band formed for the purpose of developing and presenting new music for large ensembles. Presenting monthly concerts since January 1997, the CBB features the music of its resident composers along with guest composers and performers. The range of the featured artists collaborating with the band has been astonishing: Jim McNeely, Oliver Lake, Howard Johnson, Sy Johnson, Matt Wilson, Jackie Cain and Mark Dresser are but of few of the dozens to share the stage with the group. This breadth reflects the musical attitude of Diane Moser, whom the New York Times called “unfazable booster for improvised music.”

More about Diane:
http://www.myspace.com/dianemoserscomposersbigband
http://www.jazz.com/encyclopedia/moser-diane

If you can't make the concert, you can donate here: Flipped Kitty in the City

Hope to see you there!

Tuesday, March 31, 2009

April 1st Virus Attack

I wrote a short piece for my company's newsletter about the Conficker virus, which is scheduled to go active 4/1/09:

Conficker

On April 1, the Conficker worm (aka Downadup) will expand its infection of Windows systems. Although exactly what payload this worm will execute is not known, it’s expected that, at the least, it will start taking more steps to protect itself. After 4/1, machines infected with the “C” variant of the worm may not be able to get security updates or patches from Microsoft and from many other vendors. The creators of the worm will also start using a communications system that is more difficult for security researchers to interrupt.

Security researchers don’t know the exact purpose of the Conficker worm. Today the worm has created an infrastructure that the creators of the worm can use to remotely install software on infected machines. Most likely, the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs, and direct users to online scams and phishing sites.

The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service; deletes previous restore points; disables many security services; blocks access to a number of security web sites; and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.

Various versions of the software have spread widely around the globe since October, mostly outside the United States because there are more computers overseas running unpatched, pirated Windows. (The program does not infect Macintosh or Linux-based computers.)

It is possible to detect and remove Conficker using commercial antivirus tools offered by many companies. However, the most recent version of the program has a significantly improved capacity to remove commercial antivirus software and to turn off Microsoft’s security update service. It can also block communications with Web services provided by security companies to update their products. It even systematically opens holes in firewalls in an effort to improve its communication with other infected computers.

Be sure that all systems (workstations. laptops, servers, perimeter devices) are patched and scanned with the latest signatures.

Links:

A good backgrounder on Conficker (aka Downadup) from Symantec: http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm

Continual updates on Conficker via SANS: http://isc.sans.org/diary.html?storyid=6043&rss

Checkpoint Smart Defense Services offers a mitigating protection against this for when you don’t have time to patch: http://www.checkpoint.com/defense/advisories/public/announcement/012209-downadup-confiker-worm.html

More technical info from McAfee, http://vil.nai.com/vil/content/v_153464.htm, and McAfee’s latest AVERT Stinger app runs a quick scan: http://vil.nai.com/vil/conficker_stinger/Stinger_Coficker.exe

MS Security bulletin: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

Also, a $250K reward offered by MS for arrest and conviction of the virus authors: http://blogs.msdn.com/wael/archive/2009/02/14/conficker.aspx

Thursday, July 10, 2008

Germans Shut Down The Ohm Project

In a move reminiscent of the recent ACLU revealing of the abuse of FBI "national security letters", The Ohm Project (ohmproject.org) was knocked off the Internet yesterday. Both The Ohm Project and E-Tunnels went dark on Wednesday about midday Central European time. Like the FBI letters, this creates a remarkable Catch-22 for the site's provider E-Tunnels:

"When an inquiry was made to the service provider, he said that "the German police" had made three complaints beginning about a month ago about unspecified "abuse" originating from one of the IP addresses assigned to E-Tunnels. The service provider, welcome2inter.net, claimed that he had been prohibited by the authorities from relaying the complaints to E-Tunnels even though they were the only party able to respond to the situation or correct it.
"

The Ohm Project is a highly recommended site providing information about threats to Internet privacy and freedom along with advice and tips about how to fight back against these encroachments.


This follows on the heels of last years strict German hacking law, that rules that even possessing computer security testing tools can be proof of intent to hack systems, which make Certified Ethical Hacking (the good guys) more difficult.

Boris Vilde has started "The Ohm Project in Exile" on blogger here. Please help him any way you can.

Friday, May 30, 2008

Can you get reimbursed when you purchase spyware?

I thought it would be useful to see this back and forth I recently had with a reader. His question was:

"In your opinion, does being victimized by such intruders as "Antispywaremaster" constitute fraud if in fact you authorize a debit of your account? I am in the process of disputing my purchase of their spoof antispyware program which infected my computer & would like your opinion on what the likelihood is of recovering my losses. Thanks."

This was my response:

"Let me preface my answer by stating that I am not a lawyer, and my opinion carries no weight in a court of law. But I believe that your credit card company should reverse the charge, as most cards have a provision to contest services or products that do not perform as promised, and this is as clear a case of non-performance as you can find.
As far as continuing a charge of fraud, in an effort to recoup damages over and above the initial charge for the software, I'm not sure how good your chances would be. A large portion of these malware writers are overseas, and law enforcement types are reluctant to go after groups unless they have rung up large losses.
BTW: Two good anti-spyware programs I use are: Spybot S&D http://www.safer-networking.org/en/download/index.html and Lavasoft's Ad-Aware http://lavasoft.com/single/trialpay.php both are free. I have great dislike for programs that pretend to be spyware, then infect your computer."

His response was:

"Your reply will not be used to bolster a law suit as I do not intend to pursue one but rather aid me in my resolve to recover MC charges & fees to my account."

This is good news, as the credit card company should reimburse for the faulty software, but it would be nearly impossible to collect damages from a virus maker. And be sure to always check AV sites, like Symantec or McAfee, or other info sites, before you download software.

And you can keep up with security news and info on the RDV Group news feed, at:
http://www.rdvgroup.com/rdv1/pages/Headlines/Default.aspx