Category: Uncategorized

PhotoShop in the news

PhotoShop is now in the news after a photographer at Reuters (probably a freelancer) seemingly faked a picture of a bombing in Beirut.

The photo was obviously hacked, and very poorly at that. 

Here’s the modified picture, obviously manipulated:

20060805BeirutPhotoshop

Via little green footballs.

And here’s the actual picture:

R1119244085

Via Sportshooter.com.

And who exposed it?  A few people on the Internet, apparently starting with a blog post at LittleGreenFootballs.com

Power to the people.

Alex Eckelberry

Update:  Photographer says he was “trying to remove dust marks”.

Sunbelt IT Security Recap for the week of August 7

A new feature of this blog will be weekly IT security news. Targeted at system administrators, it’s a recap of events as well various tools.  From our weekly newsletter, WServerNews.  

Redmond’s One Big Vista Mistake
Well, if you believe recently published data from Jupiter Research, about 50 percent of companies either won’t deploy Windows Vista at all or will wait at least 13 months after the system’s November corporate release to begin installation. Why am I not surprised?

There’s a lot that stands in the way. First of all hardware. You need some pretty advanced ‘schtuff’ to run Vista flawlessly. But there are also upgrade issues. For instance W2K users will not be able to upgrade to Vista, but can buy it at a discount (you will need a clean install though). XP Pro users will only be able allowed to upgrade to the Vista Business and Ultimate editions due to complications arising from built-in XP Pro features.

And what is Redmond’s One Big Vista Mistake? Ballmer admitted recently that one big, wrong decision led to all the Vista delays. They took a “Big Bang” approach and tried to overhaul all of the OS core components at the same time. That strategy eventually led to a fiery development crash. But now they have their act together, and the new OS seems to be a lot more secure than earlier ones. The proof is in the pudding though, so we’ll believe it when we see it.

Check this out: Free Web Employee Directory + Secure Self Service – rDirectory for Active Directory. Link here.

August: Another Big Patch Month
They will release 12 security bulletins next Tuesday to fix holes in both Windows and Office. Ten patches are for Windows, with at least one rated as “critical”. The other two security updates, at least one of which also is rated “critical,” affect Office. The patches, some of which will require a restart, will be released on Aug 15. That same day, they will release an updated version of its Windows Malicious Software Removal Tool.

Learning Guide: Managing Virtualized Environments
This guide explores best practices and pitfalls to avoid when managing virtualized environments. You’ll find virtualization performance, security and configuration checklists, tips, white papers and more to help you manage your virtual environment efficiently (free registration required).  Link here.

Three Ways To Improve Wireless Network Access For Your Users
Wireless networking has been a massive boon for those organizations with employees constantly on the go who need to have network access no matter how far they are from a LAN port. If your company has workers who rely on wireless networking, here are three tips to improve your wireless strategy – especially if the company has it in multiple locations (free registration required).  Link here.

Why HTTP Can Hurt Exchange ActiveSync Attachments
Exchange ActiveSync uses certain custom extensions on the HTTP protocol — called HTTP “verb” commands — that are sent in the context of an HTTP request to tell the server what the mobile client is trying to accomplish. If one of these “verbs” is blocked by a proxy, firewall or server-side constraint, attachment synchronization to mobile devices will fail. The same issue can create SharePoint errors as well. At SearchExchange, here.

Filemon, Regmon Will Stay Free
Sysinternals founder Mark Russinovich says Microsoft’s top priority is keeping widely used admin tools like Filemon, Regmon and Process Explorer freely available. At SearchWinIT.com here.

eWEEK Labs Review: From MOM to SCOM?
Microsoft SCOM 2007 streamlines a host of operations, but there’s no upgrade path. SCOM 2007 Beta 2 System Center Operations Manager 2007 Beta 2 is a big step forward for Microsoft’s management platform, although there is no way to upgrade current MOM installations. New user roles, design templates and discovery methods will ease installation and make the product easier to use in audit-conscious organizations. The Lab Review is recommended, it’s at the eWEEK site, here.

Redmond Management Deck Shuffle
Microsoft announced yesterday that Brian Valentine, senior vice president of the Windows Core Operating System Division (COSD), Dave Cutler, a senior technical fellow, and Amitabh Srivastava, corporate vice president of COSD, will leave the Windows team after the completion of Vista to pursue other opportunities within the company. After Vista is released to manufacturing, Cutler and Srivastava will work to develop Microsoft’s Live online products and services directly with Ray Ozzie, Microsoft’s Chief Software Architect. Jon DeVaan will serve as senior vice president of engineering and will share co-leadership of COSD with Valentine until his departure. DeVaan will assume full control of the division following Valentine’s exit.

Get Yer Red-Hot Compute Cluster Servers Rite Heah!
As expected, Microsoft announced this week customer availability of its first entry into high-performance computing circles. Windows Compute Cluster Server 2003 was released to manufacturing (RTM) in July with customer deliveries starting this month. Read more at ENTMag, here.  

Microsoft Reveals Additions to W2K3 SP2
Redmond revealed more detail about some new features of the coming SP2 for Windows Server 2003. The development team released more data on their Windows Server Division Weblog this week. Instead of repeating everything, you should definitely check out their blog!

Stu

Internet Traffic Report client

Itrc 

Want to know exactly what’s happening on the net, without having to launch a browser every time? You could always use the Internet Traffic Report (ITR) client from Analog/X: 

So just what exactly will this wondrous program do? Most of the time it will sit happily in your system tray (normally in the lower right of the desktop, where the time is shown). While in the system tray, it will indicate the current ITR rating for network performance. Not in the US? No problem, in the configuration you can specify which region you would like to monitor, and that will be the ITR rating displayed! But the ITR client doesn’t stop there, it also includes a super-fast trace route utility to help spot problem areas on the Internet, as well as let you see what other computers you move through when going to other locations on the net. A visual ping utility is included, to help visualize what’s happening – while the graphs look cool, the import information is the minimum, maximum and average output displayed at the bottom.

It’s on their links page. There is a blue sidebar on the right of the page that has their tools on it, where you can download the ITR client.  Page link here or you can click here for a direct download.

Alex Eckelberry

Sunbelt August seminar on spyware

Seattle: “Winning the War on the Spyware Battlefield” – Join renowned spyware researcher and Sunbelt’s Director of Malware Research, Eric Howes, for an engaging discussion on the scope of the spyware problem, as well as outline how CounterSpy Enterprise can help better protect your organization from spyware threats.

Hosted at the Microsoft office in Issaquah, WA on Thursday, August 24th. Register here.

Alex Eckelberry

Google gets more proactive on protecting surfers

You may notice that Google is getting a bit more proactive about protecting surfers.  For example, we ran across this site today, with a warning from Google:

Google_111093

Users are referred to StopBadware.org, which the Harvard-based organization with corporate sponsorship from Google and Sun (and which Sunbelt’s Eric Howes is on the working group).

Alex Eckelberry
(Thanks Adam Thomas)

Did Michael Lynn really crash the Cisco party at Blackhat? Hmmm…not so sure about that

I’m a bit confused. Network World, a worthy and highly respected IT publication , ran a story this morning with the headline: “Juniper researcher Michael Lynn crashes Cisco party at Black Hat”.

The article goes on to say:

“…Michael Lynn, who now works for Cisco rival Juniper Networks, evaded the security checks Cisco had put in place for the party, which included a name check and legal identification. Lynn and his friends, declaring “Cisco owes us a drink,” gleefully posed in front of a Cisco sign inside the Pure Nightclub.”

Not true, according to Gadi Evron, who was actually went to the party with Michael Lynn. 

We went to the party, registered, said hello to a couple of Cisco employees who knew who each and every one of us was (bouncers), a club bouncer, and entered the party. One of many community fun after-parties that come with these conferences.

So far so good. Cisco was fun and the party was great. Mike spoke with many Cisco guys (no hard feelings on either side, it seems, we’re all in the same industry) and we even got our pictures taken together.

Link here.

Alex Eckelberry

Macs pwned

Anyone who has half a head in the sand right now has heard about  Jon “Johnny Cache” Ellch and David Maynor hacking a Mac in 60 seconds at Blackhat.

It’s important to realize that this is not a Mac vulnerability.  It’s in a 3rd party wireless card.

Classic is what Maynor said, also quoted today by John Paczkowski

“We’re not picking specifically on Macs here, but if you watch those ‘Get a Mac’ commercials enough, it eventually makes you want to stab one of those users in the eye with a lit cigarette or something,” Maynor said. “The main problem here is that device drivers are a funny mix of stuff put together by hardware and software developers, and these guys are often under the gun to produce the code that will power products that the manufacturer is often in a hurry to get to market.”

Of course, those who actually read this blog know that you don’t have to watch the “Get a Mac” commercials.  You can always watch the Lost Mac Ads instead. 

And yes, for the three Macheads who read this blog, I know, I know: Windows is still less secure, Macs are more secure, they are bitchin machines, etc.  But it’s just the holier-than-though thing that kind of tires the UnRest of Us.

Alex Eckelberry

More playing with Meebo

Ok, this service is getting very cool.  Meebo, the universal IM client that works through the web, just released a widget.  I’m testing it on the blog for a brief time — feel free to try it — it’s on the right side of the page (don’t be insulted if I don’t respond, I’m a wee bit busy, but you can always email me). 

Those concerned about security on Meebo should be, as with any use of IM.  I admit that for me, IM is a throway type of activity.   I’m not an active IMer and I don’t use it for anything sensitive — I use it primarily to find out if people are in, or to ping someone quickly.   So I’m not as sensitive about this as others may be.

But if you’re curious, Meebo encrypts all passwords with 1024-bit RSA keys (except on IE 7, which they still don’t support…). 

IMs on the main Meebo servers are sent in the clear.  For those wanting end-to-end encryption, however, they do have several SSL-enabled servers (accessed at https://www.meebo.com) which offer increased security.   They have more details here.  (IT managers can really groan—there’s a Meebo repeater which bypasses blocking).

(Thanks for this tip to security guy Xavier Ashe, who put one up as well.)

Alex

Microsoft reorganizes, Culter to become a web 2.0 kinda guy?

Big reorg at Microsoft. 

And this is interesting: Dave Cutler, the father of NT (and arguably one of the greatest operating systems geniuses of all time) is now going off to work with Ray Ozzie on Live.  From Paul Thurrott:

David Cutler…will be reassigned outside of Windows to work directly with Microsoft Chief Software Architect Ray Ozzie on “initiatives focused on Live products and services.” 

(This is the same Cutler who said to Gates “I won’t pollute it [NT] with crap!”.)

Crusty Dave Cutler, working with Ozzie, the hyperkinetic web services visionary?  Is this a marriage made in hell or is it something that will really get Cutler excited?  

Link here.

 

Alex Eckelberry

Feb.gov hacked by Islamic hacker

Well, this is embarrassing — feb.gov has been hacked.  By an Islamic hacker who even adds the nice touch of playing the call of a muezzin.

Islamhack0131

What is the Federal Executive Board?  From SecuriTeam:

The Federal Executive Boards (FEB’s) were established in 1961 by a Presidential Directive to improve coordination among Federal activities and programs outside Washington. The need for effective coordination among the field activities of Federal departments and agencies was then, and is still, very clear.

Link here via SecuriTeam.

 

Alex Eckelberry

Journalism 101

Incredibly, the State Department has just released a comprehensive primer on journalism.  You can read it here.   This is a concise but very useful overview of the field.

Today, the line between traditional journalism and blogging has become blurred.  Blog sites provide news.  And traditional journalism sites are adopting blogging styles.

It’s a trend that requires readers to be wary:  Blogs are not journalistic sites.  They are journals.  Getting your news as fact from a blog is not the best idea, unless you take it as one opinion out of many.  And, of course, outright belief in much of the news you read is also dangerous.  You need to make up your own mind about what you read and see — not through the filter of someone else.

Alex Eckelberry
(Hat tip)