Operating System Security(the joke is on us)

2 Comments

Recently with the debacle of the Gentoo Linux distribution falling prey to a Trojan due to negligence on the part of the repositories administrators(see here: http://www.theregister.co.uk/2010/06/14/linux_game_backdoor/ and here http://www.gentoo.org/security/en/glsa/glsa-201006-21.xml) . The Windows crowd has been spreading all kinds of dis-information or rather some severe FUD(Fear Uncertainty and Doubt) with regards to this event. The truth is that NO operating system is safe be a desktop computer or server running Windows, Linux, MAC OSX or Unix and its variants.

The reason why these folks are getting all crazy about it is because when it comes to Linux this rarely happens. Since Linux advocates put security as the main reason to switch from Windows to Linux now that this has happen they can point the finger back at them and say “uh huh you see I told you Linux security was nonsense”. The absolute truth is that Linux is safer than Windows by leaps and bounds due to the nature of how the Linux OS is built. The Linux OS is built with multi-user from the ground up meaning that every user runs in its own separate space within the system with its own set of processes and have no root or administrative access to critical system processes. Which means that if a particular user were to ever get an infected file (virus) or a trojan or any other malware it would only live within that particular user space and can’t affect anything else. Windows on the other hand was not built this way and no matter how many versions of it they release they are still not built that way. Yes they now have a UAC (User Account Control http://www.neowin.net/news/main/09/01/07/windows-7-whats-up-with-the-uac) but this is still not built the same as most Linux distributions are. The Windows system relies on a central registry so if something goes wrong with one part of the system it most likely affects the rest of the system. So these folks apparently either don’t or can’t comprehend this or they just turn a deaf ear to it; which is fine but then they should not get upset when their systems get compromised and its all over the news.

When using any OS one should make sure that secure practices are in place to install software and that these softwares are coming from a reputable vendor. In the case of a Windows system a Network Administrator should make sure that all the software has been signed by the vendor with a digital certificate and that Microsoft has verified such said certificate. On the Desktop side for home user this is not as easy as most home users have no clue as to what this is. So they just download everything and anything that has an .MSI or .EXE extension which is the reason why they get all kinds of malware and viruses and soon their PCs become part of Botnets (http://en.wikipedia.org/wiki/Botnet).

On the Linux side software is distributed through repositories which are verified by the company who distributes the OS such as Ubuntu and Canonical. Canonical makes sure that all their software in their repositories are verified and that they have a GPG signature(http://www.gnupg.org/). Which means that all the software distributed on the repositories are safe and can be installed. Now if a user decides to go outside of this repository then it is up to the user to make sure that the software is reputable and that it too has a digital signature and it can be verified. And the same thing can be said for MAC users as well. Although we are not 100% sure if MAC OSX users actually have repositories or even have digital signatures for their software. But Apple applies this concept to the iPhone/iTunes through their application store.

The best thing to do for Windows users is to install a good anti-virus and software that can check for rootkits within the system (What is a rootkit? See here: http://en.wikipedia.org/wiki/Rootkit). You can also set strong passwords for your user(s) accounts and try to be very careful where you download software from. In the case of web infections this is a tough one to deal with; our best advice is to use FireFox or Google Chrome instead of Internet Explorer regardless of the stupid commercials Microsoft has been displaying on TV about IE.  It is not safe no matter what they say. And keep your system up to date with the latest software. Although this can be a bit tricky as Microsoft can sometimes break your system on patch Tuesday so here you take your chances.

For Linux folks they have wrote a good article here on ZDNET (http://www.zdnet.com/blog/btl/five-tips-for-improving-linux-security/35798).

MAC OSX users pay close attention to Apple updates and install them as soon as they are available.

Remember if you are going to go outside of a trusted software vendor or repositories please make sure you can verify who they are.

iPad Security Issues! Say what…

Leave a comment

Another day and yet another iPad commercial of how great it is, well tell that to the 114,000 email owners who’s emails where hijacked by a brute force attack on ATT’s network. Apparently a poorly written script was the culprit. I know your saying well what’s this got to do with the iPad. Ah hello it only happened to iPad 3G owners which means because the iPad 3G has essentially a sim card to connect to the 3G network they were able to hijack customers personal information.ipad

So far the reports are only saying that they were emails but who knows what else they got from these iPads. The worst part about it is that consumers think that these devices are secure when they are not. Yet they make you enter your personal information right from the device instead of having you go to a secure web site to do so or better yet doing it right from an ATT / Apple Store, who cares if consumers are lazy these companies should make them. Convenience over security these criminals love every minute of it.

This is only one of the issues with this device. There are other security issues such as Safari XPS attacks (http://support.apple.com/kb/HT4196) which not only affects the iPad but also the iPhone, iPod Touch, MAC OSX and yes you guessed it Safari running on Windows as though Windows does not have its own security issues to deal with.

Sure the device is great to show your friends and for you to say “hey look at this cool device, is a big version of my iPod touch, I can’t get enough of these things” – pathetic. People please get it together identity theft is very real and can bring you some serious headaches. For you small business owners stay away from it sure is great for presentations and such but there are other more secure devices coming which will run the Android OS; have more bang for the buck and will be more secure such as the Notion Ink’s Adam Tablet (http://www.notionink.in/adamoverview.php) and the current WePad (http://tinyurl.com/y9x7joj).

Consumers need to start thinking before going out there and spending their hard earned money. They need to look at all aspects of the devices they are looking to purchase. Specially if such a device deals with making digital Internet connections over wireless networks.

For more on this story continue reading:

Safari 5! Oh yes is a web browser…

1 Comment

Safari 5So what is the big deal about this new browser? We honestly don’t see anything new that other browsers don’t already have. Extensions have been around for quite some time. Firefox has had this feature for a while now which is why it leads in this category. Google Chrome also has this feature as well.

Our question to you folks is why opt for a web browser that is closed source and besides the extensions has very little to offer. The browser runs like garbage on a Windows PC and is not available for Ubuntu/Linux at all; Yes it does run well in its native environment (Mac OSX) but most users don’t own a MAC. Although the use of extensions is very good for developers to add much needed functionality to this new browser it really offers very little compared to what is currently out there.

Safari has a ton of HTML 5 capabilities but so do the other browser such as Chrome and Firefox. Just a couple of days ago Apple showcased a bunch of HTML 5 (http://www.apple.com/html5/) functions which could only be seen if you installed Safari. We know Apple wants to push its products to the point where it wants to shove them down our throats but come on HTML 5 is an open standard/markup language . We think this is totally ridiculous that in order to see it you had to either fool the web site by making it think you had a Safari browser or to actually download Safari.

Safari 5 ReaderSafari 5 may have some good features such as a good Javascript engine and the use of WebKit which is open source but besides this we really don’t see anything else other than the fact that its a tad faster and it has a built in reader. It also has created a partnership with Microsoft to bring BING as the default search engine (Why would you dump Google and go with Bing?) and that it supposedly uses hardware acceleration. Take a look at all the new features here (http://www.apple.com/safari/whats-new.html).

In terms of security Apple has decreed that in order to create any extensions for its browsers developers must attain a digital signed certificate which to us seems reasonable and is free to obtain one, but you do see where we are going with this. Just like with the Apple store it will reject any extensions it does not like. So sure developers can go ahead and go crazy with extensions development . In the end however if Apple does not want to allow your extensions it simply will not issue a security certificate and your extension wont be published.

Apple has made it easier for the developers to built extensions and it will not use the same XUL language as Firefox to built the extensions as it will use a build in package called Extensions Builder which will allow the developers a much easier way to built and deploy their extensions.

As with the current stable version of Safari it will render pages very well with the exception to Web fonts which it currently blows out of proportion depending on the font. For example if you try to incorporate the Google font API into your existing web sites some of these fonts will not render correctly, Internet Explorer 7 has this same issue by the way.

Until Apple makes this browser available for all operating systems we don’t see why anyone would want to use it or even create extensions for it as it has very little market share and lacks functionalities that the other browsers currently have. What Apple should do is follow Opera’s lead and make it available to everyone. Apple sure loves to use Open Source code in their products but wont even make a crack in their closed closet door.

Google Sites a good way to start a small business web site

2 Comments

Here at SBN we are always looking for ways to get small business owners on to the web be it a one man show or a small business with 5-10 people. We have been exploring some services from Google which can provide a small business some way to get their business presence on to the web. Google Sites is such a tool; It is basically FREE for those of you whom are on a budget and need site up and running fairly quickly.

Google Sites

Benefits

Google Sites offers a variety of templates to easily build your site and get it on-line. This service also allows you to make it public or private and it can integrate with Google Docs(http://docs.google.com) to share information across your entire business(meaning you can allow documents to be shared or edited by other people). You can also access all the information from home since the service is cloud based; which means you wont have to worry about your home PC or office PC crashing as all your documents will be stored on-line. It also gives you statistical data on the site’s recent activity.

The site service also allows you to access the Google Web masters tools(http://www.google.com/webmasters/) which gives you access to on-line marketing tools such as Google Ad words and Ad Sense. This can be beneficial for small businesses since it gives them a way to quickly advertise a product or a service.

Site Templates

The service offers tons of customized templates for you to use such as:

These are only a few of the templates which you can use. Google also offers a premier version on the service which allows you access to customize the sites even further. However if you don’t mind using the templates then the free service is just fine until you can get your business off the ground. We think that this service can benefit any starting business as it cuts the cost of having to get web hosting, hired a web designer or buy an office suite. Speaking of office suite this service has an excellent editor tool which behaves very much like your typical word processor and can allow you to quickly add different pages/sections to your site all without having to write any complex code, but if you do require to edit HTML code you can.

You can also use an existing domain for your google sites, which means that you wont have to just use sites.google.com/your company name but you can actually use http://www.yourcompanyname.com

You can take a look at a quick video introduction here: http://www.google.com/sites/help/intl/en/overview.html

Here are some screenshots of what the administration tools look like.

Now by no means are we saying that you should not use a good web design agency or web designer/developer not at all. But what we are saying is that when on a tight budget and the need to quickly put your business on the web arises then this is surely the way to go without too much of a hassle. The one thing you will have to do is create a Google account. But by creating one you will also get access to tons of tools that can and will benefit your business.

The book of Jobs (post two of the thumb drive chronicles)

4 Comments

Moses came down from the mountain with tablets in hand to give to the masses the commandments of the Lord.  As these commandments where chiseled in stone so too is the faith chiseled in the minds of those who believe in their lord and savior.  But if your faith is more on a technological level, than a spiritual one and you are looking for that savior that is going to alleviate your woes of system crashes and deadly viruses and you are also looking to trade in your travel bible for a digital do it all.  To thee I say don’t panic because there is an APP for that.

In an auditorium full of anxious Faithfull’s and gleaming lights resembling Sunday mass at an Evangelical temple; Steve Jobs appear onto the crow with tablet in hand to give unto the world the IPAD.  And Jobs spoke selling the iPad as the messiah of technological innovation.  But like every other messiah before it, it has fallen short on deliverance and heavy on gimmicks.  Like every other new religion that springs up out of nowhere, with its ideas and underlining structures rooted on century old believes and sprinkle with a modern twist of propaganda so is the iPad rooted on four years old technology simply implemented in a bigger shinier package.

And Jobs said on to thee…

I am Steve Jobs, who brought you out of the land of Microsoft and free you from windows.

You shall surf the web anywhere.

You shall read eBooks.

You shall play games.

You shall watch videos and movies but you shall not purchase them anywhere else but iTunes.

For six days you shall labour and do all your work, but on the seventh day you shall enter the apple store and spend all of your money.

I shall take 30 to 40% of everything sold in the house of Apple.

Shall you make fun of me your app will be rejected from the app store.

You shall not use flash or even think about future support.

The lack of flash support in a device being sold as the ultimate web experience is like a born again Christian without the Holy Ghost.  75% of online videos are made in flash, 70% of games online are made in flash including those on face-book.  The IPad lacks support for Java, adobe Air, and lacks any USB connections.  Closing the devices to an apple mandated doctrine will only hurt the device in the long hull.  Forcing developers to use apple tools to produce their applications; only stagnates advancement and hurts the consumers in the long run. The lack of a camera has certainly crushed the hopes that many had for Skype conversations or for face to face meetings on the go.

But in the end no other company can compete with Apple in terms of product desirability or mass appeal.  Therefore I don’t see the Church of Steve Jobs fading anytime soon even under the worst recession we have seen in the last 60 years.  But less not forget that when it comes to aesthetics there is no other religion like the Catholic Church, where the Catholic Church fails is in being open minded and progressive and Steve Jobs seems to be pulling his doctrine out of the same page.

Windows 7 and Network Failure

Leave a comment

Long gone are the days of simple network setups and how much we miss them. Recently we had a client whom network setup went completely kaput after a Windows update. For some unknown reason the client’s network went completely haywire. The users within their office can no longer map any specific hard drives which are shared on the network nor see any computers/workstation which are part of Active Directory.

The setup for this network is very straight forward. The client is using Windows Server 2003 64-bit Enterprise edition with Active Directory/DHCP enabled.

Until now all their workstations were running Windows XP Professional with SP3 and they had asked us to upgrade all of these workstations to Windows 7 64bit Professional. So over this past holiday(Memorial Day 2010) weekend something went extremely wrong with their network setup. When employees got back to the office on Tuesday they could no longer see anything on their network, no printers, no servers, no shared directories and no workstations within the network.

So we were totally confused as to why this would happen. While investigating this particular situation we came across two workstation one which was still running Windows XP and another running Ubuntu 10.04. For some strange reason both of these PCs were still able to see everything and everyone within the network.

In our findings we discovered that Windows 7 somehow on its own changed from a Domain to a Work Group which is usually setup to network PCs whom are not part of a Domain, but why would Windows do such a thing. There should be no specific reason why this should change on its own unless an administrator switches the PCs manually.

After manually reconfiguring all the workstations to be part of the Domain again Windows 7 still cannot see any workstations, printers, shared directories or servers within the network. But the strange part about it is that they can access(and by access we mean just that not actually seeing it on the screen) things which were already mapped such as shared directories and drives. But any attempt to actually map or do a network search for a new drive or share directory does not work yet the workstations are now clearly part of the network Domain again because when we view the full network map on each workstation is shows that it is part of the domain. It goes to show that no matter how many pretty features you have on an Windows 7 or on any OS for that matter if you have a flawed system of performing updates and not taking into account the type of environments businesses might be using these updates will always create some kind of damage and failure.

I just hope for our clients sake that Microsoft did not pull one of their age old tricks and created a mess to make existing Windows 2003 server users upgrade to Windows Server 2008. That would really hurt our clients bottom line and this new version is not cheap.

But on a lighter note the users do like the Windows 7 Task bar.

If anyone has run in to a similar issue please let us know we would like to hear your situation.

Google Chrome Web Browser Version 6

1 Comment

The new version of Google Chrome web browser has been released (http://www.google.com/chrome/intl/en/more/index.html). This new version uses the WebKit engine (http://webkit.org/) to render its HTML/CSS and JavaScript pages. It also boosts support for lots of CSS3 features such as the ones found here (http://tinyurl.com/35lupzz) plus lots of HTML5 features as well. The browser also lets you import your Fire Fox bookmarks and it allows you to sync your bookmarks across PCs which have the Google Chrome browser already installed(very cool feature).

Google Chrome Start Page extesion

Speed

The one thing that has really impressed us about the browser is its speed. We have tested the browser across several operating system such as Windows(XP,7), Mac OSX and Ubuntu 10.04 and it is fast. Very quick to start up and loading the actual web sites. The only other web browser out there that is faster than Google Chrome is Opera 10.10(http://www.opera.com/browser/). This new version also features a faster JavaScript engine which makes JavaScript driven applications to perform much faster.

Security

In terms of security the browser is very solid just like Fire Fox 3.x(http://www.mozilla.com/en-US/firefox/personal.html). It actually warns you if you have stumbled into a web site which could harm your PC. This however does not mean you should throw away your anti-virus software specially if you are on a Windows PC(regardless of the version your are running).

Google Chrome Feedly page

Extensions

In this area just like Fire Fox the browser shines as it already has tons of extensions for you to choose from and they work extremely well. You can also find most extensions which are available for Fire Fox such as Feedly or Pixlr Grabber. In terms of developing extensions Chrome makes it easy to do so, you can take a look at this article here (http://www.mattcutts.com/blog/write-chrome-extension/).

Conclusion

In our opinion if you have not tried Google Chrome you should for three reasons.

  1. Faster web browsing experience
  2. Better security
  3. Lots of extensions to choose from.

If you are currently running Internet Explorer (6,7 or 8 ) and you don’t necessarily need it for any specific web applications then we say dump it like your life depends on it as it lacks support for various CSS 2.1, CSS 3 and HTML 5 features which are rapidly being deployed to new web sites. On this merit alone Internet Explorer should be dropped like a bad habit (not to mention security issues).

If you are running the latest version of Opera or Fire Fox then you should be OK as both of these browsers keep adding more CSS 3/HTML 5 functionalities. But if your adventurous then give Google Chrome a shot you just might like it. Take a look at some of the capabilities of Google Chrome here http://www.chromeexperiments.com/ and you can download it here http://www.google.com/chrome?hl=en.

Older Entries Newer Entries