Apple Needs a Doctor : Bitten by JAVA - 2

1.    The Flashback fiasco,as discussed in brief here, was the catalyst for one of the most meaningful decisions Apple made in order to beef up OS X security ie Removing JAVA. "Flashback both led to Apple removing Java from their default installs, and prompted them to release a dedicated cleanup tool," security researcher (and former security engineer for Obama for America) Ben Hagen told Ars. "When an OS vendor releases a dedicated cleanup tool, you know things are bad.The removal of Java was a very Interesting decision and de facto statement by Apple. Java on user systems has become a notorious vector for exploitation; with new, remotely executable vulnerabilities coming out several times last year," Hagen said. "Removing Java both simplifies Apple’s position and provides a safer default state for its users."[Source : http://arstechnica.com/].

2.    Another key decision taken by apple apart from disowning JAVA was endevor to signed security model for apps ie restrict the origin of third-party apps installed on the system, therefore protecting the user from inadvertently installing apps from malicious or unknown sources.Called Gatekeeper, this feature required Apple's developer ecosystem to either sign their apps with a registered certificate—holding them at a higher level of responsibility for when things go haywire—or selling their wares through the Mac App Store and giving Apple its 30 percent cut. [Source : http://arstechnica.com/].

3.   Java is a veri popular program and is used by millions of users worldwide in Windows, Mac and Linux operating systems and in mobile and television devices. It is this popularity that has made it a favorite target of the hackers.So today when we cannot surf without enabling JAVA.....apples decision is indeed a tough step....for those of you who do not realise the importance of JAVA...just try surfing the web disabling JAVA scripts in your browser...u will be surprised you will be prompted at every step to ensure a successful loading of most of the web pages....In fact the U.S. Department of Homeland Security advised computer users to temporarily disable or uninstall Oracle Corp's Java software, stating that a serious flaw in the software could make the system vulnerable to hacking.The warning came in an advisory posted on the department’s website amid the escalating fears and warnings from the net security experts about a flaw in Java Runtime Environment (JRE) 7 and earlier versions that allows the hackers to install malicious software and malware on computers.The vulnerability is so dangerous that the Department of Homeland Security's Computer Emergency Readiness Team urged the people to stop using the software immediately to mitigate damage.Source : [http://www.ibtimes.com/]

4.   So...did u just start thinking of disabling JAVA?????

Apple Needs a Doctor : Bitten by JAVA - 1

1.   The year last ie 2012 was full of various security OS issue like it has always been over years...but one landmark news that made waves was the flashback malware that hit APPLE's Mac that has been long promoted as a safer OS amongst other peer competitors.But as always SIZE DOES MATTER..so as APPLE and market share grew, it became more proner. Dr  Web said that an estimated 600,000 Macs were as of April 2012 infected as a result of users unknowingly installing the FlashBack malware.So before I move ahead...here's a simple FAQ compiled to understand more about FLASHBACK :

What exactly is Flashback?

-  Flashback is a form of malware designed to grab passwords and other information from users 

-  Spread through Web browser and other applications such as Skype. 

-  The user typically mistakes it for a legitimate browser plug-in while visiting a malicious Web site. 

-  At this point, the software installs code designed to gather personal information and send it back to remote servers. 

Apple needs a DOCTOR

When did it first appear?

-  End of September 2011

-  Pretending to be an installer for Adobe's Flash the malware evolved to target the Java runtime on OS X, where users visiting malicious sites would then be prompted to install it on their machine in order to view Web content. 

What has Apple done about it?

-  Apple has its own malware scanner built into OS X called XProtect. 

-  Since Flashback's launch, the security tool has been updated twice.

-  A more recent version of the malware, however, got around XProtect by executing its files through Java. 

-  Apple closed off the malware's main entry point with a Java update on April 3, and has since released a removal tool as part of a subsequent Java update.

How do I tell if I have it?

-  Right now the easiest way to tell if your computer has been infected is to head to security firm F-Secure and download its Flashback detection and removal software. 

BARE METAL ENVIRONMENT & HYPERVISORS

1.   I had till now been playing around with Virtual Machines for quiet some time . I started with loading xp on Vista around 2006-7 and then tried networking,played around with basic linux OS....but what I did everi time was that I loaded the host OS first and then allocated the desired resources in form of some RAM and HDD and then booting the new OS....but then I was wasting the host OS Resource that actually is running the various virtual machines on it.....so how to use that, is where Bare Metal Environment comes in to rescue.

2.    Simply told,a bare metal environment is a system in which a virtual machine is installed directly on hardware rather than within the host operating system (OS). The term "bare metal" refers to a hard disk, the usual medium on which a computer's OS is installed.But then how come it is called virtual when the machine is directly running on the hardware? So actually a kind of  a pseudonym since a virtual machine running directly on bare metal would technically not be a virtual machine. In such cases VMs run within a hypervisor which creates the abstraction layer between physical and virtual hardware. So whats Hypervisor?? :-)

3.    A hypervisor is actually the virtual machine manager (VMM), or a virtualization technique allowing multiple operating systems to run concurrently on a host computer. Multiple instances of a variety of operating systems may share the virtualized hardware resources.The hypervisors are classified into basically two types as follows :

Type 1 refers to bare metal hypervisors that run directly on the host's hardware to control the hardware and to manage guest operating systems. 

Type 2 refers to hypervisors that run within a conventional operating system environment. With the hypervisor layer as a distinct second software level, guest operating systems run at the third level above the hardware.This classification can be made more clear with the help of figures below :

TYPE 1 : THE NATIVE BARE METAL TYPE

(click to enlarge)

TYPE 2 : HOSTED TYPE

(click to enlarge)

4.    Thanks Wiki and http://forums.hornfans.com

Security Design @ WebHosting

1.  At a time today when new websites are being hosted at quite a pace,proportional is the pace of hacking and defacing of these websites.Today you have a website maker in the market who may simply demand some Rs 500/ per page design and few more hundreds for hosting it...and we all are ready to do pay him....but at what price....is it simply the final handing over taking over of the password that closes the deal between you and the designer/hoster?....NO....I rate it equivalent to the toss....thereon the match begins.....just a matter of time depending on what all security parameters/variables/factors you took into consideration while designing it?

2.  Specially concerned with web sites who have E-Commerce and transactions or who deal with handling database of huge sizes which can be critical later on, if compromised any time.The following factors should be noted down and infact dealt with seriously to be kept on high priority while designing and final hosting :

- Password /Data Protection : You must have a sound password and methods to protect all the DATA in place.

- OS/Server hardening : You use a windows or a linux....rest assured you must always used a hardened OS/Server.

- OS Selection : Create and design on any OS...today you can launch it on web.A more vulnerable OS which has had a history of hacks and known exploits should be avoided.

- DDoS Protection : Shared hosting servers are vulnerable to attacks by hackers who carry out their work by uploading malware or otherwise malicious sites or code onto a server. These malware programs be introduced to a server through security vulnerabilities in a legitimate client’s site, and the malware is used for anything from stealing credit card data to launching a DDoS, or Distributed Denial of Service attack.So think before you fire up your site.

- Spam filters : No explanations

- Firewalls : Must...so many types in market : Decide like what you r going to select a HARDWARE FIREWALL or a SOFTWARE FIREWALL.The selection is of crucial significance in deciding the overall security rating!!!

- BACKUP : You must have a way to keep backing up all your data.Some ploicy should be designed of what happens if owing to some kind of reason you loose all ur data....mirror or offline backup!!!!anything...but keep in mind.

- SSL enabled server : MUST

- SFTP: Though FTP is not that bad....but when SFTP is there....y bank on a relatively lower secured protocol......

Windows 8 Developer Pre BETA : How to get full screen on a VM?

In continuation with my earlier post here about windows 8 Pre Beta edition,one thing that bugged me for a while was not getting the display across full screen in spite of choosing "view full screen" from drop down.The answer to this goes like this

..SIMPLY CHOOSE A HIGHER RESOLUTION AND U WILL GET IT....

Simple to get till u know!!!!!!!!!!!

Windows 8 Developer Preview : Pre Beta Version for Developers

I recently downloaded the Windows 8 Preview Developer edition from http://msdn.microsoft.com/en-us/windows/apps/br229516 and then tried running it as a virtual machine.Found the following issues :

- does not run on VMWARE 7

- runs on VMWARE 8

- Donno y...but runs at a pathetic speed on VMWARE 8 inspite of a good resourceful machine with upto 1.5 GB of RAM.

- Even on installation on VMWARE 8...doesnt show the NIC card so it has no access to Internet.So no updates.

- Runs at a horse's pace in VIRTUAL BOX.

- No NIC issues in virtual box.

NOKIA & MICROSOFT : A MERGER TO READ ABOUT

1.    In todays shrinking world when we hear of merger of giants...its part of normal breaking news which hardly puts together rolling eyeballs 7 pop ups ....But this one is slightly different or if not different it is really BIGGGGGGG.This is about merger of fantabulous phone hardware NOKIA and the operating system giant MICROSOFT coming toether to produce and try beating the phones across?

2.    The deal which was in the rumour rounds already went much ahead of the expectations.....in effect, Nokia is handing over its future - in smartphones at least - to Microsoft and Windows Phone 7.  That means Good bye & Happy journey Symbian . So can the combo really become the third horse in the race, giving Apple and Android a run for their money ?I have my doubts....

3.    Crux of the acquisition pointwise listed below :

- Nokia to embrace Windows Phone as its principal smartphone.

- Nokia to contribute its expertise on hardware design, language support.

- Both would closely collaborate on joint marketing initiatives .

- Bing would power Nokia’s search services(nobodys guess!!!)

- Nokia Maps would be a core part of Microsoft’s mapping services.

4.    Just to mention,a year earlier when this merger was being talked about, was once declared an april fools rumour. And now about a year later it is on official Microsoft site.Thanks Microsoft site for info

OS CARD : For now just an idea sirjeeeeeeee!!!

1. Recently I came across this interesting idea article which introduced me to the OS Card.....yess...the operating system card....read on for some interesting info

(a) The "OS Card" would be inbuilt with a independant operating system that is installed or flashed onto a PCI-E card for computers.

(b) Complete operating system such as Windows/solaris/ubuntu etc would come preloaded one of these cards. Instead of booting and running your OS from your local hard drive, it would run most of the OS from the PCI-E card.

(c) The card would be read only, protecting vital system files from malware such as trojans or viruses. A small number of system files that would require read and write functions would be copied to your local hard drive where they could be modified and read by the card.

2. What would this do? For amateurs it would make installing an operating system much easier. Instead of having to deal with CDs, DVDs and serial numbers a person would simply buy the card and put it in their computer.

3. The best thing to be curbed is that this would be able to put a serious incision in piracy of operating systems. Furthermore, it would free up a considerable amount of space on your hard drive.

4. The OS Card could come with it's own independent CPU and Memory (RAM), which would completely remove the need for an operating system's system requirements. This would most likely speed up all other processes and events being run on the computer now that system processes are now no longer hogging PC resources.As on date some info on related product at http://www.gi-de.com

5. What an idea sirjeeeeeeee@ http://www.creativitypool.com

SVCHOST.EXE vs SCVHOST.EXE

1. Two approximately similar names but with poles apart function and reason to exist.If ever you have tried cleaning or accessing an infected pen drive you must have come across these names in the file names list.I would just try and make the difference clear in brief below.

2. SCVHOST.EXE is a process which is registered as W32/Agobot-S virus. This Trojan allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your system.

3. SVCHOST.EXE is located in the System32 folder and is an built-in part of Windows OS. It cannot be stopped or restarted manually. This process manages 32-bit DLLs and other services. At startup, Svchost.exe checks the services portion of the registry and constructs a list of services that it needs to load. Under normal conditions, multiple instances of Svchost.exe will be running simultaneously. Each Svchost.exe session can contain a grouping of services, so that many services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging.

4. I hope this amply makes the difference clear