Category Archives: IT Security

Upgrade your OpenSSL as soon as you can

The flaw can potentially be used to reveal not just the contents of a secured-message, such as a credit-card transaction over HTTPS, but the primary and secondary SSL keys themselves. This data could then, in theory, be used as a skeleton keys to bypass secure servers without leaving a trace that a site had been hacked.

This bug not a problem with OpenSSL’s inherent design. It’s an implementation problem. That is to say it the result of a programming mistake. There is already a fix available for the problem for the 1.01 program in OpenSSL 1.0.1g. Work is proceeding rapidly for a pair of the 1.02-beta line.


Another how to keep yourself safe on the internet post :-P

With the latest phishing scam going around, in South Africa at least, I have written up this post to get my opinion on keeping yourself safe from the scammer. The title of the phishing mail that prompted this is “ Daily Top 10” from “Daily Top 10”. It caught me at first until I relised this was received on the wrong account as I have a sub to a similar service. All the links in the mail go to a fake CNN site that says you need to download their video player, this video player contains a key logger than will send all keystrokes you make to another party that will probably use it for their own gain. I must say that every time I have tried the site linked it appeared to have been taken down.

There are a few important rules to using the internet, and they apply to many other forms of communication: There are a few important rules to using the internet:

  1. If it seems too good to be true, then it is most likely is!
  2. If you receive email asking for personal or financial information, delete it! They already have your information, and if they really need your information they will probably do it through more personal contact.
  3. Never give out your personal information to anyone, they can and possibly will use it to impersonate you. Continue reading

Full Disk Encryption

I will be redoing the TrueCrypt Benchmarks in the next week on a new PC that is standard spec where I work. It will be Core 2 based with 1GB RAM and SATA drives. I am running TrueCrypt’s FDC on my MacBook Pro under Bootcamp and I haven’t noticed any perceivable performance drop even playing games like COD4 and Company of Heroes.

EDIT: I have started the testing, but things at work just went waaayyyy wrong. These will be out as soon as I can get them done.

Benchmark PGP versus Truecrypt Full Disk Encryption

I noticed something rather important missing in the realm of Full Disk Encryption, and that was benchmark data. The methodology I followed may be a bit unorthodox but would provide me with a consistant platform to test with.

I installed Windows XP SP2 on VMWare Fusion and applied all the patches available from our WSUS server. After installing the Benchmark application I created a SnapShot so that I could revert to the original install everytime with no deviations in installation, i.e. I was lazy.

I only encountered one major problem with running the Disk benchmark on PC Mark 04 when using TwoFish/RIPEMD160 encryption in TrueCrypt the entire benchmark would come up with the useless Windows Has Encountered a Problem message.

Continue reading

Virus that could threaten both Win32 and Linux

Excerpt from MyADSL
Hackers have released a sample code for a virus that could infect both Linux and Windows PCs.
The virus, which was given the double name Virus.Linux.Bi.a/ Virus.Win32.Bi.a, was reported last week by security firm Kaspersky Lab.

Security researchers worry that the malicious code may be part of a disturbing new trend of viruses that can run on Windows, as well as other operating systems that have been largely ignored by hackers.

“The virus is written in assembler and is relatively simple,” Kaspersky says in a posting to the company’s Web site.

Hmm, I wonder if this means that a Mac could also be infected. Guess so since it is a Unix core…

The scariest part is that Kaspersky says that it “is relatively simple” which means here come the script kiddies…

Looks like it is time to start worrying about your computers protection all over again

Mark’s Sysinternals Blog: The Case of the Mysterious Driver

Mark’s Sysinternals Blog: The Case of the Mysterious Driver

A bit biased mabye but still worth the read. He is not one of the top Security dudes in the world for nothing.

In case you do not know who he is (sic) have a read on the Sysinternal About Us page

Between him and Steve Gibson they are not the most liked but they are imho worth their salt and I think always worth considering

Can Microsoft save us from the phisers

Can Microsoft Save the Net?  – Wired

Working late one night a few months back, I was just about to sign off when I decided to check my email. At the top of my inbox was a message from PayPal, “confirming” a change in my email address. But I hadn’t changed the address. In an exhausted panic, I clicked the link to correct an obvious fraud.For a split second the browser opened not to PayPal but to an unrelated IP address. Then, almost instantaneously, the screen was replaced by what looked exactly like a PayPal window, requesting my password to sign in. This wasn’t PayPal; it was a phishing bot. Had I been just a little drowsier, I might have been snagged by the fraud in the very act of trying to stop it.

Spotlight on govt IT security – ITWeb

Spotlight on govt IT security – ITWeb

The eSecurity and eCrime Thought Leadership Forum, addressing IT vulnerabilities in the government, begins tomorrow in Vanderbijlpark.advertisement
Click here
The two-day event will feature security experts from the South African Police Service, the State IT Agency and the corporate sector.

“With 10 new vulnerabilities reported every day, it is a full-time job for government to just patch up the cracks in security infrastructure, let alone take a proactive approach,” notes Kenny Nkosi, public sector executive manager at Faritec, who will address the forum.

MS Anti-Spyware Deleting Norton Anti-Virus – (

Security Fix – Brian Krebs on Computer and Internet Security – (

Microsoft’s Anti-Spyware program is causing troubles for people who also use Symantec’s Norton Anti-Virus software; apparently, a recent update to Microsoft’s anti-spyware application flags Norton as a password-stealing program and prompts users to remove it.According to several different support threads over at Microsoft’s user groups forum, the latest definitions file from Microsoft “(version 5805, 5807) detects Symantec Antivirus files as PWS.Bancos.A (Password Stealer).”