A BLOG BY MELIH ABDULHAYOGLU

Human beings are social animals. We want to connect and interact with eachother, we crave for it and when we find a new method, we grab it with both hands! I mean, take a look at the technologies that connected us throughout the history! The biggest one was a “wheel”! Yep, Transportation is a mechanism to connect us all, then we have Communication “pigeons”! and so on. Between a wheel and pigeon, we now have cars, trains, automobiles, Internet, printed media, Pubs (yep a great connector indeed) the list goes on. The point is connectedness is an insatiable hunger for us humans.

And now we have Internet!

Yay, yay, yay!

It connects us in a way we could only dream of. But pls don’t be fooled, it ain’t enough! Until everyone connects to everyone 24/7 we won’t rest. Even then, we won’t be satisfied. But hang on a minute… a Wheel, I understand how it gets me from one place to the other, a Pigeon, ok sometimes they get lost, but they get to where I want them to. When I get onto a train, I know where its going to take me (apart from one occassion i got the wrong train ), these things that connects us are physical things that I have a means to trust.

But how about Internet?

Melih

Talk Back

Ok.. Authentication.. then what?

not the ones that reads your fingerprint etc.. we are talking about a much bigger market of Authentication!

Let me start by asking few questions first

1) How many % of your time were you spending being connected to another human being using technology in 1980’s?

2)How many % of your time are you spending being connected to another human being using technology now?

Ok.. now extrapolate that chart into future!

What do you see?

Yup! Everyone is going to be connected to everyone else all the time!!!

So what does this mean?

It means, human race is connecting itself! (about bloody time I say!..) It means more interaction! More interaction that will result in more Transactions! More transactions cannot take place unless there is Authentication!

Its a simple formula:

More connectivity –>More Transactions –>Bigger Need for Authentication

Imagine a physical world where we have No Authentication technologies.. in this world, i could give you a piece of paper

and say, here is a $20 bill and you have no means to dispute what I say! What would happen to our Economy then? Chaos I guess! This is very much where Internet is today…

By the way: This is how $20 bill looks like

It serves you content (Internet is a Big Content Serving Engine) but this content has no authentication built in, so you can’t dispute its legitimacy, whether its real or fake, you just have to take it! Just like me giving you a piece of paper saying its $20 bill and you just have to take it! Doesn’t sound right does it!.. Well reality is this is Internet today! its the Internet with no Authentication layer! It has a search engine layer called Google (sorry Yahoo, MSN..I love you guys all ) but it has NO AUTHENTICATION LAYER. This very Layer that we call Authentication Layer is what I am trying to weave into Internet!

Authentication will be an enabling infrastructure! Today, trust online is established thru branding exercises. That’s why we only shop with the brands we know.. the taiwanese guy who sells cheap stuff online, to majority of us, sounds too good to be true and pass on what they have to say. Why, because we can’t authenticate/validate their claims! why not? Because we don’t have an Authentication Infrastructure!

 WE WILL CHANGE THIS! (with a little help from everyone of course )

Because we can’t validate claims (authenticate content) we only with online retailers whose brands we recognise. That is why Internet hasn’t happened for people who can’t throw hundreds of millions of dollars in building a brand! Thats pretty much 99.99% of the online retailers out there! They have no means to be able to say: Hey look, I am legit! Trust me! Shop with me!

 Therefore, Authentication as an enabling technology will help us consumers and online retailers both! Actually it will enable things we haven’t even thought of! Internet hasn’t really happened yet!

Melih

Talk Back

http://news.bbc.co.uk/2/hi/technology/7120251.stm

Here we are, an 18 year old who made $20 millions, taking over unsuspecting user’s machine, stealing their data as well as using their machine in criminal activity to steal more data and money!

Was your computer one these millions of computers turned into a Botnet? Are you a Zombie?

Melih

Talk Back

To Prevent or Not to Prevent! That is the question!Yeah, is it?

Yep! It is.

What are you preventing?
Global Warming?

No Silly… the Alien invasion! That’s what we are preventing…

Ok, be serious now.. come on.. tell me what is it you are talking about?

Honestly, we are going to Prevent Alien Invasion! Aliens that will take over your PC!! Stuff called  Virus, Spyware, Malware, Rootkits and Trojans!

Thanks but no thanks!

No thanks to what?

I have my AV software so don’t need your stuff thanks but no thanks!

He he, That’s why I titled this article “To Prevent or not to Prevent”

And your point is?

My point is legacy technology AVs (like the ones you have today) do not Prevent!

Why do you say that Melih, the AV I have detected many viruses on my machine!

Exactly the point! It “detected”! There is a BIG difference between

DETECTION vs PREVENTION!

Tell me more..

Ok here is a question: How can you detect there is a cold draft in the room if you don’t know what cold feels like? How can you detect there is a bacteria in your blood stream if you don’t know that thing you detected is a bacteria? Detection requires the knowledge of what they will detect… Let me give you an example… Police force and criminals… Imagine each police force in each country is a different AV company.

Police Force is your Legacy AV
Police force in different countries is different AV providers, now lets play the game (by the way here is a game you can play here….http://www.comodo.com/game  )
Of Police vs Criminal..:

Ok

Lets start the game by first tasking the police force with finding (that would be Detection in Legacy AV terms) a murderer!

Ok that should be easy, get the photo of the murderer, track his/her credit card spending, get his cell number and track his whereabouts, get his car registration number and distribute to the police force, that will get the sucker in no time!!

Yes it will be but isn’t it too bloody late for the victim already? Where was the police force while the victim was being killed?

Hmm.. you have a point there

What if you had the luxury of living and interacting with people who you knew for 100% that they had no criminal intent! Imagine an environment created by you, for you, in which where you only deal with people that you know and trust! There would be no crime, would there!

No there wouldn’t be, unless they didn’t do what I told them, he he!
But isn’t this unrealistic to expect Melih? I mean come on..

Yes it is unrealistic to expect of humans! But computers and software are a different ball game altogether!

What do u mean?

Well, we have no way of knowing what people are going to do nor predict their future actions, someone who seems nice one minute turns a serial killer in few years etc.. it’s a wild world out there.. But Software doesn’t have the brains to turn against you! Imagine your word program turning into an axe murderer!

That would be funny to see your Word application with an axe running after you he he, and imagine the liability on M$, that would be a costly exercise cleaning up the mess from this. I guess they could employ the same lawyers that OJ got !

Do you see my point though? An application that is good (usually coming from a credible vendor) ain’t going to turn against you!

Yeah I see that, but what was your point?

My point is that Environment where you only interact with good people is possible within the computing world (even though not possible in the physical world with humans). Because once you classify a software as good, then you know its good, it ain’t going to change its mind and be a baddie!

Ok get that point.. and you are going where with this?

Patience grasshopper, patience…

So you agree that we can classify Software as good.

Yes

Yawning…..

Am I boring you?

No sorry, just had a late night last night, that’s all.. pls carry on.. I am learning…. Yawning..

Ok np. Now that you agree that we can classify the software as good, why not create a platform whereby we only allow Good applications to run in our PC?

Huh? So are you telling me that at the moment we don’t do that and allow any and every application good or bad to run in our PCs?

Goooooddddddd mooorrrrnnniiinnngggggg Vietnam!!!!! (was a good movie btw)

That is exactly what I am saying! Today we just let everything run! Today we use Legacy AV that only knows “known” Murderers, which means the damage is done already! A new murderer will always make his/her way into their next victim cos Police force can’t stop them! Just like AVs they can’t stop new malware, cos they don’t know what that malware looks like. That is called a Signature..

Signature? Is that the thing that gets updated with my legacy AV that I pay them for? I think its called Signature Updates right?

Yeap, that’s right. Legacy AV companies get reports of malware and they take a snapshot of it (just like Police force distributes the MugShot of a criminal) and distribute it to end users as a “Signature Update”. But wait… for it to be reported as a malware, it must be doing some Bad stuff to someone right?

Actually you are right,.so for the malware to be a malware it must have caused the damage already, how could it be reported as malware otherwise?! Its not as if the guy who writes this malware will simply email the Legacy AV vendors and say, hey, I just wrote this malware and here it is and protect your users before I unleash it on them! would be good though if they did that, he he

Yep, now you are getting it!

So where do they get the malware from?

Usually from end users who gets the malware and notice that there is something wrong with their machine. Then the Legacy AV companies will create the signature and update their signature database for end users.

So if it’s a new malware, then legacy AV doesn’t detect it right?

Yep, that is right, afterall how can it? There has been some attempts to create heuristic (which is glorified signature) that doesn’t work really but all in all if the malware is new, then it usually gets thru. The guys who write these malware usually test their creations against the Legacy AVs to make sure non of them catch them before they unleash it. That’s how they cause the damage!

So now you know the limitiation of “Detection” based technology!

Do i?

I bloody hope so, I have been explaining it for last hour!!
Let me recap it: The problem with detection is that it really can’t stop a new malware cos it doesn’t know that it’s a malware!

Ah yes of course I now know that! What do think I am Melih? That was bloody obvious before even you started explaining all this! He he..

Yeah right..
Anyway… that’s why there are still millions of people suffer from malware cos there are new malware being created all the time! And by the time a new malware is found by the Legacy AV providers, the damage is done!

So how do u protect? Just unplug the PC from the Internet?

Yes, that’s one solution! However there is a better alternative. As I said above, why not only let the Good applications run on your machine and deny any CPU time to everything else?

Stop getting techie on me Melih, I will smack you if you get techie on me again, he he!!

Alright alright.. let me explain,

How can a malware cause a damage do you know?

Urgh, No! how?

Well it needs to be run (executed). That happens by running something in the CPU. Ie its getting CPU time, this is like food to malware, without it it can’t survive.

Survival Guide comparison would be:Humans=Food & Drink & Air (etc)
Malware= CPU Time

I see, so unless a malware is executed (run) then it can’t cause a damage, get it!

So why not create a new Platform where only the good applications will get CPU time?

You mean like CFP v3, he he!

Yes, how do u know that?

Just read it in one of the posts you put out 

So anyway, yes create a platform where you only get “Known Good” applications run. This way we can only let the good apps run and deny everything else, that will get you a protection in a way that it will deny everything else! Yes deny any known or, more importantly, any unknown new malware!

Nice…

You see that’s Prevention!! Do you see the difference between Detection vs Prevention now?

Detection= works only if it knows the malware and by getting to know the malware means its too late and damage is already done!

Basically, you don’t wanna know these buggers do you really! And millions of them sprouting everywhere, trying to getting to know them all is a difficult thing.

That’s a very good point indeed! If you look at how many good applications out there and compare it with bad ones you will see that bad ones growing very rapidly! And afterall which is easier to find? Good one or a bad one?

Well bad one, after it has caused the damage, cos it makes the headlines and becomes a big news everywhere, he he

You are right, but its too late for that for many of it’s victims! Its much easier to find the good applications and create a “Safelist! Instead of building a list of bad stuff, which you only can get after they caused the damage, why not build a list of good applications. Then set your computer so that it only will allow good application and deny everything else.

Ok you convinced me. That makes sense

This is called a

Default Deny system - Prevention : where you deny everything but only the known good applications

Default Allow System - Detection : where you allow everything then try to figure out if any of those was a baddie or not (yes a bit late when you realize this )

This is the power of Prevention over Detection! It protects you from ANY malware!

Cool, now I understand why I need Prevention as my first line of defense against malware and not Detection!

Indeed, this is a Paradigm Shift in the way we think and protect ourselves!

Our first line of defense against malware is now Prevention and NOT Detection!

Thanks

Melih

Talk Back

Well, we all know (or should know), that there is no 100% security! (of course people might try to take this out of context and apply this to tiny subsets of an overall problem and claim it can be 100% secure but its a futile attempt as you have to look at security in a holistic manner otherwise you will run the risk of false sense of security) Anyway, so there is no 100% security. So what you have to do is to utilise a layered architecture, eg: use different Security systems in case one of them fails. The question is which ones and where do you stop?

Which ones: it has to be synergestic and avoid duplication unless you are looking redundancy (but sometimes its not a good idea: eg Firewall, having two of the same is a no-no.)

Where do you stop: Its all about what you are trying to protect and how much you are prepared to spend to protect whatever you are trying to protect. The higher the value that you are trying to protect the more you spend in security. “Value of the Asset” and “Cost of Security” is proportional. 
 

 Value of the asset
        |                    x
        |                x
        |            x
        |       x
        |  x
        |———————–Cost of Security

But of course, for your PC Security the Cost of Security is ZERO thanks to Comodo

Melih

Talk Back

Phishing, Pharming, Spyware, Viruses, Spam, Spear Phishing, is only some of the threats that banks and us the ordinary people face!
Money is the easily usable, convertible, valuable material we all own (well some of us have more than the others and they should learn to let the human race benefit from it by being a good citizen and contribute to our good charities.. sorry couldn’t resist ) and Money is what majority of the above attacks being used for by fraudster and now the organized crime! In the 90s organized crime was stealing credit card slips from restaurants when people used to pay their credit cards. This is like “ambushing” your credit card. Just like you would, if you were the head of the organized crime, identify the weakest point in your victim’s transaction or action and ambush him there. That’s how convoys used to get ambushed in the old days by bandits by identifying the most vulnerable point. Its not that easy to come steal credit card information or your bank details, by coming and stealing it from you physically (even though I am sure this happens frequently by the pickpockets etc). We have a new vulnerable point as we now exchange our “valuable information”, whether credit cards or banking online, this is where the “bandits” (organized crime) is sitting and waiting to ambush us! Internet removed the need for “proximity”  a person in east Europe is as close to you as your next door neighbour as far as internet is concerned. We are all connected to the same net. Unlike good old days where you could only be ambushed by local bandits or fraudsters, now thanks to Internet the doors are wide open to any and every bandit from around the world! Don’t get me wrong I love internet and its an amazing tool for the human race, but we should understand its vulnerabilities and fix them. So why is this the weakest point then? Well for one, the number of people who can ambush you has exponentially grown from your local bandit to the bandits of the world! Secondly, there is literally non-existent levels of authentication of who and what you are dealing with. Now a good chunk of use the Internet for many reasons including banking. Lets be honest, its darn easier to click and get a financial transaction then going to your local branch! So organized crime knowing that this is the weakest link, and knowing that the ROI in their fraud is getting better and better as we all slowly move on to internet, they are investing in new tools and creating more sophistaceted attacks and ambushes for us all! Its all well and good for us to enter a challenge when represented to us by our bank so that we can verify ourselves, but what is there to say that we are entering this challenge on the “legitimate bank site?”. We don’t know. Some even suggested perhaps we let the users choose a graphic only they know so that we can present it to them when they login to the site: But hang on a minute, doesn’t the bank has to identify the user before it can show that specific graphic? And what is there to stop a Man In the Middle from luring you to their website, pretending to be your bank, asking your username, on the background, giving that username to the bank so that bank could display the graphic that “you chose” and for the MIM to show that to you? This is a simple MIM attack which does not take much programming! The problem we still all face is our “inability” to verify what we see on the Internet! That is the problem we must solve. Showing the end user something they have chosen as their graphic to validate the website is flawed. We must add “Authentication” to the “Content” we rely upon!

Melih

Talk Back

People keep asking me:

Is AV dead? Is HIPS the ultimate solution? Are we going to need to have chips surgically implanted in our…”

Okay, let’s not degenerate this in the first fifty words. I’d like to start with some facts about the state of software security for PCs.

1.   The world does not protect itself against Zero Day attacks. The majority thinks it does, but reality begs to differ.
2.   People buy AV products because they don’t know any better. Ignorance is bliss, but not in security. Security checks have been bumped up since 9/11 – enough said.
3.   People are lazy, myself leading that pack. We want things done, but we don’t want to lift a finger. It’s 2007, so we shouldn’t have to!

Let me expand on these points.

1. The world does not protect itself against Zero Day attacks.
Our primary protection is the use of software products called AV (antivirus). These products essentially create a signature for the malware, which functions much like a mug shot does for a criminal, but  only after the crime has been committed. In PCland, AV can never be used as protection against Zero Day attacks because the virus signature (a.k.a. the mug shot) has not been created yet; hence, no protection. In an ideal, if not idiotic, world, virii authors would be kind enough to submit their malware to AV vendors, wait for them to create signatures and update their AV users, and then release their malware to the public so that we could catch zero day attacks. We can expect that about as much as we can expect the criminal to go to the police and say “hey, I’m going to commit a crime”, and the police to prevent the crime. My point: we just don’t protect ourselves against Zero Day attacks.

2. People buy AV products because they don’t know any better.
People buy a lot of AV, so it must be the best protection available, right? Wrong. This is not a good argument. People buy a lot of cigarettes, too. This is not to discredit AV; it does what it was designed to do, but it just isn’t enough by itself.  Fraudsters and their toys are a force to be reckoned with, and AV alone isn’t up to the fight.

3. People are lazy.
Look around you: we built washing machines because we got tired of hauling our laundry and the washboard to the river and back. We built dishwashers so husbands wouldn’t have to wash dishes (and spot on, I say!). From cars to nappies, humans demand easy-to-use, painless solutions that give us more time for ourselves and deliver the desired outcome with minimal effort. We want the same from our internet security. We can clap our hands and turn on a lamp, so we should be able to “plug and protect” our PCs just as easily.

The future, from my point of view.
Our houses have doors, burglar alarms and insurance. Well, most do, at least. If you don’t have a door, a burglar can walk in and steal your PC; thus, the door prevents the burglar from entering.

But Melih, doors can be kicked in!

Yes, they can, so continuing to get stronger doors isn’t much of a solution. This is why we should never rely on just one layer of security. The door to the house isn’t enough, so we install a burglar alarm. If he can get in, at least we can detect him – prevention plus detection, two layers. Let’s say he cuts your electric wires or manages to turn off the burglar alarm in another way (They make it look so easy on TV, don’t they?). He walks away with not only your computer, but your priceless stamp collection, too. This is why we have insurance, to recover the value of stolen items. Thus, insurance is the cure, the third layer in our layered approach. Stacking up these layers, in order, to protect the PCs in our homes, we have:

1.   A door for prevention
2.   A burglar alarm for detection, and
3.   Insurance for the cure.

I thought you were going to tell us how to secure our PCs, not our homes, Melih!

I just did. The layered approach can be just as easily applied to our PCs. We use AV as our main source of defense, but is AV prevention? No, it’s detection, the veritable burglar alarm for a PC, but it must have the malware signature – the burglar’s mug shot – or it won’t sound the alarm. A new burglar, however, has a free pass, and no alarm goes off. This, my friends, is the infamous Zero Day attack, which our AV allows to happen.  Now relax, AV devotees. I’m not saying AV is crap; I’m just pointing out its weaknesses, so calm down. With AV, our PC “house” has a burglar alarm but no door. Ridiculous, right? But that’s how it is! Some of us employ Firewalls too, but that’s also a form of detection, with a little prevention thrown in, if it’s a decent Firewall that doesn’t leak. If a firewall does leak, it lets the burglar (malware) take something out of the house or, in firewallspeak, make a call to the Internet with your sensitive information. A good firewall sounds an alarm in the form of a popup when this happens, and a really good firewall gives you advice on what to do next. You need both the AV and the firewall to detect someone coming in and things going out. So now our PC house has a decent burglar alarm (detection), but no door. Yikes!

Dude, where’s my door?
This is where we are challenged and need to change the model altogether. We are backwards when it comes to our default settings, but we can overcome this. Today, it’s fair to say that PCs are running with the “default: allow” function, which means they are allowing everything to run and hoping to catch the bad stuff before it executes. It’s more of a swinging gate than a door, and can’t really provide the prevention we seek.

So we should run with the “deny all” function and only allow the good stuff, right?

Bingo. With the “default: allow” in place, we operate on a system of “blacklisting”, blocking only the things that we know ahead of time are destructive. By reversing that and only granting entry to those names on the “whitelist”, we save ourselves the hassle of trying to figure out who’s good and who’s bad. If you aren’t on the list, you’re not coming in, period.  Thus, we have a door, it’s solid, and it’s locked.

But Melih, who wants to deal with all the popups asking us if we trust ‘this or that’?

Frankly, no one, but why are we making the assumption that the whitelist database will be limited? It is feasible to create a very cogent whitelist security layer which will be virtually noise-free for the average user, and that is exactly what we are doing.

The days of going to bed without locking the front door are long past. PC security is, or should be, just as important as the security of our homes and personal belongings. We deserve to live our lives without the constant worry of burglary and vandalism, and only a layered approach will give us that peace of mind in regard to our computers. 

Melih’s prediction: prevention will become the first line of defense!

thank you

Melih

Talk Back

What is a firewall?Let’s start with the Webopedia definition:

(fīr´wâl) (n.) A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques:
•   Packet filter: Looks at each packet entering or leaving the network and accepts or    rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
•   Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
•   Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
•   Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.

In practice, many firewalls use two or more of these techniques in concert.

A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted.

http://www.webopedia.com/TERM/f/firewall.html

Eh? What? Who?

I hear you; we need someone to explain what the heck a firewall is, but in laymen terms.
First of all, there are two kinds of firewalls, the ones we all use on our PCs (known as Personal Firewall or Desktop Firewall ) and the others that are hardware based, in your router or where enterprises deploy in their operations (these cost a lot of money to buy, up to thousands of dollars). Both are integral to the everyday maintenance and security of a PC.

So why have two?

Because there are 2 things that a firewall does.

First, it acts as a prevention tool, and makes you invisible on the Internet. Imagine the Internet as a highway (literally) with houses scattered all around it. Each one will have its own number, as well as doors, windows, etc. Each house represents a computer connected to the Internet. Now, wouldn’t it be cool to have “invisible paint” that I can paint my house with on this highway, so that people can’t see me ? Yup, that’s one function of a firewall. It makes you invisible on the Internet highway so that hackers don’t know where you are and they can’t hack in to your machine. Hackers are like the nasties on this highway, who go knocking on your door to see if anyone is in, even try to open the door to see if they can get into your house. After all, in the virtual world, hackers get in to your house (your PC) and take over as you have much less visibility to what’s happening in your PC than your house!

Yes, but the firewalls in our routers have some firewall functionality to stop hackers from getting in to your PC, don’t they?

Yes sir, you are right. Some hardware firewalls do have this functionality. That is why firewalls (the PC firewalls) have evolved to offer the 2nd functionality, “detection”.

Huh?

Okay, let me think . . . got it!  Making yourself invisible only protects you against one type of threat. There are numerous others. Think of them like this:
1.   The hacker throws a hand bomb through a window he manages to open.
2.   The hacker puts a nasty bomb in your shopping bag without you realizing it. You take the shopping bag home.
3.   The hacker drops a package at your front door and you open it.
4.   The hacker gives you a really nice present that you will be proud to display as a piece of furniture. It looks a bit like a Trojan Horse, but you like it.

Protecting your PC against these attacks is tough, because they are not thoroughly understood. The idea is to prevent your stuff from being stolen, right? So how do you do that in the PC world? Let’s serve this up in the “real world”. It looks something like this.

You are shoplifter and you go to a retail outlet and identify some nice clothes to steal. You are wearing a huge coat so that you can put some of these clothes on you in the dressing room and simply walk out with them. Good plan so far.  Ok, you go pick 5 items, go to the dressing room, and put them on. You feel like smiling, but don’t! You will give yourself away. Just walk towards the door as if nothing has happened. DO NOT WHISTLE! You are making it too obvious. Just walk normally. OK, great, almost there. Keep going…

BEEP…BEEP…BEEP … OOOHHHH NOOOO!!!!

You forgot the remove the tags! Oh well, try telling the police this was just an experiment to show how PC Firewalls work, and see if they buy it.  No, we can’t visit you in jail. 

Tags? What tags? Those electronic tags on the clothes I stole?

BINGO!

This is a tag alert system. It stops valuables from being stolen. If you have something being taken out of the shop without authorization, it sounds the alarms. Well this what your firewall does. It stops thieves from stealing, literally. If you have somehow managed to get malware on your system and that malware is trying to make a call home and steal information from you, the firewall will warn you. This is why your firewall must not “leak”; otherwise, malware will be stealing stuff out of your machine, without your firewall alerting you. A leaky firewall is like a tag that doesn’t work, shoplifter will take it out of the store without sounding any alarms!

There are many ways to get something nasty into your house, and guess what? In the virtual world it’s even easier! It’s easier because not many people understand “what is what”. What may look like an Email or something else innocuous could spell disaster for your PC. Having both firewalls in place gives you both prevention and detection, so a hacker is outsmarted, both coming and going.
Now I hope I have been able to give you a good security briefing with this article.   If you take nothing else away from this,

“Put tags on your stuff, or it’s going out the door, people!”

Melih

Talk Back

http://www.theregister.co.uk/2007/05/17/take-away_scam/

interesting read, and one we should learn from.
in the online world, before paying, we must verify legitimacy of the site!
this must be a basic rule we should all follow for a healthier internet and healthier pocket!

Melih

Talk Back

http://www.darkreading.com/document.asp?doc_id=116685&WT.svl=news2_1

“The attackers used an army of bots from around the globe to hammer the servers with bogus and abnormally large DNS requests — partially formed DNS messages of over 350 bytes each, according to a report from the ISC. The majority of the traffic came from nodes in Seoul (61 percent of the attack traffic) and Beijing (18 percent). Another 13 percent originated from nodes in San Francisco and another 7 percent elsewhere, according to ISC numbers”

Security can not be optional! Charging the end users for basic security, makes it less than optional!

Security MUST be available to everyone for free! Otherwise we are creating an army of bots that could turn against us!!

Melih

Talk Back