The Basics of Smartphone Security
Since smartphones (Blackberry, iPhone, Palm, etc.) are quickly becoming acceptable substitutions for laptops, at least for short-term trips, work tasks, and personal usage, more thought is being given to securing them. Beyond typical cell phone security basics (screen and keyboard lock, not giving anyone your pin, not leaving it on the front seat of your car with the doors unlocked or the windows rolled down),
smartphones have some extra security features now. Blackberry, for instance, is used by many government agencies and other businesses. As such, contact information may be sensitive and even dangerous if one were to leave their Curve in a taxi. As such, all data would be wiped clean from the phone in the event that a password was incorrectly entered a certain number of times, thereby thwarting non-hackers. Good ideas smartphone security moving forward include: remote access to wipe data clean when lost or stolen, WiFi security, email attachment scanning, text/SMS/MMS scanning for malware, and downloads from the web—mobile versions or otherwise. Many corporations believe that by banning their employees from downloading non-corporate applications or using their smartphones for personal use, they’re adding a layer of protection. Alas, that layer is only as good as your weakest link and every corporation is going to have at least one employee who has less than outstanding integrity in following company policy and procedure. So that’s not so much a safety net. Another thing to consider is that smartphones may contain SD cards that have all the relative, sensitive data a thief is looking for. If they’re fast, they could take apart your phone, get the card, reassemble the phone, and be on their way before you even leave the bathroom. And it may be hours before you even realize there’s anything amiss with your phone! InformationWeek has great tips on developing smartphone policies to aid in security issues.
In a nutshell says:
“Policies are the backbone of comprehensive security, and consistency is critical, since misconfigured devices not only lead to expensive and time-consuming help desk calls, they can also open security holes on mobile devices…
- A WLAN policy is vital because wireless access is supported by many smartphones.
- Mobile device policies provide details on how mobile devices should be supported
- Data classification policies group information into sensitivity categories to identify how it should be handled.
- (Other Relevant)Security policies define the security posture for the organization and typically link to supporting documents.”
Major Virus Alert. Other Internet Security Breaches Updated this Week
CyberDefender Corporation, the developer with the Internet’s most advanced early detection and Internet security tools, has identified the Scvhost.exe~u virus as a category 9.9 in their Virus Alert-Internet Security Center. 9.9 rating is considered to be an extremely high risk computer virus.
Typically this extremely high level rating indicates the virus can log user activity and present a high risk of potential system damage or distribution. These types of threats are difficult to contain and often use unauthorized, invisible installation. In addition to logging keyboard activity and taking system snapshots, these high risk viruses may profile users, send confidential user data to remote servers, and have the ability to disable some anti-virus or firewall programs.
Svchost.exe is a valid generic host process name for services that run from dynamic-link libraries. At startup, Svchost.exe checks the services part of the registry to construct a list of services that it must load. Multiple instances of Svchost.exe can run at the same time.
On the other hand, Scvhost.exe is virus or in some Antivirus programs categorized as Adware or Spyware.
The good guy is svchost.exe the scvhost.exe is a bad guy as stated at this link http://www.liutilities.com/products/wintaskspro/processlibrary/scvhost/
Run one of these free online scans:
These take a little while to run but will be worth it. Be sure to set them to auto clean if asked and any files that cannot be cleaned or deleted write them down (full path for example C:\WINDOWS\System32\svhost.exe)
Malicious messages and phishing
source Darya Gudkova: http://www.viruslist.com/en/analysis?pubid=204792038
Malicious files were attached to 1.09% of all email messages, 0.39% more than August’s figure.
Links to phishing sites were present in 0.62% of messages. Several limited attacks by the RockPhish group were detected in September. In most cases about 100-300 fake URLs were used.
The majority of phishing attacks targeted PayPal (36%) and eBay (18%).
Organizations targeted by phishing attacks
Russian phishers continued to attack users of the popular Russian email services Mail.ru and Rambler and the Yandex.Money e-payement system.
Spam by category
Breakdown of spam categories on the Russian internet in September 2008
In September, the top five categories were Adult content spam (28%), Medications, health-related goods and services (19%), Education (12%), Fake designer goods (6%), Travel and tourism (6%)
The Adult content spam category took first place from the Medications, health-related goods and services category, the first time there has been a change at the top since April 2007. The upturn in fortunes of the adult content category and its impressive 9% lead was mostly due to Russian-language spammers advertising pornographic websites. The mailing of pornographic spam has recently become so aggressive that it may account for more than half of all emails sent to the addresses listed in spammers’ databases.
Spam is still being used for negative PR. Earlier, the use of spam as a negative PR tool was limited mainly to election campaigns. Now, however, those initiating such mailings are distributing information designed to discredit certain companies or businessmen, by warning the user of their supposed unreliability. These types of messages started to appear in the middle of the summer and show no sign of letting up. It reminds us once again that by trusting the information contained in unsolicited messages from unknown senders, the recipient is allowing complete strangers to influence his own opinion.
Spammer methods and tricks
Spammers didn’t make any real new technical innovations in September. HTML tags and “invisible” text (white letters on a white background) were used to “hide” adverts from context filters, while the site addresses in messages advertising adult content were “drawn” using various symbols with a certain amount of spaces and paragraphs between them.
Even if spam messages reach users’ mail boxes, in most cases the messages are deleted by the recipients. Spammers, therefore, use social engineering to ensure that recipients notice their emails and believe the message content.
Social engineering is used extensively by spammers when spreading malicious programs. One mass mailing offered users the chance to download a new antivirus solution; the message was allegedly sent to 100 “lucky” addresses which had been chosen at random. The message also recommended that any antivirus protection installed on the user’s machine should be disabled before downloading the new program. When a user tried to download Antivirus Raptor, Trojan-PSW.Win32.LdPinch was downloaded instead.
In another email, supposedly sent by a former student missing his classmates, the recipient was asked to look through the list of graduates attached to the message. Instead of a list of ex-students, however, the attachment contained a malicious program: Trojan-Dropper.MSWord.1Table.gm.
Emails imitating legitimate messages from popular Internet resources became a common feature of spam mailings in September. Russian spammers spreading malicious programs already have experience of sending out emails that appear to be messages from social networks. In September, spammers started sending out emails that imitated messages from non-Russian resources of this type. Recipients were asked to visit the site of a school friend which actually turned out to be the spammer’s webpage.
Protect your Computer Performance: WIFI Security basics and Registry Cleaning 101
By default, a wireless-ready laptop or PC running Windows XP will connect to “Any available network” and “Automatically connect to non-preferred networks”. Convenient? Yes. But very risky. Computer Protection is becoming more complicated in the digital world, In fact, there are so many criminals moving their business endeavors to the Internet that Cyber crime is now a more lucrative business than drugs. Wireless invasions on your computer or laptop are a terrific way for a cyber criminal to breach your security. Invading your system with viruses, malware, spyware, or whatever it might be to help promote their cause. This clearly is a breach of privacy and more importantly could compromise computer performance or all together health. Taking some simple precautions when out and about is an easy way to avoid wireless bandits. Below these
steps are additional steps on improving your performance by maintaing your computer’s registry.
Precautions to avoid the random Wireless bandits:
1. If using the Windows Classic Start menu, click Start | Settings | Control Panel. If using the default Windows XP Start menu, click Start | Control Panel.
2. Double-click the Network Connections icon to view network connections.
3. You may have several connection options listed. Right-click the icon for “Wireless Network Connection” and choose Properties.
4. In the Wireless Network Connection Properties dialog box, select the Wireless Networks tab.
5. If the “Use Windows to configure my wireless network settings” is not checked, third-party connection software may be in use. Consult that product’s documentation to determine how to disable automatic wireless connections. If the “Use Windows to configure my wireless network settings” is checked, then continue with the steps below.
6. Under Preferred networks, highlight the name of the network to which you plan to connect and click Advanced.
7. In the Advanced dialog box, click “Access point (infrastructure) networks only”.
8. Remove the check mark from “Automatically connect to non-preferred networks”.
9. Click Close.
10. Click OK.
11. Close the Network Connections window by clicking the X in the upper right corner of the window.
There are some terrific registry cleaning software’s out there. I know Cyberdefender is about to launch a registry product, which has some buzz, and Error Nuker is well reviewed. I don’t endorse either, but simply trying to give my readers a starting point.
COMPUTER REGISTRY 101
Just in case you don’t know, all computers running Windows have something called a registry. You can think of your computer registry as a living archive, constantly updating and keeping track of everything. Its knowledge ranges from everything about what you installed, ran and scheduled to all of your user accounts and passwords needed to log on to your machine. To manually clean your registry using the Windows Registry Editor, first create a backup of the registry, and then remove unnecessary files:
• On the desktop, click the Start button on the left bottom corner
• Click Run
• A new window to “run” commands
• Type regedit
• Click OK
• At the top of the window click File
• Go down to Export
• Type a name for the backup file, and click Save
After creating a backup of your registry, you can go to the left side of the registry editor window and view how your computer is configured.
Click on the plus sign to expand a section of the registry editor. A “well-used” area for anyone manually deleting registry files is “HKEY_LOCAL_MACHINE.” This area is used to make registry changes to hardware and software. I will do some registry cleaner reviews in the coming posts.
Free WiFi Beaters: Help Keep Your PC Safe in Hotspots
In recent years, free WiFi has been all the rage in amenities for hotels, motels, libraries, dorms, and… fast food? Consumers love their laptops and want to take them with them when they travel, work out of the office, and, apparently when they eat at Burger King. In the future, free WiFi will just be one of those things we expect when we go to a hotel, like a remote control or the Gideon Bible.
So when you’re out enjoying your juicy burger and keeping updated on the WOW message boards, how do you know if the WiFi you’re borrowing is safe? Well, the short answer is: you don’t. We would like to think that if a large corporation is in charge of the free WiFi hotspot, we’re protected. Hopefully that is true. But when you’re using someone else’s stuff, you’re taking a risk, pure and simple.
The best way to protect yourself is abstinence. But I’m going to guess that if you’re reading this, you’re more interested in using the free WiFi and limiting the risks. The first clue to whether you’re being protected is the log-on. This can be seen as rather annoying—having to identify yourself, possibly create a new username, password, register, etc.—when all you want to do is open your browser and type in an address. But identification of who is using the network is crucial. Otherwise it’s like opening up the doors and letting anyone in, to do anything they want—hey, isn’t that the same principle behind increased security at malls, schools, airports, and the like? Yes, it is.
Am I seriously comparing school shooting and terrorism tragedies to free WiFi hotspots? Yes. You’ve seen how those events have changed things—tighter security, locked doors that require one to be buzzed in, and citizens urged to report suspicious activity and packages left unattended. Knowing who is using something is important! So expect for some basic information to be asked of you when you log on to a WiFi network outside of your home.
Look for a good TOS (Terms of Service). I’m not going to bore you with the obvious thing that most of us don’t do anyway—reading it—but chances are good that without a TOS, you’re just giving your personal information away to a criminal or at least making it available for one looking for an opportunity.
Make sure your computer’s antivirus software is up-to-date so if anything tries to sneak in on your free ride, your personal protection will catch it. Keep common sense things in mind—if you wouldn’t open something or click on something in the privacy of your own home, certainly do not open it just because you’re in a free WiFi spot and you’re curious. Remember: curiosity killed the kitty!
Finally, when you’re done “enjoying” (i.e. being completely paranoid that you’re going to discover something has managed to sneak in, as soon as you get home and re-establish with your home network) your free WiFi, log off. Let me say it again because, though it’s obvious, it is often overlooked since so many home users with broadband connections don’t ever do it: log off! Terminate your connection with the WiFi and power down, folks. And don’t let ketchup get stuck between the keys! It’s a you-know-what to clean up….
leave a comment