Archive

Archive for the ‘Security’ Category

It always worries me when people in charge seem so detached from technological reality

September 23rd, 2010 No comments

General Keith Alexander, who heads the U.S. Cyber Command doesn’t make me feel very good about the U.S. Cyber Command.

A comment on the above linked page says it very well:

“I’m not sure what’s so hard for the General to get about this. Either he gets a completely private network on private lines or he has a virtual network, and the technology for that is pretty well understood. He makes it sound as if some architectural restructuring of the Internet is necessary, and it makes no sense. BY LARRY SELTZER on 09/23/2010 at 19:08”

The question of how to secure critical infrastructure on the internet is….why is critical infrastructure on the internet?

Post to Twitter Post to Facebook

Backups.backupdb, Little Snitch and obnoxious ISP help

September 18th, 2010 4 comments

So, Little Snitch, which you need to buy, understand, and use, picked up a late-night habit of reporting attempts to connect to Backups.backupdb.  It bothered me. I did some digging. I was late to the party because my ISP had made a change I hadn’t noticed.

Apparently, for reasons unknown (to me anyway), Time Machine goes looking for a thing called ‘Backups.backupdb’ via sun.rpc and will seek this as if it were a host in the mythical top level domain .backupsdb even when Time Machine is turned off.

The reason Little Snitch reports an attempt to connect to an actual host is because some weasel at my ISP decided that hijacking my typos of domain names in browsers etc. was a revenue opportunity. To them, my typo was a great excuse to run a search and show me the results on a page full of ads instead of just returning NXDOMAIN and letting my browser say “I can’t find the host you typed you fumblefingered fathead’ like it should.

Because, they want to show me ads, any domain, even non-existent domains, ‘resolve’ and a web server spams me with the aforementioned ‘help’ fixing my typo with search results that could be useful for what they think I meant to type alongside a bunch of ads to cover the cost of being so nice to me. SunRPC having been told that yes, somebody is out there listening, proceeds, presumably, to try and shovel my files off to it for safe keeping. Little Snitch asks me and I say “Deny”.  Noticed something here? Little Snitch’s job is to tell you when anything initiates a connection you didn’t explicitly ask for and get permission. Think software might be phoning home? Little Snitch will catch it. Think you have a trojan? Little Snitch will catch it.

How did I end up with this non (sub) standard DNS? I didn’t choose to use OpenDNS because I don’t need yet another intermediary in my life and I don’t need content filtering.  My ISP decided to make DNS a revenue opportunity. The fix, such as it is, seems to be working. I now use the IP’s of the real name servers at my ISP and not the ones run by these ‘moenitizers‘ .

So, conclusions:

  1. Get Little Snitch.
  2. Check to see if your ISP is ‘helping you out’ by returning search results when you typo a domain. Not a file location but the domain name. (The stuff that goes between the http:// and the next /)
  3. Complain to them about the ‘help’
  4. Find out how to access their real domain name servers and not the ones they are using to show you ads.
  5. Poke at Apple to make Time Machine be actually off when you turn it off.
  6. Poke at Apple and try and get an answer for why, on or off, users don’t have a readily available control to say “don’t go to the network”.
  7. Read these links and learn more about this.

Wired story about what Dan Kaminsky found by way of a security hole you could drive a bus through with this sort of ‘helpful service’.
An Advisory from the ICANN Security and Stability Advisory Committee (SSAC) July 2004
An Advisory from the ICANN Security and Stability Advisory Committee (SSAC) June 2008
This Blog Post from Mac Lab

This thread on Macintouch
Schneier on Security – Hacking ISP Error Pages

Finally, tell me if you learn more about this issue, I and others would like to know.

Oh, and Apple? More granular control of Time Machine, even if buried under an ‘Advanced Options’ button or something would be very nice. K’ Thanks Bye!

Post to Twitter Post to Facebook

Categories: Anti-Inspiration, Civil Rights, Security Tags:

Social networking sites used to welcome burglars.

September 12th, 2010 Comments off

“Be careful of what you post on these social networking sites,” said Capt. Ron Dickerson.

http://www.wmur.com/r/24943582/detail.html

It seems at least 18 of 50 August 2010 burglaries in Nashua N.H. were solved when an off duty cop heard the telltale sound of a known-to-have-have-been-stolen firework.

For the curious, whether I’m home or not, there are platoons of heavily armed Attack Wombats patrolling the entire compound. You have been warned.

– Jon

Post to Twitter Post to Facebook

Categories: Security, Social Networking Tags: