Odyssey

…the wanderings

McAfee False-positive hit

Fresh reports of the McAfee update “felling PCs across the world” is sweeping across the news and help forums.

The problem seems to be a false-positive that surfaces when a new DAT file is patched on an older McAfee engine. The 4th of July holiday probably helped a bit too with people being a little less alert.

These things will happen, and the important lesson to learn is the critical focus required while working with security systems that have a costly false-positive impact. Hollywood has been cashing in on this idea for decades (remember Robocop?). These things will get more interesting as we move to security systems more sophisticated then these.

July 5, 2009 Posted by | security | , , | Leave a comment

Firefox extension collections

With the move to Firefox 3.5 we now have firefox collections. This nicely solves a regular problem I always had; referring a good set of extensions to someone who has just moved to firefox or is not using extensions yet (yeah, people do that).

I used to collect a tagged list of extensions on my delicious pages that people could scroll over to pickup from. It also helped my selectively pickup extensions on new browser installations around the place.

I can now quickly refer people to my extension collection to which they can subscribe and get updates as I post new extensions or edit out any old ones.

July 3, 2009 Posted by | tools | , | Leave a comment

Insecurities

I wonder when people will stop blaming the OS vendors and start taking security of their machines seriously…

June 20, 2009 Posted by | security | , , , | Leave a comment

Conficker and the Curious Yellow

I was not planning on writing another post so soon, but Utopiah here has referred a very nice article in his comments to my previous post. If you have not already read Brandon Wiley’s Curious Yellow: The First Coordinated Worm Design, I urge you to read it through.

It hits right on spot about fast distribution through a peer-to-peer network. I used the concept to hypothesize a patch propagation (described as an anti-worm by him).

The paper describes a scenario comparable to a powerful chess game turning the yellow worm to blue and backwards. Probably in recognition of this idea, Conficker uses latest encryption , very likely making a first field implementation of the MD6 algo and its fixes too!. It appears that the Conficker writer is very well versed with this paper and current technology 🙂

Besides the points made by Wiley on that page, there is one more ‘common goal’ such a network can target, and I am sure its already stated somewhere: These compromised systems can be pooled to brute force encryption security.

April 21, 2009 Posted by | security | , , , | Leave a comment

The White Botnet

This is a work of fiction. Any resemblance to reality is entirely unexpected. All similarities (like pigs can fly) are coincidental. Of course, all trademark names used here (starting right from the next line) are property of their owners.

As the first quarter of 2009 ended people had mixed feelings about the Conficker worm (aka Downadup, Kido). It was simultaneously not a joke or an immediate disaster. But, very few knew that this was a beta run of what would eventually be a White Hat vulnerability-patching network. It was clear that the botnet could only hit systems that were not patched for a long known vulnerability. The infection smartly started protecting the systems it conquered and made them safe from further malware. It moved on to become a server of protection that located other weak hosts and propagated towards them in a race against other malware.

The Microsoft Windows machines that are not patched against known attack vectors are usually because of pirated software or Overworked IT Administrators. Is that a good enough reason for malware to propagate towards unprepared legal users? That is where the Open Group came together to build a distributed protection system. This system had to work as a secondary solution in tandem with the existing anti-virus and anti-spyware securities. It had to be disconnected and, by that reason, at crossroads with these solutions.

The solution is to propagate a neutralizing white-botnet across the Internet. It is maintained by a group that partly consists of people from the AV/AS, OS vendors and search engine companies; though most of these vendors are themselves not yet directly associated with it. Google has tweaked its search algorithms to locate and assimilate zero-day vulnerability information quickly. These public postings are verified (coz, they might be poisoned) and associated patches are pushed through the white botnet to manage the ‘compromised’ machines. The window of attack reduces again to the time a patch is found for a zero-day exploit. All hosts will be patched one-way or the other.

…and pigs will fly!

April 20, 2009 Posted by | writing | , , | 2 Comments

a quick short note

Code is reality. Comments are just assumptions.

January 25, 2009 Posted by | Uncategorized | | Leave a comment

PicasaWeb and Flickr

I use Flickr to keep my pictures online and refer them from my photoblog. This is not a very high-frequency usage; very like this blog. Yet, I have managed to hit Flickr’s 200 photos ceiling very quickly in about 3 large sets of pictures. Yeah, I am giving thought to the ‘Pro’ subscription option. But, there is a slight resistance in my mind, and a feeling that if this were a Google service, things could have been different.

A short search found PicasaWeb in its ‘test’ phase. This is no Flickr competitor yet. But, needing some alternative to Flickr a little urgently I decided to check this out. As of this writing PicasaWeb is less than 100 days after launch and not even in Beta, needless to say this is too early for a review and I am by no means berating it.

What follows is a short comparative negative-points analysis (for brevity) — so, if there is a point about some limitation on one service, the other service has a (at least relatively) better option on the same.

Problems with PicasaWeb.
1. You seem to need a gmail account to use the album — not a very strong negative now.
2. You need Picasa installed to upload pictures in bulk — this could be quite restrictive. Though, there appears to be a downloader for Mac users. There is also an ActiveX upload-plugin if your browser supports ActiveX else you are limited to uploading single picture at a time.
3. Not very friendly to collaboration — uncomfortable comment handling, single tag for a picture, complicated tracking of friend albums, no multi-resolution storage of pictures. There is EXIF tracking for pictures though.
4. 250MB limit in free version — with high resolution pictures you can quickly hit the ceiling. But, this is better than the 200 picture limit by Flickr. Google is restricting by space rather than number.
5. A Bulk subscription storage limit of 6GB. If I pay, this is too small a storage size.
6. All extrage storage is eliminated if your subscription expires. This is inline with the pay-for-storage policy, but as a user I am not happy to loose my pictures just because I stepped down from the subscription. Maybe that is because I know Flickr will not delete my pictures.

Problems with Flickr.
1. Does not handle EXIF tags — this kills half the fun with digital photography.
2. Downloading pictures in bulk is not easy — its multiple clicks to reach the right resolution for download of every picture.
3. 20MB upload limit per month — could be uncomfortable for some people.
4. 200 picture tracking limit — thats a very short memory! But, the fact that even without subscription all your uploaded pictures are always retained in all resolutions supported is a powerful plus point.

While Flickr has moved to (what they call) the ‘Gamma’ stage, PicasaWeb is still in its early ‘test’ stage; there is still a chance for Google to clean its act up.

The Internet has not yet reached the critical-mass point for on-line photo services like it has for e-mail services today. Check the advantages for allowing people to keep good high-resolution digitial pictures online — thats for another post.

Edit: A Terms-of-service issue with Picasaweb is highlighted by Greg Reinacker in his weblog Why I can’t try Picasa Web Albums earlier.

September 10, 2006 Posted by | Uncategorized | , | Leave a comment

lateral thinking

An excellent observation by Dr. Debashis Chatterjee in today’s Times Ascent.

Most Indians are lateral thinkers. This means that we all think sideways. Just observe our behaviour in high traffic. Everyone is moving non-linearly like pieces on a chess board. The motto is: mind the gap. In many countries you drive on the left. In India you drive on whatever is left!
Thinking sideways is the way our government machinery functions. Most officials are trying to make some money on the side. Files move from one side of the table to another rather than vertically up the decision making chain.
Bollywood is where lateral thinking co-exists with zero thinking. Most movies are musicals where the story is stretched to break into a mind-bending song. Plots and tunes are poached laterally and literally from Hollywood. Side heroes and heroines infuse quantity in place of quality.
Our visionary leaders in India Inc. behave as though they are the only ones with vision. The rest are patients of cataract. In the Company of the blind the cock-eyed eventually becomes the CEO.

August 9, 2006 Posted by | Uncategorized | | Leave a comment

Credibility of information on Wikipedia

With growing strength of open-source encyclopedic media (like Wikipedia) arise questions on accidental and more importantly intentional false information being published and retained on the web.

The Seigenthaler incident even suggests ways this could be done on Wikipedia by someone with malicious intent and know-how. Adding responsibility to the mechanism like Wales intends — disallowing anonymous new-entry creation — will probably not suffice. What is going to stop the anonymous from creating a few registrations?

Wikipedia does not require an e-mail id for creating a registration ( e-mail id is considered a unique mapping to a person; but, lets not split-hair on that here) and, has no protection against automatic registrations through scripts (remember those small pictures with numbers and letters scrawled like a kid learning the alphabet?). Well let’s argue that Wales will introduce all these into the registration process while he is striking anonymous postings out.

But, that does not preclude the primary problem of well-placed misinformation being introduced. This was never a spam problem. At least it is not yet, while we don’t have robots doing this 🙂

About the postings being partisan (the Curry episode), it does sound a bit difficult for an information repository being managed dynamically to remain objective. Personal bias will rule in little packets all over; Wales has accepted this side of the coin.

So, where does it land? would you trust the next page of information you read on Wikipedia?
Its not that bleak if you did not start browsing the Internet for information today.
Here are a few things to start with.
1. All data on the Internet is put with some purpose (and I am not talking theological here).
2. What is the probable ratio of people looking at a piece of information on Wikipedia to be (a) knowledgeable and interested in keeping it correct to that of (b) wanting to corrupt it?

You have very likely done this at your sub-conscious already — formed a checklist of how to judge the value of Wikipedia pages — and can add to this list easily once you put your mind to it.

Edit: There is another angle to publishing with crediblity; get an expert to review the content. This is something Digital Universe is working on. How does that model work? it would certainly be telling to follow where the likes of Digital Universe reach. Crux: is an expert objective in what they publish? Bias is at the core of human nature, be it a non-profit organization or your regular school text book publisher…

December 7, 2005 Posted by | Uncategorized | , | 1 Comment

You are Bloogled

Google is starting to use its acquisition…

Checkout the new Bloogle for the general noise on this.

Related story, The Nine Billion Names of God. The Onion has another piece.

Google-bashing may-just free M$ from the epidemic; that virus may mutate 🙂

September 15, 2005 Posted by | Uncategorized | , , | Leave a comment