Comodo's Time Machine is a software application that runs on your Windows machine and periodically (either manually or automatically) takes snapshots of your system. You are then able to roll back to any of these snapshots in the future. Indeed you can jump backwards and forwards in the tree and new branches appear as you make changes to the system. The idea behind it is that if you suffer any problems with corrupted software, malware, etc., then you can roll back to a known good state and start again. You can lock snapshots so that they don't get deleted and then clear out the ones that you don't want to keep any more. This is quite important, especially if you take automatic snapshots. You have to remember that every change made to the computer (i.e. every time you run it or change a file) the changes are stored. When a new snapshot is created, if you change a file you will have a new version on your system as well as the old one. Due to this, it requires a fair amount...

I have recently been thinking about Steganography again and various carriers as well as applications. For those of you that don't know what Steganography is, it simply means 'hidden writing' from the Greek. Some examples of steganography are: tatooing the scalps of messengers and then waiting for their hair to grow back; writing a message on the wood of a wax tablet before pouring the wax in; 'invisible inks'; pin pricks above characters in a cover letter; etc. Basically, we have a 'cover', which could be an image, passage of text, etc., that we are happy for anyone to see and a message that we want to hide within it so that it is undetectable. It turns out that this last part is quite hard. Anyway, I thought I'd look at techniques to embed data within Twitter as it is popular now and people are starting to monitor it. Hiding within a crowd, however, is a good technique as it takes quite a lot of resources to monitor all activity on a service like Twit...

I have been talking to a company that provides telephone exchanges and services to companies this week on behalf of a client and it has highlighted a worrying backdoor. It turns out that many of these companies have a way to remotely connect to their exchange for support purposes - they can remotely control, configure and troubleshoot your system to get you back up and running. Exchanges often have additional modems in them to allow for remote connections. This is all very well and good from a managed service point of view, but what about the rest of your network? Can this be exploited to gain entry to your network? Quite possibly in some cases - it certainly needs to be included in your security audit and perimeter testing. Talking about a specific company now, they supply the software to monitor and bill phone calls through the exchange. They remotely install, monitor and manage this software. How do they do that? Well, it turns out that they install LogMeIn on your machine. Now t...

The Care Quality Commission ( CQC ) has decided to put registration of Care Providers online to make everything faster and easier for the providers. At least that's what they said. In practice, care providers had to fill in the online forms addressing standards that won't be published for another 5 months after the registration deadline. Ignoring all the problems, ridiculous re-branding to avoid inconsistencies and money wasted, there was a serious problem/lack of understanding that has lead to this blog post. All care providers and managers have to register online individually and have to agree to particular terms in order to be registered and, therefore, trade. I have no problem with this as these care providers are looking after vulnerable people. However, it became obvious that there are serious problems with their system. First off, it isn't possible to change the owner's name if you make a mistake (they can't change it either apparently). Therefore, if you ...

I am currently producing a series of videos demonstrating the anti-spyware capabilities of Trusteer's Rapport . So far I have looked at keylogging software and screen capture. Specifically, I have demonstrated it with Zemana ScreenLogger, Zemana KeyLogger and SpyShelter. I will be adding more videos over the next few days. The first two videos are embedded below. (Edit: 17/05/10 - I have now added three more videos covering Zemana SSL Logger, AKLT and Snadboy's Revelation V2.) Links to the YouTube videos are below: Trusteer's Rapport Demo 1 - Zemana ScreenLogger Trusteer's Rapport Demo 2 - Zemana KeyLogger Trusteer's Rapport Demo 3 - SpyShelter Trusteer's Rapport Demo 4 - AKLT Trusteer's Rapport Demo 5 - Zemana SSL Logger Trusteer's Rapport Demo 6 - Snadboy's Revelation V2 Trusteer's Rapport Demo 7 - Pharming Attack Trusteer's Rapport Demo 8 - Amecisco Invisible Keylogger Stealth Trusteer's Rapport Demo 9 - Anti-Phishing P...

Once again InfoSecurity Europe was an interesting place to visit. Lots of good sessions and interesting people to talk to. Most of the usual protagonists were there and the organisers have increased the educational part of the exhibition as well, which is good. I thought I would put down a few things that I thought were noteworthy from the exhibition. I've already blogged about the GrIDsure anti-phishing sender verification and the new 3M mobile phone privacy filters , but there were a few other things I want to mention. The first one is Panda Security's new Panda Cloud Internet Protection . This is a cloud-based service that provides consistent security and access policies to all machines within an organisation. The key thing is that it will protect mobile machines that are outside the corporate network with the same policies as those within the network. Protecting corporate machines when mobile is a big concern and a good way to reduce malware or hacking problems on the...

At this year's InfoSecurity Europe I visited the 3M stand again to see what developments they had for their privacy filters. They had their excellent Gold filter there of course, which is now properly on sale in the UK and the best on the market in my opinion. I previously blogged about this filter in my post " Why do I need a privacy filter? (3M's new Vikuiti Gold Privacy Filter) ". So what's this blog post about? Well, they have now produced privacy filters for mobile phones. Let's add a bit of context to this decision. How many businesses provide mobile devices to their employees that are connected to the corporate network with access to email, contacts, calendars and corporate documents? If you were reading an email from a client or reviewing a sensitive document would you be happy for someone to peer over your shoulder? Maybe you're paranoid like me and try to avoid reading emails in public places and stand with your back to the wall, shielding th...

I was recently sent a survey from a well-known survey company (actually, on second thoughts, I'll name them: Capita ) and it made me very cross. Why so cross? Well, I spend a considerable amount of time trying to educate people about their role in the security of the network and about phishing/social engineering. This is all undone by survey companies such as the one in question. See for yourself the email sent and use it as a template for future 'white-hat' testing. Have your Say! Fill in your Staff Survey today! Dear Colleague It’s important to complete the Staff Survey to ensure your voice is heard! The purpose of the survey is to make further improvements to staffs’ working lives at Target Organisation . Your responses will come direct to Capita Surveys & Research Unit, and will be totally anonymous. No one outside the research team – and certainly no one at Target Organisation – will know who has responded or be able to identify individual responses. The ...