McAfee have launched a Beta URL shortening service with added security features. As Brett Hardin pointed out they are a little late to the game. However, there are so many abuses of URL shortening services that I commend them for trying. Basically, what their service does is allow you to create short easy URLs (like any other service). However, unlike other services, when you click on the link, it opens a frames page with the content in the bottom frame and the McAfee information in the top frame. This information includes details about the domain you are connecting to, the type of company it's registered to and a big green tick or red cross to tell you whether the site is safe or not. This is decided by their 'Global Threat Intelligence', which will block known bad URLs and phishing sites. That's good, if it works. I said above that I commend them for trying to provide this service. There are some obvious failings in their solution though, that render their prote...

My slides on Network Security and Steganography, presented at the Intensive Programme on Information and Communication Security (IPICS) 2010 can be downloaded below. The topics covered under Network Security are: Access Control Devices, Firewalls, Network Protection, Network Authentication Protocols, TLS, VPNs & Remote Access. The Steganography slides cover examples of: Image, Network, HTTP and Twitter Steganography. A PDF of the Network Security slides can be downloaded from here . A PDF of the Steganography slides can be downloaded from here .

Comodo's Time Machine is a software application that runs on your Windows machine and periodically (either manually or automatically) takes snapshots of your system. You are then able to roll back to any of these snapshots in the future. Indeed you can jump backwards and forwards in the tree and new branches appear as you make changes to the system. The idea behind it is that if you suffer any problems with corrupted software, malware, etc., then you can roll back to a known good state and start again. You can lock snapshots so that they don't get deleted and then clear out the ones that you don't want to keep any more. This is quite important, especially if you take automatic snapshots. You have to remember that every change made to the computer (i.e. every time you run it or change a file) the changes are stored. When a new snapshot is created, if you change a file you will have a new version on your system as well as the old one. Due to this, it requires a fair amount...

I have recently been thinking about Steganography again and various carriers as well as applications. For those of you that don't know what Steganography is, it simply means 'hidden writing' from the Greek. Some examples of steganography are: tatooing the scalps of messengers and then waiting for their hair to grow back; writing a message on the wood of a wax tablet before pouring the wax in; 'invisible inks'; pin pricks above characters in a cover letter; etc. Basically, we have a 'cover', which could be an image, passage of text, etc., that we are happy for anyone to see and a message that we want to hide within it so that it is undetectable. It turns out that this last part is quite hard. Anyway, I thought I'd look at techniques to embed data within Twitter as it is popular now and people are starting to monitor it. Hiding within a crowd, however, is a good technique as it takes quite a lot of resources to monitor all activity on a service like Twit...

I have been talking to a company that provides telephone exchanges and services to companies this week on behalf of a client and it has highlighted a worrying backdoor. It turns out that many of these companies have a way to remotely connect to their exchange for support purposes - they can remotely control, configure and troubleshoot your system to get you back up and running. Exchanges often have additional modems in them to allow for remote connections. This is all very well and good from a managed service point of view, but what about the rest of your network? Can this be exploited to gain entry to your network? Quite possibly in some cases - it certainly needs to be included in your security audit and perimeter testing. Talking about a specific company now, they supply the software to monitor and bill phone calls through the exchange. They remotely install, monitor and manage this software. How do they do that? Well, it turns out that they install LogMeIn on your machine. Now t...

The Care Quality Commission ( CQC ) has decided to put registration of Care Providers online to make everything faster and easier for the providers. At least that's what they said. In practice, care providers had to fill in the online forms addressing standards that won't be published for another 5 months after the registration deadline. Ignoring all the problems, ridiculous re-branding to avoid inconsistencies and money wasted, there was a serious problem/lack of understanding that has lead to this blog post. All care providers and managers have to register online individually and have to agree to particular terms in order to be registered and, therefore, trade. I have no problem with this as these care providers are looking after vulnerable people. However, it became obvious that there are serious problems with their system. First off, it isn't possible to change the owner's name if you make a mistake (they can't change it either apparently). Therefore, if you ...

I am currently producing a series of videos demonstrating the anti-spyware capabilities of Trusteer's Rapport . So far I have looked at keylogging software and screen capture. Specifically, I have demonstrated it with Zemana ScreenLogger, Zemana KeyLogger and SpyShelter. I will be adding more videos over the next few days. The first two videos are embedded below. (Edit: 17/05/10 - I have now added three more videos covering Zemana SSL Logger, AKLT and Snadboy's Revelation V2.) Links to the YouTube videos are below: Trusteer's Rapport Demo 1 - Zemana ScreenLogger Trusteer's Rapport Demo 2 - Zemana KeyLogger Trusteer's Rapport Demo 3 - SpyShelter Trusteer's Rapport Demo 4 - AKLT Trusteer's Rapport Demo 5 - Zemana SSL Logger Trusteer's Rapport Demo 6 - Snadboy's Revelation V2 Trusteer's Rapport Demo 7 - Pharming Attack Trusteer's Rapport Demo 8 - Amecisco Invisible Keylogger Stealth Trusteer's Rapport Demo 9 - Anti-Phishing P...

Once again InfoSecurity Europe was an interesting place to visit. Lots of good sessions and interesting people to talk to. Most of the usual protagonists were there and the organisers have increased the educational part of the exhibition as well, which is good. I thought I would put down a few things that I thought were noteworthy from the exhibition. I've already blogged about the GrIDsure anti-phishing sender verification and the new 3M mobile phone privacy filters , but there were a few other things I want to mention. The first one is Panda Security's new Panda Cloud Internet Protection . This is a cloud-based service that provides consistent security and access policies to all machines within an organisation. The key thing is that it will protect mobile machines that are outside the corporate network with the same policies as those within the network. Protecting corporate machines when mobile is a big concern and a good way to reduce malware or hacking problems on the...