Windows 7 - Get with the Program

Many users have complained about Windows Vista. I have noticed that this is because of the lack of sufficient hardware and users NOT wanting to change. As time goes by, Operating Systems will not wait for us (the end-user).

Several websites have theories on Windows 7 (the next OS). From all of the screenshots, it appears to be much like Windows Vista and it will offer touch screeen capabilities.

You will have to change. Whether it is Windows Vista, Windows 7 or (Linux) Ubuntu. With Web 2.0- Wiki, RSS, PodCasts, blogging and changes here, you will change.   Are you blogging yet?

We are at a transitional stage where change is becoming more frequent. You can ride the XP bus until 2014, but in this world, to stay competitive, you will change or fade away….technology will not wait.

You can fight with Microsoft, deny Linux or ignore Web 2.0, but you will be lost.  Linux is coming up, Microsoft is changing and the World Wide Web is not waiting for you.  You will have to educate yourself.  You will have to change or,  you can be a lamer.

 

Who is AstralSin?

Jon Ward is a former student and excellent security analyst.  He is a Certified Ethical Hacker and a Linux expert.  Here are several post from his blog:

I found some more online classes, this time specifically for network security and cryptography.  These come from reputable sources but I have not tried them to see exactly what they offer… yet.

An Introduction to Information Security -The Open University
Network Security - The Open University
Network and Computer Security - MIT
Cryptography and Cryptanalysis - MIT

Most programmers that have worked with C or C-like languages are familiar with the main() function.  Its the heart of the program and from where all other portions of the code execute.  Python doesn’t have a built-in main() function so it can be a little foreign to people like me so I found a way to create a main() and have my code structured more like I’m used to.  Its actually quite simple to do.

def main():

     <your python here>

if __name__ == “__main__”:
    sys.exit(main())

Thats it.  You’ll declare a function called main and call it with the two lines at the bottom.  Now you can structure your code with other functions and classes and have everything originate from the main().

Programming Tutorials - A Followup

OK, last time I ranted about how most programming tutorials don’t really tell you anything.  I’ve pinpointed exactly what they don’t tell you.  Most tutorial writers tell you the proper syntax of loops, functions, methods, whatever, and for most languages that’s fine because the programs are written the same way.  But some languages, like Python, don’t necessarily rely on functions to define the structure of the code.  In C and many languages like it, there is the main() function and you know thats the beginning of the program.  In Python, there is no main() function. 

While I can figure out to put stuff wherever I can fit it, some people can get confused by this, especially beginner programmers.  I mean, really, authors please take into consideration that your readers may not have as much experience as you and they may need an extra sentence or two describing the structure of a program.  Or like I said earlier, while you’re writing your tutorial, write a little program that demonstrates how to use all the primary features of the language while putting them in context.  It makes things alot easier and by doing this, you open the doors to better programmers in the future that may have gotten their start from reading your material.  Take a little pride in your work and put some extra effort into your instruction by adding clear context to your example code.

Oh, and btw, please stop using the command line interpreter to show us how to do one line at a time.  No one writes a program one line at a time.  Its completely useless to show us anything there.  Write it with some other code to let us know how at least TWO lines can interact with one another.

The Protection of Utility Companies - Fear

After reading an article on CNN, it has always been obvious that utility companies can be compromised through cyberattacks.  Managed stations that use computers to control utilities are the most vulnerable.  With firewalls misconfigured, weak passwords, missing patches and other key security items, hackers can compromise these systems and possibly shutdown power grids.

CNN’s article on TVA (The Tennessee Valley Authority) explored the findings of the GAO (Government Accounting Office); findings that make 9 million customers vulnerable.  With TVA operating more than 50 nuclear reactors and other forms of power, the protection of this part of the nation’s critical infrastructure is key to the nation’s security.  With our dependence on oil and prices reaching record highs, the U.S. population is nervous about the current recession, energy and the weak American dollar.  A Power grid failing because of cyber terrorism would create a lack of trust in the government and an uneasy feeling of impending doom. (terrorism)

  Interactive Map Link

I have discussed the protection of the nation’s infrastructure with other Infragard members and often look at SCADA and power systems.  We’ve talked about this for years.  These findings are good. Why?  So other agencies and private industries can tighten their own security.  Hopefully everyone is listening and doing something about their own networks.

 

Several times we have released our Internet Security Whitepaper. Many of you have asked us for the powerpoint version to ‘cut down’ on reading and to use in training. This whitepaper has been published nationally.

Powerpoint - network-security

Whitepaper - networksecurity (Word Format)

USB Lost

Lost, forgotten, I’d have it for ten seconds? Nope, it’d never make it to work.  Link

Thumbdrive - Ironkey

Ironkey makes one of the most incredible usb drives on the market.  The strong encryption helps to keep your data safe.  For more information, click on their picture above.

From Ironkey:

The encryption keys used to protect your data are generated in hardware by a FIPS 140-2 compliant True Random Number Generator on the IronKey Cryptochip. This ensures maximum protection via the encryption ciphers. The keys are generated in the Cryptochip when you initialize your IronKey, and they never leave the secure hardware to be placed in flash memory or on your computer.

 

Microsoft’s Live Mesh - Connect All of Your Devices - Companies Be Cautious

You have to look at humans today.  We are always on the go and if we don’t have our PDA’s or thumbdrives with us, we often forget files.  With Live Mesh, we can synchronize files on multiple computers through live desktop.  To learn more, visit www.mesh.com

Great, very functional idea.  Excellent, Excellent, Excellent.  Downside, security…we have to look at who gets access and who doesn’t (from work).   Files could walk away from your company if misused (IT Managers need to manage this).

 In the near future, other devices that will be supported include the MAC.  Great idea Microsoft.

Multiple Monitors

9xmedia has some of the best multiple monitor stands available. Check them out at www.9xmedia.com

AVG 8.0 Freeware Antivirus-Why McAfee and Norton?

Finally 8.0 has been released. I really think it finds more viruses than Norton or McAfee.

Funny thing is I have seen the aforesaid antivirus suites up-to-date on a sluggish machine-after installing AVG and uninstalling Norton or McAfee, AVG found several dozen viruses and spyware and the machine ran great.

Another thing is why do you have to have removal tools for McAfee and Norton if it is such great software? AND why do these programs slow your computer down soooo much?

Computer Information - Belarc

Belarc Advisor is an excellent tool that I always forget about… It not only gives you system information, it tells you what patches and updates you are missing.

Silence Your Harddrive

Suspend it with elastic! Twenty years, I’ve never thought of it.  Link

Vista File Manager

Everytime I think I tweak Vista, there is something new.  With a dual core processor, SATA harddrive and 2GB or RAM, why does it take over a minute to extract a small file?  Hopefully Microsoft will fix this.

Metcalf’s Law

Metcalf’s Law states that a network’s value increases exponentially with every node attached to it. This is true, a single computer sitting in a room by itself has minimal value in the real world. This concept describes the power of the internet and it can’t be disputed. However, there is an aspect that has gone overlooked. For every node connected to the network, there has to be an operator of each node. Those operators can be one of three things, neutral agents, benevolent agents or malicious agents….Read More

Yet Another Windows Tweak - Actually a Good One!

Not for beginners, yet easy for Advanced users….

Windows Tweak Now!  

  • Applications
  • Control Panel
  • Desktop
  • Miscellaneous
  • Network & Internet
  • OEM Info
  • Special Folders
  • Start Menu
  • User Accounts
  • Windows Core
  • Windows Explorer
  • Firefox - Intrusion Detection System

    Awesome.  Finally someone is developing an IDS for a webbrowser (Firefox, sorry IE).  Of course it’s in it’s Alpha stage but. Firekeeper works alot like SNORT.  Firekeeper

    Firekeeper is an Intrusion Detection and Prevention System for Firefox. It is able to detect, block and warn the user about malicious sites. Firekeeper uses flexible rules similar to Snort ones to describe browser based attack attempts. Rules can also be used to effectively filter different kinds of unwanted content.
    Features of Firekeeper include:

    • Ability to scan HTTP(S) request URL, response headers and body, and to cancel processing of suspicious requests
    • Encrypted and compressed responses are scanned after decryption/decompression
    • Privacy friendly - no data is send to external servers, all scanning is done on the local computer
    • Very fast pattern matching algorithm (taken directly from Snort).
    • Interactive, verbose alerts that give an ability to choose a response to detected attack attempt.
    • A detailed view of suspicious response headers and body
    • Event logging
    • Ability to use any number of files with rules and to automatically load files from remote locations