Zimmer And Associates

Here’s an interesting paper on Facebook forensics. It shows what trails of Facebook activity are typically left behind on computers and smartphones, which can be valuable for criminal investigators and criminals alike.

https://docs.google.com/viewer?url=https://sites.google.com/site/valkyriexsecurityresearch/announcements/facebookforensicspaperpublished/Facebook_Forensics-Finalized.pdf&pli=1

A survey of 583 businesses of all sizes and industries shows that 90 percent of them have been hacked in the last year. The survey also shows that companies need to prepare for containing the effects of an attack, rather than just preventing them. No matter how good your security is you always need a Plan B in case an attack gets through.

With the increasing number of high profile hacks in the news lately it’s only a matter of time before every company has its security breached, even if it’s in a relatively minor way. Following industry best practices to harden your IT infrastructure, protect your sensitive data, and contain future attacks isn’t as hard as many people assume it is. As Benjamin Franklin said, “An ounce of prevention is worth a pound of cure.”

http://www.pcworld.com/article/230937/survey_90_of_companies_say_theyve_been_hacked.html

Many IT professionals debate whether or not buying an enterprise hard drive for twice the price of a desktop hard drive is worth it. What do you get for your money? Intel wrote a white paper on this topic a while back that shows in detail what you get, answering questions and killing rumors that have floated around online forums for years.

With an enterprise drive you get a drive tuned for:

• 24/7 use
• Higher reliability and MTBF
• Increased data integrity
• Higher throughput (if you’re buying a drive with a faster spindle speed)
• Ability to tolerate higher temperatures and vibration found in RAID setups

All the technical details of how that’s accomplished are in the paper.

http://download.intel.com/support/motherboards/server/sb/enterprise_class_versus_desktop_class_hard_drives_.pdf

Are you getting rid of your hard drive but want to make sure your data doesn’t fall into the wrong hands? Just deleting the files or formatting won’t work, the drive needs to be wiped. Many people believe that you need to do the DoD standard of a seven pass wipe, but research shows my long-held belief that once is enough.

http://csrc.nist.gov/publications/nistpubs/800-88/NISTSP800-88_rev1.pdf

http://www.honline.com/security/news/item/Secure-deletion-a-single-overwrite-will-do-it-739699.html

It’s also important for forensic investigators to be aware that SSD drives can make file recovery almost impossible due to the way they operate.

http://www.jdfsl.org/subscriptions/JDFSL-V5N3-Bell.pdf

Most small businesses I’ve talked to aren’t worried about the security of their computers or data. They feel they’re not a big enough target, that all they need is a virus scanner, or that nothing bad has happened yet so they’ll be fine. The link below is proof yet again that everyone should care about the security of their data, even if they don’t think they’re at risk. The FBI is investigating a number of cases where small business computers were broken in to from across the Internet and funds were transferred to cities in China. There are many things you can do to reduce the risk of being affected by this type of attack. Using more than one creates an ideal Defense In Depth layered protection, like I had mentioned in an earlier post about protection at nuclear reactors. One of the most effective but least convenient methods is having a dedicated, cheap computer that’s used only for your sensitive tasks like online banking. However once you weigh the effect of having large sums of money stolen against the minor inconvenience of using a $200 netbook when you want to do your banking it seems like a pretty good trade off.

http://krebsonsecurity.com/2011/04/fbi-20m-in-fraudulent-wire-transfers-to-china/

You’ve probably seen the news that security researches discovered iPhones are secretly logging your location. Reactions have ranged from “This is horrible and Apple should be sued” to “What do you expect from a phone that’s meant to keep you plugged into The New Age?” I think the big issue is that this was happening without customers’ knowledge, but it probably won’t really affect anyone unless their iPhone or the computer holding their iPhone backups are stolen. However I could see scenarios where attackers break into a person’s phone or computer, steal the location log to learn their victim’s home and work locations and travel habits, then use it to their advantage.
http://www.cnn.com/2011/TECH/mobile/04/21/iphone.tracker.explainer/index.html

This ties in to a topic that hasn’t made the headlines. Michigan police are using a device that allows them to download all the contents of your phone during a traffic stop, without a warrant. This includes call records, text messages, pictures, personal data, and now thanks to Apple, a detailed log of everywhere you’ve been since you got your phone.
http://www.mobiledia.com/news/87523.html

More and more of the systems in cars today are essentially small, networked computers. From the engine and transmission to turn signals and door locks, they all talk to each other and are subject to some of the same security threats facing your home or work computer. Researchers were recently able to access those systems with a specially crafted music CD which took control of the stereo, and from there jumped to the other networked systems. Some auto manufacturers are now starting to include Internet access, opening up the possibility for some very interesting remote attacks on your car.

http://www.securitynewsdaily.com/the-sound-of-hacking-researchers-use-trojan-cd-to-hack-car-0604/

Electronics and automation are no longer just for companies and hobbyists. Arduinos allow artists with little or no programming experience to create interactive art, a field which has seen huge growth in the last few years. They also allow museums to create interactive exhibits without expensive computers and hardware.

http://www.nytimes.com/2011/03/17/arts/design/arduinos-provide-interactive-exhibits-for-about-30.html?_r=1

One of the nightmare scenarios in the computer security world has happened, a Certificate Authority has been compromised. This is somewhat similar to someone hacking into the DMV and issuing fake licenses, you can no longer trust a card holder’s identity. A large number of secure sites can no longer be trusted, malicious sites can impersonate legitimate sites, and secure communications can be intercepted. This has been discussed as a “what if” for years, but no actual occurrences have been reported. The Mozilla and Chrome web browsers have been patched to help negate the effects, but other applications like email, chat, and file transfer applications are currently vulnerable. There are mitigating circumstances so this may turn out to be a smaller issue than it appears to be at the moment.

https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion

This article offers one of the best explanations of how a nuclear reactor is built, what’s happened so far during the Fukushima reactor accident, and what safeguards are in place to prevent an even larger disaster. It turns out nuclear reactor architects and computer security architects have a similar mindset. Both use “Defense In Depth” to put up multiple layers of protection in case of disaster. If one system fails there are several others behind it as a contingency plan. It sounds like the accident has affected a few of the safeguards, but others are still working.

http://theenergycollective.com/barrybrook/53461/fukushima-nuclear-accident-simple-and-accurate-explanation