Does Anti-Virus make a difference?

Like so many of us in the profession, I was asked to look at friend’s computer. Nothing specific was wrong; she had just moved out of an “Friend/Ex-Friend’s” house. She was worried that they might have done something to her machine. So I started looking at it. Nothing looked really out of place. The owner would never install anything (including updates or e-mail links). So after updating everything, I started to scan for viruses and malware. That’s when I noticed that there was no anti-virus software. I thought that was odd because there was the update program. I asked if she had uninstalled it and she said, “no.” It then hit me:  the “evil plan” was to remove her anti-virus and trouble would soon follow.  Fortunately, her “safe-surfing” habits of never opening or installing programs had saved her! Even after 3 months of surfing, she still had a clean machine. I guess this is pretty good evidence that “Safe-Surfing” and a little luck can keep you safe.

Advertisements

A friend sent me this about E-mail Security

The true state of security :)

The true state of security 🙂

So a friend sent this to me awhile ago. I figured it would be great for the New Year

They say a picture is worth a thousand words.

A non-deceptive SE event

Ok, So listening to the latest Social Engineer Podcast   http://www.social-engineer.org  I realized I needed/forgot to write in about a non-deceptive SE event.

 I had won some license plate holders at Ohio Linuxfest a many years ago. So I went to put them on and the screw broke. I went to a local dealer asked if they could put them on. They, like all good dealers said “Sure! $30 each plate.” $60 total is a lot so I started thinking. I ask the manger if he was really going to charge me $60 to remove the advertizing of a competitor? His answer was “Would you like a car wash with this complimentary service?”

The data they collected is at http://www.social-engineer.org/polls/social-engineering-and-deception-whats-the-truth/

Why Phish? Just invite!

Garage Sale on Craigslist

 

So I love garage sales as much or maybe more than the next person but this scares me. “We’ll be taking cash or Paypal. (To use Paypal you have to pay on site using my laptop and the transaction would have to clear before you leave. This means no E-check transactions.)” I don’t think the person is planning anything bad but, what if their computer is infected? Now everyone’s usernames and passwords have been exposed. Or what if an evil garage sale shopper has a USB Hacksaw with them and infects the computer? 

I have to run grarge sales are waiting…. 

http://cleveland.craigslist.org/gms/1764370329.html

AlmondJoy Cheesecake

Hi,
I know this isn’t what you’d expect me to Post but, here it is:

Almond Joy Cheesecake (TM I’m pretty sure.)
Special Thanks to Steven Soto.

(2)  8 oz cream cheese
½ cup  of sugar
(2) eggs
½ teaspoon of almond extract
1 cup  of shredded coconut
1 cup  of chocolate chips
1 Already  prepared  graham cracker pie . Or Chocolate pie crust.
Ice cream Magic chocolate shell .

Pre-heat oven to  350.

First blend the cream cheese, sugar, eggs and extract Till smooth. Next add the coconut and  chocolate chips.

Then pour into  the pie crust. And bake for 40 mins. 
Then let cool. pour the magic shell over and chill in the fridge.

Enjoy

Shmoocon Paper Accepted

I’m speaking at Shmoocon. 

Check out Version 1 launcher video’s at : http://www.youtube.com/user/securidave

 

http://www.shmoocon.org/presentations-all.html

 (Mad Props to Larry. I never would have done if he didn’t ask me or write cfp.)

Building the 2008 and 2009 ShmooBall Launchers

Larry Pesce and David Lauer

Its a series of tubes! Pneumatic tubes!

This talk will describe the infamous 2008 and new 2009 ShmooBall Launchers built by Larry, and introduce Dave’s 2009 design. This talk will include all of the steps behind the planning and building process for our launchers, as well as the history, and backgrounds for the design. We’ll talk about the methods of building, safety considerations for the operator, target and environment, selection of building materials, design considerations and testing. We’ll also discuss some of the construction issues, failures and reasons for what may be considered design flaws. Discussion will also be had about improvements made, and how we can improve for next year.

Larry Pesce (Chief Research Officer, PaulDotCom Enterprises) – In the last 13 years in the computer industry, Larry has become a jack of all trades, most recently focused on the computer security field. In addition to his industry experience, Larry is also a Security Evangelist and co-host for the PaulDotCom Security Weekly podcast at http://www.pauldotcom.com. Larry is also Co-Author of “Linksys WRT54G Ultimate Hacking” and Contributing author of “Using Wireshark and Ethereal” and “How to cheat at configuring Open Source Security Tools”, all from Syngress publishing.

David Lauer has been involved in the computer industry since 1990. His broad background covers a large part of the IT industry. He began his career in programming and database development before he found his calling in networking and security (where his professional strengths and personal preferences mesh seamlessly). He has found that this knowledge of software development and database design often gives him a unique perspective on day-to-day issues. David is also a Co-Host of the SecurityJustice Podcast.

My BlackBerry Storm Review

Well I’ve had my Blackberry Storm for a few weeks now and I have a few tips to make it work better. I said “Better.”

1. Install the Blackberry Update that they released about a week after they started selling the Storm. This makes the phone act more like a Beta version.

2. Under the Options menu, Keyboard/screen set the font size to 10. This increases the size of the menus and other buttons. So if you have big hands/paws like me it’s easier to select the button you really want.

3. Remove the Blackberry Messenger. You need to uninstall it. This is one of the apps that Blackberry always keeps open for you so you have faster access to it. 

4. Close the apps your not using. A real pain, I know.

5. Don’t forget about rebooting the unit every now and then. I mean pull the battery for a good minute.

So even with these changes I still get it to crash and burn. (Just use the camera, video and playback.)

BlackBerry Storm Crashed again, and again.

BlackBerry Storm Crashed again, and again.