Don’t you just hate it when upgrades go wroing I upgraded Apache to 2.2.8, MySQL to 5.0.45-community and PHP to 5.2.6 last night and, if you tried visiting here you know it did not go well :(. Before you can recompile Apache on a cPanel system it’s always advisable to upgrade cPanel first to the latest version. That’s where things went wroing [sic]. It seems there was problem with the MD5 hash on one of the update files and at that point my limited skills fell apart and I had to get the great support guys at work (RackForce) to fix the cPanel upgrade for me so I could recompile Apache. This all started because I wanted to add some more layers of security , in particular suhosin to harden PHP. In any case, I’m back, I’m sure much yo your great disappointment LOL.

fwiw: if any of you are familiar with CSF (ConfigServerFirewall) my rating is currently

and no I won’t tell you which two items I haven’t fixed yet

Technorati Tags: upgrades go wroing, Apache, MySQL, PHP, cPanel, MD5 hash, RackForce, suhosin, server upgrade, great support, using up my nine lives very quickly

It seems everyone and their dog has a web bot these days. They are a major source of bandwidth use (which could cost you money), but, worse, each time one scrapes your site it registers in your web stats as a visit. Identifying bots is not easy. Some stats programs, like Firestats, the one I use on my blogs, have a list of known bots and ignores any hits from them. This is a good thing but there are unscrupulous bot overlords out there who try and disguise their activity by faking their browser/OS identification packet headers and spreading their hits out several minutes apart. Here’s a good example of one such bot out of the Ukraine^* - probably a SPAM bot as the former SSR states are the major source of SPAM bots (it’s not just SPAM bots that are being unethical - there’s one bot out of Sweden that pulls the same trick and when one site owner confronted the bot owner he claimed to be developing a Nordic search bot.)

• 92.112.201.167 Mozilla/4.0 (compatible; MSIE 6.0; America Online Browser 1.1; rev1.2; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
• 92.112.201.167 Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.3a) Gecko/20021207 Phoenix/0.5
• 92.112.201.167 Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv :1.7.5) Gecko/20050519 Netscape/8.0.1
• 92.112.201.167 Mozilla/4.0 (compatible; MSIE 5.0; Mac_PowerPC) Opera 5.0 [en]
• 92.112.201.167 Mozilla/5.0 (Windows; U; Win 9x 4.90; en-US; rv:1. 7.5) Gecko/20041220 K-Meleon/0.9
• 92.112.201.167 Mozilla/4.0 (compatible; MSIE 6.0; AOL 9.0; Window s NT 5.1)

Note: those stats are not referrers, they are actual hits on the site from the same IP. 92.112.201.0/24 (that a Class C or 0-255 in the IP range) just hit my firewall deny rules

^*inetnum: 92.112.109.0 - 92.113.255.255
netname: UKRTELNET
descr: Ukrtelecom IP access network
descr: NCC#
country: ua
remarks: E-mail for SPAM and abuse postmaster@ukrtel.net
admin-c: ARM42-RIPE
tech-c: ARM42-RIPE
status: ASSIGNED PA “status:” definitions
mnt-by: AS6849-MNT
source: RIPE # Filtered

person: Remiga Alexander
address: JSC UKRTELECOM
address: 18, Shevchenko blvd
address: Ukraine, Kiev
phone: +380 (44) 230-9024
nic-hdl: ARM42-RIPE
mnt-by: AS6849-MNT
source: RIPE # Filtered

Technorati Tags: web bot, bandwidth, web stats, Identifying bots, Firestats, SPAM

Quick, raise your hand if you didn’t see this coming

Google is laying off about 300 employees in its newly acquired DoubleClick ad business, according to a source familiar with the matter.

A Google spokesman said the company could not confirm the number of workers laid off.

“Since our acquisition of DoubleClick closed on March 11, we have been working to match and align DoubleClick employees in the U.S. with our organizational plan for the business,” the company said in a statement.

ooooh you weren’t paying attention then. I hope the management and executive levels are the ones let go. It’s hard to feel sorry for them when you consider just how evil DoubleClick has been in the past. I have their IPs routed to null space (127.0.0.1 [localhost])

Technorati Tags: Google, DoubleClick

Larry Dignan over at ZDNet has some interesting questions in reference to MS Labs new non-windows OS Singularity

The Singularity effort raises a few interesting questions:

• Could Microsoft start over with a new OS separate from Windows?
• If Microsoft started over with Windows and didn’t have compatibility with older applications what would the corporate revolt look like?
• Will Microsoft ultimately need a clean break from that monolithic Windows code at some point anyway?
• When would you make such a clean break?

Personally I think it is inevitable and necessary and they should make the miserable Vista their last Windows OS. To placate the business community it and XP Pro should not be end-of-lifed for a very long time. It would not surprise me in the least to discover that a lot of the problems with Vista are because of the need to support some legacy code. With so many millions of lines of code going into making up the Windows kernel (it’s rumored Vista has over 50 million and XP over 40 million) there’s no way they are ever going to clean it up entirely in order to fix the holes. It’s time to start fresh. Do it now.

This sounds very interesting

Singularity is a research project focused on the construction of dependable systems through innovation in the areas of systems, languages, and tools. We are building a research operating system prototype (called Singularity), extending programming languages, and developing new techniques and tools for specifying and verifying program behavior.

Advances in languages, compilers, and tools open the possibility of significantly improving software. For example, Singularity uses type-safe languages and an abstract instruction set to enable what we call Software Isolated Processes (SIPs). SIPs provide the strong isolation guarantees of OS processes (isolated object space, separate GCs, separate runtimes) without the overhead of hardware-enforced protection domains. In the current Singularity prototype SIPs are extremely cheap; they run in ring 0 in the kernel’s address space.

Singularity uses these advances to build more reliable systems and applications. For example, because SIPs are so cheap to create and enforce, Singularity runs each program, device driver, or system extension in its own SIP. SIPs are not allowed to share memory or modify their own code. As a result, we can make strong reliability guarantees about the code running in a SIP. We can verify much broader properties about a SIP at compile or install time than can be done for code running in traditional OS processes. Broader application of static verification is critical to predicting system behavior and providing users with strong guarantees about reliability.

The SDK for Singularity was just released this past Tuesday and you can download it from the codeplex site.

Technorati Tags: Windows, XP Pro, Vista, research operating system prototype, Software Isolated Processes, SIP, Singularity

Wikileaks

From NYT

Why did lawyers for a bank in the Cayman Islands ask a judge in essence to turn off the domain name of the Wikileaks site? Perhaps because they could not get the site shut down by more traditional means.

[snip]

Domain registrars like Dynadot, Register.com and GoDaddy .com provide domain names — the Web addresses users type into browsers — to Web site operators for a monthly fee. Judge White ordered Dynadot to disable the Wikileaks.org address and “lock” it to prevent the organization from transferring the name to another registrar.

The feebleness of the action suggests that the bank, and the judge, did not understand how the domain system works, or how quickly Web communities will move to counter actions they see as hostile to free speech online.

The site itself could still be accessed at its Internet Protocol address (http://88.80.13.160/) — the unique number that specifies a Web site’s location on the Internet. Wikileaks also maintained “mirror sites,” or copies usually produced to ensure against failures and this kind of legal action. Some sites were registered in Belgium (http://wikileaks.be/), Germany (http://wikileaks.de) and the Christmas Islands (http://wikileaks.cx) through domain registrars other than Dynadot, and so were not affected by the injunction.

From Wikileaks

Wikileaks would like to encourage everyone out there to have a look at the information. We encourage anyone dealing with tax fraud and evasion and offshore/Swiss banking to review the material posted with us. This will make sure we can verify the relevance and validity of the material presented. Bank Julius Baer has decided to go for the next round in trying to silence Wikileaks. This will not happen and only proves that at least parts of the material hold valid information.

Keep right on at it wikileaks.

Technorati Tags: Wikileaks

From Columbia Journalism Review

It wasn’t just the so-called liberal media that appeared enthralled with Barack Obama last night. Even Fox News Channel managed to give him a leg up—whether it was intentional or not.

During its coverage of the Potomac primaries, FNC carried the Illinois senator’s victory speech live from Madison, Wisconsin, for a full twenty minutes. Earlier in the night, FNC devoted a mere two minutes to Hillary Clinton’s speech from El Paso, Texas.

As for the Republican hopefuls, John McCain enjoyed ten minutes of Fox’s airtime compared to Mike Huckabee’s five (although Huckabee got his by appearing as a guest via satellite feed)

You can see what’s happening here ( a shout out to Bilious O’Reilly - get your resume ready.) Murdoch/Fox sees the writing on the wall, the next president is going to be a Democrat and is almost certain at this point to be Barack Obama so the tune needs to change (albeit very slowly so as to not alienate the vapid trailer trash morons who constitute the audience at this point too quickly) or else Fox will be left out in the cold and not have any influence with the new regime. At some point before Obama is crowned they will come out in favor of him and point to that and say something to the effect see we are as fair and balanced as we say we are. Prepare to chuck your cookies at that point.

Technorati Tags: liberal media, Fox News Channel, O’Reilly, Murdoch, Fox, Barack Obama, Obama, fair and balanced

The CBC announces today that B.C. is planning to license house inspectors.

The British Columbia government is moving to protect consumers by requiring home inspectors to have a license.

The decision follows repeated calls for tougher regulations and is welcomed by John Grasty, the acting president of the Consumer Advocacy and Support for Homeowners Society.

Grasty says he regularly hears from homeowners who tell him that, despite an inspection, their dream of a new home has turned into a nightmare.

Just a few weeks ago, he said, he took a call from a woman on [Vancouver Island], who had just purchased a home and discovered a gas leak that wasn’t detected by a home inspector.

He said he often gets calls from people who purchase a home, only to find that it had contained a marijuana grow operation.

Grasty supports licensing for home inspectors, but worries about the standards they will be required to meet.

“They would have to be tested annually, or regularly, on several trades such as plumbing and electrical,” he said.

Even a professional engineer may not be qualified in all of those areas, he said.

I must say it’s about time. I hope (but will be very surprised, given this overly business friendly government, if they do) they will go far enough to truly protect the consumer. That will require making those inspectors financially responsible for their oversights. Right now it simply is a crap shoot whether you get an honest and qualified home inspector or someone who knows even less than someone whose sole experience comes from watching the home renovation shows on Home and Garden TV.

Technorati Tags: house inspectors, British Columbia, home inspectors, home renovation, Home and Garden TV

The best explanation yet for the scam that is the stock market, compliments of one wise man - The Mogambo Guru

… I could have shown them the “best case” example, where investors buy a stock and sell it for twice as much. In other words, I buy a stock for $1, and then sell it for $2 (making a 100% profit).

And then that investor who bought it from me can make a 100% profit of $2 (doubling his money, too) by selling the stock to someone else for $4. And how does that guy who paid $4 for the stock make a similar profit? By selling the stock to someone else for $8!

I know what you are thinking. You figure, “Hey! This looks easy!”

So, now it is time to add up, so let’s add up, which I am usually pretty good at, if the numbers are few, are all single-digit, I can write it all down and can get back to you sometime early next week with the answer. Fortunately, this is such a case.

So, how much profit was made from all of this selling? $7 (= $1 + $2 + $4)! How much money was spent? $15 bucks (= $1 + $2 + $4 + $8)! Hahaha! Everybody so far has made a 100% profit, and yet twice as much was spent as was made in profits? A lousy 50% total return on investment? Hahaha!

And the last guy, who may be otherwise known as the Last Fool In Line who bought at the exact top at the exact highest price, still has to find somebody to sell to at a profit, or the system goes into loss mode. If he sells at $7, taking a $1 loss, then total profits for the system are reduced to $6 (= $1 + $2 + $4 - $1)! And yet the total amount spent in all this investing has climbed to $22 (= $1 + $2 + $4 + $8 + $7)! Now return on investment is 6/22 = 27%! Hahaha!

It gets worse from here, and no matter how you slice it, dice it, package it, or make Julienne fries with it, the majority must lose so that a minority can gain, as it is a zero-sum game. And that minority is usually Wall Street insiders, the banks and the government-parasite industries.

Technorati Tags: scam, stock market, The Mogambo Guru, zero-sum game, Wall Street, government, parasite industries

[snicker] Scott McNealy takes yet another swipe at Bill Gates [/snicker]

Sun Microsystems Inc. plans to buy open-source software maker MySQL AB for $1 billion, beefing up the server maker’s database offerings with a company whose technology is used by some of the world’s biggest Web sites.

[snip]

Santa Clara-based Sun is paying $800 million in cash and assuming $200 million in options to acquire MySQL. The Swedish company makes open-source database software used by companies such as online search leader Google Inc., popular Internet hangout Facebook Inc. and Finnish phone maker Nokia Corp.

Sun said the deal will help spread MySQL’s software to large corporations, which have been the biggest customers of Sun’s servers and software, and boost its distribution through Sun’s relationships with other server makers such as IBM Corp. and Dell Inc.

Sun has tied its fortunes to open-source software. It believes it can sell more server computers and ring up higher maintenance fees by also offering software whose source code is publicly available for free.

MySQL competes with non-open-source offerings from Microsoft Corp. and Oracle Corp., which dominate database software for traditional businesses.

Technorati Tags: McNealy, technology, Sun, MySQL, Microsoft, database software

It’s no secret that the web is a hive of criminal activity. From extortion to terrorism the net has provided an enormously useful organizational and action tool. For the most part it has been a way to easily hide from authorities. What is somewhat surprising is how little most people know about it. If you are the average person on the street you probably think that this is a recent phenomenon and that it probably doesn’t affect you. Nor would you grasp the scope of it. You would be wrong on all counts, even if you never or seldom use the net.

A little history to begin with

Right from the start of the modern telecommunications era there have been people taking advantage of new technology to get something that they are not entitled to. In the pre-Internet days you had phone phreaks like John T Draper, (A.K.A. Captain Crunch)hacking into the Bell telephone network and making free long distance calls by duplicating the digital tones using a whistle that came for free at the time in boxes of Captain Crunch cereal. This started a whole network hacking subculture that was primed and ready for the personal computer revolution when it started in the mid 70s with the invention of the first microprocessors.

The first networks that PC owners could connect to were university or corporate networks followed very quickly with dial up Bulletin Boards Services (BBS) networks such as FidoNet (early 80’s). BBS’s were essentially nothing more that store and forward file and email systems. A BBS operator would have their computer dial up another one at regular intervals and exchange data. Netmail, the precursor to email would eventually make its way around the world to its destination hopping from computer to computer on the same network (these networks had what is known as a star topology). This is when the criminal, or at least socially unacceptable, behavior really began. BBS users could upload files to a BBS that could then be downloaded by other users and pranksters started developing viruses that were inserted into those files and spread that way. At this point there was no financial incentive involved, nothing to be gained, except reputation, by the person who created the virus. Nevertheless these viruses created great havoc, financial and otherwise, on both personal and corporate systems, as people brought programs into work on infected floppy disks, or took work home with them that way and had the boot sector of the floppy infected as soon as they inserted it into their home computers, then returned that disk to work.

It was with the advent of the Internet, an offshoot of ARPANET, in the late 1970’s (see here for an excellent timeline) and the lifting of commercial restrictions by the NSF in 1991 that cybercrime got the network it needed to start taking off (this is when companies such as AOL and Compuserve began entering the market. Put your hand up if you had a Compuserve account in the early 90s or remember Archie, Gopher, Telnet, Mosaic). In 1991 there were just over 1,000 USENET newsgroups, by 1994 over 10,000 and the online scams were in full swing and SPAM was a fact of life.

So by now you should understand there is nothing new about cybercrime. However, what is new is the extent of it, and the organization of it.

Cybercrime in the 21st C.

The new century had hardly begun before the bad news started making it to the main stream media. In 2001 Business Week reported on an Eastern European ring that had stolen potentially millions of credit card numbers and the personal information attached to them

Until recently, cybercrime has largely been a sport for lone wolves or small groups with a taste for mischief and danger. Organized-crime groups largely left the Internet alone. Still, security experts worried that Net crime across borders would quickly proliferate. The reason: Low risk of apprehension and the potential for big rewards.

Now it appears those worries are finally starting to come true. On Mar. 8, the National Infrastructure Protection Commission (NIPC) — a federal watchdog that works with the FBI to protect the U.S. national infrastructure — took the unusual step of holding a press conference to warn businesses and the public about an ongoing investigation into what may be the largest case of organized crime online to date.

The NIPC alleges that in recent months, Eastern European hackers have infiltrated Web servers … grabbing at least 1 million credit-card numbers and other personal information from 40 U.S. financial institutions and companies. After lifting this data, the gang has allegedly attempted to extort money from their victims by threatening to post the info on the Internet…

And so it begins. Here, as identified at crime-research.org are some of the trends which even though several years old are every bit as relevant today as when written:

1. ”Organized crime groups are using the Internet for major fraud and theft activities.” Focus on banking activities
2. ”Organized crime involvement in what was once categorized as white-collar crime.” Pump and dump stock schemes typify this. SPAM emails are used to pump up the stock then it is dumped
3. ”The growth of cyberextortion is a third significant trend. Extortion schemes are sometimes bungled, but they can be conducted anonymously and incur only modest risks, while still yielding high pay-offs.”
4. ”The use of what were initially nuisance tools for more overtly criminal activities. Perhaps the most notable example of this occurred in late 2000 when a variation of a virus known as the Love Bug was used in an effort to gain access to account passwords in the Union Bank of Switzerland and at least two banks in the United States. Although this episode received little attention — and it is not entirely clear who the perpetrators were — it gives added credence to the theory that organized crime is developing relationships with technically skilled hackers.”
5. ”Jurisdictional arbitrage. Cybercrimes — certainly when they are linked to organized crime — will increasingly be initiated from jurisdictions that have few if any laws directed against cybercrime and/or little capacity to enforce laws against cybercrime.” Most cybercrime today originates out of Russia, China, former SSR states, Brazil and Indonesia.
6. Money Laundering: If you can buy goods or services across the web then you have a perfect vehicle for laundering dirty money
7. ”A seventh trend involves growing network connections between hackers or small-time criminals and organized crime.” This is pretty much de facto now. Very little hacking and virus/trojan writing and dissemination activity goes on now that is not controlled by organized crime or hostile governments (as in MI5’s recent accusations against China).
8. ”Organized crime groups use the Internet for communications (usually encrypted) and for any other purposes when they see it as useful and profitable. Indeed, organized crime is proving as flexible and adaptable in its exploitation of cyber opportunities as it is in any other opportunities for illegal activity. The implications are far-reaching and require a response from government that is strategic, multi-level, multilateral, and transnational in nature”

How does it affect me?

As you can see, even in that old report above, organized crime is infiltrating every area of the net, and everyone who uses the net and even many who don’t are affected and paying the price for that criminal activity.

SPAM

Most SPAM can be sourced to organized crime or is enabled (through the sale of email lists or access to bulk email servers on friendly soil) by organized crime syndicates and currently SPAM comprises about 50% of all email traffic on the net. While email traffic is not the biggest use of bandwidth on the net (p2p, search engines and video sites like YouTube are) it still represents about 15 to 20% of the traffic and 50% of that share is SPAM. To put that in perspective somewhere between 5 and 10% of the cost of running the entire Internet is caused by SPAM and those costs are passed on to you by all the companies that provide access to the net in any form, be it your local ISP or the data center that hosts your corporate server.

Stolen Credit Cards

Ask someone on the street if they think it likely their credit card information is safe and they will likely tell you that it is because they don’t use it on the net. They would be wrong. Relatively few of the total number of compromised credit accounts have come from people entering their information on line. The vast amounts have come from corporate servers that have been hacked or stolen/lost laptops containing databases of such information, Wait, I hear you say, the servers were hacked over the net. Well yes but the information in those servers did not necessarily come from online purchases. If you go to a national retailer for example and purchase something in-store with your credit card, that information usually ends up in the same server as the person who purchases online. While the information may be stolen over the net it does not need to be entered over the net. In fact a substantial amount of corporate hacking takes place by disgruntled ex-employees and current employees, people intimately familiar with the network and its security, or lack thereof as noted in the 2006 CSI/FBI Computer Crime ans Security Survey

…nearly one third (32 percent) of respondents believe that insider threats account for none of their organization’s cyber losses. 29 percent of respondents attribute a percentage of losses greater than zero but less than 20 percent to actions of insiders. Hence, the remaining 39 percent of respondents attribute a percentage of their organization’s losses greater. than 20 percent to insiders. In fact, 7 percent of respondents thought that insiders account for more than 80 percent of their organization’s losses. To summarize, even though most respondents do not see insiders as accounting for most of their organization’s cyber losses, a significant number of respondents believe that insiders still account for a substantial portion of losses.

So you can see that if your information is stolen it’s not necessarily because you ordered something over the web.

Cyber Extortion

There are two primary forms of extortion going on via the net.

The first is stealing data and extorting money from a person or company in return for not selling that information to the highest bidder. This mostly affects companies now as there is so much stolen credit card and personal identity information out there that there is a thriving business selling it on the net.

The second way is to threaten a company with Distributed Denial of Service (DDoS) attacks by first attacking them briefly, putting their web presence completely off line as a result, then telling them to pay up or have their web business destroyed permanently.

A Denial of Service (DoS) attack is generally easy to defend against as it only comes from a single IP or at most a couple and they can be null-routed easily enough. A DDoS attack is another matter.

Because DDoS attacks originate from thousands, tens of thousands and even hundreds of thousands of compromised computers it is almost impossible to null route them unless the attack packets have a unique signature of some kind. That however usually only happens if the attacker is not trying to knock the site off line but instead is trying to overwhelm a particular service running on the server in order to take advantage of a known exploit to gain access to the server and exploit it. To simply bring down the server only requires that the vast army of zombie bots simply request a legitimate page on the server. If the botnet is big enough the server will not be able to keep up with the requests and the site will effectively go off line. Because there is no feature about the incoming packets, in this type of attack - they are legitimate requests for a real page to be served via port 80 - it is almost impossible for a hosting provider to defend against (it will depend on how well crafted the faked browser requests are.) Data Center operators seeing this kind of attack will generally protect their network by simply taking the attacked IPs off line themselves in order to protect the rest of their network (multi Gbps attacks are becoming more common and in even the best data centers that size of attack will affect other customers on the same network segments, or even the entire data center)

What’s needed?

Corporate

Companies operating on the web must take appropriate precautions. Networks must be secured and internal company IT policies must conform to good practices. One of those practices is limiting staff access to the minimum they need to do their job. Too many companies treat this policy as too much hassle and give users far too many privileges. Too often this leads to data theft.

Another thing companies that operate on the net need to do is develop a set of metrics for determining whether orders they receive are legitimate or not. It is not enough to put every order through and flag the ones that fail. By the time a compromised card fails it has likely been multiple times on the net already to order a variety of goods and services. Companies have a civic moral obligation, to say nothing of a fiduciary obligation, to be proactive and try and prevent stolen cards from going through in the first place. By doing so they lower the success rate for thieves and lessen the impact on society as well as their bottom line. In my own line of business I have developed a set of protocols for order verification that has resulted in a successful fraud rate of approx ~.5% of orders starting from an attempted fraud rate of ~45% of all credit card orders.

Databases must be secured and systems patched at all times. If doing this is too expensive for your business then your business case does not make sense. Lawsuits will put you out of business and into bankruptcy eventually. You would think that post TJMax that this would be self-evident but apparently it’s not. Look if you have critical data in a database then the only safe way to treat it, if you must keep it, is to encrypt the whole hard drive.

SANS has a very good (and short) PDF outline your best practices and what to look for

After the recent spate of database thefts and losses the courts are starting to take a very dim view of companies that are not making every effort to protect their data. Don’t expect to be able to plead difficulty, ignorance or cost to conform, when you are sued.

Personal

As mentioned earlier data/identity theft doesn’t necessarily take place over the net. The information needed by crooks to order credit cards in your name or to create duplicates of your real cards etc is often found other ways, including going through your garbage. Here’s some things you can do to protect yourself.

• Watch your data VERY carefully. Keep your computer patched and up to date (yes this includes Mac users - they are at risk now too)
• Don’t throw confidential information and receipts out - shred them first. If it has your name and address on it shred it. Put nothing in your garbage that can identify you and even then do not put your garbage out until collection day.
• If you have a broadband connection don’t even think about not using a hardware router between you and your dsl/cable modem. the best protection bang for your buck
• Get a credit report on a regular basis. If your identity has been stole this will alert you.
• Get a separate credit card for use only on the net. If it is compromised it is easy to kill the card and get another one without interrupting your life
• Use cheques (checks for you Yanks)? Don’t put your full name on the cheques, just your initials and last name. If you lose your cheques the thief will not know how you sign the but your bank will.
• Don’t sign the back of your credit cards put “PHOTO ID REQUIRED” there instead. Hopefully the stores are being diligent and requiring their staff to check signatures.
• Don’t put your full Credit Card number on a cheque when making a payment on an account - just put the last 4 digits.
• Don’t ever put your SSN / SIN on a cheque (it’s illegal for anyone to request this of you in Canada)
• Put all your cards and licenses from your wallet on a scanner or photocopy machine and copy them back and front. Add the phone numbers you need to call to cancel accounts. Put this in a safe place. If your wallet is lost you will know who to contact immediately.

If your identity or credit does get stolen here’s what to do immediately:

1. Cancel your credit cards immediately. see last item above. Know where to get this list of numbers
2. File a police report immediately in the jurisdiction where the crime happened. This will prove due diligence on your part to the credit card company/bank.
3. Call the major credit agencies immediately to place a fraud alert on your name and SSN /SIN. By doing this you will alert and company or bank requesting a credit check on you that your information has been stolen and that phone authorization will be required before any new credit can be approved.
   • Equifax: 1-800-525-6285 (1 800 465-7166 in Canada)
   • Experian: 1-888-397-3742
   • Trans Union: 1-800-680-7289 (1 866 525-0262 in Canada)
   • Social Security Administration fraud line (USA): 1-800-269-0271 (Social Insurance Number fraud 1 800 206-7218
     Select Option “3″. in Canada)

Wrap up

This has been barely a toe dip in the chilling waters of cybercrime but enough to whet the appetite for more information if you want it (see resources below.) The best you, as an individual, can do is protect your computer and you personal data as best you can and take all appropriate precautions. Be ever suspicious when dealing with your data.

If you are looking for an online home for your data choose your hosting provider and data center carefully. If you are getting a managed server do they take the appropriate precautions? If you are getting a self-managed server do they actually give you the ability to set your own security? Are they a reseller? Do they own the facilities? What sort of security do they have (don’t expect them to discuss specifics with you - that would be foolish on their part?). Ask the questions, do not assume, and if they can’t answer then move along.

Be Safe, Have Fun

Resources

Here is a list of further resources not used in this article but ones that should be of interest to anyone interested in this topic
1998
Cracking Cybercrime
2002
http://www.cert.org/archive/pdf/cybercrime-business.pdf
2003 NY Times: Identity Fraud
2004
http://law.jrank.org/pages/11951/Organized-Crime.html
http://www.thewhir.com/features/organized-cybercrime.cfm
http://www.crime-research.org/pages/sabad02_2004/
2005
http://www.csoonline.com/analyst/report3896.html
http://www.spamdailynews.com/publish/Organized_crime_offers_rent-a-zombie_deals.asp
http://pcworld.about.com/gi/dynamic/offsite.htm?site=http://pcworld.com/news/article/0,aid,122258,00.asp
http://smallbusiness.itworld.com/4385/050825internetsieges/page_1.html
http://www.baselinemag.com/article2/0,1540,1775903,00.asp
2006 http://www.mediabuzz.com.sg/channels-web-stories/organized-crime-will-continue-to-be-a-serious-web-threat-in-2007.html
http://techrepublic.com.com/5208-6230-0.html?forumID=102&threadID=205981&start=0
2007
http://www.itjungle.com/tug/tug020107-story10.html
http://www.itsecurity.com/features/mafia-2-protect-yourself-it-security-060707/
http://www.itsecurity.com/features/mafia-2-security-crime-011807/

General

http://www.crime-research.org/articles/General
http://www.interpol.int/Public/TechnologyCrime/default.asp
http://www.lexinformatica.org/cybercrime/
http://www.vaonline.org/internet_reporting.html
http://www.fbi.gov/cyberinvest/cyberhome.htm
http://ec.europa.eu/information_society/policy/cybercrime/index_en.htm
http://wiki.aa419.org/index.php/Main_Page
Studying Malicious Websites and the Underground Economy on the Chinese Web (.pdf 18 pages)
Cybercrime Law: comprehensive survey of current legislations from around the world includes the laws of 78 countries.

Technorati Tags: the web, hive of criminal activity, extortion, terrorism, telecommunications, phone phreaks, John T Draper, Captain Crunch, network hacking, viruses, Internet, cybercrime, stolen, credit card numbers, National Infrastructure Protection Commission, national infrastructure, SPAM, hackers, Jurisdictional arbitrage, Money Laundering, organized crime, bulk email servers, crime syndicates, Stolen Credit Cards, Cyber Extortion, Denial of Servic, DDoS, database thefts, credit agencies, fraud alert, SSN, SIN

First watch this video

Bullet Proof Baby Stroller Product Test - video powered by Metacafe

then read this

(more…)

Too much - great video of Bill Gates‘ last day at Microsoft from this year’s CES

Technorati Tags: video, Bill Gates, last day at Microsoft

It appears that Fortune 500 company Sears did not learn anything from the Sony/BMG rootkit fiasco a few years back. A SearchSecurity.com blog reports that

It seems that Sears, which sells just about everything under the sun, has decided to get into the spyware business too. The retail giant recently has come under fire from a researcher at CA who discovered that Sears’ Web site installs a nifty piece of tracking software developed by ComScore on the machines of some people who join the company’s My SHC community. The researcher, Benjamin Googins, describes in great detail on CA’s security blog exactly what the software does, how little notice Sears.com gives users about the program’s capabilities and how much data it collects.

Here is a summary of what the software does and how it is used. The proxy:

1. Monitors and transmits a copy of all Internet traffic going from and coming to the compromised system.
2. Monitors secure sessions (websites beginning with ‘https’), which may include shopping or banking sites.
3. Records and transmits “the pace and style with which you enter information online…”
4. Parses the header section of personal emails.
5. May combine any data intercepted with additional information like “select credit bureau information” and other sources like “consumer preference reporting companies or credit reporting agencies”.

In other words my friends they have access to everything you do over the net and you won’t even know it. Last time I ever shop at Sears, in person or online, let me tell you.

Technorati Tags: Sears, rootkit, spyware, tracking software, My SHC, Benjamin Googins

Via Tom at Backup Brain comes this ad that is outrageous and probably NSFW. I doubt this will ever make it on to TV in North America

Technorati Tags: Backup Brain, ad, NSFW, sexually explicit ads