JonRolfe.com

Spam drops 70%

Jon — Thu, 13 Nov 2008 21:12:56 +0000

The BBC website reports that following an investigation by the Washington Post , Internet service providers Global Crossing and Hurricane Electric have disconnected the US firm McColo. The firm is believed to be responsible for hosting groups that have been sending spam via botnets.

Ironport, the email security firm now owned by Cisco, claims that as a result spam has dropped by 70% - for now. As soon as the groups re-establish their Internet presence, the level of spam is likely to return.

Wireless WPA encryption cracked

Jon — Mon, 10 Nov 2008 23:26:34 +0000

It was only a matter of time time, but now the WPA wireless encryption standard has been cracked allowing access to the TKIP key, access to the data hasn’t yet been achieved. The attack relies on the use of WPA+TKIP, so switching to WPA2 or WPA+AES will mitigate the attack if the wireless hardware supports them. Check out the whitepaper provided at the AirCrack-NG site, and the SANS ISC site for more details.

Eavesdropping keyboard strokes

Jon — Wed, 29 Oct 2008 19:41:59 +0000

The Register reports that Swiss Researchers from the Security and Cryptography Laboratory at Ecole Polytechnique Federale de Lausanne have demonstrated eavesdropping keyboard strokes from a distance of 20m. The video below demonstrates a proof of concept of receiving and decoding the electronic emissions from different types of keyboards, PS2, USB and Laptops, and displaying what’s typed on a system located in a different room.

Check out the video for a demonstration.

Compromising Electromagnetic Emanations of Keyboards
Uploaded by pace303

Inbox Zero

Jon — Sat, 23 Aug 2008 08:15:58 +0000

I stumbled across the 43 Folders blog of Merlin Mann, a speaker on personal productivity. In his Inbox Zero series he gives useful tips on how to survive the flood of email in the modern age and the best use the technology. The video below shows a talk he gave on his email tips to Google as part of their Tech Talk series. The tips are useful, and the Google Q&A session gives an interesting glimpse into the workings of Google and the flood of information that their employees seems to be drowning under. It seems strange that a company that started out trying to improve the management of information is now drowning in it.

VMWare fights back, and stumbles

Jon — Tue, 12 Aug 2008 20:24:13 +0000

VMWare showed last month that it was readying for a battle with Microsoft by ousting its founder and CEO Diane Greene, and replacing her with ex-Microsoft Vice President of Platform Strategy and Developer Group Paul Maritz. The news sent the shares tumbling by 28% and the company gave no public reason for the move although it seems likely that they wanted an ex-Microsoft VP in charge in order to better fight a potentially bloody fight with Microsoft over the virtualisation market.

Shortly after the move, VMWare announced that their new virtualisation product ESXi would be available for free. VMWare ESXi is the thin hyper-visor based virtualisation product which, unlike ESX or Microsoft’s current Hyper-V product, doesn’t require to be installed on top of an operating system. The move was clearly to up competition with Microsoft (who is effectively giving Hyper-V away Server 2008) and increase VMWare’s installed base, while still earning revenue from support and enterprise management products.

However the aggressive move stuttered today as VMWare admitted to a serious bug which prevents shutdown virtual machines from powering on or using VMotion on or after August 12^th. The problem is caused by the licensing software in ESX 3.5 Update 2 or ESXi 3.5 Update 2 and VMWare advises users not to shutdown virtual guests or to set the date back on the host. VMWare have yet to commit to a release of a patch and their workaround is not usually possible in an enterprise environment when systems require synchronised times for legal, regulatory or security auditing.

Yesterday VMWare were proud to announce that they had the best virtualisation product for Windows administrators. I wonder what those same administrators think today? Read more on the serious bug on the VMWare forum.

UPDATE: VMWare have now released an apology and an express patch to fix the problem.