Wifi vulnerability- Watch Out-Wifi Networks are very vulnerable to security attacks.

WIfi network are very vulnerable to security risks

WiFi Networks are very vulnerable to security attacks- Recent surveys show that almost 80% of Wifi networks are not even WEP encryption enabled.

Wifi network security carelessness

Why are people so careless when it comes to Wifi vulnerability? Its quite incredible that so-called intelligent people can be so dumb when it comes to Wifi security

Casual survey of Wifi network security vulnerabilities

I did a casual survey of people in my data center department and found that the awareness of Wifi vulnerabilities is incredibly low. In fact, 30% of my data center team did not even know what WEP encryption was. If this is the state of awareness for Wifi network vulnerabilities and security risks among so-called IT-savvy data center professionals, God forbid, the level of knowledge about Wifi security risks among non-IT guys must be incredibly bad.

Why bother locking your doors when you are going to expose your home or office Wifi network to the outside world?

Will Vista destroy the antivirus software industry?

Will Microsoft Vista destroy the antivirus software industry?

A rather interesting antivirus software article suggests that antivirus software such as McAfee and Norton coule be made obsolete after Microsoft Vista's launch

Which antivirus software is worse?

Will you choose bad quality antivirus software such as McAfee or Symantec protection that is expensive or bad quality antivirus software from Microsoft Vista
that is free?

I think its a question of which antivirus software is worse- antivirus software protection provided by software such as McAfee and Norton or Microsoft Vista. Though Microsoft does not have a great history of providing desktop security and good antivirus protection, Microsoft Vista has seen significant investments in information security and can definitely do better than Norton or McAfee antivirus software.

Entire antivirus software product industry is a racket

I have a poor opinion of the antivirus software industry and the quality of antivirus software products- so I would rather get free antivirus software from Microsoft of the same quality as the more expensive antivirus software products from so-called industry giants such as McAfee or Symantec antivirus

Data storage backups - The biggest security hazard and waste of money

Data backups are a security hazard and redundancy causes a huge waste of money

Sounds surprising to see a data storage guy talk bad things about data backups and their security implications,right? But its true,data storage backups are taken once,twice and many times over with no track of how many Gigabytes of data are stored in backups,how much of that data storage backup is redundant etc

Typical corporate data storage backup scenario

• Redundancy of data storage backups- Its kinda fashionable to take data storage backups, and preferably repeated backups? Nobody takes incremental data storage backups anymore, its just fashionable to take more and more backups


• Data storage backups are so redundant that data storage backups are nowadays not even catalogued- every data storage backup is categorized by the ubiquitous file name - 'Backups' :-) Nobody has a clue what those data storage backups are about


• Data storage backups are a huge security risk- data storage backups are not catalogued and very often, openly available and not even under lock and key.

In summary, data storage backups are a huge security risk and a redundant data storage through avoidable data backups are a huge waste of corporate money- imagine if corporates used the extra money to pay more to employees :-)

Google Desktop - Dont download? Security Paranoia

You allow Google Desktop downloads ? Google Desktops are a huge security risk and should not be allowed in any organization. Dont you take your data center security job seriously- you actually recommend Google desktop searches?

Google Desktop evokes this common response among data security experts. But I think it is simply security paranoia to not allow Google Desktop downloads. Google Desktops are not a huge security risk at all- True,Google Desktop does communicate to home base and allows for the controversial 'Search across Computers'

But,Google is a large corporate now, and any potential disclosures on misuse of Google Desktop search data by Google would harm Google's interests far more than any potential gain of using the data from Google Desktop searches.

Anyways, when we allow free Kazaa downloads with the omnipresent spyware and downloads of any unauthorized downloads from the internet with no security checks, why should we get paranoid on Google Desktop? Its just security paranoia and fear of Big Brother Google.

Data center crash call at 11:45 pm,New Year's eve

Data center crash on New Year's eve

There was a time in the bad old days, when I used to be an on-call data center support consultant. That essentially meant that as an on-call support person,I was like a criminal on parole,who had to report back to the cops whenever they felt bored and wanted even more boring company.

Call from Burlington data center at 11:45 pm

I once got a call from the Burlington data center at 11:45 pm, on New Year's eve. I usually think better when ethlyl is under my belly- and I asked the data center operations guy what the problem was.

He said that he just wanted to make sure I was around (in case) the scripts I was responsible for failed. After all, it was New Year's eve,and it was difficult for the data center guys to find anyone and our over-zealous pal at the data center desk wanted to make sure he was covered.

The moral of the above data center story is that you find idiots everywhere, even on New Year's eve! Happy New Year to you!

A funny tech support video I recently came across- Well, Its Christmas time and lets be nice to everyone, even tech support people :-)

Data storage virtualization requires a mindset change

Data storage virtualization requires a mindset change.

Before data storage virtualization come into the picture, programmers across the world have been used to abusing the hardware with direct calls to the operating system. In fact, before data storage virtualization was introduced in data centers,Unix programmers have taken the operating system abuses to a different level

To be honest, I was one of those Unix programmers :-) The proudest day of my life was when I extended the kernel for the first time and later downed five beers alone in celebration.

Data storage virtualization,of course, cuts short such cowboy behavior. Different applications in the organization can adopt a different operating system,running on the same hardware- a different slot on the blade servers is all thats needed

Kaspersky's antivirus software has rootkits-Highly disappointed!

We recently reviewed Kaspersky's antivirus software engine for a potential client and were highly impressed. Kaspersky antivirus has a technologically superior antivirus engine compared to competitors such as Symantec

But even before we had stopped applauding Kaspersky for their superior antivirus software, we realized that Kaspersky antivirus had a rootkit that monitored the antivirus software user's activity and reported back to home base.

How utterly disappointing! How can an antivirus software major such as Kaspersky antivirus stoop to such ridiculous depths..

Post note:-Not surprisingly,Symantec antivirus has also been caught including a rootkit in their antivirus software - when caught , the Symantec spokesman call the rootkit a bug in the Symantec antivirus software- Wonder which is worse, having a rootkit in your antivirus software or having buggy antivirus? :-)

Do antivirus software companies create viruses?

Are antivirus software companies responsible for creating and spreading computer viruses?
I know this is a loaded controversial subject but I am sure this is perfectly true.

It is common knowledge in tech circles that some antivirus software companies hire ex-hackers ostensibly for ethical hacking- to check out the potential vulnerabilities of any system in advance.

But is that the only work the antivirus software companies use these hackers for? I strongly believe in the conspiracy theory that antivirus software companies are responsible for creating viruses in the first place.

These antivirus software companies use a simple marketing technique - create a fear psychosis and then make people pay for it! Anyone who has read Philip K Dick's 'Foster You are Dead' can definitely understand what game the antivirus software companies are playing!

Should you download Windows Defender?

The verdict on Microsoft's Windows Defender is clear- you need to download Windows Defender today.

Microsoft's Windows Defender is expected to address at some of the spyware and virus loopholes in the Windows operating system family. Though some (including me) would object to Microsoft releasing the Microsoft Windows Defender as a separate product, I am happy to get at least some security updates to the vulnerable Microsoft Windows operating system

Benchmarking tests for Microsoft Windows Defender :

I have downloaded Microsoft Windows Defender and run it on a Sony Vaio laptop running Windows XP Professional. As part of the benchmarking test with Microsoft Windows Defender,I have deliberately installed some spyware,complicated rootkits and good ol' viruses on the laptop.

Results of the benchmarking test for Microsoft Windows Defender: (Microsoft Windows Defender is still in Beta)

The antispyware benchmarking test had Microsoft Windows Defender doing almost as good as McAfee and Norton antivirus products. However, none of the products including Microsoft Windows Defender, McAfee and Norton antivirus did a good job of identifying the rootkits on the computer. In comparison, Kaspersky antivirus seemed to do a better job at at least identifying the rootkits on the benchmarking test.

A more complex benchmarking test spanning various Windows vulnerabilities will be done next week at a Fortune 50 client- I will let you know the results of the benchmarking test and how well Microsoft Windows Defender performed in comparison to the commercial Windows antispyware products

Download Windows Defender at http://www.microsoft.com/athome/security/spyware/software/default.mspx

Why does Norton antivirus make your PC a tortoise?

Norton antivirus is (in)famous for making your PC run (or rather crawl) like a tortoise. Why does Norton antivirus really consume so much disk space and memory?

I really fail to understand why Norton antivirus and to some extent McAfee antivirus software are such memory hoggers. I mean the antivirus logic is entirely heuristic based and uses standard registry entries to identify antivirus threats.

I can understand intention based antivirus software as being memory hoggers. But the intention based antivirus software I have reviewed consume less memory and even less disk space than commercial antivirus software such as Norton and McAfee antivirus software.

Onion routers- Tor onion routers-a solution to the unsecured internet?

An article evangelising the benefits of onion routers at http://www.tech2.com/india/topstuff/networking-tools-internet/anonymizing-the-net-the-onion-router/2268/0

However, the current use of onion routers is primarily as a gateway for hackers :-) I need real commercial support, funding and more research is needed to make the equivalent of onion Tor Networks used in the right way.

Onion Router

Onion routers are in the news again these days. While onion routers really help in developing secure networks- they also are misused by hackers all around the world.

As with any technology, if onion routers are used well, it could go a long way in developing a secure internet , but onion routers could also be an invitation for hackers to use the untraceable IP feature to hack other networks.

EMC data storage to buy Avamar Tech

EMC is rapidly expanding its offerings beyond data storage to include information security and data backup competencies.
Obviously, storage software, network data security and data recovery software services are growing way faster than the traditional physical data storage business of EMC and EMC, the data storage guys,want to rapidly get into this space.

Intention based antivirus software really works

One of my friends apparently works for a intention based antivirus software company (I am not mentioning the name of the company to make it clear that I am not simply promoting his intention based antivirus company)

According to him,intention based antivirus is a technology that even companies like McAfee and Symantec are researching. Intention based antivirus software will of course revolutionize the antivirus software industry. Imagine a antivirus detection and defence world with

• No frequent antivirus updates since the intention based antivirus technology does not need updates on new viruses,spyware

• No more clogging of bandwidth due to antivirus updates- again, since intention based antivirus does not need major corporate-wide antivirus updates every month

Intention based antivirus software is definitely here to stay-If intention based antivirus software is so easy to develop - why havent the major antivirus vendors such as McAfee and Symantec adopted the new technology?

Intention based antivirus

Intention based antivirus software definitely sounds cool- I definitely dont like the prospect of downloading antivirus software updates almost every day

In addition, I am obviously worried about some antivirus program installing their own rootkit on my machine!

My only question: When are McAfee and Norton antivirus software moving to an intention based antivirus algorithm? Silence? Hmm

Easy hack to speed up your Windows XP PC!

An easy way to speed up your Windows XP PC is to load your Windows kernel into your PC's RAM.

• The registry key to be modified to speed up your Windows XP PC is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\DisablePagingExecutive

• To speed up your Windows XP PC, set HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\DisablePagingExecutive to 1. This will disable the normal Windows XP paging logic that slows down your PC

• Who should use this technique to speed up your Windows XP PC : This Windows XP registry change should only be used for systems with 256MB or more of memory. Typically, this Windows XP hack to speed up your PC is only advised for systems with 512 MB of memory

Improve Windows XP boot time drastically!

Windows XP boot times can be improved drastically. You just need to tweak a Windows XP registry parameter.

Windows XP has a major drawback in taking a significant amount of time to boot. One option to speed up the boot time is to tweak the prefetching options in the Windows registry.

What is prefetching in Windows XP : Prefetching is caching of system boot files for faster loading. But Hey,the quantum of caching has a significant impact fon system boot time. By selecting the appropriate components for prefetching in Windows XP, the system boot time can be significantly improved

The Windows XP registry key to modify for enabling prefetching :- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\Prefetch Parameters\EnablePrefetcher

The options you can modify for this Windows XP registry key

1. Disable prefetching
2. Prefetch Application launch files
3. To Prefetch boot files
4. Prefetch as many files as possible.

What is pretexting? And why pretexting could lead to identity theft

• What is pretexting? Pretexting implies pretending to be someone else in order to access the private records of customers
• Why is pretexting dangerous? Pretexting is the prelude to identity theft that is nowadays practised not only by individuals but also organized crime
• What is the HP-Verizon pretexting controversy? HP hired investigators used pretexting by pretending to be telecom personnel and managed to get hold of the phone records of Verizon customers.The HP investigators used pretexting to attempt to solve the news leaks from the HP boardroom. As attorneys battle out this pretexting drama,the US Government and Congress have hopefully woken to the pretexting menace.

As you can see,pretexting is scary and Governments need to enact laws to punish pretexting and identity thefts and protect the rights of customers

'I know all about antivirus software!': The infamous Sony rootkit revisited

'I know all about antivirus software!': The infamous Sony rootkit revisited
Good article on rootkit detection. I particularly like the reviews of rootkit detection software.

Another valid question about rootkit: Why isnt the IT industry rising up in protect against rootkits - Why arent rootkits being eliminated while popups are treated like the anti-Christ.

The rootkits protection answer isnt far away - the so called protectors and industry leaders of the IT industry are themselves indulging in spreading their own rootkits. Nothing works like rootkits in intruding people privacy