Posts Tagged ‘pc’
Critical: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution
Those of you who are my PC security (Introduction to PC Security) students don’t have to worry about this because in the first few lessons of the course you’ve disabled this!
However, many of you have not taken the course so I thought it was wise to post this.
Oh, and by the MAC users, this affects you too if you are using the Microsoft Remote Desktop Connection Client to connect a MAC to a windows PC.
According to Microsoft’s Security Bulletin: MS09-044:
This security update resolves two privately reported vulnerabilities in Microsoft Remote Desktop Connection. The vulnerabilities could allow remote code execution if an attacker successfully convinced a user of Terminal Services to connect to a malicious RDP server or if a user visits a specially crafted Web site that exploits this vulnerability. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
There is also known issues after installing this update, so you may want to check the bulletin for a list of those.
I’ve been teaching the Introduction to PC Security course for over 5 years and from day 1 I’ve had the students disable this service! I wonder what else you’re missing?
No Comments »
Recycling an Old PC – Data Concerns
So, this holiday season you received a brand spanking new computer and it’s time to dispose of the old one.
You’ve heard the horror stories. Old PCs recycled with data still on the hard drive and the ensuing identity theft and credit card fraud that follows it. What’s the right way to remove data from a drive and guarantee your security?
First, let me say congratulations to you if you are reading this post! That means that you are actually concerned about your security and data and you are taking a proactive role in managing it!
Now, to answer the question.
How you choose to dispose of your old data depends upon how much you want to be involved with the process.
If you want to wipe the drive yourself, you will need to have a program that reformats the drive several times over and then writes Xs and/or Os across the drive rendering everything unreadable. This is actually the government standard for wiping drives.
Department of Defense 5220.22-M recommends overwriting the drive sectors three times with specific, different characters, which constitutes one pass. Many experts recommend seven such passes to render the data completely unrecoverable.
If you do not have any top secret documents or data that is highly confidential, you of course, do not need that high of a level of rewriting. But, you should do more than just reformat.
Note: Just reformatting the drive using an older Windows boot disk and the format function, will not remove all the data. The drive can still be read!
But there are some free and paid for solutions to help you.
First, there is Summit Computer Networks Hard Disk Scrubber. I have used this and found it very effective! It’s free, effective and overwrites with 1s and 0’s.
Next, there is Darik’s Boot And Nuke. It’s free to download, the program doesn’t hold you hostage until you buy, and it’s effective.
A recommendation from PC World – but I have my doubts and a few suspicions about it – is Active@ Kill Disk. I can’t put my finger on why this one makes me nervous, but it does. Maybe I might have tried it before? Not sure. But again, it’s free.
Some paid versions are Jerico’s BCWipe for Windows, Linux, and Unix. I tried the trial download once upon a time, and if I remember correctly, this one didn’t do much unless you purchased the product. So it was very hard to evaluate it without putting up the cash to test it properly.
This paid version by White Canyon Software called WipeDrive5 has an impressive list of customers scrolling on the left! Although I’ve never used it, for $39.95 it’s not a bad price considering the list of customers they are claiming to use it! There are also several licensing options available if you are a techie or in the business of wiping drives.
Now, there’s another couple of options you have that do not include wiping the drive yourself.
If you are handy with tools, open the case and remove the hard drive before you recycle the unit.
From there, you can also open the the hard drive, remove the actual hard disk inside and have that destroyed by someone that has a metal cutter. If the metal saw or cutter is strong enough, you can actually slice through the entire drive without removing the hard disk. (Done that!)
But keep in mind, this should be done by a professional. A friend of mine owns a factory with this type of equipment and you must wear safety goggles and operate the machinery appropriately. This is not a solution for the average person!
You can also remove the drive and ship it to us for destruction. We will send you a written guarantee that we have wiped or destroyed the drive according to government standards. The service is free unless you want the drive back wiped. There is a $50 charge for that service.
You can ship it to us at our snail mail address available on our Contact Page.
We have wiped drives successfully for our clients including private individuals, law firms, doctors offices, and construction companies, to name a few.
But whatever road you take, be sure that the drive is completely erased and unreadable before you recycle it. You may have forgotten that you had written letters to your insurance company or credit bureau that contains sensitive and personally identifying information!
No Comments »
Recycling Rules
Toward the end of last year, we saw global warming take a big hit due to climate gate – the leak – by a hacker – of damaging e-mails exchanged by supposed global warming experts.
As we enter 2010, I’d like to remind all of us that we still need to take care of mother earth – climate gate or not.
I will not engage in a political debate about how politicians and public figures promote the need for environmental laws while standing to profit extensively from such laws. The information is on the Internet and you can do the research yourself.
In my office I have a box for recycling. Inside the box is also a large brown paper grocery bag. Old magazines and junk mail with mailing labels removed go in the bag, as well as unimportant papers and post-it notes with non-confidential info on them are deposited in the bag. All of my shredded papers (cross-cut and diamond cut, of course!) are also placed there for recycling.
If I happen to eat lunch at my desk, the soiled paper plate or napkins DO NOT go in the recycling bin – they are placed in the trash bag.
Why do I mention something that sounds like common sense? A recent article I read in the Northwest Herald – our local newspaper – tells the story from the recyclers view and the companies are still having issues with people putting waste into the recycling bins.
Read More: Northwest Herald | Recycling rules.
One of the more confusing issues of recycling is what kind of plastic is recyclable? We’ve all seen the numbers on plastic bottles and on plastic electronic parts – but do you know what they mean?
#1 PET(E) – Polyethylene terephthalate: Soda and water bottles.
#2 HDPE – High-density polyethylene: Containers for laundry detergent, milk, shampoo.
#3 PVC or V – Polyvinyl chloride: Chemical, cooking oil containers.
#4 LDPE – Low-density polyethylene: Lids, caps, six-pack rings.
#5 PP – Polypropylene: Food storage, yogurt, and butter containers.
#6 PS – Polystyrene: Coffee cups, disposable cutlery, meat trays.
#7 OTHER – Made of a combination of No. 1 through 6 or another less common plastic.
Sources: Society of the Plastics industry and Waste Management.
Unacceptable items are usually batteries, wire, Styrofoam, foam, packing peanuts, clothes hangers, toys, paint cans and household chemicals, cooking utensils and appliances, holiday lights, and light bulbs in general.
Keep in mind that you should recycle your batteries. All of them! Major retail locations that sell electronic equipment like cell phones and computers will usually have bins between the two double doors at the entry. Here you can place your cell phone batteries and other items for recycling. Best Buy is one of these locations. Check the front entry the next time you visit and make a note of what they take. I have a special battery recycling box in my office. I store them until I know I am making a trip over there and then take them all at once.
And don’t throw away your old ink and toner cartridges either! Some office supply locations will refill them – depending upon the brand – and others, like Office Max will give you a coupon for turning them in that can be used for your purchase.
Additionally, many of the local non-profits in your area may have free mail-in envelopes to send in your ink and toner cartridges and the non-profit benefits. I pick these up in our area at the local PetSmart and it helps support the pet shelters. So, not only are you environmentally friendly, your helping support a charity!
There are also companies that recycle CDs. But remember, if you are recycling an old archive of your e-mail or hard disk backups, you need to either scratch it up with a nail or other pointed surface to make it unreadable, or get a shredder that shreds them.
DO NOT try to break them yourself. The method in which the CDs shatter can be extremely dangerous to your eyes and body.
And remember, when recycling your old PC equipment, make sure you wipe the hard drive completely. I’ll be covering that method in the blog post for tomorrow. But keep in mind that just reformatting is not enough. The drive can still be read unless you follow a special process.
That being said, make a commitment this new year to help protect mother earth without the politics. It’s just the smart human thing to do!
No Comments »
 |
 |
 |
|
||
 |
|
 |
|
||
