Dr. Bill.TV #340 – Audio – “The Securify Edition!”

TrueCrypt Open Source disk-encryption project shuts down, Google is making it simpler to encrypt your email, Google Streaming Quality Test, GSotW: YAC (Yet Another Cleaner!) Durham, New Hampshire won’t pay ransomeware ransom! The Wild, Wild West!

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET

YAC (Yet Another Cleaner!)


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)
Streaming M4V Audio





Streaming MP3 Audio

Streaming Ogg Audio

Download M4V Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

Available on YouTube at: https://youtu.be/qno2qbMv3r8

Available on Vimeo at: https://vimeo.com/97690559


New Hamphire Town Held for Ransom by Ransomware

The security hits just keep on coming this week!

We ‘will be paying no ransom,’ vows town hit by Cryptowall ransom malware

Ars Technica – by Dan Goodin – The town manager of a hamlet in south eastern New Hampshire has defied demands that he pay a ransom to recover police department computer files taken hostage by Cryptowall, a newer piece of malware that encrypts hard drive contents of infected machines until victims pay for them to be decrypted.

‘Make no mistake, the Town of Durham will be paying no ransom,’ Town Manager Todd Selig was quoted as saying by CBS Boston news. Police department computers for the town of almost 15,000 residents were reportedly infected Thursday after an officer opened what appeared to be a legitimate file attachment to an e-mail. By Friday morning, widespread ‘issues’ were hitting the department computer network. It was shut down by noon that day to prevent the infection from spreading to other systems.

The game may be RIGged

YOU’RE INFECTED—IF YOU WANT TO SEE YOUR DATA AGAIN, PAY US $300 IN BITCOINS

Ransomware comes of age with unbreakable crypto, anonymous payments.

The department was reportedly hit by Cryptowall, a newer form of crypto malware that rivals the better known CryptoLocker. According to a blog post published Thursday by researchers from Cisco Systems, Cryptowall has been gaining ground since April, when it was folded into the RIG exploit kit, which is software sold in underground forums that automates computer scams and malware attacks for less technically knowledgeable criminals. Cisco’s Cloud Web Security service has been blocking requests tied to more than 90 infected Internet domains pushing Cryptowall scams to more than 17 percent of service customers.

Contrary to reports that the Durham Police Department infection was the result of a malicious e-mail attachment, the RIG-fueled attacks Cisco is blocking are the result of malicious advertisements served on scores of websites, including altervista.org, apps.facebook.com, www.theguardian.com, and ebay.in. The US is the country seeing the most infected ads, followed by the UK. So-called malvertising is a scourge that uses authentic-looking ads served over legitimate networks and sites to either trick end users into clicking on malicious links or to push attack code that exploits vulnerabilities to surreptitiously install malware.

‘Until May 22, RIG appears to have been making use of both newly registered domains and compromised legitimate sites to both host its landing pages and serve its exploits, all from paths ending in ‘proxy.php,” the Cisco blog post stated.

The rash of Cryptowall attacks came to light the same week that federal authorities seized a massive botnet used to spread CryptoLocker. The effects of Cryptowall on Durham were characterized as disruptive but not catastrophic.

‘The functions affected are the police e-mail system and word processing, as well as spreadsheets, Excel, and other administrative tasks,’ Selig said. ‘The crime records are not affected. We do back up all of our systems, so we will work to restore what may be lost.’

CryptoLocker underscored the importance not just of backups, but of so-called ‘cold’ backups that are done offline. Because CryptoLocker encrypted files on all accessible drives, it often overwrote backup files as well as original ones. In many cases, backups were intact only when they were stored in offline systems that were protected from the infected computers. The distinction could prove particularly important to Durham residents given the refusal to pay the ransom. According to Cisco, ransom demands sent to a test computer that was infected by Cryptowall were increased three times to $600, after which time the data would be irretrievable.

‘This threat should be taken seriously,’ Cisco researchers wrote. ‘Other ransomware has been known to make good on its warnings of data loss.’

Geek Software of the Week: YAC (Yet Another Cleaner!)

Yet Another Cleaner!The World Fastest & Lightest PC Cleaner. Don’t make Malware, Adware, Pushy software change your browser settings.

YAC (Yet Another Cleaner!)

YAC’S BROWSER TRACKING PROTECTION

‘YAC’s Browser Tracking Protection Is Currently Available for Large Daily Users to Stay in Control of Their Privacy As They Browse the Web.’

  • Discover All of the Trackers and Provide Complete Transparency & Control
  • Clear Browser History to Protect Your Privacy and Block All the Malicious Plug-Ins
  • Enable to Block Tracking Activity That You Do Not Trust and Allow the Ones That You Do

‘YAC’s Boosting Ball is a registry cleaner and PC speed optimizer.This product is a must have for PC users!’

  • Remove Junk Files and Update Your PC’s Drivers
  • Prevent Crashes & Freezes and Keep Your PC Fast & Stable
  • A Free Tool That Detects Errors Which Impact Your PC’s Performance

ONE-CLICK YAC’S MALWARE CLEANER

‘YAC’s Malware Cleaner is to Secure Your PC Against Viruses and Offer Users Premium Protection from Internet Threats.’

  • Detect and Remove Specific Malware from Your PC
  • Kill All Infected Running Processes & Delete All Infections from the Disk
  • A Handy and Efficient Malware Removal Tool for Windows Users”

Google Makes Email Encryption Easier

Google is making it simpler to encrypt your email to protect your privacy.

Making end-to-end encryption easier to use

Google Online Security Blog – “Your security online has always been a top priority for us, and we’re constantly working to make sure your data is safe. For example, Gmail supported HTTPS when it first launched and now always uses an encrypted connection when you check or send email in your browser. We warn people in Gmail and Chrome when we have reason to believe they’re being targeted by bad actors. We also alert you to malware and phishing when we find it.

Today, we’re adding to that list the alpha version of a new tool. It’s called End-to-End and it’s a Chrome extension intended for users who need additional security beyond what we already provide.

‘End-to-end’ encryption means data leaving your browser will be encrypted until the message’s intended recipient decrypts it, and that similarly encrypted messages sent to you will remain that way until you decrypt them in your browser.

While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and manual effort to use. To help make this kind of encryption a bit easier, we’re releasing code for a new Chrome extension that uses OpenPGP, an open standard supported by many existing encryption tools.

However, you won’t find the End-to-End extension in the Chrome Web Store quite yet; we’re just sharing the code today so that the community can test and evaluate it, helping us make sure that it’s as secure as it needs to be before people start relying on it. (And we mean it: our Vulnerability Reward Program offers financial awards for finding security bugs in Google code, including End-to-End.)

Once we feel that the extension is ready for primetime, we’ll make it available in the Chrome Web Store, and anyone will be able to use it to send and receive end-to-end encrypted emails through their existing web-based email provider.

We recognize that this sort of encryption will probably only be used for very sensitive messages or by those who need added protection. But we hope that the End-to-End extension will make it quicker and easier for people to get that extra layer of security should they need it.”

TrueCrypt Project Shuts Down!

Sometimes Open Source developers call it quits. It can be an issue, however, if the software is security based, and requires updates!

TrueCrypt Open-Source Disk-Encryption Project Shuts Down

eWeek – By Sean Michael Kerner – “Sometimes, when difficulties arise in an open-source project, the effort is forked, but in other cases, projects just shut down. For the open-source TrueCrypt disk-encryption project, the latter is now true as the project is shutting down and users are being warned that the technology is no longer secure.

The TrueCrypt project is hosted on the SourceForge open-source code repository, which posted an ominous warning May 28:’Using TrueCrypt is not secure as it may contain unfixed security issues.’

The project is now recommending that users migrate away from TrueCrypt to other disk-encryption technologies.

Frankly, I’m not too surprised. TrueCrypt was recently audited in a report by iSec Partners, and although the report did not find any obvious large security issues, it wasn’t exactly favorable, either.

‘Overall, the source code for both the bootloader and the Windows kernel driver did not meet expected standards for secure code,’ the iSec Partners report on TrueCrypt states. ‘This includes issues such as lack of comments, use of insecure or deprecated functions, inconsistent variable types and so forth.’

The iSec report goes on to note that there was no evidence of backdoors or otherwise intentionally malicious code in the assessed areas. However, the audit did find some vulnerabilities that, according to iSec, ‘all appear to be unintentional, introduced as the result of bugs rather than malice.’

The other challenge facing TrueCrypt is the simple fact that there are many other disk-encryption technologies now available. On Microsoft’s Windows operating system in particular, which was a key target platform for TrueCrypt, versions of Windows after Windows XP include support for Bitlocker, which performs a similar function. In addition, there are multiple file-encryption technologies available, including, FileVault for Mac, DiskCryptor for Windows and Luks for Linux.

The decision to end an open-source project is not uncommon, but declaring a project to be insecure, as is the case with TrueCrypt, is a cause for concern. No doubt, many thousands of users were caught off-guard by the project shutting down and the security warning message.

Rather than attempting to plug holes, TrueCrypt’s developers have chosen to throw in the towel. Thankfully, there are alternative choices for full-disk encryption, and there is a path forward for TrueCrypt users to secure themselves.”

Dr. Bill.TV #339 – Video – “The Everyone Has a New Version Edition!”

Linux Mint RC 17 is a long term support release, Apple announces OS X Yosemite, Google to deploy low-orbit satellites to provide WiFi, Google Android 4.5 Lollipop, a combination between Android and Chrome; Intel wants you to print your own robot!

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)
Streaming M4V Audio





Streaming MP3 Audio

Streaming Ogg Audio

Download M4V Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

Available on YouTube at: https://youtu.be/DrJBGGOo8wU

Available on Vimeo at: https://vimeo.com/97181167


Dr. Bill.TV #339 – Audio – “The Everyone Has a New Version Edition!”

Linux Mint RC 17 is a long term support release, Apple announces OS X Yosemite, Google to deploy low-orbit satellites to provide WiFi, Google Android 4.5 Lollipop, a combination between Android and Chrome; Intel wants you to print your own robot!

Links that pertain to this Netcast:

TechPodcasts Network

International Association of Internet Broadcasters

Blubrry Network

Dr. Bill Bailey.NET


Start the Video Netcast in the Blubrry Video Player above by
clicking on the “Play” Button in the center of the screen.

(Click on the buttons below to Stream the Netcast in your “format of choice”)
Streaming M4V Audio





Streaming MP3 Audio

Streaming Ogg Audio

Download M4V Download WebM Download MP3 Download Ogg
(Right-Click on any link above, and select “Save As…” to save the Netcast on your PC.)

Available on YouTube at: https://youtu.be/DrJBGGOo8wU

Available on Vimeo at: https://vimeo.com/97181167


Jimmy, Intel’s Open Source Robot, Can be 3D Printed at Home!

Intel's 'Jimmy'If you can download the templates, and print a robot on your new, fancy 3D printer, would you? Oh yeah! I would! (By the way, you can get a 3D printer from MonoPrice now!) Check it our HERE.

Intel Has A Crazy Plan To Let You Print Your Own Robot From Home

“Intel will have a open-source robot available for consumers by the end of the year, the company announced today during Re/Code’s tech conference.

It’ll be capable of a variety of things on its own. Intel futurist Brian David Johnson demoed his robot (named Jimmy), where it walked, talked, danced, and tweeted.

The robot is an open-source design, which means the plans will be freely available for people to build their own at home. (You’ll want a 3-D printer for this). You’ll be able to modify it as you see fit. The non-3D-printable parts — motors, processors, and the like — will be available for purchase as a kit from 21stCenturyRobot.com.

There will eventually be an app marketplace, something akin to Apple’s App Store, but for robots. ‘It’s like a smartphone with legs,’ said Johnson. ‘Your robot will be completely different from mine; you customize it and program the artificial intelligence, not by having a PhD in robotics, but by downloading apps.’

Jimmy can’t do much right now aside from the previously mentioned walking and dancing, but the important takeaway here is that this robot will represent a drastically reduced barrier for those wanting to enter robotics. The open source nature of the bot means people will continue to develop for it well after its release, and those developments can continue to be tweaked and modified by a community of hobbyists. Intel may very well be introducing the first humanoid robot you actually see in people’s homes.

Below is a quick video introduction to Jimmy, and below that is a presentation from 2013 (it starts around the seven minute mark) that shows Johnson speaking at length about robots in general and Jimmy in particular.”

Google Lollipop Has Been Announced!

All this candy! Man! Watch your blood sugar! I like a combo between Android and Chrome, though!

Google Android 4.5 Lollipop – A Combination Between Android and Chrome

LollipopThe Fuse Joplin – After the release of the 4.4 KitKat version, it took a while until all the devices were upgraded to this operating system, then minor updates were made, although the 4.4.3 never appeared and the fans are still waiting for its release. But Android 4.5 Lollipop is supposed to be revealed at the Google I/O event.

After the release of every Android version, Google made a lot of improvements and released many updates in order to solve the problems that occurred in the previous versions/operating systems. While the Android 3.0 was created especially for tablets, the 4.0 edition introduced innovative features, to make the user interface more coherent. The 4.4 version, on the other hand, solved some fragmentation problems.

But, according to Android Police, Google intends to improve its services and wants the users to have a better experience, by uniting these platforms – Search, Chrome and Android, in order to build an operating system that can operate on Android gadgets, but which can execute tasks for third parties applications and Google.

The current version of Android allows users to access applications snapshots, but through Hera, the “tasks” and will be done under Chromium – found on HTML5. If Google will make some changes and Android will come with this update for 4.5 or 5.0 Lollipop, it will be a major step.

It is a probability that Android 4.5 Lollipop will be revealed at the Google I/O Conference. The new version will offer support for the graphics chipset and processors found on Android phones and tablets, allowing them to function with extra Ram and advanced software drivers.

According to some speculations, 4.5 will be released in June, this year.”

1 129 130 131 132 133 394