Me 30 plus years ago...OMG!!!

A little over a year ago I posted this on my Yahoo 360 blog...we were out an about in Heidelberg and were heading into old town, and my best side(not) was photographed. The bigger version of this you can tell the guy on the corner looking at me was definitely staring.
I remember the African American (right side of picture - yes he was American, the town was HQ for a lot of US Military at the time) said something typical of late 1970's like hey pretty mama or something like that and i blushed (i used to do that pretty easy).
When I came back from Germany, all my stuff which I shipped in this big steamer trunk (it weighted about 170 pounds loaded). The trunk was missing for weeks and finally they called to have me come pick it up, and it was all smashed in and the lock broken and stuff missing...a tweed coat with fur collar, my wine glasses, some mugs i had bought, stuff for my family, my albums, and almost all my photographs. i have one little green album that I had in my suitcase (where this picture was). I lived there almost 2 years, and about a dozen pictures to show for it...what a bummer..i just hope the karma for stealing my stuff catches up with somebody.

Ruthless, unconventional foes are not new to the United States of America.

Ruthless, unconventional foes are not new to the United States of America. More than two hundred years ago the newly established United States made its first attempt to fight an overseas battle to protect its private citizens by building an international coalition against an unconventional enemy. Then the enemies were pirates and piracy. The focus of the United States and a proposed international coalition was the Barbary Pirates of North Africa.

Pirate ships and crews from the North African states of Tripoli, Tunis, Morocco, and Algiers (the Barbary Coast) were the scourge of the Mediterranean. Capturing merchant ships and holding their crews for ransom provided the rulers of these nations with wealth and naval power.

When Jefferson became president in 1801 he refused to accede to Tripoli's demands for an immediate payment of $225,000 and an annual payment of $25,000. The pasha of Tripoli then declared war on the United States. President Jefferson dispatched a squadron of naval vessels to the Mediterranean. As he declared in his first annual message to Congress: "To this state of general peace with which we have been blessed, one only exception exists. Tripoli, the least considerable of the Barbary States, had come forward with demands unfounded either in right or in compact, and had permitted itself to denounce war, on our failure to comply before a given day. The style of the demand admitted but one answer. I sent a small squadron of frigates into the Mediterranean. . . ."

The humiliating loss of the frigate Philadelphia and the capture of her captain and crew in Tripoli in 1803, criticism from his political opponents, and even opposition within his own cabinet did not deter Jefferson from his chosen course during four years of war. The aggressive action of Commodore Edward Preble (1803-4) forced Morocco out of the fight and his five bombardments of Tripoli restored some order to the Mediterranean. However, it was not until 1805, when an American fleet under Commodore John Rogers and a land force raised by an American naval agent to the Barbary powers, Captain William Eaton, threatened to capture Tripoli and install the brother of Tripoli's pasha on the throne, that a treaty brought an end to the hostilities. In fact, naval victories by Commodores William Bainbridge and Stephen Decatur led to treaties ending all tribute payments by the United States.

3 Somali pirates killed, U.S. sea captain rescued

Capt. Richard Phillips, taken hostage Wednesday, was unharmed in the rescue off the coast of Somalia, the Pentagon says.

By Josh Meyer
11:32 AM PDT, April 12, 2009

Reporting from Washington -- U.S. Navy forces today freed an American sea captain being held by pirates off the coast of Somalia, killing three pirates and taking a fourth into custody in the process, the Pentagon confirmed. The captain was unharmed in the rescue.
^^^^^^^^^^^^^^^^^^^^^^^^^

BBC World News

An unnamed US official told the Associated Press news agency that Capt Phillips was freed in what appeared to be a swift firefight.

Reports say he jumped overboard for a second time, and the pirates were shot and killed by US Navy SEALS ( Naval Commandos) before they could take action to get him back.

PC Security- more about Conficker

From PC World

Conficker's first scam revealed

The new Conficker has also started to exhibit signs of traditional malware. Using one of the oldest tricks in the book, called scareware, the new Conficker C downloads a fake antivirus program called Spyware Protect 2009 (pictured). (F-Secure says it's called Spyware Guard 2008. )The fake program then delivers a pop-up message telling you that your computer is infected, but for only $49.95 the fake antivirus program can remove the malware. You are then directed to a bogus website where you unwittingly enter all your credit card information and then the criminals are laughing all the way to the bank -- your bank, that is. The scareware scam seems to be coming from a server in the Ukraine, according to the Washington Post.

Conficker: Spambot in disguise?

Conficker, being a tricky little piece of programming, seems to be connected in some way to the Waledac worm -- and Waledac itself is considered to be an update of the Storm Worm. There is no consensus about what Conficker is actually doing, but according to the security firm F-Secure, Conficker is going to a domain known to be associated with Waledac and actually downloading the Waledac worm. Trend Micro, meanwhile, says Conficker is downloading some code from the Waledac domain, but the security firm wants to do further studies before confirming a Conficker-Waledac connection. However, Trend Micro suggests that Conficker may be getting ready to work as a large-scale spamming botnet, a known function of the Waledac worm.

Conficker: More than meets the eye

Apparently the new Conficker has more tricks up its sleeve that researchers have yet to uncover. While security teams try to uncover all of Conficker's latest tricks and tweaks, they do know that Conficker is awake and the worm's authors are beginning to use Conficker-infected machines to make money. Just how far this will go is unknown at the moment.

Where do we go from here?

As security researchers begin to unravel the mysteries surrounding the latest version of Conficker, you can protect yourself from the worm by first testing your system for infection and then by making sure you have the latest Microsoft Security patches and that your antivirus program is up to date. The Conficker Working Group has a simple test to see if you're infected with Conficker.

[Canice Note: I don't care what antivirus you use, the important thing is to use something reputable...these scammers make me sick. Here are the latest ratings of computer security suites :

Some other tools that are FREE include  AVG Anti-Virus Free Edition     Avira AntiVir Personal - Free Antivirus   Be safe online!!!

If you're prepared to buy a security suite, here is the order they were rated in for 2009: Bit Defender Internet Security McAfee Trend Micro Internet Security 2009 Kaspersky Check Point ZoneAlarm Internet Security Suite   Norton Internet Security Windows OneCare Live F-Secure Internet Security Avira AntiVir Personal Edition (free)   These bring up the bottom of the list: CA Internet Security PC Tools Internet Security

 

Conficker propagates Scareware

Conficker Shows Its Colors, Installs Rogue Anti-virus

By Erik Larkin

timestamp(1239384600000,'longDateTime') Apr 10, 2009 10:30 am

We knew it would try to make a buck somehow, but until now Conficker hasn't done much beyond spread and update. That changed yesterday, when the worm began installing a rogue anti virus app called SpywareProtect2009 on infected machines.

A Kaspersky researcher reports that the worm began using its peer-to-peer functionality yesterday to pull down new files, including updates and the fake security program. The fake app goes with the usual scareware tactics of identifying threats on the computer (ironically true in this case) and offering to clean the PC for $49.95.

The scareware tactic makes big money for online scammers, and I've talked to some experts who guessed Conficker might take this step. In addition to the scareware download, Conficker is also pulling down an update for a .E variant that will once again allow the worm to spread using a Microsoft vulnerability (MS08-067), and will also attempt to stop more existing programs and block attempts to reach additional domains (see the full list of messed-with processes and domains from Sophos).

The new update also adds an interesting new self-destruct mechanism to automatically delete itself after May 3rd, 2009. A Microsoft Malware Protection Center blog post has a good list of the new .E variant changes, and the Today @ PC World blog lists some new clues that might point to its creators.

If you see a scareware pop-up or other indicator on your PC, it's important to know whether it's from a relatively harmless visit to a Web site, or whether it 's from an existing malware infection like Conficker. This story can help you tell which is which. And for a quick and easy way to tell if you're infected with Conficker, use the Conficker Working Group's Eye Chart.

The eye chart will retrieve specific images from sites known to be blocked by Conficker.

I tried it and found my machines clean:

If you see this above:	It probably means this:
	= Normal/Not Infected by Conficker (or using proxy)

Cybersecurity

For several years while working as a information systems security analyst, and later as associate information security officer for a large organization, I would read vast volumes of data collected by the General Accountability Office lamenting the fact that our national infrastructure was vulnerable to cyber attack. See the GAO report on Critical infrastructure...

http://www.gao.gov/new.items/d05434.pdf

 

The Pentagon and CIA were well aware of the implications such an attack could have on the USA, and set about developing hardened networks to resist attempts to seize control of military and government systems.

However, private industry and publicly funded utilities have always lagged in hardening their infrastructure. It wasn't until after the Department of Homeland Security was formed that such items as detailed maps of the nations fuel pipelines were classified secret, and removed from the internet. Today such maps are still available, but in general terms, without the details required to perpetrate something bad. And if the latest news is accurate, then there are still major weaknesses in securing the power grid. Most utilities use computer controls in what is defined as a SCADA system, which stands for Supervisory Control And Data Acquisition. It generally refers to an industrial control system: a computer system monitoring and controlling a process. The process can be industrial, infrastructure or a facility, like a power plant. This is the danger of what was reported in the news, the infiltrator could commandeer the system, giving commands to power down turbines, open dam spill gates, etc, disrupting the flow of electrical energy, water, and fuels.

So this weeks announcement that Russian and Chinese hackers had infiltrated the electric grids is nothing surprising to me, in fact that seems like old news.

The Chinese military have established whole units specifically dedicated to using cyber technology as a warfare tool, with the strategy laid out in a book written by two Peoples Liberation Army colonels in the late 1990's!

In an article in DefenseTech.org web site, China's Cyber Forces, it is stated "China has a significant cyber weapons and intelligence infrastructure in place today. What is alarming is not only do they have the intent, but they have the money. Beijing has the world's second or third largest defense budget depending on where you look for the numbers. Their military budget has been on the rise at 10 percent or more a year for over a decade. This, as well as the attacks, are evidenced by their cyber operational ability to scan, acquire nodes for their growing botnet as well as the continued sophisticated assaults on defense information systems in the US, Germany, UK and India. In addition, in April 2007, Sami Saydjari, who has worked on cyber defense systems for the Pentagon since the 1980s, told Congress: "The situation is grave, with nation-states such as China developing serious offensive capabilities."

It wasn't that long ago that news of phony Cisco routers was discovered by the FBI - In 2008 the major IT security news was "Under a section titled “The Threat,” the FBI described the effort [Operation Cisco Raider] as “IT subversion/supply chain attack” that could “cause immediate or premature system failure during usage.”

The counterfeit equipment also could be used to “gain access to otherwise secure systems” and to “weaken cryptographic systems.”

Knowing this has made me wonder (often, and angrily) why the US Government approved the sale by IBM of their PC and laptop manufacturing to Lenovo of China in 2004.

"This acquisition will allow Chinese industry to make significant inroads on its path to globalization," Lenovo chairman Liu Chuanzhi said at a news conference. "It has changed the structure of the global PC manufacturing business."

Lenovo will take over IBM's desktop PC business, including research, development and manufacturing for $1.25 billion in cash and shares, while IBM will retain a 18.9 percent stake, Liu said."

Considering all of this, there may well be a "trojan horse" in every computer and networking component from China. That was the case in at least some of the fake routers. (Note to self, never buy a Chinese made computer)

Interesting fun web sites

magmypic.com:

Create Fake Magazine Covers with your own picture at MagMyPic.com