December security and privacy roundup

Estimated reading time: 4 minutes.

Security and privacy stories making the rounds in December…

Aethra modem botnet

In February I wrote about hack attempts on several of my WordPress sites. Most of those attacks originated in Italy, from Aethra modems provided by Italian service provider Albacom. At the time, I tried to contact Albacom and its new owner, BT Italy, with no success. Apparently I wasn’t the only person who noticed. The people who make Wordfence, an extremely useful security plugin for WordPress, recently reported on the efforts of a Voidsec security researcher to track down and report the problem.

Nemesis malware worse than ever

A particularly nasty piece of malware called Nemesis now has the ability to insert part of itself in the boot process of a PC, making it even more difficult to detect and remove. Luckily for regular folks, Nemesis mostly seems to be targeting financial institutions. On second thought, there’s nothing lucky about that.

Linux computers increasingly targeted – and vulnerable

It’s becoming clear that Linux computers can be just as vulnerable as computers running Windows: a single, unpatched application vulnerability can be all that’s required for attackers to gain complete control. Hacking groups are acting quickly when new vulnerabilities are revealed, and have been adding exposed Linux servers to their botnets at an alarming rate.

Mysterious attack on root DNS servers

In early December, most of the Internet’s core name servers were briefly flooded with requests from all over the net; the requests were all related to two specific (and undisclosed) domain names. It’s still not clear who perpetrated the attack, and no real damage was done, since the servers involved absorbed the traffic relatively easily.

Help for securing routers

The US-CERT security organization posted a useful guide for securing home routers. The guide necessarily gets into technical details, but anyone who is interested in keeping their home network secure – and has access to their router’s configuration – should give it a look.

Oracle spanked by the US FTC for its deceptive practices

Oracle has done a terrible job of informing Java users of the dangers of leaving old versions of Java installed. Worse, Java installation software is traditionally not very good at detecting and removing older Java installs. The FTC finally noticed, calling Oracle’s practices a “deceptive act or process” in violation of the Federal Trade Commission Act. In response, Oracle has posted a Java uninstall tool on its web site. To be fair, the newer Java runtime installers now also look for older versions and offer to uninstall them, so they are making progress.

A rational response to claims that encryption is somehow bad

You’ve no doubt noticed elected officials in various countries claiming that smartphone encryption is making police work more difficult. They often use the catchphrase ‘going dark’ and invoke ‘terrorism’ to scare people into believing their BS. There’s a post over on Techdirt that exposes the lunacy of these ‘going dark’ claims.

Panopticlick – is your browser keeping your activity private?

The Electronic Freedom Foundation (EFF) created a web-based tool that analyzes your web browser and lets you know how well it protects you against online tracking technologies. It’s a handy way to make sure that the browser you’re using is keeping your activity as private as you think it is. Keep in mind that a lot of web sites (including this one) use tracking technologies for legitimate reasons, such as counting the number of visits. To learn more, check out this helpful post over on the PixelPrivacy site that explains browser fingerprinting.

Security practices of some service providers still terrible

Brian Krebs recently reported that his PayPal account was hacked. During his subsequent investigation, he discovered that PayPal handed his credentials to someone impersonating him on the phone. PayPal’s responses to Krebs’ criticisms don’t exactly inspire confidence. Krebs says “the successful takeover of the account speaks volumes about why most organizations — including many financial institutions — remain woefully behind the times in authenticating their customers and staying ahead of identity thieves.”

About jrivett

Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

Leave a Reply