Lacking any other article added the past year, the OpenPGP key has yet again been updated, this time for 2009 . This now has the following key data

pub 4096R/6B0B9508 created: 2005-02-21 expires: never usage: SC
sub 4096g/9888FB03 created: 2005-02-21 expired: 2005-12-31 usage: E
sub 4096g/DC95F9F6 created: 2005-11-09 expired: 2006-12-30 usage: E
sub 4096g/FD83BAC5 created: 2006-11-01 expired: 2007-12-29 usage: E
sub 4096g/2BCE5B4B created: 2007-10-07 expires: 2008-12-30 usage: E
sub 4096g/18C0B580 created: 2008-10-27 expires: 2009-12-30 usage: E

Add to your LinkedIN.com network?

In preparation for 2008 a new encryption subkey has been added to my PGP key 0x6b0b9508. This now has the following key data

pub 4096R/6B0B9508 created: 2005-02-21 expires: never usage: CS
Primary key fingerprint: 65F1 73BE C045 0DA0 7A58 6197 16E0 CF8D 6B0B 9508
sub 4096g/9888FB03 created: 2005-02-21 expires: 2005-12-31 usage: E
sub 4096g/DC95F9F6 created: 2005-11-09 expires: 2006-12-30 usage: E
sub 4096g/FD83BAC5 created: 2006-11-01 expires: 2007-12-29 usage: E
sub 4096g/2BCE5B4B created: 2007-10-07 expires: 2008-12-30 usage: E

The updated key is available on the public keyservers ( www.sks-keyservers.net )

Add to your LinkedIN.com network?

Backups are vital to sustainable behavior, yet a scary majority fail to maintain proper backups.

Perhaps you know that sinking feeling when a single keystroke accidentally destroys hours of work. Now imagine wiping out a disk drive containing an account worth $38 billion.

There have been similar situations before, and I've mentioned it here at e.g. www.kfwebs.net

Hopefully they haven't done the same as in August 2001 there was full chaos for nearly two weeks after the storage solution messed up, or rather, a human working on it did while they were installing new Hard Disk drives and got ready to format the new drives. The only problem was that they ran it on the operational drives instead of the new ones.

The difference, however, starts at "and mistakenly reformatted the backup drive, as well.". Ok, so this still shouldn't be an issue, right? because there are obviously offline backups for this kind of information: "There was still hope, until the department discovered its third line of defense, backup tapes, were unreadable."

If you haven't slapped your forehead already, this is the time to do so. The full story can be read at www.msnbc.msn.com , and folks: remember to back up your data.

Add to your LinkedIN.com network?

As a result of Registerfly loosing ICANN accreditation, ICANN directed Registerfly — between now and March 31st — to unlock all domain names and provide all necessary authorization codes to allow domains to be transferred to other registrars.

At which point current customers of registerfly will have to move to another domain registrar.

People wanting to transfer their domain to KF Webs sibling site www.passive12.net can do so at www.passive12.net . New customers are always welcome.

Add to your LinkedIN.com network?

A chain is only as strong as its weakest link. When it come down to it, the weakest link in security is often men itself.

This was recently experienced by ABN Amro bank in Antwerp's diamond quarter where a thief has evaded one of the world's most expensive hi-tech security systems, and made off with €21m (£14.5m) worth of diamonds - thanks to a secret weapon rarely used on bank staff: personal charm.

The phenomenon in question is commonly known as Social Engineering and this example out of many shows that human behaviour often understate the threat in order to satisfy their own safety needs. However, often falsely. One example is purchasing an expensive pick-proof lock at your home door, and thereby feeling comfortable that you have made the home safer for your family and yourself. However, the windows are still just as easy to break through.

In this case it was not only a pick-proof lock, but a security system costing more than €1m. The lesson, he [Philip Claes, spokesman for the Diamond High Council in Antwerp] said, was that "despite all the efforts one makes in investing in security, when a human error is made nothing can help".

Read more at news.independent.co.uk

Add to your LinkedIN.com network?

Former CEO Kevin Medina has regained control of the domain name registrar, Registerfly, which has less than a week to straighten out accounts with ICANN

Naruszewicz, one of the two who had fired Medina and taken control of the company, doesn't plan to appeal the judge's decision. "We lost and it's all over," he says. "The company will implode in days and 1 million domain names are going to be lost. It's a damned shame."
( www.businessweek.com )

According to Business Week, about 75,000 Registerfly customers have lost access to their Web sites. This seems to confirm rumors that a significant amount of customer data kept on Registerfly servers has been corrupted and lost leaving Registerfly management scrambling to find a way to get it back. However it has been reported that ICANN is possession of a vast amount of registrant data. If true, that's at least some good news for Registerfly customers.

Some customers may be experiencing difficulties in transferring their name because they are not listed as the registrant, but instead have opted to use a privacy service. In discussions with ICANN today RegisterFly agreed to assist people in those circumstances and will provide customer data to eNom from Monday 12 March. This means that eNom should be able to facilitate transfers from RegisterFly (as reseller) to another registrar of the customer's choice.
( www.domaininformer.com )

If you yourself want to transfer the domain name away, we provide domain registration services at our sibling site www.passive12.net

Add to your LinkedIN.com network?

Despite (or maybe because?) not having a first life, lately I've been trying out Second Life ( www.secondlife.com ) .

Now, most that knows me knows I'm not much of a gamer, but what got me interested in SecondLife was the business aspects of it.

Second Life is a 3-D virtual world entirely built and owned by its residents. Since opening to the public in 2003, it has grown explosively and today is inhabited by a total of 3,441,814 people from around the globe.

* The Marketplace currently supports millions of US dollars in monthly transactions. This commerce is handled with the in-world unit-of-trade, the Linden dollar, which can be converted to US dollars at several thriving online Linden Dollar exchanges.

There are 1465 chars more to read in this posting

Add to your LinkedIN.com network?

Earlier today it got known that at least 250 customers of the banking groups Sparebank 1, Nordea, DNB Nor and Skandiabanken have gotten their bank accounts emptied after having been infected by trojan horses. Most of them from Nordea.

My first thought was, but why isn't there any random token authentication to protect against Trojans as well as phishing. But the more I thought about it, the more clear it got to me that I would rather just monitor the activity of the customer, wait until the user him/her-self logged in and then capture the computer, do the necessary transfers, change the password and log out, while the user only thought there was a lag in the system by forcing up another window.

Which brings us back to the root cause of the problem, the users. Albert Einstein is often attributed the quote "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former." and indeed, security is too often merely an illusion, an illusion sometimes made even worse when gullibility, naivete, or ignorance come into play.

I really hope the banks doesn't take full responsibility for this, as it will only result in higher prices for users that actually bother to protect themselves.

And for crying out loud, learn how to protect your computer, or don't use it at all. The last time something similar happened, a vulnerability that was fixed by Microsoft in April got used, so the users had more than half a year to upgrade the systems, yet didn't.

More about protecting your computer can be read at www.secure-my-internet.com

Update: 20:37
As more information get out, it is actually getting clearer that a proper Random Token Generator, e.g. from RSA would have gotten around this issue, a method used by quite a number of other internet banks.

Update: 2007-01-20 14:24
An important thing with regards to the random token generator would be for it to be required to perform the transactions themselves as well, not only logins, as we would be back to the monitoring and hijacking of session again. But even here, as long as the clients computer is infected it would be possible to hide the transactions from the display, it would just require some more work. So please, keep your system updated.

Add to your LinkedIN.com network?

Apple announced iPhone ( www.apple.com ) during the keynote speech this year. "iPhone combines three products — a revolutionary mobile phone, a widescreen iPod with touch controls, and a breakthrough Internet communications device with desktop-class email, web browsing, maps, and searching — into one small and lightweight handheld device."

As I already had loaded a recent zonefile ( www.kfwebs.net ) I went ahead and looked at the domain names registered in the COM zonefile for iPhone, and although some were registered before the lauch, as iPhone as a term has been used before, many are registered around the 9th of january. 2,376 .com domain names starts with the phrase iphone, and 4,793 includes the term somewhere in the name at all.

Randomly selecting 15 entries from the 2,376 domains prefixed with iphone gives
+-------------------+
| domain |
+-------------------+
| IPHONEFLICK |
| IPHONEINTEGRATION |
| IPHONEVIDEOADS |
| IPHONEUPDATE |
| IPHONEPACKAGES |
| IPHONEMP3SHARING |
| IPHONE-4-U |
| IPHONEWEBBLOG |
| IPHONEADD-ONS |
| IPHONEMAGAZINE |
| IPHONEMEDICS |
| IPHONEMASTER |
| IPHONEINFORMATION |
| IPHONEBATTERY |
| IPHONERETAILERS |
+-------------------+

Is there any other product or event that you would like to get some statistics on? Please let me know: www.kfwebs.net

Add to your LinkedIN.com network?

Apparently the non-news that David Beckham confirmed a move from Real Madrid to the American Major League Soccer team LA Galaxy ( football.guardian.co.uk ) has made some impact around the world, as Beckham has become quite a trademark over the years. According to The Daily Mail he can even end up owning his own Major Leage Soccer team at the end of the contract ( www.dailymail.co.uk )

Starting with the deal itself being exceptional in the context of American soccer, valued at nearly 50 million USD a year over five years, it also has effects for other sectors.

Domain registrations is one of them. The domain name davidbeckhamgalaxy.com got registered very quickly the 11th of January, by an american. A Brit later grabbed every combination of "beckham" and "galaxy" he could think of.

Being a domain registrar myself as well as having performed some COM analyses before this cought my interest too. Tthe latest in-depth look I had at the com zonefile was an analysis in April 2006 ( www.kfwebs.net ). So I went head and downloaded the COM zonefile as of 12th of January from the FTP server and loaded it into a DataBase Management System (DBMS).

There are 1778 chars more to read in this posting

Add to your LinkedIN.com network?

I came across an interesting posting today. Thinking about it I would probably have scanned the original contract myself and commented on a copy, but then again, this was given at a stage for review, not of completion so I would probably have expected a fresh copy to be signed.

That said, it is a fairly interesting read that can be found at thedailywtf.com

It all began on the first interview, the moment I entered their building. I was asked to sign a four-page Non-Disclosure Agreement and was sternly warned that no recording devices of any kind were allowed in the building. It didn't seem that unheard of, so I assured them that I had no intention of recording the interview and signed the agreement, thereby swearing on my life that I would never describe to another living soul what I saw on the premises that day. To this day, I cannot reveal which motivational poster I saw framed in the only room I was allowed to see: the conference room off the entrance.

At the end of the second interview they handed me a 14 page contract, a mere review copy of their standard Employee Agreement.....Another week passed and I was back in their conference room, ready to discuss the Employee Agreement.....Before I could finish the question, the VP suddenly froze and starred stunned by my copy of their Sacred Contract.

He saw my pencil marks on the page, where I underlined the two conflicting sections. He snatched the document out of my hand and glared at the pencil markings. He flipped from page and to page, and to his disgust he found MORE PENCIL MARKS! Not just in the margins, but on the words themselves! Pencil marks! There were ugly questions marks, lines, arrows, and circles around words; it was appalling to him! He looked up from the paper and gave me stare of utter sadness and betrayal.

"You ... altered The Contract" he mumbled.

Add to your LinkedIN.com network?

Earlier ( www.kfwebs.net ) I wrote about how the lack of user interest in security resulted in computers getting hijacked with a trojan horse, getting used to perform financial transactions while the users were logged into their internet bank account.

Now I want to present a fairly recent example of google's mail service, gmail, getting targeted.

The google help pages states: "If you're not able to locate a message in your Inbox, Sent Mail, All Mail, or Trash, it's been permanently removed from your Gmail account. Unfortunately, we're unable to recover messages or Contact entries that have been deleted from your account.

If you're concerned that someone may have gained access to your account, we suggest that you take the following measures: " at mail.google.com

And this is exactly what happened to many in the newsgroup thread groups.google.com

"Found my account clean..nothing in Inbox, contacts ,sent mail..How can all these information residing in different folders disappear?"

As it turns out, the cause is most likely an insecure system, that was attacked either through a trojan horse or a cross-site scripting attack. Suspicions are that it is related to an error in Firefox 2.0 (not updated to 2.0.0.1) that can be read about at nvd.nist.gov . This error states "Mozilla Firefox 2.0 before 2.0.0.1 allows remote attackers to bypass Cross-Site Scripting (XSS) protection via vectors related to a Function.prototype regression error."

Later discussions has lead to requests for a backup routine in gmail, and that google should take responsibility for backing up these user's email. The thing is, users already have a way of backing up the emails, as gmail permits POP access to the account.

This is solely the user's responsibility:
1) It was the users' computer that got compromised, so google had no way of knowing whether this was the user or an attack.
2) the users already had method available to make backups of the data.
3) The users had not performed such backups

At the same time, please read up on how to secure the communication done with emails at www.secure-my-email.com , adding digital signatures and encrypting the content.

Add to your LinkedIN.com network?

Recently several people have found their bank accounts tapped for reserves after the customer has logged into the Internet bank for seemingly trivial matters.

Looking further at the matter it turned out that this was a result of Trojan horses (variant of worms/viruses) installed on the user's computer. This allowed the attacker to monitor the computer and act when the users themselves had logged into the Internet bank, instead of trying to attack the Internet bank itself or using phishing methods to gain credentials.

The security of Norwegian Internet banks are in themselves very secure, for one thing the banks generally depend on some random token authentication that is difficult to lure from the customer., and as such it has brought forth alternative routes of attacks.

The attacks were detected by four different banks in Norway, and three quarters of them were stopped before the transactions were completed (cudos to the users that reacted when the cursor started moving around and doing actions not issued by the user itself and logged off before calling the bank)

But this once again brings up the importance of securing not only servers, but also clients, and the point of user accountability. The bank has no liability in this case, as it, from the bank's perspective just as well could've been the customer that issued mere 2,000 USD transactions. Of course, it will try to help the customer and trace the money still.

A chain is only as strong as its weakest link. When it come down to it, the weakest link in security is often men itself. Security is too often merely an illusion, an illusion sometimes made even worse when gullibility, naivete, or ignorance come into play. Albert Einstein is quoted as saying: "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former." ( www.secure-my-internet.com )

So install antivirus scanners, install anti-spyware applications, look into alternative browsers such as Mozilla's Firefox instead of using Internet Explorer, and last but not least always think of security implications.

Read more at www.secure-my-internet.com

Add to your LinkedIN.com network?

I want to wish all visitors a merry Christmas here from Norway, which for once isn't covered in Snow.

Add to your LinkedIN.com network?

Although I condemn theft, it warms my heart that at least some are smart enough to implement some kind of encryption scheme for their data.

The ID thieves used stolen credit card numbers and created false identities to buy high-end electronics and other goods, which they then resold on eBay, prosecutors said.

When the gang's premises were raided by the members of the Serious and Organised Crime Agency (SOCA), Kostap was handcuffed with his hands in front of his body. He managed to leap up and flick an electrical switch that wiped databases that could have contained records of the gang's activities stretching back more than 10 years, SOCA said.

There are 1652 chars more to read in this posting

Add to your LinkedIN.com network?