Shaun Stanislaus’s Tech blog

Just another WordPress.com weblog

New Conficker worm Alert

A GOVERNMENT information security watchdog has issued a warning to take precautions against a fast-mutating malicious computer program poised to strike on Wednesday. In a bulletin sent out on Monday, the Singapore Computer Emergency Response Team (SingCert) warned that the latest variant of the Conficker worm, known as Conficker.C, may ‘become active on April 1’. SingCert, a unit of technology sector regulator Infocomm Development Authority of Singapore, identifies information security threats and coordinates computer security responses to events like hacking attacks. Conficker targets computers running Microsoft Windows software, automatically jumping from an infected computer to another over a local network or by hitching a ride on a portable storage devices like USB-drives. Only computers that have not been updated with new security signatures are vulnerable. The worm is one of the more sophisticated such programs developed to date. Unlike earlier versions like 2004’s Sasser worm, which was easily found and subsequently de-wormed by a vigilant user, Conficker’s creator, who remains at large despite a US$250,000 (about S$380,000) bounty put up by Microsoft, regularly comes up with new and improved versions of the worm to foil such efforts. The newest variant, Conficker.C, the fourth incarnation of the worm since it was first discovered last year, disables security features like Microsoft Windows Automatic Update. One of Conficker’s key features is its ability to call up a ‘master computer’ via the Internet for directions, which is also present in its newest variant in a new and improved form. On Wednesday, Conficker.C infected computers will do just this, SingCert warned on Monday, although ‘the exact nature of the activity that will occur on that day is not known at this time.’ Since it was released last year, Conficker has claimed more than ten million victims worldwide, including computers used by the British Parliament. While definitive statistics of Conficker infections here are not available, at least 269 companies have been infected as at January, according to security company F-Secure. Visit SingCert’s website at http://www.singcert.org.sg for instructions on how to check if your computer is infected, and how to remove the worm.

Advertisements

March 31, 2009 Posted by | IT News, Security | Leave a comment

EliteTorrents Admin Sentenced to Prison

Daniel Dove is the first person ever to be convicted by a jury in the US for using BitTorrent to illegally distribute copyrighted material.

Several months ago I mentioned how 26yo Daniel Dove had become the eighth person to have been successfully targeted as part of the Department of Justice’s “Operation D-Elite,” which so far has resulted in the convictions of seven former leading members of the EliteTorrents BitTorrent tracker site. Fellow admins Scott McCausland, Grant Stanley, Sam Kuonen, and Scott Harvanek all plead guilty to similar copyright infringement charges rather than take their cases to trial.

On June 27th, 2008 a federal jury in Big Stone Gap, Va., convicted Dove, formerly of Clintwood, Va., on one count each of conspiracy and felony copyright infringement making him the first person ever to be convicted after a trial by jury in the US for using BitTorrent to engage in criminal copyright infringement. He faced as much as 10yrs in prison.

The jury was presented with evidence that Dove was an administrator of the site’s “Uploaders,” who were responsible for supplying pirated content to the group. The evidence showed that Dove recruited members who had very high-speed Internet connections, usually at least 50 times faster than a typical high-speed residential Internet connection, to become Uploaders. The evidence also showed that Dove operated a high-speed server, which he used to distribute pirated content to the Uploaders.

Acting Assistant Attorney General Matthew Friedrich then announced yesterday that he had been formally sentenced by U.S. District Court Judge James P. Jones to 18 months in prison for “…his role as a high-ranking administrator of a P2P Internet piracy group.” In addition, Dove was ordered to serve three years of supervised release and fined $20,000.

At its height, EliteTorrents attracted more than 125,000 members and distributed about 700 movies, which were downloaded a total of 1.1 million times.

http://www.zeropaid.com/news/9744/Elite … 2C000+Fine

March 28, 2009 Posted by | IT News | | Leave a comment

When to upgrade to Windows 7?

IT shops continue to hold off on Vista upgrades in favor of waiting for Windows 7, but individual corporate circumstances may require some action sooner rather than later.

Gartner Inc., the Stamford, Conn.-based consulting firm recently polled 166 of its US-based clients representing three million PCs, and just under 100 of its European-based clients representing just under one million PCs. Vista adoption continues its slow pace, with roughly half of respondents saying they will not upgrade or are making no plans either way.

In fact, by the end of 2008 only 6% of the organizations had started installing Vista. That’s about half of the number of organizations that had installed Windows 2000 by the same time in its evolution, said Michael Silver, a Gartner analyst and one of the report’s authors.

Only one-third of respondents said they would roll out Vista in 2009 in both North America and Europe.

Get thee off of XP

Skipping Vista does have its consequences. It means that IT shops with four or five-year hardware refresh cycles will have a truncated OS upgrade cycle as they move to Windows 7, Silver said.

Silver advises IT shops to at least move some end users off of XP. “We have a lot of clients that skip an OS and they call us up late in their OSes life,” he said. “They say, we can’t get off of Windows 2000 fast enough. We don’t have the budget and our applications don’t support it anymore.”

XP will only be supported with security fixes until April 2014 and it’s unlikely that most Windows 7 deployments will begin until 2011. A release candidate of Windows 7 is widely expected in September 2009, but it will take a while for third-party applications to support a new release, as is typical.

If IT shops start a Windows 7 deployment in early 2011 it means that, through regular attrition, it will be hard for them to get off XP before Microsoft ends support and the third-party vendors pulling back on their own XP support. Support for XP by third parties is expected to become a problem by 2012, Silver said.

Add Windows 7 to your budget on new and existing PCs for 2011 and 2012.

For IT shops interested in running hosted virtual desktops,  it’s better to run Windows XP on the same hardware than running Windows Vista because XP is less resource intensive and requires less disk space. The tools to manage hosted virtual machines are still in their infancy.

By the time Windows 7 becomes mainstream, virtual desktop infrastructure (VDI) and the management technology that supports VDI should be mature.

March 28, 2009 Posted by | Industry Best Practice, IT News, Technology | , , , , , | Leave a comment