The Personal Computer Radio Show  WBAI-FM 99.5
New York City


September 2005  Show Summaries

Show Summaries Below
September 28, 2005  September 21, 2005  September 14, 2005  September 7, 2005 


 September 28, 2005 Show

AudioArchives   TOP 

Our guest was Patrick Martin, Senior Product Manager, Symantec Security Response Team.

Topic: Symantec just released the 8th Internet Security Threat Report, one of the most comprehensive sources of Internet threat data in the world. The semiannual report, covering the six-month period from January 1 to June 30, 2005, identified new methods of using malicious code for financial gain with increasing frequency to target desktops rather than enterprise perimeters. The report also found a rise in the exposure of confidential information. Such threats are more worrisome as online shopping and Internet banking continue to increase in popularity. Viruses, Spyware, Spam, Phishing are all up significantly... What can we expect the next 6 months to bring? What can we do to protect ourselves?

Take a test to see if you can spot the phony, scam emails survey.mailfrontier.com/survey/quiztest.html

If you get sent a phishing email message, report it to the Anti Phishing Working Group www.antiphishing.org


 September 21, 2005 Show

AudioArchives   TOP 

In The News

All software has bugs: Apple plugs 'critical' holes in OS X  September 23, 2005. CNET News.com
About Security Update 2005-008from Apple.

Writers group sues Google over copyrights by Globe Wire Services September 21, 2005. 
Google Print Pressures Libraries PC Magazine September 23, 2005 
See Google Print for yourself. 

Firefox just released a new version that addressed a number of bugs. Version 1.0.7 offers no new features and installs exactly the same as previous versions. It can be downloaded from www.mozilla.org

Between October 15th and October 29th the Department of Sanitation will hold Recycling Events where you can donate old computers, printers, monitors, cellphones, etc. to be re-cycled. For more see October 2005 Electronics Recycling Events
 

Johnny Long was our guest.

  • He is the author of the book Google Hacking for Penetration Testers
  • He was subject of an article September 5th in Network World Magazine:  Google hacking By Robert McMillan. What started as a joke builds into a movement.
  • His personal web site is johnny.ihackstuff.com
  • He has spoken on network security and Google hacking at several computer security conferences around the world

Google can be bent by hackers to find hidden information, break into sites, and access supposedly secure information.

Search Engines have changed the way internet users search for information. Many assume that people who search for information do so for benevolent reasons. Other times, people publish information in the hopes of becoming "known."

Yet that same content can actually be used against us, whether we are users surfing the web, publishing information about ourselves or our companies. Some of this information is even more deadly than the dumpster diving hackers continue to do, because the information is already in digital form. Openly available company email directories have turned into spam email lists. A new generation of security professionals, called "penetration testers", search for information about you and your company by "hacking" Google and other search engines- literally running strings and scripts within Google to see how much the Internet "knows" about you and your business.

Google continues to distance itself from the competition and has reached an all-time high in U.S. search referral market share. Google's market dominance is due in large part to the detail, sophistication, and accuracy of the results it provides. These same factors that make Google so useful to you are the same ones that make it so dangerous in the hands of a malicious hacker. 

Book Review Excerpt:

While Google is a researcher's friend, it is a hacker's dream. 

The subtitle of Google Hacking for Penetration Testers is "Explore the Dark Side of Googling". The dark side of Google is that far too many networks are insecure with inadequate security and enable unauthorized information to leak into Google. This leakage creates the situation where significant amounts of password files, confidential information , and configuration data and much more are easily available. 

After reading Google Hacks: Tips & Tools for Smarter Searching, the real power and potential danger of Google is easily understood. Author Johnny Long details how penetration testers can harvest information that has been crawled by Google. .... The book is not meant to be a crutch for script kiddies, its aim is rather to show how Google can be used to uncover data that most companies would rather remain secured. ...

The book's 12 chapters show how one can plunder and pillage corporate data via Google. Chapters 1 and 2 provide a basic introduction to Google searching, including building Google queries, URL and operator syntax, search reduction, and more.

Chapters 3 through 10 detail the internals of Google hacking. The avenues of attack are nearly endless and various methods are detailed from traversal techniques, site crawling, tracking down Web server logins, and much more. With the sheer amount of data produced on corporate Web sites, it is hard not to have information leakage. The problem is that Google is the perfect glue to bond those disparate pieces of data together to form a dangerous set of connected data. Google is now gluing isolated data, which is dangerous data when in the wrong hands.

Chapter 11 details what can be done to protect an organization from Google hackers. While author Johnny Long may be a hacker, he is quite mainstream when he writes that the best hardware and software configuration money can buy can't protect computing resources if an effective security policy is not in place. ....

A decade ago, Google was the type of powerful search tool that was rumored to be used within the NSA. Today, petabytes of data are only a few clicks away on Google, and with the Google API, all of that information can be seamlessly integrated into a few scripts. The challenge companies face is to take security seriously and stop making it easy for their password files, payroll data, and other confidential information to be entered into Google's server farm. 

 

 September 14, 2005 Show

AudioArchives   TOP 

Interview

Our topic was the confusion over the next generation of high-capacity writable DVDs that rely on blue lasers instead of the red lasers used in current DVD players and writers. Will HD DVD or Blu-Ray win? Can the movie studios choose the winner? Will the consumer ultimately win or lose?

Our guest will be Andy Marken  - the man behind Marken Communications, which is a public relations and marketing firm, but so much more. Unlike so many of his colleagues, Andy not only understands the finer points of the technology that he represents, he also cares passionately about it. He has spent many years toiling in the fields of optical disc storage, from before the days of writeable DVDs. He's watched the market grow, as the technology has changed, taken some dead-end turns, and evolved into an essential part of business and entertainment.
 

 

 September 7, 2005 Show

AudioArchives   TOP 

In The News 

Beware of scam web sites collecting money for Hurricane Katrina disaster relief. The Attorney General of New York State issued a warning about this. Never click on a link in an email message asking for money, the destination of the link can be forged.  For lists of trusted organizations, see the web sites of any media organization, such as CNN or the Today Show. See also www.usafreedomcorps.gov. The Better Business Bureau has a charity monitoring service at www.give.org

Hurricane drives interest in online backups September 1, 2005. CNET News.com

Apple just released a new iPod, the Nano. It's big selling point is size, it's much smaller than the iPod mini, only .27 inch thick. It comes in black and white models and 2GB ($200) and 4GB ($250) models. As with all iPods the battery is rechargeable, not replaceable. It runs for 14 hours and takes 3 hours to re-charge. Unlike the iPod Mini, which it replaces, the Nano is based on flash ram. 
IPod Nano Combines Beauty, Function by Walter S. Mossberg September 8, 2005

Samsung is planning on releasing a DVD burner that will be able to burn both of the next generation formats: HD-DVD and Blu-Ray. 

Next month Hitachi will release a one inch hard disk, matching Seagate for the smallest available disk drive. The Hitachi disk holds 8 GB of data and can sense when the disk is being dropped to stop it and hopefully avoid damage. This may make the disk usable in cell phones. 

Sony Brings Location Free TV to PCs IDG News Service September 6, 2005. Network base station can stream live television and video content to remote PCs. It competes with the $250 Slingbox from Sling Media. Local computers can get TV signal either via Ethernet or WiFi. It can also be sent over the Internet. Whereas VCRs do time-shifting, this does place-shifting. It requires Sony software on the client PC. 

Reviews

Olivia reviewed Degunking Your Email, Spam, and Viruses by Jeff Duntemann. It is 340 pages and under $25. Quoting Olivia: 

The book, is good but I think I would like to clarify who it would be good for. If you are already, have more than one email address, if you already use Adware and Spyware, if you know how to boot up in safe mode, disable macros in Microsoft Office applications, reinstall CD's if your computer crashes, then this book might be too basic for you. If you are timid and you don't feel comfortable reading help menus, and the fear of crashing your computer terrifies you then don't buy this book because you are still going to be terrified.

But, if you are new to all of this and you want to protect your computer and are comfortable reading instructions and trust the author and are not afraid that your machine will end then up broken, you will learn alot from this book. All the suggestions are excellent. Whether you do them all will depend on your personality.

The number one tip is to get rid of Internet Explorer and find yourself another browser. This will eliminate a lot of the problems we hear and read about every week. The book also gives some useful web addresses to explore. A few are:

Hank reviewed the Brother HL-2070N laser printer. It's a black/white network printer that is unusually small for a laser printer (14x14x6). The manual was all but non-existent. The printer can not be assigned a permanent IP address and it seems to hold on to the IP address it is dynamically assigned forever. It prints fine. 

Alfred reviewed an HP color networked laser printer.   

   XML        Webmaster:  Michael Horowitz       Last Update:  January 28, 2006 3 PM