Tuesday, 10 August 2010

Hiding files in Flickr pics will fool web censors

This article is copied from New Scientist:

Life is about to become more difficult for countries trying to censor access to foreign websites. A system dubbed Collage will allow users in these countries to download stories from blocked sites while visiting seemingly uncontroversial sites such as Flickr.

Collage relies on a well-established technique known as digital steganography, in which an image file is changed to encode the hidden message without obviously affecting the appearance of the image. A prototype version is due to be unveiled on Friday, 13 August.

Steganography normally requires specialist software, but Collage is designed so that anti-censorship activists and readers can publish and download the hidden stories without any specialist skills. A publisher or activist can, for example, use Collage to copy news stories from a website and embed the articles into Flickr images in a process that is almost entirely automated.

In the prototype, stories from the BBC news site are used, but in principle any web content could be hidden. Collage can hide as many as 15 news articles in just seven medium-sized Flickr images.
Once the material is embedded in a Flickr image, anyone with Collage can download it and extract the stories. A censor attempting to monitor traffic from a prohibited site would only see the reader visiting Flickr, which is not generally blocked by web censors.
Collage is able to identify which images have been used to hide material. All the would-be reader has to do is click on the date they are interested in; the stories appear a few minutes later. "It all happens in the background," says Sam Burnett at the Georgia Institute of Technology in Atlanta, part of the team behind Collage.
Burnett has designed a Flickr upload tool that links with Collage and embeds content that publishers or activists want to make available.
Collage can also be easily extended so that stories are embedded in other photo-sharing sites. The idea is to spread material across numerous sites that host user-generated content so that the activity of someone running Collage appears much like that of any internet user and the censors cannot just block access to Flickr. Collage does, however, rely on the goodwill of Flickr users, who will have to provide access to the images where the articles are to be hidden.
Burnett is relying on opposition to censorship to motivate people to use Collage. "We're betting on people getting a warm fuzzy feeling because they are beating censorship," he says.
To coincide with the launch of the prototype, Burnett will present a paper on the system at the USENIX Security Symposium in Washington DC.

Thursday, 15 July 2010

E-books

The site bookworm can be used to store ebooks that, once uploaded, can be downloaded later to any device or read online. The books have to be the epub format but programs like calibre can be used to create the proper format if the book is in a non-compatible format. This is not a bad idea and obviates the need to carry your library around with you on your laptop, mobile device or USB stick drive. Today I created an account with bookworm and uploaded my first ebook (Titus Groan by Mervyn Peake). All went well.

Wednesday, 7 July 2010

Dead Flash Drive


Oh dear, my recently acquired 16Gb Kingston Traveller Flash Drive is no longer working. It's recognised by my computer but when I try to access it, I'm asked if I want to format it. Accepting that whatever I had on the disk would be erased, I choose the formatting option but the operation always fails. I decided to try a low level format and to that end downloaded a little utility program from the Internet at http://hddguru.com. No go. It would appear that the drive is irretrievably dead.

From this experience, I have learned a valuable lesson. It's silly to buy a larger and more expensive flash drive, as I did, only to see it die a couple of months later. I've now revived my older 4Gb Toshiba flash drive and will begin storing my portable applications on this. As far as possible, I'll use the Internet to store any files that I need to access or work on. I'll make regular copies of the contents of the drive so that it ever fails again I can quickly copy the contents to a new drive.

Sunday, 4 July 2010

Microsoft Security Essentials

I'm trying to kick start this blog as I did my other, so here goes. I came across Yogesh Mankani's review of ten free Microsoft products and noticed that one of them was an anti-malware download called Microsoft Security Essentials that requires validation before it can be installed. Seeing that I have a legal installation of Vista, I thought I'd test it out so I downloaded and installed it, then ran quick scan that didn't detect any problems. I wasn't surprised at this because I have Windows Defender and McAfee antivirus already activated.

However, I was surprised later when I opened Windows Media Player and got an alert about a TrojanDownloader: ASX/Wimad.CJ that was lurking in one of my Windows Media files that I'd downloaded in August 2007 from Limewire. The threat was flagged as severe so I removed it and then did a little investigation. According to Microsoft's Malware Protection Centre it isn't actually a trojan but instead:

TrojanDownloader:ASX/Wimad.CJ is a detection for malicious Windows media files that encourage users to download and execute arbitrary files on an affected machine. When opened with Windows Media Player, these malicious files open a particular URL in a Web browser.

Installation

TrojanDownloader:ASX/Wimad.CJ is a malicious Advanced Streaming Format (ASF) file, which when opened by Windows Media Player, urges a user to download and execute an arbitrary file. In the wild, files detected as TrojanDownloader:ASX/Wimad.CJ have been observed to be distributed with file extensions such as .MP3, .ASF, .WMA, and .ASX. The file names used have been varied and enticing.

Payload

Redirects Web traffic. At the time of writing, ASX/Wimad.CJ attempts to open a page on the www.realcodec.comdomain. Affected users may be directed to other sites or to download arbitrary files.  Microsoft strongly suggest that users avoid downloading and executing any files when prompted by Windows Media Player upon opening streaming format files.

So the program has proved useful already but I was unsure what the difference was between Microsoft Security Essentials and Windows Defender until I came across this article.

Q: How is Microsoft Security Essentials different from Windows Defender?

A: Windows Defender detects and removes known spyware only. It is not designed to protect against the full breadth of malicious software, and specifically does not prevent viruses, worms, Trojans, and other malicious software from infecting your machine. The new no-cost solution will be a comprehensive anti-malware solution.

Q: Is Microsoft Security Essentials designed to replace Windows Defender?

A: No but if you are running Microsoft Security Essentials, you do not need to run Windows Defender. Microsoft Security Essentials is designed to disable Windows Defender in order to manage the PC’s real-time protection, including anti-virus, rootkits, Trojans and spyware.

Q: Does installing Microsoft Security Essentials disable Windows Defender? 

A: Microsoft Security Essentials should disable Windows Defender on Vista and Windows 7 and uninstall it from XP. In some cases, this does not happen automatically.

Q: Do I need to manually disable or uninstall Windows Defender if I am using Microsoft Security Essentials?

A: If Microsoft Security Essentials did not automatically disable Windows Defender on Vista or Windows 7, you should disable it to prevent conflicts. Windows Defender cannot be uninstalled from Vista or Windows 7. 

If Microsoft Security Essentials did not automatically uninstall Windows Defender on XP, you should manually uninstall Windows Defender via Control Panel/Add or Remove Programs.

Q: What happens if I do not disable or uninstall Windows Defender if I am using Microsoft Security Essentials?

A: If Microsoft Security Essentials and Windows Defender are both running, your system may experience performance degradation and other problems caused by the conflict of two services providing real time protection simultaneously.