Monday, December 30, 2013

Security: A Linux Server Exploit


Why do people want to hack your server? Maybe it is to mine BITCOINS!
http://arstechnica.com/security/2013/12/anatomy-of-a-hack-what-a-successful-exploit-of-a-linux-server-looks-like/
Like most mainstream operating systems these days, fully patched installations of Linux provide a level of security that requires a fair amount of malicious hacking to overcome. Those assurances can be completely undone by a single unpatched application, as Andre' DiMino has demonstrated when he documented an Ubuntu machine in his lab being converted into a Bitcoin-mining, denial-of-service-spewing, vulnerability-exploiting hostage under the control of attackers.



Wednesday, December 25, 2013

Processor War: Google to Manufacture ARM?



[Datacenter Image, courtsy ARS Technica]
 Google maybe thinking about making their own ARM central processing units
http://arstechnica.com/information-technology/2013/12/report-google-contemplates-homemade-arm-chips-to-power-its-servers/
We've already seen consumer technology companies like Apple and Samsung become more vertically integrated in the last few years—Apple designs its own phones and tablets, the chips that go in them, and the architecture that goes into the chips, for example. Just as Apple's software benefits from tight integration with Apple's hardware, Google is reportedly eyeing chip design as a way to "better manage the interactions between hardware and software."

[Sun Microsystems Logo]
Of course, Sun (and now Oracle), have seen a similar benefit with SPARC, over the years. Sun Microsystems was able to drive volume in their market, but as manufacturing costs rose, the market needed to grow accordingly. The UNIX market had found ways to differentiate themselves from the consumer market, but that market shrank as the consumer market canibalized it. There needs to be a large enough market to make the investment profitable in this high-cost and high-risk arena.


[Sun Ray Terminal]
Google is large enough, to make such an investment profitable, and they have a large enough investment in ARM hardware software with the Mobile consumer market. This does not guarantee survival, however, as Oracle demonstrated their desire to exit the desktop appliance market with the discontinuing of their Sun Ray product, when they could have invested in SPARC or ARM for the Sun Ray to make an additional consumer for their SPARC processor investment, hedge the investment in SPARC processor in skilled programmers, and created a new market driver for Oracle's Cloud offering using Sun Ray appliances.

Monday, December 23, 2013

Android: Incompatibilities - Hacking & Coding Practices

[Courtesy: Android Authority]
Some people have been discussing Android compatibility recently.

Most of the incompatibilities surround screen size and camera size.
http://developer.android.com/.../pract.../compatibility.html

Sometimes, people can just code their apps differently, in order to make their apps compatible across more devices.
http://stackoverflow.com/.../android-app-is-incompatible...

There have been hacks created, so people can download incompatible apps... but there is generally a reason why these apps are generally tagged as incompatible.
http://www.androidauthority.com/how-to-install.../


Hope this short note is helpful!

Friday, December 20, 2013

ARM: Calxeda Runs Out of Money

[Calxeda ARM processor, courtesy ComputerWorld]
The developer of 64 bit ARM processors closed down, the week before Christmas. Calxeda is going through restructuring. The world may still see a 64 bit ARM from this company, yet. Previously, their 32 bit ARM processors were well received by the market. In 2011, Calxeda announced the development of a 480 core low power server, to be consumed by Hewlett Packard. The "Moonshot" servers from HP may be negatively impacted - HP's attempt at resuming RISC processor platform production may be in chaos.

Wednesday, December 18, 2013

Malware: Targeting Linux Platforms



[Screenshot courtesy ARS Technica]
This is not the first case of such worms, targeting Internet devices, in this case Intel based only.
http://arstechnica.com/security/2013/11/new-linux-worm-targets-routers-cameras-internet-of-things-devices/
Researchers have discovered a Linux worm capable of infecting a wide range of home routers, set-top boxes, security cameras, and other consumer devices that are increasingly equipped with an Internet connection. Linux.Darlloz, as the worm has been dubbed, is now classified as a low-level threat, partly because its current version targets only devices that run on CPUs made by Intel

[Screenshot courtesy Symantec]
A short article from Security company Symantec discussing the latest WORM targeting The Internet.
http://www.symantec.com/connect/blogs/linux-worm-targeting-hidden-devices
Symantec has discovered a new Linux worm that appears to be engineered to target the “Internet of things”. The worm is capable of attacking a range of small, Internet-enabled devices in addition to traditional computers. Variants exist for chip architectures usually found in devices such as home routers, set-top boxes and security cameras. Although no attacks against these devices have been found in the wild, many users may not realize they are at risk, since they are unaware they own devices that run Linux.

Monday, December 16, 2013

MacOSX Server: Mavericks Edition

[Apple OSX Server Screenshot, courtesy ARS Technica]
A review of MacOSX Server for Mavericks.
http://arstechnica.com/apple/2013/12/a-power-users-guide-to-os-x-server-mavericks-edition/
Despite a version number increase from 2.X to 3.X, OS X Server is finished with the major overhauls. The software has been changed from an enterprise-targeted package to one better suited to power users and small businesses. Now that the transition is complete, it's clear that slow, steady improvement is the new normal.



Tuesday, December 10, 2013

Development Methodologies: Testing Code

[A Real Man]
The Reality of Network Management: Every Vendor, Model, and Firmware Combination normally means slightly different interface characteristics from the Network Management Cluster. Most of the time, every combination is not available in a lab. Testing such combinations in production happens to be true, more often than not.

Monday, December 9, 2013

Network Performance and Security: InfoVista and Bluecoat

Abstract:
Management of The Internet traditionally includes Fault, Performance, Configuration, and Security management. The business has traditionally experienced consolidation, but more recently the industry has been going private. Network Performance is often measured by software and enhanced by hardware. An short update on a few vendors.

WAN Acceleration Morphs into Security:
This market is dominated by the likes of Riverbed. with other vendors such as Cisco with WAAS and Ipanema. Bluecoat was one of the dominate vendors in this arena - on February 2012, Blue Coat Systems (web security and WAN Optimization) was acquired by Thoma Bravo LLC., a private equity firm. The conversion to a Security Company is well underway.

Performance Management Monitoring:

InfoVista has been in the Performance Management business for over a decade. The provide the core performance management infrastructure for Ipanema. InfoVista was purchased by private equity firm Thoma Bravo LLC in April 4, 2012. InfoVista provides the performance management for Blue Coat competitor Ipanema - which is quite interesting.

Application Performance Monitoring:
Network Instruments (network and application performance solutions) had a controlling interested taken by Thoma Bravo in April 2012. The products include an a lineup from software to probes to switches and network management for it all.

[3D map from InfoVista's Mentum Planet]
Self Organized Networks:
InfoVista's push into SON continued with the InfoVista purchase of Mentum on November 28, 2012. The expertise in carrier based wireless networks continues to grow, with wireless and back-haul expertise adding to InfoVista's portfolio. Mentum Planet is a powerful addition considering it is "the only RF network planning and optimization tool that embeds MapInfo professional GIS" and provides complete life cycle management for all things wireless.

[Keynote Logo]
Cloud Testing:
Thoma Bravo purchased  KeyNote Systems Inc. in August 28, 2013. Keynote provides cloud-based tools for testing mobile applications. "With Keynote, companies know precisely how their Web sites, content, and applications perform on actual browsers, networks, and mobile devices."

Testing & Forecasting:
Thoma Bravo also purhcased Empirix in August 2013. This testing tool provides for forecasting customer experience. This Massachusetts U.S. company provided mobile wireless services to banking and financial industries. "Empirix is at the forefront of holistic quality assurance solutions that preempt technology issues, ensure peak level performance, and predict the smartest actions for delighting customers, controlling costs, and optimizing business processes."

Network Planning and Analytics:Malaysian telecommunications software developer Aexio was acquired by InfoVista on  October 23, 2013. Network planning, service assurance, and geo-analytics will be added into InfoVista's portfolio of capabilities, with an Asian footprint.

[Aexio Founders]

Conclusion:
In the carrier wireless space, Thoma Bravo seems intent on providing management capabilities from carrier back-haul all the way up the wireless stack to the handset - bundling network, application, analytics, and forecasting into a performance management portfolio. It will be curious how security and WAN acceleration from Bluecoat will play into the mix and whether this will place any additional market pressure on Ipanema or whether their hardware will become an appliance basis only for security focus to remain disjoint from InfoVista mobile management market.

Monday, December 2, 2013

Android: Viruses, Worms, Trojans, and Malware

[Courtesy: Android Authority]
Abstract:
Sometimes the term "virus" generically, but there are really many kinds of "malware", of which Virus is a specific type. I categorized a few Android malware incidents from 2013 for friends. Please be aware of the "Apps" you buy, what you download, install, and even the web sites you go to.

A Brief 2013 History:
The Android ecosystem is not as "tight" as other ecosystems, such as Apple or Blackberry - as such, it is vulnerable to many more exploits... which may cause you money in bandwidth, future purchases, text messages, etc.

2013-01-09 --- Android users hit by scareware scam
http://www.zdnet.com/blog/security/android-users-hit-by-scareware-scam/9960

2013-01-13 --- “Bill Shocker” Android malware hits China, infecting 620K smartphone users
http://e27.co/bill-shocker-android-malware-hits-china-infecting-620k-smartphone-users/

2013-01-20 --- New variants of premium rate SMS trojan 'RuFraud' detected in the wild
http://www.zdnet.com/blog/security/new-variants-of-premium-rate-sms-trojan-rufraud-detected-in-the-wild/10165

2013-02-08 --- Researchers spot a fake version of Temple Run on Android's Market
http://www.zdnet.com/blog/security/researchers-spot-a-fake-version-of-temple-run-on-androids-market/10257

2013-02-27 --- Android drive-by download attack via phishing SMS
http://www.zdnet.com/blog/security/android-drive-by-download-attack-via-phishing-sms/10422

2013-03-26 --- First-Known Targeted Malware Attack On Android Phones Steals Contacts And Text Messages
http://www.forbes.com/sites/parmyolson/2013/03/26/first-known-targeted-malware-attack-on-android-phones-steals-contacts-and-text-messages/

2013-04-01 --- Evidence Mounts That Chinese Government Hackers Spread Android Malware
http://www.forbes.com/sites/andygreenberg/2013/04/01/evidence-mounts-that-chinese-government-hackers-spread-android-malware/

2013-04-03 --- Android malware: A new avenue for Chinese hackers
http://www.citeworld.com/security/21669/android-malware-chinese-hackers

2013-04-12 --- Malicious version of Angry Birds Space spotted in the wild
http://www.zdnet.com/blog/security/malicious-version-of-angry-birds-space-spotted-in-the-wild/11520

2013-04-18 --- Warning: Fake Instagram app on Android is malware
http://www.zdnet.com/blog/security/warning-fake-instagram-app-on-android-is-malware/11597

2013-04-26 --- Warning: Fake Biophilla app on Android is malware
http://www.zdnet.com/blog/security/warning-fake-biophilla-app-on-android-is-malware/11715

2013-05-02 --- A first: Hacked sites with Android drive-by download malware
http://www.zdnet.com/blog/security/a-first-hacked-sites-with-android-drive-by-download-malware/11810

2013-05-15 --- Android malware families nearly quadruple from 2011 to 2012
http://www.zdnet.com/blog/security/android-malware-families-nearly-quadruple-from-2011-to-2012/12171

2013-05-21 --- Malware charges users for free Android apps on Google Play
http://www.zdnet.com/blog/security/malware-charges-users-for-free-android-apps-on-google-play/12245

2013-07-09 --- New Android malware infects 100,000 Chinese smartphones
http://www.zdnet.com/new-android-malware-infects-100000-chinese-smartphones-7000000497/

2013-08-13 --- Google messaging service hacked, sends malware to Android users
http://rt.com/news/google-messaging-hacked-malware-451/

2013-08-26 --- Android Malware: 44 Percent Of Android Users Vulnerable To Attacks According To U.S. Government
http://www.ibtimes.com/android-malware-44-percent-android-users-vulnerable-attacks-according-us-government-1399347

2013-08-27 --- Nearly 7,000 Malicious Android Apps Infest China's Appstores
http://securitywatch.pcmag.com/mobile-security/315218-nearly-7-000-malicious-android-apps-infest-china-s-appstores

2013-09-12 --- Email Spam Campaign Spreading Android Malware
http://threatpost.com/email-spam-campaign-spreading-android-malware

2013-10-25 --- New Android Banking Trojan Targeting Korean Users
http://thehackernews.com/2013/10/new-android-banking-trojan-targeting.html

2013-11-07 --- Another zombie 'bogus app' bug shambles out of Android
http://www.theregister.co.uk/2013/11/07/another_zombie_bogus_app_bug_shambles_out_of_android/

2013-11-17 --- New Voicemail Notification - WhatsApp - Malware
http://techhelplist.com/index.php/spam-list/314-new-voicemail-notification-whatsapp-malware

2013-12-02 --- Nexus phones carry SMS crash bug vulnerability
http://www.theregister.co.uk/2013/12/02/nexus_phones_carry_sms_crash_bug_vuln/