Tag: Security
DVDFab
DVDFab Passkey 8.2.1.7
This is why DVDFab.com is down – the actual injunction
Recently we reported that the DVDFab.com domain was shutdown due to an injunction sought by the AACS LA (Advanced Access Content System Licensing Administrator). The AACS LA is the developer and licensee of AACS , a copy protection part of the Blu-ray specification. Their interest in DVDFab is not surprising, DVDFab contains functionality to circumvent the AACS copy protection, rendering it useless.
As DVDFab is in China the company is currently coping well, their website is still available through other domain names and orders are processed as usual.
DVDFab sees Facebook page removed, launchesIlikeDVDFab.com
While Facebook removed their page today, DVDFab started a website explaining what happened and asking people for their support. On the website IlikeDVDFab.com the company asks people to tweet the message; “love this software and I need DVDFab come back! #DVDFabComeBack”.
http://en.dvdfab.cn/download.htm
Personal VPN
You can use a free program called Hotspot Shield and it will hide your IP Address.
http://www.hotspotshield.com/
The true root causes of software security failures
Developers being overly trusting is one of them.
Developers being overly trusting is one of them.
Computer security
There’s no magic pill for security
Too often, New Year’s resolutions to get into better shape are derailed because of a lack of realistic planning. The same thing happens in the security sphere.
Too often, New Year’s resolutions to get into better shape are derailed because of a lack of realistic planning. The same thing happens in the security sphere.
Malware increasingly uses peer-to-peer communications, researchers say
The number of malware samples that use P-to-P (peer-to-peer) communications has increased fivefold during the past 12 months, according to researchers from security firm Damballa.
The number of malware samples that use P-to-P (peer-to-peer) communications has increased fivefold during the past 12 months, according to researchers from security firm Damballa.
Smartphone Secrets
Published on Feb 7, 2013
Source: MINNEAPOLIS (KMSP) – What are you planning to do with the old one before you sell it or toss it in the recycle bin? Read more: Investigators: Smartphone Secrets – KMSP-TVhttp://www.myfoxtwincities.com/story/…
Chop-Shop Electronics
The Hidden Dangers of Chop-Shop Electronics
Do you really know what’s inside the electronic devices you use? Neither the U.S. military nor an increasing number of large corporations knows what’s in theirs. Between 2005 and 2008, the number of companies reporting incidents involving counterfeit chips—including recycled parts passed off as new, those that fail testing and are sold anyway, and some that are phony from the beginning and were never intended to work at all—more than doubled. Some of these supply-chain catastrophes have found their way into aircraft such as military jets and helicopters—and into an untold number of commercial systems that don’t face the level of scrutiny the military brings to bear.
The global trade in recycled electronics parts is enormous and growing rapidly, driven by a confluence of cost pressures, increasingly complex supply chains, and the huge growth in the amount of electronic waste sent for disposal around the world. Recycled parts, relabeled and sold as new, threaten not only military systems but also commercial transportation systems, medical devices and systems, and the computers and networks that run today’s financial markets and communications systems.
Virtualization
Virtualization, in computing, is a term that refers to the various techniques, methods or approaches of creating a virtual (rather than actual) version of something, such as a virtual hardware platform, operating system (OS), storage device, or network resources.
Hardware virtualization or platform virtualization refers to the creation of a virtual machine that acts like a real computer with an operating system. Software executed on these virtual machines is separated from the underlying hardware resources. For example, a computer that is running Microsoft Windows may host a virtual machine that looks like a computer with the Ubuntu Linux operating system; Ubuntu-based software can be run on the virtual machine.[1][2]
In hardware virtualization, the host machine is the actual machine on which the virtualization takes place, and the guest machine is the virtual machine. The words host and guest are used to distinguish the software that runs on the physical machine from the software that runs on the virtual machine. The software or firmware that creates a virtual machine on the host hardware is called a hypervisor or Virtual Machine Manager.
Different types of hardware virtualization include:
- Full virtualization: Almost complete simulation of the actual hardware to allow software, which typically consists of a guest operating system, to run unmodified.
- Partial virtualization: Some but not all of the target environment is simulated. Some guest programs, therefore, may need modifications to run in this virtual environment.
- Paravirtualization: A hardware environment is not simulated; however, the guest programs are executed in their own isolated domains, as if they are running on a separate system. Guest programs need to be specifically modified to run in this environment.
Hardware-assisted virtualization is a way of improving the efficiency of hardware virtualization. It involves employing specially designed CPUs and hardware components that help improve the performance of a guest environment.
Hardware virtualization can be viewed as part of an overall trend in enterprise IT that includes autonomic computing, a scenario in which the IT environment will be able to manage itself based on perceived activity, and utility computing, in which computer processing power is seen as a utility that clients can pay for only as needed. The usual goal of virtualization is to centralize administrative tasks while improving scalability and overall hardware-resource utilization. With virtualization, several operating systems can be run in parallel on a single central processing unit (CPU). This parallelism tends to reduce overhead costs and differs from multitasking, which involves running several programs on the same OS. Using virtualization, an enterprise can better manage updates and rapid changes to the operating system and applications without disrupting the user. “Ultimately, virtualization dramatically improves the efficiency and availability of resources and applications in an organization. Instead of relying on the old model of “one server, one application” that leads to under utilized resource, virtual resources are dynamically applied to meet business needs without any excess fat” (ConsonusTech).
Hardware virtualization is not the same as hardware emulation. In hardware emulation, a piece of hardware imitates another, while in hardware virtualization, a hypervisor (a piece of software) imitates a particular piece of computer hardware or the entire computer. Furthermore, a hypervisor is not the same as an emulator; both are computer programs that imitate hardware, but their domain of use in language differs.
VirtualBox is a general-purpose full virtualizer for x86 hardware, targeted at server, desktop and embedded use.
For a thorough introduction to virtualization and VirtualBox, please refer to the online version of the VirtualBox User Manual’s first chapter.
Why does HP recommend that I keep Hardware Virtualization off?
There are several attack vectors from bad drivers that can utilize VT extensions to do potentially bad things. that’s why the setting is usually in the “security” section of your BIOS UI.
additionally the smaller your instruction set, the more efficient the CPU runs at a very very low level (hence last decades interest in RISC chips). having it disabled allows the CPU to cache fewer instructions and search the cache faster.
http://en.wikipedia.org/wiki/Blue_Pill_%28software%29
So is there a security risk to enabling AMD-V? – Rocket Hazmat Feb 1 at 16:21
|
yes. Installing drivers and other very-low-level software is always risky, so its probably no more risky that grabbing a driver off a non-official download site. the big difference is that a blue-pill exploit could allow a guest to affect the host and vice-verse, which should really never be true. – Frank Thomas Feb 1 at 16:37
|
I disagree saying there is a security risk by enabling AMD-V. Doing a quick search on “AMD-V security” results in NO results on the first page about a security vulnerability that says a great deal. – Ramhound Feb 1 at 16:46
|
So, it’s off by default, because there are rootkits that pretend to by hypervisors? Guess I just gotta be careful what I download! 🙂 – Rocket Hazmat Feb 1 at 16:49
|
Blue Pill is the codename for a rootkit based on x86 virtualization. Blue Pill originally required AMD-V (Pacifica) virtualization support, but was later ported to support Intel VT-x (Vanderpool) as well. It was designed by Joanna Rutkowska and originally demonstrated at the Black Hat Briefings on August 3, 2006, with a reference implementation for the Microsoft Windows Vista kernel.