Global Security Threat Map

This would have to be one of the more unique uses of a Google Map Mash-up that I have seen. I would that that it would be somewhat useful, especially if you were travelling or just plain paranoid.

The site is Global Incident Map. It is somewhat “old school” as far as the appearance goes but that is not what is important. The main feature is a Google Map that has all of the current “threats” or incidents that have or are occurring from all over the world. These threats are categorized by their own icon on the map:

• Airport and Aviation Incidents
• Biological Threats as well as Hoaxes
• Bomb, Explosives including Hoaxes
• Chemical Incidences
• Dam Incidents
• Radiation Incidents including Smuggling and Proliferation
• Chemical Attack
• Shipping and Maritime, Ports and Waterways Security
• Railways and Train Stations
• Bus Stations, Buses and Related Security
• Bridge and Tunnel Incidents
• Shootings and Sniper Attacks
• Assassinations including Attempts
• Terrorist Arrests and Kill Locations
• General Non Terrorism News
• Other Suspicious Activity

The map refreshes automatically every thirty seconds. Included is the ability to search the database for events based on type, event, date and city. Or you can click the map and be taken to another screen that zooms in on the place of interest and includes details of the event above.

This is a very well done mash-up and includes lots of data and interesting stuff. Security buffs will love it and the rest of us will be curious or it will make us paranoid. Useful if you were travelling to get an idea of how safe or unsafe a country, town or place might be now.

The mission statement taken from the about page reads:

“This free public service website was created to give the public, law enforcement, military, and government individuals a new way to visualize, and become instantly aware of terrorism and security incidents across the world.”

I thought that it is well implemented and useful. As well as an interesting source of information and news, as it happens. Being a visual tool makes it very clear and understandable. You get an instant appreciation for what is happening and where.

The only thing I thought of was that I truly grateful to live in Australia. The worst thing that happened here today was a blade was found in a Christmas cake!

Advertisement

McAfee Offers “Plus” Version of SiteAdvisor

I was checking the details of a site that came up as a yellow site in SiteAdvisor today. I was surprised to see a screen open that was inviting me to pay for the “Plus” Version. It would seem that the acquisition of SiteAdvisor has finally resulted in McAfee trying to make some money out of it, which was always going to happen it was just a case of when and how.

SiteAdvisor is a great piece of security software that is a Firefox extension, there is also support for Internet Explorer. It classifies sites as green, yellow or red. It may be that a particular site is yellow because you will get a lot of spam from them by registering. Or that there are excessive pop-ups. Red because a browser exploit has been found on the page, or the downloads are infected with spyware or a virus. Green sites are okay at all levels. More about how it works can be found on the SiteAdvisor website.

The really cool part of this extension once installed; is that it flags these sites in the search results. Never end up on a site that could be a local disaster again. Next is the fact that if you are surfing a green site then green sites can only link to green sites. So a site cannot be green and link to a yellow one or red. Nice to know that where you are is safe and where you are going is safe. Not fool proof, it is only as good as the most recent test. But in my experience, coupled with a bit of common sense; it works.

So I wanted to check the status of a link that was not rated (it was from my Feed Reader) so I went to SiteAdvisor to input the URL and get the results and I get a screen come up with an offer to buy “SiteAdvisor Plus”. It might be worth noting that in small print it says “For Internet Explorer”. There was also the assurance that this screen would only come up once every 30 days, provided I keep my cookies (I don’t so I guess I will be seeing it again). I can not find the screen on the SiteAdvisor website, so it was lucky that I was thinking and took a screenshot and put it Flickr. The deal is that for $19:99 you get:

• Checks of the safety of links in email and Instant Messages
• Checks for phishing and identity theft scams in real time
• “Protect Mode” which prevents interaction with dangerous sites

The software works with:

• Outlook and Outlook Express
• Yahoo Mail
• MSN Mail/ Windows Live Mail (Hotmail)
• Gmail
• Yahoo! Messenger
• MSN Messenger
• GTalk

With the note that says “Also includes SiteAdvisor Firefox Extension”, thanks.

The $19:99 gives you a discount and is for single users. A “family pack” of three users will set you back $39:99. The features are great but does anyone else notice what is missing?

Where is the support for other IM clients? Or Thunderbird, or something other than corporate software? Notice the “NOTE” about Firefox at the bottom? The chance that there will be support? I would reckon about zero. The code is not open source for obvious reasons. So no chance for some open source team to develop it. A bit disappointing in my opinion. Then again anyone that uses IE all the time probably needs it more than me. But the email link checking would be a nice addition.

Still might be a good investment for you if you use the applications mentioned and especially if you have kids that use the computer. I have put friends onto SiteAdvisor and they have said that the kids use it very effectively and alert them if they accidentally end up somewhere they should not be. In addition to the fact that in recient times IM services have been targeted with links to either malicious sites or downloads so they are a good inclusion in such a package. Money well spent for peace of mind. Too bad there is no support for open source software.

Vista Cracked

It would appear that in a small amount of time that Windows Vista has been leaked and cracked. So much for being more secure! Twenty four hours in the life of the as yet to be released Vista.

Reports are confirming that that Vista RTM has been leaked. That leak occurred directly from inside Microsoft itself, as it has not been made available as yet. November 15th was the date that was hinted at for it to be available to MSDN Subscribers. Not twenty four hours later it is starting to come through that this leaked version has been cracked. A quick Torrent networks search will confirm this. Not a MSDM subscriber myself I could not say if it has been made available earlier or not.

It appears the crack is not simply a download and run affair and involves a few steps [Don’t know how long that link will work]. Interestingly it uses the keys that Microsoft gave away during the beta. Which makes me wonder just how long this will work, for all Microsoft has to do is disable the keys issued as a part of the beta. Especially since Vista has not been released yet. Or then it might not matter what key is used. Or will Microsoft use it’s Windows Genuine Advantage software to cripple software? Maybe, but they will probably upset a few people and how would they know. Then again a beta is not forever. Whatever they do it better be fast, but it looks to me like it is too late. Will it happen again? Yes, so what does it matter what they do.

Seriously though twenty four hours to crack Vista, they should be a tad embarrassed. Really it is beyond funny.

I am not sure if the rumour mill is working over time or not but there are reports that Office 2007 has suffered the same fate. These reports are as yet to be confirmed and it has yet to be cracked, only a matter of time.

With all the efforts that they have made into being more secure and harder to crack and Microsoft saying that it is harder to crack and the whole WGA thing. They may have well have painted a giant “Hack My Software” poster on their arses.

“Typos” can Lead Disaster for Your PC

The slip of a finger on the keyboard can result in miss-spelling something. That can be bad. Some malicious websites use the fact that typos are common and we can’t spell against us.

Typing an address directly into the address bar is a great way to ensure that you are headed to the correct site. As opposed to clicking a link that you think goes to the right place when in fact it is a rip off of the correct site. It might look the same, but look closer and you might notice some discreet differences to what you remember. Like a slightly different adress or wording of the site. This is called “phishing“. The new version of Firefox, Firefox 2 will have inbuilt protection from these sites. But there are also applications that will help as well.

The whole thing that lead to this post was that I was sending a colleague some links to sites that will help them become more secure, such as anti-spyware and such. I came around to recommending they install an extension called Site Advisor. I went to the site and I noticed that they have posted a video on YouTube that chronicles what can happen at the slip of a finger.

It all starts when a user types “goggle” instead of “google” directly into the address bar… It all goes downhill from there. But let it be a warning to all. If you type an address into the address bar, be careful! In addition to this install Site Advisor it will tell you if the site you are on is bad. The extension also indicates a web sites status in searches, so that you know before you click if something nasty lurks at the other end. I would also strongly recommend using Firefox. Although there is a version of the extension that works with Internet Explorer, found at the same site.

Another great tool is Link Scanner by Exploit Prevention Labs, it checks sites before you visit without finding out the hard way. Something that I do a bit as well is “hovering” over a link without clicking it. Doing this will show the actual link at the bottom left of the browser. I look and see if it is going where the text on the page says it is, or where I expect it to be going. Call me paranoid but I do it. Plus I have been on the ugly end of a zero day virus and it isn’t fun. Tends to make you a bit paranoid.

I always said I would not use video on my blog unless I thought that it was effective in either demonstrating what I was saying or was in some way exceptional this does and is. Scary stuff, glad it was not my PC. I would say “enjoy” but I felt decidedly ill. But cool to watch and see what happens, if happens to you just hose the system, there is no going back, not to the point where I would trust it anyway.

As described by the YouTube User that posted the Video:

“McAfee SiteAdvisor takes a videotaped spin through some dark alleys of the Web. The result? A computer crash worth rubbernecking.“

Disclaimer: Exploit Prevention Labs is a current sponsor of The Global Geek Podcast of which I am a host.

I Too Thought this to Be Ironic

To set the scene, last week saw two major DRM protocols hacked; the Apple iTunes and the PlaysForSure DRM. Not sure if the Apple DRM is still open but fairly sure that it is however, the Windows version is all wrapped up again.

Ironic? Yes ironic. I saw in the RSS feeds the news that the Windows DRM was hacked, almost straight away I found another post that said it was patched and secure again. So what happened? What happened was that Windows rushed out an update patch labelled as critical in order to close the loop-hole down. That is ironic because usually patches released once a month “Patch Tuesday“. So that means that if a vulnerability is found the day after Patch Tuesday then we have to wait a month to get it fixed! Unless there is something so critical that an exception is made…

“If you really want to see Microsoft scramble to patch a hole in its software, don’t look to vulnerabilities that impact countless Internet Explorer users or give intruders control of thousands of Windows machines. Just crack Redmond’s DRM.”

So in this instance Microsoft was quick off the mark to protect it’s own interests rather than those of their users. This is also evident in the fact that they pushed the patch out as a “critical”. See what I mean?

Just wait for the patch that is coming labeled as a “high Priority security update” ; that will be Internet Explorer 7. They certainly have loose definitions there at Microsoft. All this when trying to make up for all the badness they have caused and consumer trust.

Ironic.