Skip to main content

Home/ Open Web/ Group items tagged firewalls

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Gary Edwards

WhiteHat Aviator - The most secure browser online - 1 views

www.whitehatsec.com/aviator

Google-Chrome WhiteHat-Aviator Security Browser-Wars

shared by Gary Edwards on 22 Oct 13 - No Cached
  • Gary Edwards on 22 Oct 13
     
    "FREQUENTLY ASKED QUESTIONS What is WhiteHat Aviator? WhiteHat Aviator; is the most secure , most private Web browser available anywhere. By default, it provides an easy way to bank, shop, and use social networks while stopping viruses from infecting computers, preventing accounts from being hacked, and blocking advertisers from invisibly spying on every click. Why do I need a secure Web browser? According to CA Technologies, 84 percent of hacker attacks in 2009 took advantage of vulnerabilities in Web browsers. Similarly, Symantec found that four of the top five vulnerabilities being exploited were client-side vulnerabilities that were frequently targeted by Web-based attacks. The fact is, that when you visit any website you run the risk of having your surfing history, passwords, real name, workplace, home address, phone number, email, gender, political affiliation, sexual preferences, income bracket, education level, and medical history stolen - and your computer infected with viruses. Sadly, this happens on millions of websites every day. Before you have any chance at protecting yourself, other browsers force you to follow complicated how-to guides, modify settings that only serve advertising empires and install obscure third-party software. What makes WhiteHat Aviator so secure? WhiteHat Aviator; is built on Chromium, the same open-source foundation used by Google Chrome. Chromium has several unique, powerful security features. One is a "sandbox" that prevents websites from stealing files off your computer or infecting it with viruses. As good as Chromium is, we went much further to create the safest online experience possible. WhiteHat Aviator comes ready-to-go with hardened security and privacy settings, giving hackers less to work with. And our browser downloads to you - without any hidden user-tracking functionality. Our default search engine is DuckDuckGo - not Google, which logs your activity. For good measure, Aviator integrates Disconnect
Paul Merrell

NSA's use of software flaws to hack foreign targets posed risks to cybersecurity - The ... - 0 views

www.washingtonpost.com/...6-96c0-37533479f3f5_story.html

surveillance state NSA cybersecurity exploits vulnerabilities firewalls

shared by Paul Merrell on 19 Aug 16 - No Cached
  • To penetrate the computers of foreign targets, the National Security Agency relies on software flaws that have gone undetected in the pipes of the Internet. For years, security experts have pressed the agency to disclose these bugs so they can be fixed, but the agency hackers have often been reluctant. Now with the mysterious release of a cache of NSA hacking tools over the weekend, the agency has lost an offensive advantage, experts say, and potentially placed at risk the security of countless large companies and government agencies worldwide. Several of the tools exploited flaws in commercial firewalls that remain unpatched, and they are out on the Internet for all to see. Anyone from a basement hacker to a sophisticated foreign spy agency has access to them now, and until the flaws are fixed, many computer systems may be in jeopardy. The revelation of the NSA cache, which dates to 2013 and has not been confirmed by the agency, also highlights the administration’s little-known process for figuring out which software errors to disclose and which to keep secret.
Gary Edwards

Cloudstack: A framework for building peer to web applications - 0 views

www.cloudstack.com

cloudstack P2Web P2P Jabber

shared by Gary Edwards on 24 Mar 11 - Cached
  • Gary Edwards on 24 Mar 11
     
    n it needs to be. CloudStack let's you to build applications that blur the boundaries between the desktop and the web by combining the best of both worlds - the ubiquity of the web with the richness of the desktop. In a nutshell, CloudStack turns any desktop into a web addressable server and can even work behind NATs and Firewalls. You can use CloudStack to build applications that expose any type of content on a desktop - from raw files and folders to application data like contacts and calendars, that can then be accessed from any standard web browser.
Paul Merrell

Inside Google Desktop: Google Desktop Update - 0 views

googledesktop.blogspot.com/...google-desktop-update.html

Google Google Desktop search desktop search

shared by Paul Merrell on 10 Oct 11 - No Cached
  • In 2004, Google launched Google Desktop, a program designed to make it easy for users to search their own PCs for emails, files, music, photos, Web pages and more. Desktop has been used by tens of millions of people and we’ve been humbled by its usage and great user feedback. However, over the past seven years we’ve also witnessed some big changes in how users store and access their own data, with many moving to web-based applications. There has been a significant shift from local to cloud-based storage and computing, as well as integration of Google Desktop functionality (like local search) into most modern operating systems. This is a positive development for users and we’re excited that most people now have instant access to their personal information. As such, we’ll be discontinuing support for Google Desktop, including all of the associated APIs, services, plugins and gadgets. As of September 14, Google Desktop will no longer be available for download, and existing installations will not be updated to include new features or fixes.
  • n 2004, Google launched Google Desktop, a program designed to make it easy for users to search their own PCs
  • Paul Merrell on 10 Oct 11
     
    Google throws in the towel on desktop search, just as Microsoft somehow reached into my WinXP Pro (which never runs with automatic updates turned on) and killed the file search functionality, replaced by a message that file search is no longer supported in Explorer 6, with an invitation to upgrade MSIE or use Bing. As though I would ever let MSIE outside my firewall! 
Gary Edwards

Zoho Office For Microsoft SharePoint, Online Collaboration, Online Word Processor, Onli... - 0 views

www.zoho.com/sharepoint

zoho-sharepoint on-line-editing office20 collaboration

shared by Gary Edwards on 23 Jun 09 - Cached
  • Gary Edwards on 23 Jun 09
     
    Collaborate and Edit documents with Zoho, Store and Manage in Microsoft® SharePoint®. Zoho is onto something here. The video is well worth the watching. Anthony Ha of Venture Beat ahd this to say: "As online office software tries to move into big corporations, it's starting to work more closely with entrenched solutions - which often means technology built by Microsoft. In the latest example, Zoho just announced plans to offer its collaboration services as an add-on for SharePoint, Microsoft's server and software for collaboration and document management." "Basically, that means you can use Zoho Office as the interface for collaborative editing of documents, while the documents themselves sit safely on the SharePoint server, behind the corporate firewall. The add-on brings a more web-like interface to SharePoint; rather than having to check documents in and out as they work on them, multiple users can jump into a document and edit it at once, and also send instant messages back-and-forth within their application using Zoho Chat." "This is a smart way to get Zoho into companies that wouldn't consider making the full jump into online office applications, but want to experiment with these kinds of tools without sacrificing security or throwing away existing hardware. The financial investment is small, too - a 30-day trial period, followed by $2 per user per month if companies pay for a year, or $3 per user per month if companies pay by month."
Gary Edwards

Tomorrow's World | Oliver Marks comments on Google Wave - 0 views

blogs.zdnet.com/collaboration

gWave google-wave bing wave oliver-marks

shared by Gary Edwards on 01 Jun 09 - Cached
  • Gary Edwards on 01 Jun 09
     
    Oliver has a short post concerning Google Wave and the new world the Wave will have wrought. Once section in particular caught my eye:
    Two behemoths going after each others markets
    ..."Google apps, while a very popular tool for students, has never caught on in the enterprise due to security concerns, with a few exceptions - Microsoft Office is the default in cubicle land. Google search meanwhile is currently the global market leader, and is a popular enterprise solution in the form of internal appliances behind the firewall, while Microsoft's search and associated electronically stored information taxonomy and tagging has been famously weak."
    "While these two giants slug it out for the others coveted market the playing field may well change significantly as the third big internet revolution unfolds. We've gone from Web 1.0, the read only static html website world to Web 2.0, the read-write, 'user generated content' web. The explosion in interconnectedness is at the expense of information fragmentation: the third web generation (Web 3.0?) is all about the meaning and context of data and information.
    "Behaviorally suggested content; the personalized experience of a web that seems to know you and anticipates what you want is just around the corner...."
emileybrown89

Kaspersky Technical Support Number for software update and product activation - 0 views

gph.is/2yW6cOS

support Kaspersky Technical Customer service Online Tech

shared by emileybrown89 on 19 Dec 17 - No Cached
  • emileybrown89 on 19 Dec 17
     
    To protect your network connection, enable firewall component of Kaspersky antivirus which help you to monitor all network connection in accordance with the component setting.
Paul Merrell

M of A - Assad Says The "Boy In The Ambulance" Is Fake - This Proves It - 0 views

www.moonofalabama.org/...lance-is-fake-we-show-why.html

surveillance state CloudFlare censorship

shared by Paul Merrell on 25 Oct 16 - No Cached
  • Re: Major net hack - its not necessarily off topic. .gov is herding web sites into it's own little DNS animal farms so it can properly protect the public from that dangerous 'information' stuff in time of emergency. CloudFlare is the biggest abattoir... er, animal farm. CloudFlare is kind of like a protection racket. If you pay their outrageous fees, you will be 'protected' from DDoS attacks. Since CloudFlare is the preferred covert .gov tool of censorship and content control (when things go south), they are trying to drive as many sites as possible into their digital panopticons. Who the hell is Cloudflare? ISUCKER: BIG BROTHER INTERNET CULTURE On top of that, CloudFlare’s CEO Matthew Prince made a weird, glib admission that he decided to start the company only after the Department of Homeland Security gave him a call in 2007 and suggested he take the technology behind Project Honey Pot one step further… And that makes CloudFlare a whole different story: People who sign up for the service are allowing CloudFlare to monitor, observe and scrutinize all of their site’s traffic, which makes it much easier for intel or law enforcement agencies to collect info on websites and without having to hack or request the logs from each hosting company separately. But there’s more. Because CloudFlare doesn’t just passively monitor internet traffic but works like a dynamic firewall to selectively block traffic from sources it deems to be “hostile,” website operators are giving it a whole lotta power over who gets to see their content. The whole point of CloudFlare is to restrict access to websites from specific locations/IP addresses on the fly, without notifying or bothering the website owner with the details. It’s all boils down to a question of trust, as in: do you trust a shady company with known intel/law enforcement connections to make that decision?
  • And here is an added bonus for the paranoid: Because CloudFlare partially caches websites and delivers them to web surfers via its own servers, the company also has the power to serve up redacted versions of the content to specific users. CloudFlare is perfect: it can implement censorship on the fly, without anyone getting wise to it! Right now CloudFlare says it monitors nearly 1/5 of all Internet visits. [<-- this] An astounding claim for a company most people haven’t even heard of. And techie bloggers seem very excited about getting as much Internet traffic routed through them as possible! See? Plausable deniability. A couple of degrees of separation. Yet when the Borg Queen wants to start WWIII next year, she can order the DHS Stazi to order outfits like CloudFlare to do the proper 'shaping' of internet traffic to filter out unwanted information. How far is any expose of propaganda like Dusty Boy going to happen if nobody can get to sites like MoA? You'll be able to get to all kinds of tweets and NGO sites crying about Dusty Boy 2.0, but you won't see a tweet or a web site calling them out on their lies. Will you even know they interviewed Assad? Will you know the activist 'photographer' is a paid NGO shill or that he's pals with al Zenki? Nope, not if .gov can help it.
Paul Merrell

Popular Security Software Came Under Relentless NSA and GCHQ Attacks - The Intercept - 0 views

firstlook.org/...nsa-gchq-targeted-kaspersky

surveillance state NSA GCHQ anti-virus-software

shared by Paul Merrell on 23 Jun 15 - No Cached
  • The National Security Agency and its British counterpart, Government Communications Headquarters, have worked to subvert anti-virus and other security software in order to track users and infiltrate networks, according to documents from NSA whistleblower Edward Snowden. The spy agencies have reverse engineered software products, sometimes under questionable legal authority, and monitored web and email traffic in order to discreetly thwart anti-virus software and obtain intelligence from companies about security software and users of such software. One security software maker repeatedly singled out in the documents is Moscow-based Kaspersky Lab, which has a holding registered in the U.K., claims more than 270,000 corporate clients, and says it protects more than 400 million people with its products. British spies aimed to thwart Kaspersky software in part through a technique known as software reverse engineering, or SRE, according to a top-secret warrant renewal request. The NSA has also studied Kaspersky Lab’s software for weaknesses, obtaining sensitive customer information by monitoring communications between the software and Kaspersky servers, according to a draft top-secret report. The U.S. spy agency also appears to have examined emails inbound to security software companies flagging new viruses and vulnerabilities.
  • The efforts to compromise security software were of particular importance because such software is relied upon to defend against an array of digital threats and is typically more trusted by the operating system than other applications, running with elevated privileges that allow more vectors for surveillance and attack. Spy agencies seem to be engaged in a digital game of cat and mouse with anti-virus software companies; the U.S. and U.K. have aggressively probed for weaknesses in software deployed by the companies, which have themselves exposed sophisticated state-sponsored malware.
  • The requested warrant, provided under Section 5 of the U.K.’s 1994 Intelligence Services Act, must be renewed by a government minister every six months. The document published today is a renewal request for a warrant valid from July 7, 2008 until January 7, 2009. The request seeks authorization for GCHQ activities that “involve modifying commercially available software to enable interception, decryption and other related tasks, or ‘reverse engineering’ software.”
  • ...9 more annotations...
  • The NSA, like GCHQ, has studied Kaspersky Lab’s software for weaknesses. In 2008, an NSA research team discovered that Kaspersky software was transmitting sensitive user information back to the company’s servers, which could easily be intercepted and employed to track users, according to a draft of a top-secret report. The information was embedded in “User-Agent” strings included in the headers of Hypertext Transfer Protocol, or HTTP, requests. Such headers are typically sent at the beginning of a web request to identify the type of software and computer issuing the request.
  • According to the draft report, NSA researchers found that the strings could be used to uniquely identify the computing devices belonging to Kaspersky customers. They determined that “Kaspersky User-Agent strings contain encoded versions of the Kaspersky serial numbers and that part of the User-Agent string can be used as a machine identifier.” They also noted that the “User-Agent” strings may contain “information about services contracted for or configurations.” Such data could be used to passively track a computer to determine if a target is running Kaspersky software and thus potentially susceptible to a particular attack without risking detection.
  • Another way the NSA targets foreign anti-virus companies appears to be to monitor their email traffic for reports of new vulnerabilities and malware. A 2010 presentation on “Project CAMBERDADA” shows the content of an email flagging a malware file, which was sent to various anti-virus companies by François Picard of the Montréal-based consulting and web hosting company NewRoma. The presentation of the email suggests that the NSA is reading such messages to discover new flaws in anti-virus software. Picard, contacted by The Intercept, was unaware his email had fallen into the hands of the NSA. He said that he regularly sends out notification of new viruses and malware to anti-virus companies, and that he likely sent the email in question to at least two dozen such outfits. He also said he never sends such notifications to government agencies. “It is strange the NSA would show an email like mine in a presentation,” he added.
  • As government spies have sought to evade anti-virus software, the anti-virus firms themselves have exposed malware created by government spies. Among them, Kaspersky appears to be the sharpest thorn in the side of government hackers. In the past few years, the company has proven to be a prolific hunter of state-sponsored malware, playing a role in the discovery and/or analysis of various pieces of malware reportedly linked to government hackers, including the superviruses Flame, which Kaspersky flagged in 2012; Gauss, also detected in 2012; Stuxnet, discovered by another company in 2010; and Regin, revealed by Symantec. In February, the Russian firm announced its biggest find yet: the “Equation Group,” an organization that has deployed espionage tools widely believed to have been created by the NSA and hidden on hard drives from leading brands, according to Kaspersky. In a report, the company called it “the most advanced threat actor we have seen” and “probably one of the most sophisticated cyber attack groups in the world.”
  • The Project CAMBERDADA presentation lists 23 additional AV companies from all over the world under “More Targets!” Those companies include Check Point software, a pioneering maker of corporate firewalls based Israel, whose government is a U.S. ally. Notably omitted are the American anti-virus brands McAfee and Symantec and the British company Sophos.
  • The NSA presentation goes on to state that its signals intelligence yields about 10 new “potentially malicious files per day for malware triage.” This is a tiny fraction of the hostile software that is processed. Kaspersky says it detects 325,000 new malicious files every day, and an internal GCHQ document indicates that its own system “collect[s] around 100,000,000 malware events per day.” After obtaining the files, the NSA analysts “[c]heck Kaspersky AV to see if they continue to let any of these virus files through their Anti-Virus product.” The NSA’s Tailored Access Operations unit “can repurpose the malware,” presumably before the anti-virus software has been updated to defend against the threat.
  • Hacks deployed by the Equation Group operated undetected for as long as 14 to 19 years, burrowing into the hard drive firmware of sensitive computer systems around the world, according to Kaspersky. Governments, militaries, technology companies, nuclear research centers, media outlets and financial institutions in 30 countries were among those reportedly infected. Kaspersky estimates that the Equation Group could have implants in tens of thousands of computers, but documents published last year by The Intercept suggest the NSA was scaling up their implant capabilities to potentially infect millions of computers with malware. Kaspersky’s adversarial relationship with Western intelligence services is sometimes framed in more sinister terms; the firm has been accused of working too closely with the Russian intelligence service FSB. That accusation is partly due to the company’s apparent success in uncovering NSA malware, and partly due to the fact that its founder, Eugene Kaspersky, was educated by a KGB-backed school in the 1980s before working for the Russian military.
  • Kaspersky has repeatedly denied the insinuations and accusations. In a recent blog post, responding to a Bloomberg article, he complained that his company was being subjected to “sensationalist … conspiracy theories,” sarcastically noting that “for some reason they forgot our reports” on an array of malware that trace back to Russian developers. He continued, “It’s very hard for a company with Russian roots to become successful in the U.S., European and other markets. Nobody trusts us — by default.”
  • Documents published with this article: Kaspersky User-Agent Strings — NSA Project CAMBERDADA — NSA NDIST — GCHQ’s Developing Cyber Defence Mission GCHQ Application for Renewal of Warrant GPW/1160 Software Reverse Engineering — GCHQ Reverse Engineering — GCHQ Wiki Malware Analysis & Reverse Engineering — ACNO Skill Levels — GCHQ
Paul Merrell

The Cover Pages: Alfresco Enterprise Edition v3.3 for Composite Content Applications - 0 views

xml.coverpages.org/AlfrescoV33-CMIS.html

Alfresco CMIS cloud computing integration interoperability Lotus Outlook Google Docs Drupal

shared by Paul Merrell on 28 May 10 - Cached
  • While CMIS, cloud computing and market commoditization have left some vendors struggling to determine the future of enterprise content management (ECM), Alfresco Software today unveiled Alfresco Enterprise Edition 3.3 as the platform for composite content applications that will redefine the way organizations approach ECM. As the first commercially-supported CMIS implementation offering integrations around IBM/Lotus social software, Microsoft Outlook, Google Docs and Drupal, Alfresco Enterprise 3.3 becomes the first content services platform to deliver the features, flexibility and affordability required across the enterprise.
  • Quick and simple development environment to support new business applications Flexible deployment options enabling content applications to be deployed on-premise, in the cloud or on the Web Interoperability between business applications through open source and open standards The ability to link data, content, business process and context
  • Build future-proof content applications through CMIS — With the first and most complete supported implementation of the CMIS standard, Alfresco now enables companies to build new content-based applications while offering the security of the most open, flexible and future-proof content services platform. Repurpose content for multiple delivery channels — Advanced content formatting and transformation services allow organizations to easily repurpose content for delivery through multiple channels (web, smart phone, iPad, print, etc). Improve project management with content collaboration — New datalist function can be used to track project related issues, to-dos, actions and tasks, supplementing existing commenting, social tagging, discussions and project sites. Deploy content through replication services — Companies can replicate and deploy content, and associated information, between content platforms. Using powerful replication services, users can develop and then deploy content outside the firewall, to web servers and into the cloud. Develop new frameworks through Spring Surf — Building on SpringSource, the leader in Java application infrastructure used to create java applications, Spring Surf provides a scriptable framework for developing new content rich applications.
Paul Merrell

"Windows Management Framework" is here for Windows XP, Vista, Server 2003, 2008 - Remot... - 0 views

coolthingoftheday.blogspot.com/...agement-framework-is-here.html

Microsoft WMF WinRM 2 BITS 4

shared by Paul Merrell on 30 Oct 09 - Cached
  • Windows Management Framework, which includes Windows PowerShell 2.0, WinRM 2.0, and BITS 4.0, was officially released to the world this morning.
  • “Windows Management Framework, which includes Windows PowerShell 2.0, WinRM 2.0, and BITS 4.0, was officially released to the world this morning. By providing a consistent management interface across the various flavors of Windows, we are making our platform that much more attractive to deploy. IT Professionals can now easily manage their Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 machines through PowerShell remoting
  • WinRM is the Microsoft implementation of WS-Management Protocol, a standard Simple Object Access Protocol (SOAP)–based, firewall-friendly protocol that allows for hardware and operating systems from different vendors to interoperate. The WS-Management Protocol specification provides a common way for systems to access and exchange management information across an IT infrastructure.
  • ...1 more annotation...
  • BITS is a service that transfers files between a client and a server. BITS provides a simple way to reliably and politely transfer files over HTTP or HTTPS. File downloads and file uploads are supported. By default, BITS transfers files in the background, unlike other protocols that transfer files in the foreground. Background transfers use only idle network bandwidth in order to preserve the user’s interactive experience with other network applications, such as Internet Explorer. Foreground or typical transfers are also supported.
Paul Merrell

The Digital Hunt for Duqu, a Dangerous and Cunning U.S.-Israeli Spy Virus - The Intercept - 0 views

firstlook.org/...stuxnet

surveillance state cyberwar Stuxnet

shared by Paul Merrell on 14 Nov 14 - No Cached
  • “Is this related to what we talked about before?” Bencsáth said, referring to a previous discussion they’d had about testing new services the company planned to offer customers. “No, something else,” Bartos said. “Can you come now? It’s important. But don’t tell anyone where you’re going.” Bencsáth wolfed down the rest of his lunch and told his colleagues in the lab that he had a “red alert” and had to go. “Don’t ask,” he said as he ran out the door. A while later, he was at Bartos’ office, where a triage team had been assembled to address the problem they wanted to discuss. “We think we’ve been hacked,” Bartos said.
  • They found a suspicious file on a developer’s machine that had been created late at night when no one was working. The file was encrypted and compressed so they had no idea what was inside, but they suspected it was data the attackers had copied from the machine and planned to retrieve later. A search of the company’s network found a few more machines that had been infected as well. The triage team felt confident they had contained the attack but wanted Bencsáth’s help determining how the intruders had broken in and what they were after. The company had all the right protections in place—firewalls, antivirus, intrusion-detection and -prevention systems—and still the attackers got in.
  • Bencsáth was a teacher, not a malware hunter, and had never done such forensic work before. At the CrySyS Lab, where he was one of four advisers working with a handful of grad students, he did academic research for the European Union and occasional hands-on consulting work for other clients, but the latter was mostly run-of-the-mill cleanup work—mopping up and restoring systems after random virus infections. He’d never investigated a targeted hack before, let alone one that was still live, and was thrilled to have the chance. The only catch was, he couldn’t tell anyone what he was doing. Bartos’ company depended on the trust of customers, and if word got out that the company had been hacked, they could lose clients. The triage team had taken mirror images of the infected hard drives, so they and Bencsáth spent the rest of the afternoon poring over the copies in search of anything suspicious. By the end of the day, they’d found what they were looking for—an “infostealer” string of code that was designed to record passwords and other keystrokes on infected machines, as well as steal documents and take screenshots. It also catalogued any devices or systems that were connected to the machines so the attackers could build a blueprint of the company’s network architecture. The malware didn’t immediately siphon the stolen data from infected machines but instead stored it in a temporary file, like the one the triage team had found. The file grew fatter each time the infostealer sucked up data, until at some point the attackers would reach out to the machine to retrieve it from a server in India that served as a command-and-control node for the malware.
  • ...1 more annotation...
  • Bencsáth took the mirror images and the company’s system logs with him, after they had been scrubbed of any sensitive customer data, and over the next few days scoured them for more malicious files, all the while being coy to his colleagues back at the lab about what he was doing. The triage team worked in parallel, and after several more days they had uncovered three additional suspicious files. When Bencsáth examined one of them—a kernel-mode driver, a program that helps the computer communicate with devices such as printers—his heart quickened. It was signed with a valid digital certificate from a company in Taiwan (digital certificates are documents ensuring that a piece of software is legitimate). Wait a minute, he thought. Stuxnet—the cyberweapon that was unleashed on Iran’s uranium-enrichment program—also used a driver that was signed with a certificate from a company in Taiwan. That one came from RealTek Semiconductor, but this certificate belonged to a different company, C-Media Electronics. The driver had been signed with the certificate in August 2009, around the same time Stuxnet had been unleashed on machines in Iran.
1 - 12 of 12
Showing 20 items per page