Back to the Normal Routine

Posted on March 31, 2011 by Bill

VHi All! After a long journey, I’m officially back. Today marks the first day back at the old job, and I’m finally starting to settle into my normal routine again. It’s still hard to believe that it’s all over. It was one of the most exciting and enriching experiences that I had in my life.

I wanted to take the time to thank some people in this blog post. Perhaps some will see it, perhaps none will, but at least I’ll have done so.

LA – Thank you for being my rock. Your support helped get me through the 12 weeks and not go crazy. I’m not sure I would have had the courage to even go, let alone stick it out, had I not had such a wonderful person back home giving me tons of love and encouragement. You are amazing.

Mom – Thanks for everything, and especially watching the cat. I know he’s a pain in the neck, but I wouldn’t have done the internship if my buddy wasn’t well taken care of. Thanks for the love and support… I hope I’ve made you proud.

BL – Thanks for the random calls to check in on me. You’ve always been my best friend, and every time I saw you on the caller ID, it brightened my day a bit. Thanks man.

DG – Thanks for the IMs and the random chats, even if I didn’t always get to respond. They meant more than you know. I owe you a beer the next time I’m up.

Keebs – Thanks for checking in on me from time to time, all of you, and just asking how things were going and if I was having a good time, and for putting up with my awful internet. I’ve never met most of you face to face (probably for good reason) but you were as good a friend as any other. I love you guys.

All my Other Friends – Thanks everyone, for everything. It’s great to know that even when you’re 1,000 miles away from everyone you know and love, everyone you know and love is thinking of you too. It’s much easier to be strong when you’ve got a good group of friends to hold you up.

While I can’t talk about the specifics of what I did and learned while I was away on this blog, I can talk about my experiences in person. If you want to know more, give me a call, stop by, or whatever. I’m happy to share!

That’s all for now. Look for some real blog posts coming in the near future!

Posted in Uncategorized | Comments Off

On Groundhogs and Patches

Posted on February 2, 2011 by Bill

V Hi All! I had some time on my lunch break and a little time on breaks from class, so I decided to write my first post on security! With the emergence of Punxsutawney Phil, I was reminded of the movie “Groundhog Day”. You know, the one with Bill Murray stuck in an infinite loop of sheer madness, with some hard life lesson to learn before being released from his consistently failing cyclic redundancy check. (Sorry, had to make a bad pun there.)

That, in turn, got me to thinking about patches since yesterday was a patch/maintenance day in my favorite online time-waster. The process of patching (especially those annoying Windows updates) may make many feel as though managing patches for their computer has become their own little spot in Hell, where it seems as though every day they face the ugly fact that something – somewhere – needs to be updated. Some of you are probably reading this and thinking to yourself “Why?! What is the point?!” Well, for my first security related blog post, let’s explore this issue in a little more depth.

Let’s start with a definition of “patch.” At the most basic level, a patch is a piece of code that is designed to plug up a hole in another piece of code. This can be to fix a bug, sew up a vulnerability, or for various other reasons. A lot of software patches today are designed to protect you from exploits by hackers that leave gaping holes for backdoor access to your computer, however, some applications do a lot of bug patching – something you see a lot in the world of MMOs such as World of Warcraft. Regardless, it is safe to say that if you are getting a patch delivered to you via download, there is a problem with some software application that you have installed – one that either leaves you vulnerable to attack or has the risk of making your system unstable or your programs not behave appropriately.

So why are patches so frequent? Well, the best answer is that this Earth is populated with humans, and humans are both fallible and incredibly resourceful. On the side of the fallible, you have developers. While I would like to be able to write on this blog that all developers are the coding equivalent of Albert Einstein and Stephen Hawking’s lovechild, they really aren’t. We’re human and we make mistakes, and when we write a piece of code, we may not catch every possibility for exploitation. Those developers (and or code testers) who are more security minded may make a valiant attempt at processes such as software fuzzing or any other number of vulnerability testing efforts. However, the truth is that developers and testers are as varied as any other subsection of society. Some find security testing a fun game, others a chore that they avoid at all costs. So, because there may be any number of possibilities that they have not dreamed up, or due to sheer lack of interest in testing for exploits, developers are fallible and will miss opportunities to protect your system before the product ships.

Similarly, real hackers (I use the emphasis as so many today are really script-kiddies rather than true hackers) are resourceful. There is a lot of information available on the internet and with proper research, exploits can be found in almost any program out there. The number of possible avenues to exploit a given program are numerous, and as such, with some time an effort, almost anything can be achieved. The best example of this today is the Conficker Virus, which has infiltrated millions of computers worldwide, stumped researchers for a long time. Each step that was taken to defeat the virus was met with a mutation that made the virus that much more “deadly.” The estimated combined computing power of the Conficker Virus is now enough that had it ever be activated and used for a true attack, it could have taken an entire country off the grid. A good article with all of this information and more about this specific virus can be found here in the Conficker Working Group’s Lessons Learned report. However, as this article points out, while the virus has been beaten – it is not gone. This virus is just one good example of how the ingenuity of hackers will forever keep those working in security one step behind, guessing what the next move will be. The only hope lies in convincing end-users that they need to be proactive in the way they handle their own patching. This includes installing updates and restarting when needed, as well as safe net browsing and usage behaviors.

The biggest problem with beating the Conficker Virus was that even when researchers had a good way for defeating it, the laxity with which so many patch their computers left holes open for too long. By the time sufficient numbers of computers had managed to update and patch holes in their systems that would prevent the virus from communicating with its controller, the virus had already mutated to take advantage of a different exploitable flaw on the system. In fact, the virus originally appeared on the scene when it took advantage of security flaws from a November 2008 Microsoft patch which end-users had failed to install (factoid taken from the Lessons Learned report above). Had users worldwide been adequate in their maintenance of their own systems, Conficker may have been stopped (or at least slowed down) a lot sooner. In essence, end-users tend to be the Groundhogs delivering their own endless Winter.

So, what should you do to protect yourself? A quick glance over at the Wikipedia article gives a good starting point. Microsoft has traditionally (for as long as this author can remember) released all of their patches on the Second Tuesday of every month. This means two things. First, you can set your clock by the release of Microsoft’s patches. Second, hackers know the best time to exploit your computer – right after the patch comes out. As the Wikipedia article points out, the day after “Patch Tuesday” has come to be known as exploit Wednesday. Banking on the fact that users will be slow about updating their machines with the latest patches, virus writers are able to tailor their viruses to the exploits fixed by Microsoft’s patch. If you take two weeks to download and install the latest update, the virus writer then has 14 days to access your computer and prevent the patch from doing its job when you finally do install. If he misses that window, there’s always next month, when he or she is banking on you taking two weeks again. As you can see, patches (if not installed immediately upon release) ultimately become a weapon to be used against the end-user. That is why it is imperative that you check for patches frequently, and install and reboot your system as soon as they are available.

Lastly, keep in mind that Windows isn’t your only vulnerability! Mac users, this affects you too! Those Mac OSX updates, the annoying pop-ups from Adobe and Java – these are all patches and versions that you need to install. In order to best protect yourself, check all of your software for updates regularly.

The good news is, if this post has hit a nerve with you: all hope is not lost! With a little patience, a little time, and a heap of diligence, you can be the Groundhog of your own Early Spring!

Posted in Uncategorized | Comments Off

Update: Week 5 Begins

Posted on January 31, 2011 by Bill

V Hi All! I’m now officially through four weeks of the internship! Today marks the beginning of both the fifth week, and the first real training that I am doing related to my major. I’m pretty excited right now, as this is what I have been holding out for. The people whom I work with have set me up with all of the equipment that any other person training would have, and I am going to get to go through everything that the rest of the class does!

Other than that, there’s not much I can go into. That’s the one slightly frustrating thing, so far, is not being able to share all the things that I am learning and doing very openly. It’s all so exciting, and I want to tell the world – however, at the same time, I understand why I can’t.

I know I’ve been slow about doing an actual post related to the purpose of the blog. It’s still forthcoming, it’s just harder than I had anticipated with my Criminal Justice Class as well as the Internship right now.

Regardless, I will post more soon, even if it’s simple updates such as these!

Later for now!

Posted in Uncategorized | Comments Off

Update: 2 Weeks In

Posted on January 14, 2011 by Bill

V Hi All! It’s been a crazy first two weeks here at my internship. As I suspected going in, there really isn’t much I can talk about – it’s one of the fundamental rules of the internship. I wish I could tell each and every one of you about all the fun and exciting things I’ve been doing, but I know you all understand why I can’t. I just wanted to post now and give a little check in though, on the internship so far, and what things I can actually say.

First, the other interns are great. I was actually lucky enough to have another intern stationed in the same office as me at the internship, which is great, because I have a friend all day long. Everyone wants to be a group and do things together, which means that we actually have a bit of a support group, which is something wonderful when you’re over 1,000 miles from home.

That brings me to point two: home. I miss it greatly. It’s hard not to get a little emotional about it at times – I miss everything. I can’t wait to see it again. I can’t wait to curl up and watch a movie with my cat and my favorite girl. But at the same time – I’m really grateful to be away from it all. Not because I want to be away from anyone or anything, but rather that it is really turning into a growing experience for me. I am learning to be independent, to be on my own, to not have to lean on anything or anyone. I’M ONE THOUSAND PLUS MILES FROM HOME – and I’m still alive! It’s good to know that about myself, that I am a strong person, that I can be as strong as the situation requires.

Point three: The people I’m working with are amazing. I literally have heard more stories that would blow your mind in two weeks than a lot of people have heard in a lifetime. There are so many things to learn here, and I am SO unbelievably grateful to have gotten this opportunity. I learned today that over 200 people applied for this spot, 15 were interviewed, and 8 of us made it. That means that someone here thought I was worth taking a chance on – and I’m not going to let them down.

Point four: All in all, I’m doing well. I’m safe, I’m comfortable, and my living conditions are more like an extended stay hotel than a dorm room. I’m really living the life, and basically I couldn’t ask for more, except for maybe a better internet connection. Classes started this week at UCF, and it looks like my non-internship course will be really interesting, so even in my off time I have a lot to keep me busy.

Well, for now that’s going to be it. I’ll share more as I can and am able. I’m hoping to do a post this weekend on an internet security topic (three day weekend and all – I should be productive.) Watch for updates!

Posted in General | 2 Comments

Welcome to Verndari.net

Posted on December 29, 2010 by Bill

V Hi All! Thanks for stopping by. Welcome to Verndari.net, the Hunt for Security on the Web. Let me give you a little background about myself, and the blog you’re currently reading.

I am a current student at the University of Central Florida. Well, at being a figurative word – I’m presently living in Massachusetts, and will soon be embarking on a journey to do an internship. However, as a distance learning student I have now completed all but three of the classes I need to complete my Masters in Digital Forensics.

This blog was kind of the result of several things in my life. First (and most obvious) is my coursework. I am enjoying what I am learning right now far more than I have ever enjoyed learning material in my life. It is fascinating, and I wanted an outlet to be able to study it more – outside of the classroom and after I finish my degree. Secondly, consistently since I entered the field of Computer Science, friends, family, complete strangers (usually through one of the previous two) have asked me questions like: “How do I keep myself safe on the web?” “How do I know if my computer is infected?” “How is it that someone stole my credit card information?” I realized about five months ago, that despite the improving technological literacy in our society, there is still a huge need for education on safe web usage, and that I could do my part by writing this blog.

And so with that, the journey started. My vision for Verndari.net is to make it a resource that both Professionals and Amateurs alike can gain from, providing common sense advice about computer usage to those without intensive Computer Science backgrounds, as well as news and resources that are of interest to those working in the industry. I’ve been terribly busy since I first bought the domain name, and slow about getting it off the ground, but at last, the time has come. Verndari.net is alive!

The first posts in this blog are going to chronicle my internship. Due to the nature of the training I will be doing, I’m unsure how much I will actually be able to let you know about. I know the place I will be interning with is pretty protective of their privacy (for good reason!) So I will share what I can while respecting their wishes. Sprinkled in with those posts I will try to find some time to also draft some entries about the latest security news, tools and products that are of interest to Internet and Network Security, and anything else that might be of interest to both professionals or everyday computer users.

So, for now, thanks for stopping by! For those interested, you can also follow Verndari.net on your twitter: @VerndariDotNet.

Posted in General | 5 Comments