Information Protection and Security

A bit of basic computer security terminology that is relevant to my last post about strong passwords. Entropy is the amount of actual information in a chunk of data, such as your password. This concept is important because your password is less strong than you probably think it is and therefor easier to guess than you would probably like.

One of the various security-related email lists I'm on had a message about forced password expiration. This is a subject which I've been mildly interested in for a number of years and I continue to review research and articles on it as I come across them. I have of course formed my own opinion on this topic which I am going to share with you.

Conficker.C is now actively updating itself using its peer-to-peer mechanisms.

Next week I'll be reconfiguring the web site a little. Mainly to alter how SSL is used  due to concerns we are receiving from people about our use of the Rutgers private Certificate Authority rather than Verisign or Thawte. It looks bad for the security group to have a website that requires you to click through a dialog and permit a security exception!

We have completed another scan of Rutgers' address space looking for Conficker and found nothing. I'm hoping this means Rutgers will be minimally impacted, but I can't be certain the tool we are using (NMAP) is 100% effective. Additionally, lots of networks and hosts are protected by a firewall and disallow connections from the host we issue the scans with (such as all of RESNET). Nevertheless, it is a good sign that of the couple thousand hosts that we know were successully scanned not one has been identified as being infected.

Wednesday, April 1st is the day the Conficker worm is scheduled to activate. The first thing the worm will do is try to contact it's creators for new instructions, but what those instructions will be is anyone's guess. The worm itself does nothing sinister right now save for continuing to try to infect more systems but the authors have continued to change the code to try and stay ahead of efforts to squash this bug.

The Book of Jeremiah (the source of jeremiad¹) nailed it. 

I started using facebook with about a million others a few weeks ago. Social networking is the in thing it seems, but consider how much you really want anyone on the internet to know everything about you.

The W32.Virut.CF virus, cataloged as PE_VIRUX by Trend Micro, wreaked havoc last week.  Recovery requires registry edits, generally done on a machine by machine basis. 

North Idaho College spent the week of still recovering from a virus that took out email and voicemail starting around February 2.  For several days, campus updates were hand delivered to  buildings waiting for visits from recovery teams.