Modern Internet Identity Theft by Andrew Patrick

A recent report
from Don Jackson at SecureWorks (dated March 20 2007) examines a new
Trojan and provides some alarming insights on Internet Identity Theft.
It is worth reviewing this case carefully to understand how
sophisticated modern identity theft schemes have become, and how
difficult it can be to investigate and prevent them.What makes this
Trojan interesting is that it:

  • is installed automatically simply by visiting an infected web site
  • is invisible to the user
  • is often missed by anti-virus software
  • is able to steal identity information even if it is encrypted using https
  • efficiently collects large amounts of information and sends it to a “mother ship”
  • provides an interface for fraudsters to easily purchase the stolen data
  • is been used to collect thousands of login credentials at major banks and government agencies
  • has not been shut down
  • is only one of many such programs that are now offered as kits

source: http://www.andrewpatrick.ca/essays/modern-internet-identity-theft/

his source: http://www.secureworks.com/research/threats/gozi/?threat=gozi

Anita’s just passed her boards

Anita has been going to school for her whole life. She’s 28, and she’s gone to school k-12, and then college for 9 years after that. She got her PharmD from OSU and became a Dr. of Pharmacy… but all of that is for naught without passing a national board and a state law board.

Well – she’s passed both on her first attempt and is now, a bonafide (licensed) Pharmacist.

One of those weights you didn’t know you were carrying was lifted from her shoulders when we found out.

She’s working at Target part time and we are all very proud of her and happy for her. Yay Anita.

A Great post on a friend’s blog

US Contractors in Iraq’s motto: “What happens here today stays here today.”

The Most Privatized War in US History.

Blackwater USA: The US State Department pumps $700 million worth of security contracts into the soldier-for-hire company of a major Republican funder. Meanwhile, Paul Bremer signs Order 17 granting immunity to private contractors in Iraq, “effectively barring the Iraqi government from prosecuting contractor crimes in domestic courts.” Havoc ensues.

Jeremy Scahill’s “Making a Killing” in the Oct. 15th, 2007 issue of The Nation investigates the unprovoked massacre that erupted on Sept. 16th, 2007, where Blackwater agents fired indiscriminately into a crowd of unarmed Iraqis, killing as many as 28, including several children. Among those that survived the attack is Iraqi lawyer, Hassan Jabar Salman, who describes how he was shot four times – in the back – as he was running away in terror.

Scahill reports that Iraqi officials claim that there have been at least 6 other deadly incidents involving the company in the last year before the story broke alone. And while Iraq’s Interior Ministry announced that it was treating these as criminal offenses and expelling Blackwater from the country, Order 17 has them hogtied.

In a similar piece by Scahill called “Blackwatergate,” which appears in the Oct. 22nd, 2007 issue, he writes that the State Department has lately pushed for the company to pay restitution to the families of its victims. However, this, he writes, amounts to “hush money” and should not free the company or its employees from criminal prosecution. Often, he writes, employees involved in these incidents are merely whisked out of the country and no further action is taken.

Source: http://jasonericson.blogspot.com/2008/08/us-contractors-in-iraqs-motto-what.html

Gmail users should go SSL

Why You Should Turn Gmail’s SSL Feature On Now

Let’s talk security and why you should take advantage of Gmail’s recent SSL feature, and why you might want to be careful using other non-SSL webmail services.

But first, make sure your connection is secured using SSL.

How do you know a connection is secured by SSL? The handy “s” after “http” will tell you. For example, https://mail.google.com is encrypted while http://mail.google.com is not. You can force an encryption by adding the “s” yourself, or by turning on “Always use https” from the Browser Connection settings of your Gmail account.

It’s not just your email – changing your password gives access to your google docs, analytics, notes, etc… I’ve been forcing https with a firefox plugin for a while – but much better as a gmail setting, since it travels to other computers with me.

Poppy: babbling, teething, and growing

Poppy is growing up way too quickly. Anita cried a couple nights ago
watching her sleep, and I can certainly understand… She hasn’t
technically doubled in size, but she seems like she is at least twice
as big as she was at birth and many hundred fold more
capable/developed/skilled/aware.

She’s babbling a lot, starting this weekend and she has a second tooth just under the surface ready to come out.

Crawling is considered a given, and in fact any time her mobility is restricted for too long (60-120 seconds?) she’ll let you know exactly what she thinks about it. Pops can pull herself up from sitting to standing if there’s something stable around… she is even moving herself around into positions where that is possible. She has only gotten herself to sitting a few times.

We have decided to defend Nova (our dog) whenever she’s on her dog-bed. The rest of the time, Poppy crawls over to Nova and tries to touch/grab her… and Nova gets up and moves away. We’ve treat the dog-bed as “base” and try to keep Poppy from getting to her there. That’s the extent of their interactions for the most part, but judging as so, they are getting along quite well.

Poppy is showing the earmarks of being a handful. Still one of the happiest and easiest babies to deal with, she has no fear at all. The roomba started up next to her, the first time she’s ever seen it… and instead of being scared like a normal baby – she chased after it. She bit her momma while nursing (one very sharp tooth) and Anita yelled at her “NO!”. Again most babies would cry or backup or something… Poppy laughed, “what game is this?” She’s taken a few falls and spills and caught a face full of water a few times… all with almost no crying or scare (at least no more than a few seconds of crying, when she’s actually hurt herself). It’s great… but we fear she may have no fear, a trait which helped her pappa get several broken bones while growing up.

No photos uploaded… We’ve taken them… but havn’t uploaded recently.. I will sometime.

A great article on Jan Arnow’s work in Rwanda

Rwandans look to Louisville for interfaith model

The Rwandans invited the center’s executive director, Jan Arnow, to visit their country, where in May, she conducted workshops and discussions with a group that included various faiths, from Muslims to Catholics to Quakers to Pentecostals.

During that visit, she said, group members told her, “We want to do what your organization does” — leading to establishment of the center’s first branch outside Kentucky.

“They recognized that what they needed to do was create an interfaith organization under the umbrella of which they could do this work,” Arnow said, adding the Rwandan group will be run entirely by people in that nation but is using the Louisville branch as a model.

photo

Courtesy of Jan Arnow Workshop participants in Rwanda worked on a team-building exercise intended to help teach them conflict resolution.

You can also check out Jan’s Rwanda Diary (blog)

Penelope Lou is movin and shaking (anything she can grasp)

Poppy is a feirce 6 months now. She is sitting and crawling and talking a lot (though still mostly in vowels only).

What’s funny is to see her grab ahold of something (anything) and shake it.

“What does this do? How about if I beat it against the floor for 5 minutes? hmmm… What about after another 5 minutes?”

She is so much fun to watch and interact with… all she’s doing is sitting or crawling and violently shaking/beating/eating whatever is in her little hands… but that’s more than enough to keep us watching.

Guess those genetic directives seem to be working fine for Anita and I.