The Oasis for
Rational Conservatives

Learn more about Dr. Jack Wheeler and To The Point
The Amazon’s Pantanal
CLICK FOR DETAILS
Serengeti Birthing Safari
CLICK FOR DETAILS
Wheeler Expeditions
 
CLICK FOR DETAILS
Member Discussions
CLICK TO JOIN IN
Article Categories
Article Archives
L i k e U s ! ! !

TTP Merchandise
Click to Purchase Now!

SECURITY VULNERABILITIES

Published April 10, 2009 | By Mark Gilligan
Download PDF

Please read the article below and take heed. There are dark clouds on the security horizon and they are blowing our way. This may seem short, however there is a lot of substance in these links. I encourage you to read this for your own security.

Everything I have previously written regarding security may be a moot point after this exploit:

Invisible Things

What has happened in a nutshell is that there is a hole in the Intel processor that may allow a crafty hacker to inject malicious code into your computer with an Intel chip. The exploit attacks a part of the processor utilizing System Management Mode, which just happen to be the most privileged operation mode on the processor.

This stealthy attack allows your computer to be compromised without you ever knowing about it. As of now there is no known protection against this exploit. If you want to read all the technical details of this vulnerability, they can be found below.

Attacking SMM Memory via Intel® CPU Cache Poisoning

Intel is addressing these issues mentioned in the above article, and it might seem prescient to some that AMD is not vulnerable to this potential attack. It is still unclear if Macintosh boxes with Intel chips are vulnerable to this, however we know it is even more trivial on Linux boxes with root access.

As a response to my inquiry, the authors of the above article and her colleague have not tested this vulnerability with Macintosh computers yet.

The best battle plan may be to fly under the radar and keep a low profile. Imagine the criminal minds will be drooling for this exploit?

That being said, there are still things that you should do to protect yourself in the meantime. The above exploit was just written about on March19 and by now has captured the attention of bad guys.  Chinese and Russian intelligence services are probably working on this as we speak.

Go here to download a free scan for root kits, malware etc.

PrevxCSI

There is a very good guide to take steps to prevent basic intrusion to your windows PC. In spite of the above information I would still encourage you to take these steps.

You can freely distribute this article below.  As always back up your critical files and registry or whole disk before deploying all these procedures.

How To Secure Windows and Your Privacy

One of my favorites is a free download utility called CCleaner. It is written for both 32bit and 64bit environments and can be found her.  It is free however they do ask for a donation for support, if you are so inclined.

CCleaner

Alternatives to Intel computers are:  older Macintosh PPC computers with IBM or other processors; Sun Microsystems computers with Sparc processors;  AMD powered processors for your Windows, Linux or BSD box.

As if this were not enough bad news there are other stealthy attacks as well. Such as the Persistent Bios Attack discovered by researchers in Argentina. The researcher states…

"It was very easy. We can put the code wherever we want," said Ortega. "We’re not using a vulnerability in any way. I’m not sure if you understand the impact of this. We can reinfect the BIOS every time it reboots."

The implications of the above are rather disconcerting to say the least. If you are online with a PC, then you are vulnerable. Also the method worked on a Windows machine, a PC running OpenBSD and another running VMware Player.

Notice that even the BSD box is not immune from this one.

This one even survives a format disk, your hard disk wiped clean. Nasty

You can read about this vulnerability here below

Persistent Bios Attack

Things to think about, not necessarily to keep you awake at night. Any critical data that is sensitive in nature should be kept off-line for your maximum protection.

Before you go running for the doors. Remember that these attacks and exploits may happen, but are not absolutely guaranteed.

Stay behind a good firewall and give no one access to your computer that you do not absolutely trust. Here are some security links for the PC side:

BitDefender Internet Security 2008 (http://www.bitdefender.com)

F-Secure Internet Security Suite (http://www.f-secure.com/home_user/)

PC Tools Internet Security 2009 ( http://www.pctools.com/internet-security)

Kaspersky Internet Security 2009 (http://www.viruslab.ca/eng/ )

McAfee Internet Security Suite with Site Advisor (http:// www.mcafee.com/ca-en/)

Trend Micro Internet Security 2008 (http://us.trendmicro.com/us/products/personal/internet-security-2008/ )

Microsoft Windows Live OneCare(http://onecare.live.com/standard/en-us/default.htm

CheckPoint Zone Alarm Internet Security Suite (http://www.zonealarm.com)

CA Internet Security Suite Plus 2008 (http://shop.ca.com/)

Symantec Norton Internet Security 2008 (http://www.symantec.com/en/ca/norton/internet-security)

Last but certainly not least on this week’s agenda is the intention of the government to control your Internet. Two bills introduced by Democrat (what else?) Senator Jay Rockefeller of West Virginia to basically control – he calls it" protect" – against cyber attacks.

The bills are Senate bill No. 773 and 778. It is called the Cybersecurity Act of 2009. You may read the draft of the bills here:

Cybersecurity Act of 2009

The implications of this are quite astounding. We are talking about private communications here, emails, web sites, logs of your local ISP and more.  The Feds want to control and have access to it all.

The news yesterday pointed to our electrical grid already being  hacked by the likes of China and Russia. As Jack has already written about in China’s Zero-Sum Game just published, China is our biggest security threat today.

If we have already been compromised and we are about to pass bills that will effectively rid privacy for us all, then Big Brother has truly arrived.

The train speeding down the tracks, is about to carry our freedoms away, and this train is arriving faster than any of us have imagined.

So, folks, the honest truth is that every time you subscribe to one of these "social network" services such as Facebook etc, you are making it easy for your privacy to evaporate. Beware, what you divulge, it will only be dissected by others eventually.

This is probably one of the reasons that anonymous access sites are popping up all over the globe. Some of these are attracting people who download copyright materials over the internet. Some are attracting more unsavory characters, yet some are attracting folks who just want their privacy protected.

One new site that just is in beta from Sweden will go on line soon. You can read about it here.

Intellectual Property Rights Enforcement Directive (IPRED)

Proxify

Cyberwars on Worldwide Web

For maximum protection keep private info off line, when possible. Its your info!  Protect it!  Protecting your information and privacy is a critical part of protecting our freedom.

Our American freedom is to be nourished and kept close to our hearts, for so many have paid the ultimate price to give us this. Let us not dishonor their sacrifice by neglecting to uphold the gift that has been passed down since the founding fathers: the American ability to live free.

Marco

 

SHARE TOTHEPOINT

Click to Share!
GIVE A GIFT SUBSCRIPTION

Purchase Here!
LIFE PRIORITY
CLICK FOR DETAILS
Contact ToThePoint
Contact Us Here!
Become a Member

Click Here!
Join To The Point on
facebook.jpg
Click Here Now!

twitter.png
 Click Here Now!
To The Point Videos
Click to Watch!
Dr. Jack’s Classics
Order Online Now!
Click to Buy the Book
Click for Kindle Format
Support Yasuhiko Healing
CLICK HERE
Dr. Joel Wade’s
Click Here to Buy the Book