Quick Story Wittily Mocks Windows 7

Rico Mossesgeld — Mon, 23 Nov 2009 14:00:42 +0000

Seems Microsoft will never mollify its critics. Or at least the author of “The Hidden Shadow”. The brief 600-word narrative details a reporter getting skittish over government surveillance, and decides to encrypt his “major investigative piece” with TrueCrypt.

After deleting and repeatedly overwriting his unencrypted copies, the reporter finds himself served with a search warrant, and agents stream into the reporter’s home. One of the government lackeys uses Windows 7’s ability to save previous versions of folders to render the precaution useless:

He located the Documents folder, opened its Properties window, and clicked on the “Previous Versions” tab. Just as he thought, there were five previous versions of the folder – daily “shadow copies” made by the operating system as part of the System Restore mechanism. As these snapshots were prepared silently in the background and stored on a hidden disk volume, few users were aware of them. Agent Trallis was smiling. The good guys from Redmond were going to make his job easy again.

C’mon now Mr. author! I doubt anyone using TrueCrypt would remain unaware of Windows 7’s ability to save old copies of data—a feature that can be disabled by the way. Maybe the reporter in “The Hidden Shadow” was guilty of overconfidence in his counter-intelligence abilities, a narrow-mindedness that’s similar to the outlook of those who think anything Microsoft is necessarily bad.

In any case, this is a great heads-up for anyone using Windows, and with secrets to keep. Make sure to disable those Previous Versions!

Post from: The Gadget Blog

Apparent Gmail Vulnerability Should Make You Check Your Filters!

Rico Mossesgeld — Sun, 23 Nov 2008 18:00:42 +0000

I’ve been using Gmail for over two years now, for a wide variety of reasons (like conversations and inbox archiving for instance). Apparently, so do a lot of domain owners, who woke up one day to find that their online properties were stolen.

Here’s a summary: a hacker manages to gain access to a Gmail account, just enough to modify its Filters. The end result is that any emails sent by the domain registrar—including ones sent due to a “Forgot my Password” request—are forwarded to the hacker. This allows said hacker to grab control of the domain, and demand money for its return.

Thanks to online WhoIS services, which reveal the owner of a website and their email, pulling it off seems relatively easy. I’m honestly not sure if Gmail really suffers from a security flaw, but you can check out the complete details here—and check your Gmail filters just to be safe. It takes only a few seconds after all.

Post from: The Gadget Blog

The Gadget Blog » security

Quick Story Wittily Mocks Windows 7

Apparent Gmail Vulnerability Should Make You Check Your Filters!