 |
 |
Last night Google started rolling out the change that enables the “Always use https” feature of Gmail by default. This is a great change to finally see because any little bit helps.
Source:
http://gmailblog.blogspot.com/2010/01/default-https-access-for-gmail.html
I wanted to offer my personal backup routine to all those that do not have something in place and not sure where or how to start. I tried many different methods over the years and so far I think this is the best one for me, my amount of data, and my local network configuration.
First off, make note that I have EFS enabled on my Windows machines to help protect the data while on the local disk. You can backup your data “securely” all you want but if somebody breaks into your home and steals your machines they will have full access to it all (password protected logins or not – trust me). So enabling EFS will at least protect the data from any attempts at bypassing your Windows login or simply slaving the drive to another machine.
I start out with an external USB drive which consists of nothing but a Truecrypt volume taking up the entire space. This works the same way as EFS – if somebody does steal this drive they will have no way of getting into your actual data. Once Truecrypt mounts this drive volume I use SyncToy to copy the selected files and/or folders over to the USB drive and keep this drive in sync. This is all done over USB so at this point the data has not hit the network yet. Now I want to make sure I have an off-site copy as well, so for this I use Jungle Disk to sync the USB drive up to my Amazon S3 account. Aside from the data being stored encrypted on the Amazon S3 drive, Jungle Disk itself encrypts the data locally before sending it out the SSL/TLS connection to Amazon S3. SyncToy and Jungle Disk are both on offset schedules and this process is completely automatic.
This gives me all the backups I need. I have one local copy on the LAN for fast recoveries if anything should happen, but I also have one off-site copy stored completely encrypted if something happens to all of my local hardware and I would need to pull down a copy and restore it (last resort – think LAN vs. WAN speeds).
The costs are pretty low compared to some other pre-packaged solutions out there:
All in all, it’s not a bad solution for only a few dollars per month. The data is encrypted at every stage where the risk of exposure is high.
As some of you know, I decided to go vegan for the month of December just to try it out and see what all the hype was. This morning was my final weigh-in for this vegan experiment and I must say the results were really impressive.
First off, those who know me know that I was born and raised a “meat and potatoes” kind of guy and maintained this throughout my entire 36 years. I kept my weight somewhat under control until I got into the IT field which required me sitting at a desk for 8 hours a day with little to no exercise. This has been increasingly catching up to me in the last few years and I could feel my clothes getting tighter and tighter. We bought a Bowflex and an Elliptical Trainer and I started working out as much as possible. Yes, I dropped a few pounds here and there but I knew my diet was holding me back from seeing the full results. I love food and this was going to be hard for me to change. My girlfriend took a nutrition class a couple of years ago so we decided to start changing a few smalls things in our diet (aka “baby steps”). We started by replacing white bread with whole wheat, whole milk with soy milk, etc. We started seeing some small results almost immediately but we still kept meat and dairy in our diet because I was very reluctant on totally getting rid of it. This is all I “knew” to eat and I was afraid my body would start wigging out and going into convulsions (hey, it could happen..). Finally, late this year I started reading a few health websites, watching a few horrible videos and decided to just go vegan for a while and see what happens. I had nothing to lose at this point. It was a major culture shock at first but got easier and easier as we went. We had some awesome recipes from various sites to carry us through the whole month and I must admit that some of them even rivaled their meaty counterparts. We ate everything from tacos to burgers to lasagna. All were extremely tasty and in the end I can safely say that I was not missing meat or dairy at all. Even now that the month is over I do not see myself going back to eating what I was previously. Here are the main reasons why:
Noticeable results:
These are just what I noticed and I’m sure there would be many more if I would have done it more scientifically like getting before and after blood work for example. But these are more than enough to be impressed and start considering a major change in your permanent diet.
Roll your eyes all you want – I know I did for 36 years – but there truly is something to this.
Websense Security Labs ThreatSeeker Network has detected that the Fox Sports site has been compromised and injected with malicious code. Fox Sports is a division of the Fox Broadcasting Company. It specializes in the latest sports news and world sports updates. Fox Sports has an Alexa ranking of 330.
Our research shows that the site has been injected with two pieces of malicious code. One of them is the latest Gumblar campaign, and the other redirects individuals to a malicious Web site, whose link was unreachable at the time of this alert.
The ThreatSeeker Network has detected that thousands of Web sites have been compromised by the latest Gumblar campaign. The Gumblar page is highly obfuscated. After deobfuscation, the page uses PDF and Flash exploits to run malware in order to control a victim’s computer. In addition, a piece of VBScript is executed to download malware.
Source:
http://securitylabs.websense.com/content/Alerts/3516.aspx?cmpid=slalert
Microsoft has confirmed the security hole in its IIS web server, but hasn’t disclosed which versions of the product are affected. According to the finder of the “semi-colon bug”, versions up to and including version 6 are vulnerable. The hole allows attackers, for instance, to camouflage executable ASP files as harmless JPEG files and upload malicious code to a server.
Microsoft’s Security Response Center (MSRC) says it is investigating the vulnerability and has so far not found evidence of any attackers actively exploiting the hole to compromise a server. According to the vendor, the required conditions present an obstacle for successful attacks: Attackers must have authenticated themselves on a server and possess read as well as upload privileges to a directory which, in turn, must allow the execution of code.
Source:
http://www.h-online.com/security/news/item/Microsoft-confirms-IIS-hole-893413.html
