Google Chrome Puts Security in a Sandbox

The Google Chrome browser is no longer a beta, and has been outfitted with a coat of security armor Google hopes will both protect users and help Chrome compete with rival browsers.

The toughest piece of that armor involves sandboxing. In Chrome, HTML rendering and JavaScript execution are isolated in their own class of processes. Running each tab in Chrome in a sandbox allows Web applications to be launched in their own browser windows without the ability to write or read files from sensitive areas. Plug-ins are run in separate processes that communicate with the renderer.

“I think Google was very proactive in terms of what we’ve been doing around trying to help prevent users from being infected with malware,” said Ian Fette, security product manager for Google. “On the Web browser, we’re trying to do everything we can to make sure that users are not becoming affected with malware, and a big part of that is the sandboxing technology.”

Calling it a second level of defense, he said the technology is designed to prevent malware from persisting even if there is a flaw in the code that would lead to the Web browser being compromised.

“It’s designed to prevent malware from getting installed on the system, from being able to start again when you close the browser and restart the computer; it’s designed to help prevent malware from being able to read files on your file system … it’s really a defense-in-depth mechanism,” Fette explained.

Source:
http://www.eweek.com/c/a/Security/Google-Chrome-Puts-Security-in-a-Sandbox/

Posted in Coding, Internet, Privacy, Security | No Comments

NetworkMiner packet analyzer

NetworkMiner is a Network Forensic Analysis Tool (NFAT) for Windows that can detect the OS, hostname and open ports of network hosts through packet sniffing or by parsing a PCAP file. NetworkMiner can also extract transmitted files from network traffic.

Homepage:
http://sourceforge.net/projects/networkminer/

Download:
http://sourceforge.net/project/showfiles.php?group_id=189429

Posted in Internet, Networking, Privacy, Security, Software, Windows | No Comments

Securely Access Email In Various Clients

SSL (Secure Sockets Layer) or TLS (Transport Layer Security) encrypt your email connection so that your password and messages are scrambled to eavesdroppers. If you’re only connecting through a wired, office PC, you’ll face little exposure with non-encrypted mail. But even with a wireless laptop on a known network–or especially Wi-Fi on a temporary network out in the world–encryption is essential. Without that protection, it’s trivial for a hacker to intercept and read your data.

SSL should already be available from your mail host, although it’s often not required. And for compatibility, many mail clients leave it off by default. Here’s how to be sure you’re making that secure connection.

Source:
http://www.pcworld.com/article/155236/Securely_Access_Email_In_Various_Clients.html?tk=rss_howto

Posted in Internet, Privacy, Security | No Comments

Evolving DNS malware

Symantec researchers have reported finding a variation on the old DNSChanger trojan that installs a rouge DHCP server simulation on local networks. This means that even uninfected machines on the network can get re-directed to malicious servers.

DNSChanger has been present in the wild for some time and was originally designed to change local DNS servers in the operating system. Both Windows and Mac OS machine were vulnerable. The next step was to changing DNS server settings in ADSL routers. The rogue DHCP server version is the latest mutation.

Source:
http://www.heise-online.co.uk/news/Evolving-DNS-malware–/112184

Posted in Internet, Networking, Security | No Comments

New trojan in mass DNS hijack

Researchers have identified a new trojan that can tamper with a wide array of devices on a local network, an exploit that sends them to impostor websites even if they are hardened machines that are fully patched or run non-Windows operating systems.

The malware is a new variant of the DNSChanger, a trojan that has long been known to change the domain name system settings of PCs and Macs alike. According to researchers with anti-virus provider McAfee’s Avert Labs, the update allows a single infected machine to pollute the DNS settings of potentially hundreds of other devices running on the same local area network by undermining its dynamic host configuration protocol, or DHCP, which dynamically allocates IP addresses.

“Systems that are not infected with the malware can still have the payload of communicating with the rogue DNS servers delivered to them,” McAfee’s Craig Schmugar writes here of the new variant. “This is achieved without exploiting any security vulnerability.”

Source:
http://www.theregister.co.uk/2008/12/05/new_dnschanger_hijacks/

Posted in Internet, Networking, Privacy, Security | No Comments