Silicon Shecky

Years ago I use to think McAfee was a good Anti-Virus program. Then they got bloated. Now McAfee is becoming chicken little.

You can see the reports regularly. New exploit in this, new trojan here, new zero-day exploit, and on. The world of securing your information and your identity, either individual or corporate, is a complex and never ending battle. Nothing is going to be 100% secure. you know it, I know it and the bad guys know it. Its a matter of mitigation. The smaller area of attack we give the bad guys, the more chance that they will pass us up for an easier target.

It becomes more complex every year. New devices come out, connectivity becomes better, people become more greedy. In fact the more complex things get, the easier it is to break into them with simplicity. You may ask how is that the case. Simply put you just showed how. We tend to gloss over the simple items for the more complex ones, including bugs and holes. That is a discussion to have another time though.

Right now, in the security field, McAfee has been making a lot of headlines lately. From a RAT Report that other companies are calling “shady” to the latest report from them about cars becoming the next hacking target, McAfee keeps getting their name out there. The problems with these reports is their are either obvious or disputed. That McAfee look more like an attention hound than anything else.

This grab for attention comes on the heels of a decade of McAfee putting out worse and worse products. Suites that are so bloated that you machine drags to a crawl during start up. Anti-Malware products that let too much Malware through. Software that is difficult to remove from a system should you prefer to go with one of their competitors. How the mighty have fallen.

Most companies in the consumer security field, especially those that make Anti-Malware software, can run into these same pitfalls as the become more popular. Norton has, although they are slowly turning things around, they still have a long way to go. Kaspersky is doing its best not to fall down that path, but it does seem to be getting more resource intensive. AVG, well they put out a decent product but we are about due for another bad patch that messes machines up. None of them are perfect, but some are better than others, and McAfee has been considered part of the bottom of the heap for a while now.

So McAfee throws up a smokescreen. Instead of improving their product, they try to show that they know more. Sorry but knowledge of what is happening, and the ability to translate that into a decent working product do not have to be equal. In fact, McAfee has shown me that you can have the knowledge without the product. Then again, McAfee lately has been more like Chicken Little. Just remember, the sky isn’t falling, things are just progressing. We as the ones in the field need to keep our wits about us and it will all be fine.

Google uses the moniker, “Don’t Be Evil,” but is that the truth behind the company? A look at Google Plus might change your mind.

Google+ is an interesting creature. One that is gaining popularity rather quickly. It is also one that might not last due to Google’s own policies.

The buzz around Google wanting people to only use real names in Google+ is gaining more and more steam. People are not happy with this idea. Everyone thought that Google+ would be better than Facebook. It definitely has the potential to compete with Facebook. The naming issue is turning into a stumbling block.

I will not go into depth on the whole idea of hiding from stalkers using a pseudonym in a social media setting. Instead I look at it from a natural way to know people. I have a great deal of online friends. I know them by their names from games, from forums, form other places that you don’t use your normal name. So when I see that Joe Shmo instead of DJ Cool J has added me to their circles, I have to sit back and wonder who the heck is following me? For that matter, Google+ is only as usable as the people you have in your circles, and if I cannot find them easily, which means nicknames, pseudonyms, etc, then I am not going to use the site.

Google though, sees the whole Social Media world as data. Just like search, just like AdWords, it is all data that can be used with algorithms to extract bits of information. That information can then be used to send targeted advertising to you. This increases the chance that Google and the company who is advertising can make some money off you. Its all about making a buck.

So should it surprise anyone that Google wants to mine what you say in Google+. What you Link to? Who you are? The amount of data that Google can dig up on each one of us through public means can really give a good profile of us. That can be used for Advertising, or worse, should Google decide to use it for “Homeland Security” purposes.

The book In The Plex by Steven Levey takes a good look at Google. Brin and Page (Google’s Founders) are all about the data and search. Data especially, because they want to have everything in the world indexed in one spot. Just imagine if that data fell into the wrong hands.

Lulzsec, a group that some people applauded. The were showing security holes. Well, truth is they are a bunch of bullies and jerks.

I love music. More so, I enjoy some Internet Radio Stations. I find a lot of the smaller ones tend to play all sorts of stuff I have not heard before, and broaden my musical tastes. These independent stations will go through the FCC to make sure they are compliant with the outrageous Licensing fees that the music industry puts on them. The FCC is even willing to help pay for that licensing, in turn for a few small things such as playing 5 minutes of real news every so often. Its something the government does right.

So when a few of the stations I listen to all of a sudden had problems with their web sites, and a few had problems with their streams, I figured I would talk to the tech people and see if I could help. Each one of them gave me a similar story of what was going on. Lulzsec was trying to blackmail them. Yep, these independent stations, all of whom get some help from the government, were facing DDOS attacks from Lulzsec. That was not the only thing. They are getting automated phone calls from Lulzsec demanding the admin password for their radio streams so Lulzsec can break in whenever they want to and take over the station.

I won’t mention the names of the stations, since they have called in the FBI on this. I just look at this and go, what a bunch of script kiddie jerks. I mean if Lulzsec were the “Elite” hackers they claim to be, couldn’t then have just hacked the servers that host the radio stream and taken it over that way? Heck, most Internet Radio Stations use either IceCast or Shoutcast stream servers. those servers tend to be Linux based, and usually have Apache on them. How do I know this? Well, I help some volunteer radio stations with tech at times, so I have learned the setup. Heck for that matter, I set up a Shoutcast server at my house so I could do some testing, and stream music to my different devices around the house. It isn’t that difficult.  If Lulzsec wants to broadcast over the Internet, and they are such high end people, then why not just make their own server for streaming, like they do for their IRC?

Think about it. If a group is so boisterous, it wants the press. It wants to be heard. The most elite in the hacking world though, you will never hear a peep from. They lurk in the shadows. They keep their egos in check. They create things for those kiddies that want the attention. Those are the tough ones to find. Until then, we have to keep dealing with jerks like Lulzsec.