Archive for the ‘ Hotmail ’ Category


How To Hide Your Data

Written by admin
June 13th, 2011

Basic File Hiding
If you don’t trust the cloud, that only leaves your hard drive for fast access to files. So how do you keep those important files incognito? There is a very basic way to hide something, even right on your Windows desktop: Make it invisible.

Here’s how to activate a folder cloaking device in Windows XP/Vista/7:

 

Best Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

 

1) Folders typically need a name, even if it’s super short. You can get rid of the name though. Rename a folder on your desktop by highlighting it. Hit F2 and type 0160 with the number pad (not the numbers above the letter keys) while you hold down the Alt key. The numbers will NOT appear to change. Press Enter. The name of the file will be blank.

Note: You can only do this to one folder on the desktop at a time, as Windows sees no name as the name and won’t let you duplicate folder names.

2) The name is gone but the folder icon is still there. Right click on it and select Properties. Go to the Customize tab and click Change Icon. Windows will give you a choice of icons to change it to; three of those choices are blanks (you can find them about 12 columns from the right). Click on a blank one and then click OK.

Your folder is now invisible on the desktop. You can then combine these steps with some basic encryption. For example, use software like WinZip, WinRAR, or 7-zip to create a file archive that is encrypted with a password of your creation. That way, if someone does find the folder you’ve concealed, that person still won’t be able to get to it. You can also change the file extension, from say .ZIP to .JPG, to obscure that it’s an archive.

Caveats: If you do this to a folder inside another folder and view the contents in list or details mode, the invisible folder will show up at the top. The name is blank, but the space will be obvious. Also, on the desktop, if someone clicks and drags with a cursor to highlight multiple icons, the invisible one can be highlighted and thus be seen—like throwing paint on the Invisible Man. So this method is free but far from foolproof.

You don’t have to do all this hiding yourself; you can also turn to software. Tools like Hide My Folders (14-day trial is free and then $39.95) or My Lockbox 2 (free or $24.94 for Pro edition) promise to hide your valuable data on Windows. Mac users can try Altomac’s Hide Folders (free or $24.95 if you want passwords on hidden folders) MCITP Training .

Hide the Whole Drive
Making a file or a whole folder invisible is one thing, but what if you’ve got a hard drive filled with secrets? Interestingly, it might be even easier to hide.

The simplest thing to do is make a Windows volume with its own drive letter, whether it’s a partition, a second internal drive, or an external drive (even a USB drive), and hide the letter from Windows Explorer. The open-source No Drives Manager does this, providing you with a list of drives from A to Z. Put a check next to the drive you want to hide and click “Write current settings to the registry.” The software adjusts Windows, so after you log off and back on again, that drive is no longer visible in Windows Explorer. When you want to access it, go to a command line—you can use the search bar in the Windows 7 menu—and type the drive letter with a colon to access it. Because No Drives Manager changes the registry, you don’t have to install it. You can keep it on a USB key and run it as needed to hide or unhide drives.

Note: This might not work if you use a Windows Explorer replacement tool.

Want to go the extra mile and add in some encryption? The free TrueCrypt software runs on multiple operating systems (Windows, Mac, and Linux) and can encrypt parts of a hard drive or an entire drive partition. What’s more, it can create a volume on the drive that it not only encrypts but hides.

Install and run TrueCrypt and the Volume Creation Wizard will appear. Tell it you want to make an “encrypted file container” on a “standard TrueCrypt volume.” Put the volume anywhere except your C: drive (for now, it doesn’t matter where you put it, but remember the path to the .TC file you create). Give the volume a strong-as-Hercules password. Let TrueCrypt create an encryption key, click Format, let it go, and exit the wizard. But wait, you’re not done yet.

In a command line window (to get one, type CMD in the Windows search box) and type:

Attrib D:\volume.tc +h

Make sure the path matches the one you used (we’ve shown an example above). The “+h” makes it a hidden file, so it won’t appear in Windows Explorer.

Go back into TrueCrypt and you’re going to mount the volume that you made and hide as a virtual hard drive using an unused drive letter. Again, type in the full path to the .TC file and click Mount. Dismount when finished, again using TrueCrypt. (The software offers to help you make a hidden volume inside an obvious volume on the drive, but I couldn’t get the hidden drive to work.) TrueCrypt can even hide your entire operating system, so you end up with two Windows installations—one for show and one for secret work.

Other software that promises to encrypt and hide include BDV DataHider, Folder Vault, and SafeHouse Explorer.

Yahoo said it only had to make one minor adjustment to its website for traffic optimization as a result of World IPv6 Day.

“Yahoo is very excited about how smoothly World IPv6 Day went for everybody. It’s a great testament to the preparation that went into this event,” said Jason Fesler, an IPv6 architect at Yahoo. “The early data says there is minimal risk to pushing forward.”

 

Best Microsoft MCTS Training – Microsoft MCITP Training at Certkingdom.com

 

BACKGROUND: World IPv6 Day: Tech industry’s most-watched event since Y2K

Akamai and Limelight also said they were stepping up their efforts toward full, commercial-grade support of IPv6 due to the success of World IPv6 Day.

“We’re going to look at the data for IPv6 usage and use that to improve our services,” said Andy Champagne, director of engineering at Akamai, which had 30 customers participate in World IPv6 Day using its beta IPv6 service. “Then we are going to work with our customers to roll out IPv6.”

Tom Coffeen, director of global network architecture for Limelight, said it had IPv6-enabled every server on its network for World IPv6 Day and that it had encountered only minor issues that involved some routing policy changes.

“We were surprised and pleased to see no bugs. The few issues we did encounter were quickly resolved,” Coffeen said. “We had many customers choosing to stay IPv6-enabled going forward. We’re ready to move to an opt-out model for our customers, where they have to request no IPv6 availability.”

Despite these successes, World IPv6 Day participants conceded that IPv6 still has a long way to go before it approaches the ubiquity of IPv4.

Colitti said Google estimates that only 0.3% of its users have adopted IPv6. He said it was too early to determine how many of its users suffered from broken IPv6 connections; estimates prior to World IPv6 Day put IPv6 brokenness at 0.03% to 0.05% of Internet users.

Similarly, Lee said that Facebook estimates that about 0.2% of its users were able to reach the website via IPv6.

“Once the world gets to about 1% adoption [of IPv6], then this will be for real,” Lee said. “That’s the initial mass that you need to have for global adoption.”

MORE: What if IPv6 simply fails to catch on?

Content providers are migrating to IPv6 because the Internet is running out of addresses using IPv4. The free pool of unassigned IPv4 addresses expired in February, and in April the Asia Pacific region ran out of all but a few IPv4 addresses being held in reserve for startups. The American Registry for Internet Numbers (ARIN), which doles out IP addresses to network operators in North America, says it will deplete its supply of IPv4 addresses this fall.

IPv4 uses 32-bit addresses and can support 4.3 billion devices connected directly to the Internet, but IPv6 uses 128-bit addresses and can connect up a virtually unlimited number of devices: 2 to the 128th power. IPv6 offers the promise of faster, less-costly Internet services than the alternative, which is to extend the life of IPv4 using network address translation (NAT) devices.

Stupid user tricks 5: IT’s weakest link

Written by admin
June 5th, 2011

The CTO is not a Java programmer, but a self-styled “application architect.” Deal’s done, money’s spent. He hired a Java architect and a lead developer. Both of them went over the wireframes and announced they need a functional spec. That’s about three weeks’ worth of work. They got that and pumped out a technical spec in under a week. Nowhere does it mention a messaging bus. The CTO had some yelling matches with them, but they’re right — no need for the $5 million hobbyhorse.

 

Best Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

 

To “save his job,” the CTO hired a separate small team of developers to build a separate module for the overall application that no one needed or asked for, but it ran the messaging bus.

I never found out whether the startup sold anything.

Fallout: The CTO did in fact save his job, but only because he was “kernel DNA” to the enterprise. When the boss found out about the extra team he hired to hide his mistakes, the CTO got kicked to a sideline “analysis” role.

Moral: If you’ve screwed up that bad, better to fall on your sword early than crawl deeper into an already dark hole.

Stupid user trick No. 7: Lying to IT
Incident: Even the whitest of lies can sap productivity from the more underappreciated, overworked members of your company: the IT pros left to shift through the rubble to find out what really went wrong.

Users lie. I hate it when users lie, usually because I don’t understand why they lie.

Case in point: I got called to a branch office for unspecified “printer problems.” It’s a small branch office, with three users, each in his own office. The firewall/router on a bookshelf in one room connected them and provided the way back to headquarters and the Web. One guy had a big HP LaserJet in his office, and he complained that suddenly his coworkers can’t print “off my printer anymore.” I did the due diligence and found that while the printer had an Ethernet port: (a) it wasn’t configured, (b) it was hooked only to his desktop with a USB cable, and (c) his wall jack only had a single Ethernet port available and that was being used by his PC. I checked his desktop, and no, Windows XP was not set up to share his printer. I knew he’s lying, but I can’t resist:

Me: “So you were all sharing this printer?”

Lying liar: “Yup. It was working fine until the other day, and then it just stopped.”

Me: “You know, there’s nothing wrong with requesting that you be able to share the printer. If you’d have just said that on the phone, I’d have driven out here with a mini-hub and we’d be all set right now.”

Lying liar: “But it was working. It just suddenly stopped. That’s why I called.”

Me [eyes rolling]: “Fine. I can share the printer. Hang on.”

Now I could have told him that print sharing his PC was going to slow down performance a bit, but I was annoyed so I just did it, had his coworkers test it out and then left.

Skip forward a week. The same guy called and my boss kicked it to me. Once again, the ticket said “printer problems,” but now it added “Internet down.” The bastard was snickering when he gave it to me, too. This time I grabbed a mini hub and some spare patch cables before I drove over.

I got there and for some reason they’d switched offices. The moved desks, bookshelves .. and their PCs, as well as the big printer. Again, the same guy got up and said, “Everything was working until yesterday, and then the printer just stopped working.”

Me: “Uh-huh. Yesterday wouldn’t happen to be the day you moved offices, would it?”

Lying liar: “No, no. That was over the weekend.” [This is Wednesday.]

Web mail users at Yahoo and Hotmail have been hit with the same kind of targeted attacks that were disclosed earlier this week by Google, according to security software vendor Trend Micro.

Trend Micro described two similar attacks against Yahoo Mail and Windows Live Hotmail in a blog post, published Thursday. “It’s an ongoing issue for more than just Gmail,” said Nart Villeneuve, a senior threat researcher with Trend Micro. Villeneuve believes that Facebook accounts have also been used to spread similar attacks.

 

Best Microsoft MCTS Training, Microsoft MCITP Training at certkingdom.com

 

BY THE NUMBERS: Microsoft: One in 14 downloads is malicious

Google made headlines Wednesday after revealing that several hundred Gmail users — including government officials, activists and journalists — had been the victims of targeted spearphishing attacks.

Google mentioned phishing on Wednesday, but the criminals have been using other attacks too. In March, Google said that hackers were taking advantage of a flaw in Microsoft’s Windows software to launch politically motivated hacks against activists.

Corporate networks have been under attack for years, but hackers now see personal Web mail accounts as a way to get information that can help them sneak into computers that would otherwise be locked down. “People always think of these attacks as isolated cases, but they’re more like a series of successful and failed attacks over a longer period of time,” Villeneuve said. “It’s not a one-off attack.”

For example, in the Gmail phishing attacks, the hackers used a little-known Microsoft protocol to figure out what type of antivirus software their victims were using. By knowing what antivirus program they were up against, they could then build attack code and then test it against their target security software to be sure that it would go undetected.

And by trolling through their victims’ email messages, the attackers could write believable-sounding messages that their targets would be more likely to click on or open up. That’s how the victims lose control of their computers: by opening, for example, a specially written pdf document or by taking their browsers to a malicious website. “This is the latest version of State’s joint statement,” read one fake email, used by the Gmail phishers. “My understanding is that State put in placeholder econ language and am happy to have us fill in but in their rush to get a cleared version from the WH, they sent the attached to Mike.”

“People, whether they’re human rights activists or they’re government officials, tend to have personal Web mail,” Villeneuve said. “It’s a good way for the attackers to get information on those individuals but also to get information that they could use for an attack of the corporate network of those individuals.”

Google said that the phishing attacks it had detected were launched from computers located in Jinan, China. That led some to suspect that the phishing was state-sponsored, but China’s U.S. Embassy said Thursday that China is the victim of cybercrime, not the perpetrator. “As a responsible player in cyberspace, China strongly opposes unlawful online activities and supports international cooperation in striking down on such misdeeds,” said Wang Baodong, an embassy spokesman, in an email. “Any claims of so-called Chinese state support for hacking are completely fictitious, and blaming misdeeds on China is irresponsible and unacceptable.”