LastPass Wallet

If you were to lose your wallet, would you know your credit card numbers, and the customer service numbers to call in case you had to cancel your cards? What about other important information in your wallet? LastPass Wallet is a cryptographically secure solution on iPhone, iPod Touch, and iPad for saving and syncing important data should you become separated from your wallet. I've long been a fan of the multi-platform password management tool, LastPass. According to the LastPass,"Wallet stores the data you carry in your physical wallet on your iOS device, so you can securely backup your most valuable personal information to LastPass."


Wallet adds the ability to attach text, pictures, and audio recordings (secure voice recording available within the app--great for creating a quick memo), to your notes. All data will be synced with LastPass in your browser and mobile apps, but attachments are currently only available in Wallet. A quick test drive of the app shows that it is beautifully polished, snappy, and a delight to use.

As with anything LastPass does, security is never an afterthought. "Wallet offers security settings to restrict access to stored data. 'Logout on close' ensures that the active session is killed when the app is closed, while a pin code prompt can be used to re-authenticate when multitasking between Wallet and other apps." An Android version of LastPass Wallet is reportedly in the works as well. (Source: LastPass)

Disinfecting a Windows machine

I recently received a spam email from a family member with an unfamiliar, suspicious link. This prompted me to reach out to try to help clean up their computer. I recommended changing the email password from a clean, uninfected machine, but after a few attempts at that, the spam email continued. My next conclusion was that there must still be some malware on the machine. Following are some steps that I provided which may be useful to others who are trying to disinfect a Windows computer from a virus, rootkit, or other malware:

1. Go to Add/Remove programs and uninstall any "extraneous debris," or any software that you simply don't need. Additional software only increases the attack vector for hackers seeking to leverage known vulnerabilities in software.
2. Download the Windows Defender Offline tool and create a bootable CD or USB drive from a clean, uninfected computer. You will boot to this tool on the infected machine, which will run before Windows ever loads. What happens is that the malware is so sophisticated that it is able to hide itself from the antivirus scanners using what are called rootkits. The Windows Defender Offline tool should overcome that by booting first and rooting out the problem.
3. Consider running an additional offline scan using the Kaspersky Rescue Disk. Remember to create a bootable USB or CD from an uninfected computer. Follow the instructions to run an offline scan (meaning that you boot to the rescue disk before Windows loads).
4. If the above two steps are able to uncover any malware and clean it, then boot the machine as you would normally, and launch the Secunia Personal Software Inspector (online). This requires Java, which I normally recommend uninstalling unless you specifically need it for something, since many of the exploits in recent weeks have leveraged an un-patched flaw in the Java run-time environment. This will scan your computer for any vulnerable or outdated software. Apply the updates as recommended, and ensure that Windows Update is configured to automatically download and install any new updates from Microsoft. You should even launch Windows Update to make sure that there aren't any pending security patches.
5. If steps 2 and 3 fail to find any malware, consider backing up all of your important files to an external USB drive, then reformatting the computer with your system restore disk (Windows install disk). Sometimes, rather than spend hours and days trying to weed out malware, it is better to start with a clean slate. When you re-install Windows, make sure to load Microsoft Security Essentials before doing anything else.
6. Going forward, make sure to not click on any unfamiliar links in email or open any email attachments, unless it is something you are expecting--even then, open with extreme caution. Be careful about what software you install--is it something you really need, or are you just installing it for fun? Make sure to run files you download through VirusTotal, which scans the file using a large database of antivirus programs.

Make your mouse scroll wheel work everywhere in Windows without clicking

If you've used OS X or a UNIX/Linux-based operating system for any amount of time, you get used to being able to hover your mouse cursor over any window or scrolling panel area without having to click on it first. Unfortunately, Windows requires you to click on an area to give it "focus" before the mouse scroll wheel will work. For example, take a simple Windows "Open" dialog box:

It can become annoying having to click on windows or other "scrollable" areas within windows. Sometimes, you end up accidentally clicking on a file or some other object just so that you can use your mouse scroll wheel.

I stumbled across a free, highly useful program called WizMouse that works in 32-bit and 64-bit versions of Windows 2000, XP, Vista, and 7 that solves this very problem. Until Microsoft builds a simple feature into Windows to enable mouse scrolling on mouse hover, give WizMouse a try.

Selling software exploits to government for a handsome profit

A hacker can typically profit from newly discovered software exploits in three ways: 1) receive a small reward by responsibly disclosing the vulnerability to the software vendor, 2) sell the exploit through an underground market, or 3) sell the exploit to a government agency. Hackers often go after vendor payouts or industry notoriety as rewards for discovering vulnerabilities in software and systems. These incentives are often part of a contest where many hackers try to be the first to find a weakness in a program or other system. Underground markets for so-called "zero-day" exploits have existed for a while, and in the past have involved organized crime groups. But, recently we've seen an increasing trend towards selling the exploits to government agencies for even bigger profits. A fascinating Forbes article mentions that a US government contractor recently purchased an exploit for iOS for $250,000. According to the Zero Day Blog:

Hackers today are selling zero-day exploits to government agencies via middlemen who charge a commission for setting up the deal. The organizations don’t tell the public about the code they pay for because they use it to gain access to their target’s devices. Selling to them is considered safer than striking deals with the mafia or other shady organisations because in those cases talks can go south at any time.

With these kinds of profits, why waste time with small payouts and contests? I can't imagine there is much incentive anymore for security research or hacker groups to report vulnerabilities responsibly to vendors. This is an interesting trend that will be exciting to watch as the market for exploits continues to grow rapidly.

Improv Everywhere - Spinning Beach Ball of Death

This is great! At first, I felt so sorry for the dude, but then realized what was happening. Brilliant!

Netflix thinks B-horror movie is "just for kids"

This morning my 2 year old was happily watching Yo Gabba Gabba on Netflix using the "Just for Kids" interface on the Wii. The video stream had been periodically pausing and buffering. I went downstairs to change the laundry over (I was literally away for about 3-4 minutes) and when I came back upstairs, my son had grabbed the Wii Remote, and was clicking around, likely trying to fix the paused video stream (he's a good troubleshooter). Surprisingly, he was no longer watching Yo Gabba Gabba, but instead a 1960's B-Horror movie called Doctor Blood's Coffin was in the process of loading up. Luckily, I got there in time and changed it back. I was surprised that Netflix would even make horror movies available via the "Just for Kids" interface on the Wii. What likely happened is that he somehow got into the non-kid-friendly Netflix interface and just randomly clicked on a title. "I can't leave you kids alone for 3 minutes!"

Temporal Distortion: Amazingly beautiful time lapse video

Temporal Distortion from Randy Halverson on Vimeo.

Malicious poisoned redirects in Google search results

This morning I did a Google search for "free psd web button". I clicked on the third result which links to http://www.sharkwebstyle.com/2011/07/80-prefect-free-photoshop-web-buttons-psd/.

However, upon clicking on this third result, I was automatically taken to Russian site http://uaroyalys.ru/industry/index.php, which is clearly not the correct location, and is apparently an attempt to redirect me to some sort of malicious site (I don't recommend you try to visit this site). Thankfully, I had ScriptNo for Chrome and NoScript for Firefox so, the site didn't do anything, and thankfully it wasn't able to reach its dirty tentacles into my machine (I hope).

I originally discovered the malicious redirect on a Windows machine, and I immediately assumed that the machine must somehow be infected. I switched over to a Mac machine and discovered the same malady, suggesting that the malicious redirect originates on the server side and not on my side.

What's unclear is if this is the fault of the target (SharkWebstyle perhaps infected with a XSS attack), or poisoned Google search results. What's frustrating is that most unsuspecting users are doing these types of web searches all the time and clicking on tons of links. Most are using Internet Explorer or another browser with scripting (JavaScript) fully enabled. Since most infections are launched via some sort of scripting on web sites, it is recommended to use an add-on (such as ScriptNo for Chrome or NoScript for Firefox) that only allows scripting in your web browser for sites that you explicitly allow. It makes me sick to my stomach to think of a friend or family member getting infected with some type of malware served up by Google's own search results. Be safe, folks!

UPDATE (2/15/12): It appears that this was most likely the result of a compromised instance of WordPress (most likely through a maliciously modified .htaccess file). Older versions of WordPress can be susceptible to attacks. If you self-host your WordPress site, you need to make sure you update to the latest version, change passwords for your web host account, FTP, and MySQL database. Check this link if you think you might be compromised. You can also check your site to see if it is infected with any known malicious code at Sucuri SiteCheck.

UPDATE (3/3/12): I received a note from the site administrators at Sharkwebstyle that said, "We encountered a problem with a vulnerability in timthumb script used in our WordPress theme, and that vulnerability can change the .htaccess file content, so that's why there was a redirection to other website." Here are some technical details about the Timthumb Wordpress vulnerability and hack.

Swarm of Nano Quadrotors! Hide!

Mozilla Releases Firefox 10, Still Bloated

The version numbers for Firefox continue to climb with version 10 released by Mozilla this week. Unfortunately, the notorious memory leak issues don't seem to be getting any better. I've been using Firefox on Mac OS X (10.6.8) for a little over 2 hours this morning, and I have noticed horrible performance with simple operations such as switching tabs, clicking on check boxes in web pages taking several seconds to complete. As you can see from the screen capture above, it's consuming well over 1.12 GB RAM and 57.9% CPU utilization.

OnLive puts Windows 7 on your iPad

OnLive announced a new cloud service this week called OnLive Desktop which gives you access to a Windows 7 machine running on the cloud with Microsoft Word, PowerPoint, and Excel. The free "as-available" version of OnLive Desktop provides you with 2GB of storage, while the $9/month Pro plan offers 50GB of storage and high priority access. The company states that OnLive Desktop will soon be available for Android, iPhone, PC (oh, the irony), and Mac.

Presumably the OnLive Desktop service will provide fast, maintenance-free access to a Windows PC and its applications from your iPad without having to keep the remote machine updated with security patches and anti-virus software. While such remote desktop applications have been available on the iOS and Android devices for years, this move should come as no surprise. The decision to sell its extra capacity makes sense for OnLive, whose business model has traditionally been selling online access to video games running on its servers.

It will be interesting to see how the market reacts to this new service. The awkwardness of using Windows 7 with the iPad's touch interface could might be enough to deter large-scale adoption. While there are still a lot of unanswered questions, OnLive Desktop is sure to be the source of geeky experiments, fun hacks, and technical debates in the coming weeks.

UPDATE (4/12/12): Due to licensing concerns, Microsoft and OnLive have reached a deal in which the backend of OnLive Desktop now runs Windows Server 2008 instead of Windows 7. This is an unfortunate setback for OnLive Desktop, which utilized some of the integrated touch interface components of Windows 7. While the service is still up and running, the obvious benefits of a touch integrated OS are painfully missing. According to James Kendrick, "While OnLive Desktop still looks the same, the absence of Windows 7 under the hood is sorely missed. Gone is the great touch optimization that made OnLive Desktop a joy to use in my original review. That was provided by Windows 7 and thus no longer there."

Adblock Plus Now Allows "Non-Intrusive" Ads by Default

Firefox extension Adblock Plus has long been useful for removing annoying ads from web sites (including video pre-roll ads). Recently, the developer made an interesting change that allows "non-intrusive" advertisements by default. The following explains the change and is taken directly from the Adblock Plus site:

"Starting with Adblock Plus 2.0 you can allow some of the advertising that is considered not annoying. By doing this you support websites that rely on advertising but choose to do it in a non-intrusive way. And you give these websites an advantage over their competition which encourages other websites to use non-intrusive advertising as well. In the long term the web will become a better place for everybody, not only Adblock Plus users. Without this feature we run the danger that increasing Adblock Plus usage will make small websites unsustainable."

However noble their mission, most Adblock Plus users would probably prefer to continue to block all ads. To change the behavior to revert back to blocking all ads, click the Adblock Plus icon in Firefox and select Filter preferences...

Then, un-check the option "Allow non-intrusive advertising"