Archive for February, 2010

Block an add site isn’t that hard

February 28, 2010 Leave a comment

As part of my employment I’ve become rather intimate with how to work “Windows Firewall with Advanced Security”. Its rules on what to block or allow are great; its logging needs some work. There’s a super annoying ad that takes over my browser when I click on the calendar at It’s so annoying I half wonder if it’s even an actual ad, or if it’s malware that took over the website. Either way, I’ve had to deal with it for a few weeks and didn’t want to deal with it anymore.

So I opened up the windows firewall, and created a rule blocking that IP Address from sending any packets to my computer. I tested it out, and it worked perfectly. No annoying ad. It made me feel rather empowered, kind of like the same feeling I got when I first blocked something from installing with UAC.

You are not the user

February 27, 2010 Leave a comment

This afternoon Amanda and I were watching Tron. I remember watching the movie about three years ago, and still many different things stuck out to me this time. A very boiled down premise of the movie is that there is a company with a computer system, and the system is slowly being locked down and controlled by the companies “Master Control Program”. The hero’s of the story are trying to free the system up, so that they can do what they want to. I’m watching this thinking “What a horrible security and auditing model”. The security expert in me wanted the hero’s of the story to lose. Letting any program do whatever it wants to on a computer system is why there are so many virus’s and malware programs running around in the wild right now.

There is a very interesting line in Tron that stuck out to me, because it really doesn’t apply anymore. Tron was released in 1982, and it’s about computers, and needless to say some fundamental aspects of computers have changed since 1982. The scene I found interesting is one where there are two programs talking and they’re having a religious discussion about “users”. The discussion is about if users exist or not; kind of like how we might have a discussion about if God exists or not. One of the programs ends up saying “If I don’t have a user, who wrote me?”

This line would only make sense in a world were anyone using a computer primarily wrote everything they used a computer for. Or at least heavily modified anything they used on the computer. I’m sure that world existed at some point, but it doesn’t exist today. Today there are stickers and posters hung up around Microsoft saying “Remember, you are not the user”. Programs are designed by program managers, written by developers and tested by testers. Then once a program is written it’s primarily not even used by them. It’s used by users. The majority of users of programs today are not the ones who wrote the programs.

It’s odd for me to picture a world where most of the programs that the worlds companies and governments relied on, where only used by a handful of people, because all of the software was built in house. In today’s world a lot of the software is written and sold. The vision that Tron was based on is that idea that you can program the computer to do whatever you want it to do. Many nerds (such as yours truly) really likes this idea. Most people don’t like this idea. They just want the computer to do want they want it to do. They don’t want to have to tell the computer how to do it, they just want it done.

So here I am. Happily writing programs, but constantly being reminded “You are not the user”.

Isis likes shoes

February 27, 2010 Leave a comment

Something that Amanda and I have been surprised about, has been how much Isis likes shoes. Anytime she finds a new pair of shoes she loves to sniff and explore them. I don’t think that I’ve noticed that behavior in another cat.

She gets really excited when I get back from a run and take my shoes off. While I’m stretching she sniffs and sniffs them. Apparently going on a run brings back lots of new and interesting smells.

Categories: Pets

Over Security Insecurity

February 22, 2010 Leave a comment

The other day I was at my in-laws and while using their Windows XP computer, tried to do a search in Internet Explorer 8. I go to Bing, and something odd happened, the Bing picture didn’t load. No big deal, but when I tried to type in the search bar, no characters appeared in the search box. The browser had Google set at the search provider, so I did my search there and found what I wanted. But I wanted to see what else might be blocked on this computer. So I went to Google, Yahoo!, Ask, and Dogpile and at all of the websites I could not type into the search bar. I found it very odd that whatever was blocking these was allowing me to use the search provider of the browser, but not the websites directly.

One other thing that I noticed was how prevalent and in-your-face Norton was on their computer. For instance, every search result has a little green check box next to it, showing that Norton approves of the website. Also ,the Norton bar was loaded into Internet Explorer with a search box of its own called “Safe Search”. So I tried safe search and that ended up doing a search from Ask, but with Norton styling overlaid on top of it.

The next thing I tried was to find the Internet Options in the Windows Control Panel, but it wasn’t there. From Internet Explorer, trying to access its options only resulted in a pop-up saying that the option was disabled. Suspecting a virus I decided to explore further.

I opened up Firefox and Chrome and went to the different search websites. I wasn’t blocked from doing searches from any of them. The other thing I noticed was that Norton didn’t have a toolbar in these browsers.

It turned out the problem was Norton. Norton went out of their way to prevent Internet Explorer from doing web searches that weren’t using Norton Safe Search (unless it was from the search provider). To take complete control over Internet Explorer, Norton disabled the computers Internet Options. I cannot describe in words how stupid this is. The end result was that my in-laws didn’t know what was wrong with Internet Explorer and started using other browsers “because they work”. So Norton, in an attempt to protect the user from themselves, locked down Internet Explorer so much that it became undesirable. Which in turn, caused the users to use products that Norton didn’t have locked down. The end result is that in Norton’s attempt to have more control over the computer, it ended up having less control. If Norton really wants to lock down a computer to force the users of the computer to use their Safe Search, Norton is going to have to find a way to lock down all of the browsers.

Having discovered this as made me wonder what threat Norton is trying to protect users from. I’ve heard of one which involved Google image search. What happens is that a website is infected, and by going directly to the webpage nothing bad happens. But when the images from the website are loaded in a Google search result, images are shown that redirect to websites containing malware. I recently discovered one more which involved SQL injection attacks in the urls of search results. In either case, the search results are being hijacked and don’t do anything bad to your computer directly. They just redirect your session to a website that tries to do something bad to your computer.

So if Norton really wanted to protect users from these types of attacks they should block the users computer from viewing images from Google. The solution Norton came up with though, of locking down IE, did nothing to protect their customer. The real solution is not to block users from going to websites, it’s to block websites from installing programs and block RPC’s from browsers to other executables. Blocking RPC’s won’t happen though, because that would block Flash, and no one is going to do anything that blocks Flash. Plus, some website could figure out a way around Norton, so instead of attack the problem head on, Norton decided to give the users a false sense of security and horrible user experience.