08 May, 2009

Google Analytics on the Desktop

Polaris is a cross-platform Google Analytics desktop widget with Adobe Air. With Polaris, you have easy access to your Dashboard, Map Overlay, Top Content, and more. With 8 simple reports, the interface is easy to use and puts data right on your desktop whether using Windows, a Mac, or Linux (Fedora 8, Ubuntu 7.10, openSUSE 10.3).
A single-site version is free while the full multi-site version is only $15 annually. This is just the first of 4 announced products coming from a new company, Desktop Reporting.

05 May, 2009

Botnets and their interworkings

Ars technica has posted an article about a recent University of California Santa Barbara paper on findings after hijacking the Torpig botnet for 10 days. The headline is 56,000 passwords in an hour. The botnet (research) users were also able to gather 70GB of data.

The goal of this particular botnet (and probably most of them) is to gather financial information. "In just ten days, Torpig apparently obtained credentials of 8,310 accounts at 410 financial institutions..."

Concerned that you may be a target? "The researchers concluded that victims of botnets are usually those with poorly maintained machines and who choose 'easily guessable' passwords."

I've posted many blogs on how to improve your security. Some of the basics I know people are still not getting include an up-to-date virus scanner. Those bundled, out-of-date virus scanners from McAfee and Norton have mislead many consumers. This does not have to be difficult! Go to Avast and get their free home edition. Of course if your machine is already compromised, you're going to have to start all over with a fresh install of the OS.

SSL Inventor Taher Elgamal Interview

Vivian Yeo of CNet has published a greater interview with Taher Elgamal, the inventor of SSL and recent winner of the RSA Conference Lifetime Achievement Award. Mr. Taher responds to these subjects:
  1. SSL man-in-the-middle attacks and the ability to intercept session cookies
  2. Logging into sites that have expired SSL certificates
  3. How do browser makers keep users and protect them?
  4. How different do you think SSL would be if it had been invented in the current security landscape?
  5. What are you most dissatisfied about in the current security landscape?
Mr. Taher also points out, "The biggest issue with Internet security today is that there are databases with a lot of important info that are available from the Internet, from the outside." I tend to agree as we hear many stories of database break-ins from stolen laptops, to guessed passwords, to poor network security.

Head over to CNet and read this article for yourself.