http://ostatic.com/blog/can-internet-explorer-9-put-microsoft-in-the-bro...

"By using more of the underlying operating system, and taking advantage of the power of the whole PC, IE9 enables developers to do more with HTML5. Running through Windows, instead of just on Windows, makes a big difference; the web runs more like a native application."

Am I missing something? Didn't Microsoft try this type of integration with the OS? And isn't that type of integration a major security issue with Windows?

Most digital copiers made since 2002 have an internal hard drive that stores copies of every document handled. These are rarely wiped before being sold as used. Every document is recoverable from this hard drive.

Although Microsoft has committed to security updates through 2014 for Windows XP, they announced yesterday that they will not be patching Windows XP for a remotely exploitable vulnerability involving TCP/IP processing.

You should always protect your passwords. Most people know that, but do you know that you should have a complex password?

I was reminded of this when a client of mine was hacked. I'm not sure how it happened, but someone accessed his account, changed the password, and began sending emails requesting money.

Your password should have a number, an upper case letter, and be at least 8 characters. You should also include a special character, if the account holder will let you.

Sometimes, it becomes necessary to recover deleted files from an NTFS image. Using linux, a free utility called ntfsundelete can be used.

If the image is still mounted, you will need to unmount it:

$ sudo umount tmpmount

Then, you will want to use the losetup utility to associate a loop with a regular file (our image):

$ sudo losetup -o 15443968 /dev/loop0 /media/2Big/hd.img

The -o is the offset calculated from the last post (the start of the partition listed in fdisk * 512). The ntfsundelete utility can then be used:

$ ntfsundelete -s /dev/loop0

You can either copy the image to a hard drive, or mount it in Linux and examine it. To mount an image of an entire drive, first examine the partitions using fdisk:

$ sudo fdisk -u -l /media/2Big/hd.img

In this example, hd.img is an image file created earlier on a USB drive named 2Big.

You should see something similar to this:

Disk /dev/sdc: 250.0 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x0004034f

Device Boot Start End Blocks Id System

It is very important when investigating a security incident to work with a copy of the hard drive, and not the original. It is equally important to work with an unaltered copy of the drive. All that is needed is a place to store the image, a USB or system drive, and a working Linux setup. This can be an Ubuntu live CD.

First, you must see where your drives are:

$ sudo fdisk -l

Disk /dev/sda: 250.0 GB, 250059350016 bytes
255 heads, 63 sectors/track, 30401 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x0008558e

An incident at the popular web service called Twitter has brought to light the importance of complex passwords. A hacker decided to try to break into a popular user's account at the service. He did so by writing an automated tool that used what's called a dictionary attack to try and guess the user's password. He went to bed and let the tool run all night. The next morning, he found he had broken into the user's account, finding the user's password was set to the word "happiness."

This tip was found at http://aymanh.com/tips-to-secure-linux-workstation.

An old school attack on Linux systems is called a fork bomb. There is demonstration code at the fore-mentioned website, but essentially, it is a command that will spawn an unending number of processes, eventually killing the system.

Jeff pointed me to an article, supposedly breaking news, that described a "new" "web 2.0" threat, trojans using XML feeds as command and control, and using social networking sites, or other "web 2.0" sites like MySpace to store stolen information.