Scott Brown is a professional software developer and computer security expert. He has extensive industry and field experience in system administration, application development, and security management.
Scott works with individuals and businesses in the SF Bay Area, Los Angeles, and worldwide online to protect their vital data, fortify their security posture, and realize the maximum potential of their technology investments.
You don't have to go it alone in today's hazardous computing environment or become an IT expert yourself just to keep your business running smoothly. Let's discuss your idea, project, or problem.
Following up on my deployment of WordPress XML-RPC attack countermeasures a few months ago, let’s have a look at how effectively the traps have performed in live operation in the intervening time. …
In my last post I began inquiring into the WordPress XML-RPC attacks I’ve been sustaining here on the site. Since then I’ve been further studying the threat and experimenting with responses, and I have now developed working countermeasures and cast them into live operation. These countermeasures involve forwarding telemetry out of WordPress for pickup by the fail2ban facility, allowing for the detection and banning of attackers trying to exploit xmlrpc.php. Where other recommendations call for disabling affected methods or the whole XML-RPC subsystem, my more refined techniques control attacks while maintaining the full service set in operation for valid procedure calls. …
I’ve been experiencing the same increased frequency of attacks against WordPress’ integrated XML-RPC service in recent months as reported by many other site operators. The attacks have been covered well elsewhere, but I wanted to chronicle what I’m seeing and share some remarks. …
[Edit: As of July 11th it looks like this has been fixed. Android Device Manager is working in Internet Explorer 11 again in my testing. Original discussion follows.]
Last night I flashed my phone up to CyanogenMod 11 M8, and since then I’ve been putting things back the way they were and testing everything out. A few bugs were fixed from the M6 build I was running previously, and a few nice enhancements dropped too, everything was copacetic. But this afternoon I got around to testing Android Device Manager, Google’s integrated “find my phone” application, looking to reconfirm that I could locate my phone if it ever got lost, only to receive an unpleasant surprise. I’d log in to Google’s web application and have it persistently fail to locate my device. The map did not move, the “locate device” and “ring” controls did nothing, basically the tool was useless. This was very frustrating since (a) I knew it worked fine the last time I tested it, and (b) it’s a critical function that I wasn’t about to hazard living without. …
Based on the sum of the evidence that’s now filtered in, and in the consensus view of experts, the primary cause of the TrueCrypt crisis of the last few days was developer fatigue. After 10 years of thankless work developing the open source disk encryption tool, faced with the need to do major extending and refactoring of the codebase to support new technical requirements and demands from security auditors, the anonymous author or authors decided to throw in the towel. The way they did it tells of more complex motives, and has supplied ample fuel to the conspiracy theorists of the world. But importantly, there is no evidence that these events were motivated by any known security flaw or trust deficiency in TrueCrypt or in its build or distribution process, or by any act of coercion. And in spite of the apparently deliberate reputational damage committed by the developers, unless and until demonstrated otherwise, TrueCrypt is in fact still secure, and this story is far from over. …
An extremely significant event affecting TrueCrypt has occurred. It is not yet clear whether it is legitimate or a hoax, and if legitimate, what it means. The truecrypt.org web site has been redirected to a sourceforge landing page advising that development has ended and warning, ambiguously, that the program either is not secure or may not be secure in the future. The messaging proceeds to push users onto BitLocker or other native disk encryption programs. A newly built, apparently legitimately signed, but crippled set of installers numbered version 7.2 are offered. No one is sure exactly what has happened, whether this is a defacement or the real deal, and if it is real, how to interpret it. The matter is still unfolding and being debated. …
Author Mark Russinovich just dropped version 16.0 of Sysinternals procexp, an indispensable utility that displays a tree view of every process on a Windows system along with its resource consumption. Procexp’s visual representation of the activity on a system is so useful for performance tuning that I not only keep an instance in my toolkit, but also place one right smack on the desktop of pretty much every machine I’m responsible for. Version 16.0 is a big feature update boasting newly added integration with cloud antivirus service VirusTotal. …
While Google, Microsoft, Apple and Facebook are busy bending knee to their government handlers and/or telling marketing departments what color underwear you have on, the incredibly smart and capable developers of the CyanogenMod aftermarket Android distribution are cooking up compelling and even potentially disruptive mobile privacy technologies. …
As a reminder, Windows XP will officially reach EOSL (End Of Support Life) on April 8, 2014, a milestone in the making for over a decade, finally coming up a little over eight months from now. On this date, Microsoft will stop publishing new fixes for security holes and bugs in XP. It will no longer be possible to use XP securely, and the degree of exposure and danger will begin to ramp up thereafter, like a proverbial ticking timebomb. …
One of the most consistently referenced articles here is my procedure for preparing and burning encrypted CDs with TrueCrypt. It ranks highly on Google for “truecrypt cd” and “truecrypt dvd”, so those referred are often searching for the best TrueCrypt container size to use with optical media. However, while I made a size recommendation for CD-R’s explicit in the original article, I only mentioned DVD-R’s in passing, enough to match the keyword but not to convey the actual answer people are looking for. Allow me to correct that omission now. …