Posts tagged Security
No..not another Wordpress version!!
Aug 4th
I logged in to my blog account 2 days back, after a verrry long time (I blame my project move in the professional world). I was surprised to find out so many things have happened in the Wordpress world. A new version has been released, many more vulnerabilities have been found and fixed…WAIT…a NEW version?? NOOOO! It feels like I just updated to a new version…is there a new one already!???
Wordpress is churning out new versions faster than my C2Duo / Vista machine can boot 
Don’t believe me? Look at these dates:
| Wordpress version | Release date |
| 1.5 (Strayhorn) | mid-Feb 2005 |
| 2.0 (duke) | Dec 2005 |
| 2.1 (Ella) | 22 Jan 2007 |
| 2.2 (Getz) | 16 May 2007 |
| 2.3 (Dexter) | 24 Sep 2007 |
| 2.5 (Brecker) | 29 Mar 2008 |
| 2.6 (Tyner) | 15 Jul 2008 |
[Movie] Untraceable
May 16th
I have been watching way too many movies past 2 weeks, cannot even remember many of their names now. Last weekend I planned to go to Salem, but ended up in Fry’s (Wilsonville). I bought a Wii there and am thoroughly enjoying the games in it, but more about that in a different post. Amidst all these I am trying to finish up my office work too. See how hard working, I am? 
.
In this post, I want to talk about the movie Untraceable. I just finished watching it. My initial impression – "Great, that was interesting!". But now, after some 10 minutes, I realize all the holes and stupidity in that movie. But before I get to that, let me tell you what this movie is about.
![[Movie] Untraceable](http://kannan.jumbledthoughts.com/wp-content/upload/2008/05/untraceable.jpg)
******** Warning: Spoilers ahead ***********
Cascade Virus: Down the memory lane.
Mar 24th
I have always been fascinated with computer virii. My first exposure to computer virii was back in 1994, when my 360KB floppy disk got infected by STONED. The hype around virii was so much and I was so misinformed, I kept that infected disk in the jacket, away from all other diskettes I owned for 2 weeks!! No, I am not kidding.
Gokul, (owner of Port Bit Systems/Trichy, who was my first computer teacher) looked like a hero to me, when he could magically clean the infection by running a command line DOS McAfee. Man,those days were cool! Later when I started learning x86 assembly and DOS internals, I got fully absorbed in to the wonder world of DOS virii. (I still have the first DOS anti-virus program I wrote – "(C) Brain" remover – somewhere in my old HDD). "Computer Viruses: Prevention, detection and cure" by Rajneesh Kapur was my first viruses book; An excellent one! This is out of print now, can’t even find it in the original publishers site.
One virus I fondly remember to this day, is the famous (!?) CASCADE virus (a.k.a Raindrop/17xx). This virus was a non-overwriting, resident COM infector. When triggered it made the characters in the screen fall in to a nice heap at the bottom. (Remember, we were in the command line mode then!). It was kind of cool to see this cascading action.
Cascade was the first virus to use encryption. The virus consisted of two parts – the virus body and an encryption routine. The latter encrypted the body of the virus so that it appeared different in every infected file. After loading the file, control was transferred to the decryption routine which decoded the virus body and transferred control to it. Unlike future polymorphic viruses, Cascade encoded only the body of the virus. The size of the infected file was used as the decryption key. Since the decryption routine remained unchanged, antivirus programs detected the virus with ease.
If you have never seen the virus in action, look at the screen shots below:
Is Windows XP the right OS for an ATM?
Jun 10th
Have you ever wondered what the ATM runs on? Most 0f the ATMs in India (and all around the world) run some flavor of Windows. Nowadays they use XP (some with SP2, if the technical team is good) but I remember seeing Windows 98 (saw BSOD once in one of the Chennai ATMs); Also read somewhere that they used to have embedded Windows NT, OS/2 and sometimes even Windows CE! I know what you must be thinking now – How safe is it, right? A good design should put the ATMs in their own private network, if so I only will be worrying “Who is going to reset the ATM when Windows crashes?  ”; now I realize why the security person in ATM seems to be knowledgeble on the machines…talk of all the ways one can gain some IT gnaan!
Above is an ATM of the famous VTB bank of Russia, powered by an unactivated copy of Windows XP. 
Look at a closeup of the activation dialog box below.
I wonder why ATMs don’t have their own OSs! When we talk so much about security / WORMS & malware stuff, does it make sense to use a general purpose OS for something so critical as an ATM? Even a cellphone costing a mere INR 4000 has so any OS flavors to choose from, why is the ATM you withdraw that INR 4000 from is stuck with a most-often-unpatched version of Windows? As Obelix would have said – “These ATM makers are crazy!!”
Check out these interesting links related to Windows Crashes:
- Windows crashes on Flight information screens and ATMs
- ATM crash here and here
- Slot machines too…
- Gallery full of Windows crashes on ATMs/slot machines
- Oh no! Even trains are not spared & other Public computer errors
