Sunday, March 11, 2012

Updates and upgrades

Upgrades and updates: everybody knows them, but ... when it is time to install them. OK, you get the picture.

What's the main difference between an update and an upgrade? An update brings mostly fixes for vulnerablities, an upgrade new features and fixes.

Both are equally important for the fixes: some of these are application improvements, speed or crashes, but others concern security vulnerabilities, bugs that an attacker may use to execute other programs without being suspected.

Many Operating Systems (Windows, Linux, Mac Os X) have a feature to auto check for updates and upgrades. Be aware that it concerns only the operating system itself and usually the applications from the same vendor. Other applications installed may have to be manually updated or upgraded.

For a long time, Microsoft has been providing a way to automatically update its Operating Systems and key applications. In Windows XP - and if you kept the themes - this function lives under "Control Panel" > "Security Center" > "Automatic Updates"

The default setting of "Turn on Automatic Updates" is to download and install the recommended updates every day at 3AM. However, unless you don't really care about your power consumption, at that time your computer will be off.

I usually edit these settings, accessible at the bottom of the same window under "Automatic Updates". and change them to "Download updates for me, but let me choose when to install them." As soon as new updates  are available, your computer will notify you with the "little yellow shield."

 As I said, this will install the recommended updates, not all the updates. There are two additional types of updates available from Microsoft: "optional updates", which don't fix anything critical, and "hardware updates", which improve the hardware support and correct driver issues.

These are available through the website "Windows Updates", operated by Microsoft. In IE, go to "Tools" and click on "Windows Updates."

At the screen offering to chose "Express" or "Custom", select "Custom". For each category, you may click on "select all". However, from time to time, you may have to choose between certain patches: for instance you cannot install in the same sweep .net framework 4 and .net framework 1.1. In that case, the system will show you what patches need to be installed independently.

Remains the other applications. Most of us have, in addition to Windows and Office, a browser for the non IE users, adobe reader, adobe flash, various players, possibly iTunes and so forth. All the modern applications have an option to check whether you are up-to-date, and this usually lives under "?" -> "About" or "Help" -> "Check for updates".

Windows 7 has a built-in interface you may invoke by typing "windows update" in the search bar in the Start Menu. There, you can select what to upgrade. By clicking on "Check Upgrade", you will start the detection process.

Optional updates are not selected by default. Click on it to select these additional packages.

In all cases, when upgrading, it is important to close all running applications, to avoid losing data should one be closed.

If an update fails, retry after having disabled your AV: from time to time, an AV may stop the installation of system components thus preventing the correct installation of an update.

To do

  • Configure the windows automatic updater to download new updates and notify when they are available;
  • Go from time to time (once every month or so) and force all the updates, if possible including the optional updates;
  • On a regular basis (once every month or so), for all used applications, check if there are updates, either using the built-in mechanism or by visiting the vendor's website.

Happy surfing.

Sunday, March 4, 2012

Entropy calculator - dev version in progress

My "" scripts computes the entropy a file, indicating how random its content is. Possible uses include finding encrypted or compressed files.

  • A Shebang to allow execution without having to specify "python"
  • The "-t" command-line parameter to specify a minimal entropy. Files whose entropy is below the threshold won't be displayed.

You will find my git repository here.

How to protect your home wireless

Nowadays most, if not all, of the small routers provided to connect a DSL or Cable connection includes a wireless access-point. Developed to facilitate the connection of multiple devices, it also changed the security landscape by extending the area of reception.

With a wired network, it is easy: in order to connect to a network, you need a physical access to a port on a hub, a switch or a router. This limits the possibility for someone outside a house to connect: in order to do that, that person would have to run a cable, going through walls and concrete.

However, with a wireless network, those boundaries don't exist anymore: the radio waves can get through brick, walls, glass and wood and still be demodulated by a wireless card.As a result, some layers of protection are needed to prevent any undesired presence on a home wireless network.

First, what are the risks? Well, you have the risk that someone abuses your wireless network to commit some abuse on the Internet: visits to less than reputable web sites, downloads of protected material, spam, distribution of malware. The list is almost endless. In addition to that, someone on your internal network may also abuse your local resources, and for example abuse a network printer, access your files or plant a virus on your computer.

The first protection that was devised for wireless devices is WEP (Wired Equivalent Privacy). A key is entered on both the access-point and the network clients to allow the access. Unfortunately, a flaw was present in the design and can be exploited to "crack" a network and find the key.

All recent devices offer another mode, called WPA (Wi-Fi Protected Access), followed by WPA2. It avoids WEP's flaw by using  proven encryption algorithms, such as TKIP or AES. WPA/WPA2 requires a key shared between the access-point and the networked clients. That key, of course, needs to be robust and selected as a password: although it is tempting to use something easy, this also facilitates an intruder's job by making guesses based on a list of common words.

In addition to that, almost all devices offer a way to filter what devices connect to the network, based on its MAC address. This latter is the physical identity of a network card and is unique worldwide.

To do
  • Select WPA/WPA2 instead of WEP
  • Set a strong and secure password for the pre-shared key
  • (optional) Create a MAC filter and allow only your devices

Happy Surfing!