Students who were given the laptops in the school district were given computers that had their web cams remotely activated whenever the schools administrators thought it was time to do so, and apparently this type of event has been going on for the past 14 months but wasn’t really brought to light until a student, Blake Robbins, was punished in school for “improper behavior in his home.” Normally this would be something that might be pushed aside as just an overly strict school, but because the Vice Principal provided a photo of the matter as evidence, he pretty much dug his own grave.

According to Boing Boing, a class action law suit has been filed against the school on behalf of all students issued the laptops.

The school is fighting back with this response to the reports stating that “the security feature was installed to help locate a laptop in the event it was report lost, missing or stolen so that the laptop could be returned to the student.” They claim that they have never once used it to spy on students, and frankly I don’t believe that because why would it have been activated unless it was reported missing? Just for fun? Apparently the web cams have been activated 42 times to find missing laptops in the past 14 months.

To wrap things up, Dr. Christopher McGinley, Superintendent at the Lower Merion School District also said the school was sorry for its actions. “We regret if this situation has caused any concern or inconvenience among our students and families,” he said.

I don’t think saying sorry will cover up this one, Doctor. You are definitely no Tiger Woods.

Windows XP users who were already infected with the Alureon rootkit would be the ones who experienced these crashes, but only after the update from Microsoft was applied.

Microsoft’s Mike Reavey writes on its TechNet blog:

We wanted to provide you with an update on our ongoing investigation into the “blue screen” issues affecting a limited number of customers who installed MS10-015.  We have been working around the clock with our customers, partners and several teams at Microsoft to determine the cause of these issues.  Our investigation has concluded that the reboot occurs because the system is infected with malware, specifically the Alureon rootkit.  We were able to reach this conclusion after the comprehensive analysis of memory dumps obtained from multiple customer machines and extensive testing against third party applications and software.  The restarts are the result of modifications the Alureon rootkit makes to Windows Kernel binaries, which places these systems in an unstable state.  In every investigated incident, we have not found quality issues with security update MS10-015.  Our guidance remains the same: customers should continue to deploy this month’s security updates and make sure their systems are up-to-date with the latest anti-virus software.

Check out Sophos Anti-Virus for removal of the rootkit, or Contact Me if you are in the Naperville area and you aren’t sure what exactly to do.

For many students, renting laptops from schools to use is an effective and inexpensive way to get work done. Even some universities offer the same deal, but no student ever stops to ask, what cost do the laptops truly come at? For those enrolled in schools around the Lower Merion High School district, it may very well cost you almost all of your privacy.

Students issued laptops in the aforementioned district were given computers that could have their webcams remotely activated at the will of the school administrators, though it’s unclear how long the disturbing practice had gone on for. It was only discovered recently when a school punished a student named Blake Robbins for “improper behavior in his home,” with the Vice Principal even providing a photo as evidence. According to Boing Boing, a class action suit has been filed against the school, on behalf of all students issued the laptops.

This truly is a frightening event for students and parents, and is one of the most disturbing violations of privacy in recent news. Schools are constantly telling students to be careful with their privacy, and not to let anybody online know too much about them, but it’s hard to stay private when you’re being spied on by your own school – people you should be able to trust – in your very own home. You can read the class action suit details here, in .PDF format.

Source: Neowin

The patented device by Kaspersky will connect inside of the computer or machine between the hard drive (HDD or SSD) and the computing unit, between the CPU and RAM. The device is also connected on the system bus or integrated into the disk controller. This mean’s it wont be connected by PCIe like other hardware is, it will be an intercept on the hard drive.

The hardware-based anti-virus will effectively allow or block any writing to the hard disk, preventing viruses from starting in the first place.  Users will be alerted of the potential risk, preventing or denying the infection from being written to disk.

The patent shows that the device will be self-supported with an ARM processor and RAM, so it will not take away from the machines performance what so ever.  The device will also have its own database for malicious code and faulty records during definition updates.

Kaspersky did mention this could be sold and used on a consumer based market, but will help prevent miscellaneous code from spreading in servers and specialized machines initially, such as ATMs. So don’t look for this any time soon, but know that you will be more safe getting your money out of those conveniently placed boxes.

Google has already applied a patch to this exploit, it was deployed Tuesday night with an email from Google explaining the whole messed up situation. The cross-site scripting error which is common in web applications involved an exploit where an attacker can inject client-side scripts into web pages viewed by others.

Google issued a statement that there was “no indication that the vulnerability was actively abused.” It is certainly very promising for Google Buzz users that the exploit is already patched and no sensitive data was stolen or compromised, but let’s get serious here.. it shouldn’t have happened in the first place. It is like Buzz was shipped out just to get it out of the way, and I have a strange feeling that they are regretting it.

If you are scared out of your mind, I suggest you disable Buzz. It just isn’t worth the hassle.

One of the updates from this month’s giant Patch Tuesday is wreaking havoc on some users Windows PCs by giving them the Blue Screen of Death (BSOD), according to a thread on Microsoft Answers, the company’s support forum. Based on what users have found, the update in question is KB977165, which is described by Microsoft as “MS10-015: Vulnerabilities in Windows kernel could allow elevation of privilege” (for those wondering, yes this is the 17-year-old Windows flaw we reported about last month). The issue was first reported by Krebs on Security.

Microsoft Security Bulletin MS10-015 goes into further detail about the flaw being patched: “The vulnerabilities could allow elevation of privilege if an attacker logged on to the system and then ran a specially crafted application. To exploit either vulnerability, an attacker must have valid logon credentials and be able to log on locally. The vulnerabilities could not be exploited remotely or by anonymous users.” The security update is rated Important on the versions of Windows it patches: Windows 2000, Windows XP (32-bit and 64-bit), Windows Server 2003 (32-bit and 64-bit), Windows Vista (32-bit and 64-bit), Windows Server 2008 (32-bit and 64-bit), and Windows 7 (32-bit).

The majority of users who are complaining about the issue are on Windows XP, but some users in the thread mention this occurs for them on Windows Server 2003 and Windows Vista. Those running Windows 2000, Windows Server 2008, and Windows 7 have yet to report problems, though the issue is fairly new so it’s still possible that as more and more users install the update, the BSOD will creep up on the remaining versions of Windows as well. We have yet to see the problem occur, as most of our systems and those of our peers are running Windows 7 64-bit or Windows Server 2008 R2.

The thread starter explains the problem at hand: “I updated 11 windows xp updates today from Microsoft.com and restarted my pc like it asked me to. (There has definitely been absolutely NO CHANGE in my computer software or hardware installation apart from [these] updates) From then on, Windows [could not] restart again! It is stopping at the blue screen with the following message:

A problem has been detected and windows has been shutdown to prevent damage to your computer.PAGE_FAULT_IN_NONPAGED_AREA Technical Information: STOP: 0×00000050 (0×80097004, 0×00000001, 0×80515103, 0×00000000).

“I tried all kinds of restarting option[s], namely safe modes etc. but everything is returning to the blue screen,” he concluded. Another user wrote: “Samething [sic] happened to me. I think there is something seriously wrong with the update. I can’t even open in safe mode…”

Users in the thread have tracked down a fix, though it requires using a copy of the Windows disc (or for netbook users without an optical drive, a bootable USB drive with Windows on it):

1. Boot from your Windows XP CD or DVD and start the recovery console (see KB307654 for help with this step)
2. Type this command: CHDIR $NtUninstallKB977165 $\spuninst
3. Type this command: BATCH spuninst.txt
4. Type this command: systemroot
5. When complete, type this command: exit

This fix has been marked as the answer to the thread by Cody, a Microsoft Support Engineer. Formally, the suggestion actually says to repeat steps two through four with all the following patches: KB978262, KB971468, KB978037, KB975713, KB978251, KB978706, KB977165, KB975560, and KB977914. Since that post, users have concluded in the thread that KB977165 is the problematic update.

Robear Dyer, a Microsoft MVP, gave three pointers to users in the thread:

1. Uninstalling KB977165 will automatically restore the previous versions of ntkrnlpa.exe and ntoskrnl.exe so there’s no need to find “a way to replace them.”
2. That being said, the newer versions of ntkrnlpa.exe and ntoskrnl.exe address the very serious and currently-being-exploited security vulnerability described in MS10-015, so you really do not want to avoid this update! Instead, open a free support incident per my previous reply.
3. Encountering a STOP error (e.g., 0×00000050) after installing this update could mean that your computer’s already been compromised by the security vulnerability addressed by MS10-015, yet another reason to open a free support incident!

The only problem with these suggestions is that most users can’t boot their computer to uninstall the update (both “Last Known Good Configuration” and Safe Mode don’t work). While the solution most users have found to work is to boot off the Windows XP disc and use the Recovery Console, Dyer is suggesting finding some other means to uninstall the update. Users are naturally more interested in getting their computer functioning again than making sure it is secure.

“Microsoft is investigating reports of an installation issue with a security update released on February 9, 2010,” a Microsoft spokesperson told Ars. “We are investigating the issue to determine the cause of the issue. Anyone believed to have been affected can visit: consumersecuritysupport.microsoft.com. Those in the United States can contact Customer Service and Support at no charge using the PC Safety hotline at 1-866-727-2338 (PCSAFETY). Those outside the United States can find local contact numbers at support.microsoft.com/international.” The company has since pulled the patch from Windows Update.

[via ArsTechnica]

Lately there has been a commercial floating around the TV airwaves asking you a simple question, “Do you know where your identity is?” Well, do you?

Every time you order a package on line, over the phone, or anywhere, your information can be passed down the line and someone will probably remember it somewhere in that line. It’s a scary scenario, that’s for sure, but it isn’t something that you should completely dwell on forever, and you shouldn’t lose too much sleep over it.

Your identity, for the most part, is safe. Sure there are those assholes out on the web who make it their goal to screw you over and take every penny you got, well your bank should already have some preventative measures for those type of situations, as do the companies that you purchased the product from, as do your credit card companies, and so on.

You can do yourself one better by purchasing an “identity protection” program by certain companies, but for the most part I say just don’t do anything too stupid by going around telling people your social security number, and you should be pretty safe.

However, if you know you have a virus, or pop ups are coming out of nowhere, or something just isn’t right about your computer, you should call a computer guru RIGHT AWAY! There are reasons for this RIGHT AWAY, ASAP style of capitalization. And by that, I mean that the company hasn’t stolen your SSN yet, but they might be doing it the very next time you type it in.

There are programs that can be installed into your computer without you even knowing it, and the program I am going to be centering around is called a keylogger. Keyloggers do just about exact what their name implies, they log keys. I mean like the keys that I am using to type this right now, or the keys that you might be using to type in a password to your email, message board, or even bank account. These logs are then generated and automatically emailed to a thieves email account, and sadly there is almost no way to trace where they are being sent to.

So this is why, the first time you see something wrong with your computer you should take care of it as soon as possible. You don’t want your identity to be stolen and sent out so all of Times Square knows who you are!

If you live in a very rural area, then obviously this isn’t for you unless you think some crazy guy is living under a rock near your house, but if you are that worried about it then you should probably hire some sort of private investigator.

If you live in an apartment complex, then you should probably check this out! Even with security measures and passwords in place, you never know who might be connected to your network! It’s worth checking out, because obviously you don’t want your profiles stolen with contact information or more!

As you can see from the screenshot on the left, it shows both my router and my iPhone as the only connected devices on my network, which is just how it should be. I only know what these two devices are because I assigned them their IP Addresses manually, and also I know their MAC Addresses as well. If you see something in this list that you don’t recognize, you are unsecured and should change your security practices with your router quickly!

The software states on their website that it only works with Windows Vista, but apparently they have not updated their website since Windows 7 was released. It works just fine with Windows 7, but I could not get it to work correctly with Windows XP. It installed just fine, but it would not show any output while scanning (in XP).

ZamZom Homepage
Direct Download

[Source Yahoo! Tech]

A security researcher at Google is recommending computer users make several configuration changes to protect themselves against a previously unknown vulnerability that allows untrusted users to take complete control of systems running most versions of Microsoft Windows.

The vulnerability resides in a feature known as the Virtual DOS Machine, which Microsoft introduced in 1993 with Windows NT, according to this writeup penned by Tavis Ormandy of Google. Using code written for the VDM, an unprivileged user can inject code of his choosing directly into the system’s kernel, making it possible to make changes to highly sensitive parts of the operating system.