Archive for the ‘Technology’ Category

New Benefits for Solar Energy Use

Tuesday, January 3rd, 2006

Federal tax credits implemented to encourage solar energy development and use

After years of failed attempts, the U.S. Congress passed comprehensive energy legislation last summer. Spurred by record prices for oil, natural gas and coal, lawmakers developed a tax package of $14.5 billion, the bulk of the incentives targeting mature, traditional energy industries. Yet the solar industry was able to win the strongest federal provisions for solar in two decades: a 30 percent federal investment tax credit for residential and commercial installations. These new incentives have been implemented from the 1st of January 2006.

The existing 10 percent tax credit for commercial solar installations rises from 10 percent to 30 percent for two years, with no cap on the credit. The incentive applies to all property placed in service after Dec. 31, 2005, and before Jan. 1, 2008. It switches back to the permanent 10 percent credit thereafter.

The policy includes a 30 percent tax credit for residential solar installations for two years, capped at $2,000. It applies to all property placed in service after Dec. 31, 2005, and before Jan. 1, 2008

For more information on solar energy and solar panels visit Siemens Solar

New SpyWare Holding Computer users to Ransome

Tuesday, May 24th, 2005

Ransom Ware Coming To A Computer Near You.
Apparently computer users have something new to worry about in the form of what’s fast becoming known as “ransom ware.”

Hackers have found a way to lock up documents on your computer, then will demand money to hand over the key code. In one recent attack, an unidentified corporate customer of San Diego’s Websense Inc. found encrypted files including important spreadsheets, pictures and other documents along with a ransom note.

The note left an email address, and the attacker used that address to demand $200 for the digital key code to unlock the encrypted files.

Joe Stewart, a researcher at Chicago’s Lurhq Corp., studied the ransom ware. “This seems fully malicious,” he said. While he did manage to unlock the infected computer files without having to pay the ransom, there is a worry that future versions of this software will be more difficult to overcome. Hackers commonly learn not to repeat the mistakes of earlier versions when revising, and the evolution of the software becomes increasingly difficult to crack.Related source.Network Detection Intrusion(NIDS)

This just adds to the list of tiring and frustrating attacks that many internet users must face on a daily basis. Viruses, worms, spyware and phishing attacks now are just the tip of an ever-growing iceberg.

While the FBI thinks this is just an isolated scheme, there is no knowing how many people have been affected thus far. The latest cases have resulted from visiting vandalized internet websites using a vulnerable browser. The resulting lock of up to 15 kinds of files is heralded by a note. When the email address in that note is contacted, the hacker demands $200 for the key code which unlocks the newly encrypted files.

The site has been shut down, and there hasn’t been a widespread report of ransom ware. And because bank transactions are easily traced, the hacker’s greed could be his downfall.

“You’ve got to send the money somewhere,” Stewart said. “…It’s far easier to trace than an email account.”

Windows more secure than Linux?

Thursday, March 24th, 2005

Which server environment is more secure? Windows or Linux? This question has been debated to the nth degree at the various computer forums, blogs, and numerous other places.

A study conducted by Security Innovation may give a more definitive answer, although it will probably just re-ignite the old arguments. In an extensive white paper, the Security Innovation team compared, amongst other things, the number of vulnerabilities each server environment faced. The study also compared the amount of time a security risk remained a risk to the server setup in question.

This was done in order to determine which environment was most at risk. In order to present solid findings, the team tested their data under the different installation configurations available. The white paper offers cumulative results and they may surprise some readers.

Among other things, the study concludes:

“On balance, as security practitioners, we know that both the Red Hat and Microsoft solutions can be used to provide a secure solution when deployed and administered with the right skills and under the right policy. Based upon both counts/lifecycles of bugs and the absence/presence of qualitative drivers of security, it appears that Microsoft may have an edge in many environments.

Put another way, looking at the software security factors that each vendor has the ability to directly affect – software security quality and security response – the data shows that a web server workload built using Windows Server 2003 has fewer security vulnerabilities requiring customer mitigation or patching than a similar workload built on Red Hat Enterprise Linux.”

Microsoft potentially safer than Linux? The reaction should be quite interesting.

PS: Security Innovation runs IIS 5.0

Phishing Attacks up 366%

Tuesday, March 22nd, 2005

A recent security threat report issued by detailed a number of the threats facing computer and Internet users in their travels.

The most prevalent threats are apparently those that attempt to steal identity-related information like phishing attacks. Arthur Wong, vice president of Symantec Security Response and Managed Security Services, says, Attackers are launching increasingly sophisticated attacks in an effort to compromise the integrity of corporate and personal information.”

As indicated, the report details these threats and discusses the attacks making use of the various methods:

Rise in Threats to Confidential Information
The report indicates threats to confidential information represented 54 percent of the top 50 malicious code samples received by Symantec. Trojan horses are the primary vehicles of this type of attack.

Steady Increase in Phishing Attacks
This one is the biggie. Symantec’s report reveals phishing attacks are up an astounding 366%. “By the end of December 2004, Symantec Brightmail AntiSpam antifraud filters were blocking an average of 33 million phishing attempts per week, up from an average of 9 million per week in July 2004.” Unfortunately, Symantec expects this trend to continue its increase.

Increase in Attacks Against Web Applications
According to Symantec, “Nearly 48 percent of all vulnerabilities documented between July 1 and Dec. 31, 2004 were Web application vulnerabilities.” Because web apps are approved by firewalls (in order to access the Internet), the security characteristics are avoided. Web application attacks include exploiting vulnerable web browsers.

Rise in Number of Windows Virus/Worm Variants
Because of the proliferation of Windows-based computer environments, the number of viruses and malicious programs targeting Microsoft’s software continue to grow at an accelerated rate. Symantec’s report reveals, “From July 1 to Dec. 31, 2004, Symantec documented more than 7,360 new Windows 32 virus and worm variants. This represents an increase of 64 percent over the previous six-month period. As of Dec. 31, 2004, the total number of documented Windows 32 threats and their variants was approaching 17,500.”
Increase in Severe, Easy-to-Exploit, Remotely Exploitable Vulnerabilities
With the increase in attacks based solely on executable programs and code, the ease of getting these programs to perform their malicious duties has also increased. Symantec indicates, “70 percent were considered easy to exploit, which means that either no custom code is required to exploit the vulnerability or that such code is publicly available. Compounding this problem is that nearly 80 percent of all documented vulnerabilities in this reporting period are remotely exploitable, which likely increases the number of possible attackers.”