Was my data compromised?
No, the hacker was only able to exploit a php upload venerability that caused the server to write his file (htm only) in the web-root.  He could not read any secured files or other files that were not otherwise intended for public view.

Did the hacker delete your files or compromise any of your data?
No, again the hacker could only write a file that hadn’t already existed being the Unix file-system allows “READ-ONLY” permissions to be assigned to individual files (which is hard-coded).

Can this happen again or to my site?
To our site, yes, to our client’s sites, no.  We still allow upload of files via the public; however we have taken measures to ensure that an indexed paged (default page for the web-server) cannot be uploaded.  This cannot happen to clients as none of them have the upload ability outside of their control panels, which is locked down just for the client.

Even in the state of North Carolina, it is not uncommon to see “Adult Classifieds” on Craigslist and the listings are becoming more and more popular especially in metropolitan areas. Being these transactions are being conducted over the internet, the “solicitation thereof” becomes unusable in a court of law because the solicitation didn’t take place “inside the state”.  This coalition of Attorney Generals aim to change this.

Simple solution is, restart the infected or locked PC in safemode (for those that don’t know, that is taping the F5 key during startup, just fractions of seconds before the windows logo screen comes up with the loading icon (or bar)).

You’ll notice the program does not run in safemode, but there isn’t anything else you can effectively do either. Here we go, click, start then run. Type: “msconfig” and hit enter. There in the services AND startup you’ll see the the ICPP scanner and “enforcer”.

Granted I only downloaded this software to see if it would pick up any of my software which it did not, so I am; no — I’m not downloading pirated materials just to test the scanner (lol). But I did create a few fake files that seemed to trip it a little, but seemed pretty easy to fake a payment code and disable.

If that doesn’t work, someone let me know; its been a while since I actually did any intense Microsoft clean-up work, so pardon me if I’m a bit rusty.

Coming in at number one, was file-sharing (peer to peer networking).  File-sharing can be a danger to the internet’s bandwidth because this involves many users pooling together their minuscule upload speeds to deliver someone else a fast download of the same file.  The only problem with this, is that minuscule upload speed, it is rather hard to clog bandwidth when it takes several people to deliver one file at a decent download rate so the ISP’s severely limited the upload speeds of home-users and make businesses pay dearly for the upload bandwidth.

Then at number two was the internet numbering system, Internet Protocol Version Four (IPv4 ie, 255.255.255.255).  So they came up with a solution to that too; IPv6 which gives us the use of hexadecimal instead of the “advanced binary” means we used in IPv4.

Now, I can foresee a more silent killer, so-to-speak that I believe the experts are overlooking; syndication.  Syndication is a method of relaying and sharing of information between websites, be it news, articles, or other data that only requires a link back to the publishing site.  In theory, this takes very little bandwidth, especially for the faster servers out there but according to WikiDot, because of the social networking online, the numbers are rising at substantial rates.  According to InternetWorldStats, the total internet usage breakdown looks something like this (this is from only the user prospective):

• 72% – HTTP Web Pages, Images, CSS, Javascript, etc
• 20% – File-sharing (p2p networking)
• 7% – VoIP & VPN (Voice over IP and Virtual Private Networks)
• 1% – Other (chat, FTP, DNS, etc)

Here is the data taken from all of my websites and compiled for an average:

• 41% – HTTP, Images, CSS etc
• 40% – FEEDS (Syndication)
• 17% – Spiders (googlebot, alexia, etc)
• 2% – Other

What this reveals is something startling — Syndication is starting to occupy a very sizable portion of the internet bandwidth.  It only makes sense though.  Lets think: CNN publishes a news article, 10 other major news sites (like google news) then get the article through syndication, that is bandwidth times 10.  Then 100 other minor sites get the same article and publish it.  Now, 100-200 more smaller sites see the article on Google News, they then syndicate it further, causing a snow-ball effect until the article is then stale.  When all is said and done, we have just used up 20% of the total traffic that would have been spent viewing the page itself from the viewers of just CNN.

How is this bad?  When the bandwidth issues for file-sharing became prevalent, it was obvious, people reacted and made changes.  File-sharing was only able to climb to about 20% and there is where it holds steady.  Syndication however has been slowly climbing at the rate that a rock accelerates to the ground after it is released from being suspended in the air.  It started at 0, then started rising, and then even faster, to today we’re looking at nearly 100% of the server-to-server traffic being pure syndication!  Here comes the problem, where home-users were limited in bandwidth to stop the file-sharing bandwidth problems, syndication is done between servers, where bandwidth restrictions are near-nonexistent thus paving the way to an expected total clog of the internet in the near future.

Syndication does serve a lot of great purposes that shouldn’t be overlooked either.  It provides website owners a way to “get the word out” as well as a way for users to know instantly what is going on in the world but what price will we be paying for this source of “instant” data-sharing?  Only the future truly holds the answer to that question.

Dwayne was a QA manager for Intel from 1998 through 2006 and worked as a support agent for IBM from 2006 until 2009. Dwayne holds a bachelor’s in Business Administration as he also minored in Computer Sciences at ITT Technical Institute.

Dwayne has currently started involving himself and has created several new areas of this site and others.

Me: “I was wondering, how much does it cost for a new copy of MS Office 2009?”

MS: “$199.00″

Me: “I already bought the software once, do I really have to buy it again because of a compromised disk?”

MS: “Oh no sir!  We can just send you disks in the mail for $10.00 plus shipping and handling!”

Me: “Ok so if my neighbor has the disks I can use them and just plug in my CD Key and everything is legal?”

MS: “We don’t suggest it sir, because they might have a different version (professional, home etc), but if it is the same version, it is totally legal and does not violate any EULA”

Me: “Great thanks!”

So what does this mean?  It doesn’t matter how you acquire the software AS LONG AS YOU HAVE PURCHASED IT! So, thus my torrenting was born.  Though you have to be careful of the torrents you get!  Some torrents contain cracks and CD-Keys for the software, in such case this software is ILLEGAL to possess.

But today after reading this news article from ZD Net, I couldn’t help but to laugh.  Apparently, software companies have allied together and has created a gimmick to ensure that you pay for their software by placing a program on your PC that will check for certain torrents and then LOCK your PC and tell you that the ICPP Foundation has locked the PC and it can only be unlocked by paying for a license and a fee for pirating the software.  First of all the ICPP Foundation (International Copyright Publication Protection Foundation) does not engage in such acts — EVER, in fact placing this software on your PC without your knowing is simply more illegal than obtaining illegal software.  Secondly, they ask you to pay only a FRACTION of the fees that a legitimate ICPP notice would ask (usually about $10,000.00 is the norm).

This however is called “Scareware” or “Ransomware” the same software that was going around in the Y2K era that popped up a count-down timer on your PC saying “PC System WIPING MEMORY In…”.

Links:

• MyTekWeb
• Goldsboro Web Development
• Vraul Blogs