What is Two-Factor Authentication? Why Should You Care?

What is two-factor authentication?  According to Wikipedia:

Two-factor authentication (TFA, T-FA or 2FA) is an approach to authentication which requires the presentation of two or more of the three authentication factors: “something the user knows”, “something the user has”, and “something the user is”.

There are three generally recognized factors for authentication: something you know (such as a password), something you have (such as a hardware token or cell phone), and something you are (such as your fingerprint). Two-factor authentication requires the system to use two of these.

Why should you care?  For extra security, having two or more of the mentioned security factors for authentication helps to make your login more secure.

For email purposes, currently only Google’s Gmail service is the only major webmail provider that offers this option, although Microsoft Hotmail’s forum moderators recently thought differently.  An interesting article by Fahmida Y. Rashid outlines the questions asked of the support forum regarding Microsoft Hotmail’s authentication with some surprising responses.  It only took 3 weeks for an informed response to be posted.

So now you know what two-factor authentication is, shock and awe your friends!

Taken Over

According to Neil J. Rubenking taking over your computer remotely appears to be ridiculously easy, as long as you’re a bit gullible and don’t have any antivirus productions.  Apparently he’s done it, along with several other tech journalists as part of a recent McAfee Consumer Journalist Day at McAfee Headquarters in Santa Clara.

Each of hte journalists was provided a laptop already running VMWare virtual machines.  One VM represented the attacker and the other the victim, with no outside connection for safety’s sake.

Starting with the installation of Shark Trojan, they got to work.  Shark Trojan bills itself as “an advanced reverse connecting, firewall bypassing remote administration tool,” and warns the user not to use it to do anything illegal.  This, and other similar tools, are available for prices that rarely exceed 2 figures.

Shark, according to Rubenking,

“makes hacking so simple it’s ridiculous, especially with the script of instructions supplied by McAfee. With one click I created a server to handle command and control for my attack. Binding my Trojan attack to a legitimate (but outdated) McAfee antivirus tool was equally simple. Had the script called for it, I could have configured the Trojan to lay low if it detected certain tracking tools. Finished with setup, I copied my Trojanized antivirus into the web server’s download folder.

Viewed in a browser, that server serves up a site that looks exactly like McAfee’s. You have to look closely to notice that the URL says “macfee.com.” I sent an official-looking email to the victim system with a link to my evil creation, then switched to the victim’s virtual machine and launched the link.

Back on the attacker system, I immediately saw the victim show up in the Shark console. From that console I had virtually total control over the victim. I launched a DOS shell, viewed and changed Registry entries, tweaked files, launched programs, and manipulated services, all with simple commands from the console. I installed a keylogger, typed a little in the victim system, and verified that the keystrokes were captured.

As a final act of simulated malice, I copied a virus to the victim’s system and launched it. Back on the victim system I ran the Trojanized antivirus, which functioned in detection-only mode. It found hundreds of infected files. That poor victim was completely and totally pwned.”

While this venture took place on a virtual machine on a virtual network and harmed no one, it was increasingly apparent how easy it would be for any ordinary hacker or wannabe to go after any oblivious person or machine.

Word to the wise:  be careful what you click AND Get Your Antivirus Running!!!

Read the entire article here.


Internet Security for the Non-Geek

I came across an article I’d put aside regarding internet security. This article was well written and entitled “andparents: What to do when you’ve been compromised.” I’d put it aside basically because it was information I was already aware of. But then I had to walk my daughter through an emergency clean up of her machine because somehow she’d gotten so infected she couldn’t even log onto her school site to do her assignments. The first thing I asked her was what type of anti-virus software she was using and I heard a lengthy silence on her end. She eventually admitted she had none. We tried a few clean up tricks, but her computer was too far gone. I ended up walking her through a restoration, which to you non-techies is a complete reformat of the hard drive and setting it back to the way it was when she bought it.

Continue reading