This article covers some of the issues involved when using a Digital Signature. Each Digital Signature is generated from a Digital Certificate (otherwise known as a Digital ID) issued by a certifying authority.
All examples given are created using Microsoft Outlook 2010 on a PC using Microsoft Windows 10, but the principles apply to other versions of Outlook and other email clients.
This article has been written to compliment my previous article Make Safe Financial Transactions.
Anyone using an Apple Mac can get appropriate certificate information in this article published by TechRepublic entitled: How to configure digitally signed email in Apple Mail.
Continue reading “Using A Digital Signature With Outlook”
How I Resolved ‘Fatal Error Out of Memory’ For A Single Post
After much editing of my WordPress post entitled ‘How A Toilet Silent Fill Valve Works’ , since I wrote it in May 2014, (there must have been at least 150 edits, and I changed it from a page to a post too) I suddenly had this ‘Fatal Error Out of Memory’ script on the WordPress White Screen of Death when I tried to edit it:
Fatal error: Out of memory (allocated 54001664) (tried to allocate 49253 bytes) in /homepages/22/d382273723/htdocs/wp-includes/wp-db.php on line 1380 Continue reading “WordPress Fatal Error Out of Memory”
Browser Choice – What’s That About
In December 2009 the European Union obliged Microsoft to offer a choice of browsers to their European customers when they installed new versions of Windows. This browser choice was also delivered in updates to Windows and so the Browser Choice screen was born and has been with us ever since. See my featured image of Microsoft’s browser choice screen offering Google Chrome, Internet Explorer, Safari, Mozilla Firefox and the Opera browsers amongst others.
Browser Choice Ends
It turns out that this requirement by the EU had a time limit of five years which has now expired. Consequently Microsoft have quietly withdrawn the option to choose other browsers and returned to providing Internet Explorer alone. People can of course continue to use other browsers with Windows as they see fit but Internet Explorer is now what comes out of the box. Continue reading “Browser Choice In Microsoft Windows Ends”
A recently discovered Backdoor Trojan Regin is a computer bug found by the software security company Symantec. Its purpose is to spy on the activities taking place on computers. It can collect passwords, capture screen images and even recover deleted files.
The Backdoor Trojan Regin has been made to operate in five stages the last two being encrypted to make it very difficult to discover and understand. If any stage were to be discovered it would say little about the other stages. Two stages are specifically given over to loading each other and the other stages. You can see a block diagram of Regin’s stages of operation at this Symantec site.
Backdoor Trojan Regin appears to have been developed as far back as 2008 and by its sophisticated nature was probably developed by a nation state as opposed to criminals. It appears to have been withdrawn from use by its masters in 2011 and a new version reintroduced in 2013.
Regin infections have been found in the following countries:
- Russian Federation
- Saudi Arabia
All Regin infections have been shared by these sectors thus:
- Airline – 5%
- Energy – 5%
- Hospitality – 9%
- Research – 5%
- Small Businesses & Private Individuals – 48%
- Telecoms Backbone – 28%
The Backdoor Trojan Regin has been made extremely stealthy so that it is very hard to determine what it is up to even after discovery. It could go undetected for years. For those interested it uses RC5 encryption which isn’t commonly used.
- BBC News – Regin, new computer spying bug, discovered by Symantec.
- Symantec Security Response – Regin: Top-tier espionage tool enables stealthy surveillance.
- Symantec White Paper on Regin.
- Wikipedia on Trojan Horse – Computer terminology.
- Wikipedia on RC5 encryption.
The Problem To Be Solved.
A good friend of mine had found that an Excel spread sheet no longer had a formulae in a particular cell. It had a number there instead. This meant that any changes in other cells associated with the missing formulae had no effect on the result in the TOTAL column. On a regular basis my friend had sensibly made a backup of the spread sheet and now my friend had a great number of them. It was imperative that my friend found out when the formulae had gone missing. My friend was about to conduct a manual search and work through all the backups to find the time when the formulae was last used in the spread sheet. Looking at every backup would have given my friend a lot of work. So I advised using a “Binary Chop” method to make it easy. See Example 4 in particular. Continue reading “Manual Search Using Binary Chop”
There is a vulnerability (flaw) which allows targeted attacks via Internet Explorer versions 6 through 11 to be made on MS Windows PC’s.
The attack seems complex to me and probably not easily made against the masses. The ultimate goal of an attacker would be to encourage a PC user to visit dangerous websites.
Microsoft plan to fix the problem with updates distributed in their normal way, i.e. monthly updates.
If you want to find out more you can visit ITPRO here. Some PC’s will be more vulnerable than others depending on what version of Windows is used and whether Outlook, Outlook Express or Windows Mail are viewing an HTML document.
Or you could visit Microsoft here and read Microsoft Security Advisory 2963983, Published: April 26, 2014.
Well, well, well, whose not keeping on top of things then. It looks like all the major banks. This article from ITPRO taken from Reuters points out that some major banks will not have updated their Automatic Telling Machines to Windows 7 by 8th April 2014. This is Microsoft’s published deadline after which there will be no support for the old system. Apparently 95% of the worlds 2.2 million ATMs were using Windows XP and 2/3 of them will still be using it after the MS deadline. So the banks involved will be paying some large sums of money to MS to keep their systems updated beyond the deadline.
This tells me that these banks have got all their eggs in one basket. They should diversify and have another company’s system running on alternate machines with similar geographic locations. This should be a requirement of bank regulators.