SecurityZone.org - Information Security Blog

How often do you get up from your computer, whether it be a laptop or desktop, and leave it unlocked? If I were to answer this question, my response would be “rarely.” However, I do occasionally forget. Locking your workstation is a true basic item in the world of security that is often ignored by the best of us. How many times have you walked around different areas of business to see completely unlocked and unattended machines? My guess is quite frequently. Now depending on the environment the actual threat and likelihood can vary. Leaving an unattended laptop at a Starbucks, locked or otherwise, is much more likely to result in theft than in someone sitting down at it and pulling data or installing something. Theft is obviously the more extreme case, but if you had your workstation locked and have full disk encryption your data would at least most likely be protected.

The same goes for being in a place of business. Sure theft does occur at work, but you are probably more likely to have someone sit down at your machine. Frequently people are playing pranks by changing the home page, the wallpaper, or even sending e-mails as you all in fun. However, an unlocked and unattended machine is at the mercy of the next person to walk by. If they decided to sending harassing message, steal your work/data, install a trojan, or start formatting your hard drive, there’s a good chance you won’t like it. And to think, all you had to do was lock your machine before you got up. It truly is a basic in security that you should get in a habit of doing if you are not already.

As a side note, I’ve started up a website that you can browse to on someone’s unlocked workstation as a prank and as a message letting them know they should have locked their machine! Ultimately it will contain more information about how to lock machines and other useful tips. Check it out:

http://www.unlockedworkstation.com

IFrame exploits? No, not quite. It seems there has been some phenomenom of referring to exploits that load through inline frame (IFrame) tags as “IFrame exploits.” In a few conversations I have had in person and online it seems people seem to think that IFrames are evil and that they are the actual exploit cause. This isn’t really true though. Recently a number of websites have been compromised and have had IFrame tags added to their source that are invisible (height/width is usually set to 0 or 1). These invisible tags then generally pull in exploit code from another website that attempts to take advantage of an upatched system. Basically the IFrame is accomplice in the page source, but it certainly is not the exploit.

Now this is not something new, but is rather something that has recently become much more widespread. Unfortunately you might not be able to protect yourself by just browsing to “trusted” website. Recently a number of well known legitimate websites have been hacked only to have their source modified to turn them into malware/exploit gateways. The best thing you can do to protect yourself is keep your OS and software patched, try not to browse the web as an administrator/root user, and don’t surf too many sites housing naughty stuff.

Still getting the website setup. Just fully migrated to a new server. I am now in the process of customizing the site some more and locking down a few things on the server and in the code. Should be live soon with a lot good security news, tutorials, whitepapers, advisories, and other info — like what I am doing to my WP installation.