3/27/2011
Obfuscating your email is the best way to stop spammers bots from harvesting and storing your email address from a website, newsgroup or forum, spammers automated software follows certain patterns to identify and store an email address, they can’t comprehend it when a person has deliberately hidden his/her email address to be human readable only, they are also unable of following instructions.
  1. Change your email syntax: Replace the @ symbol in between your username and email domain name with (at) , (AT), the . with the words DOT and add spaces in between the words, for example: caitlin (AT) hacker10 DOT com
  2. Create a graphic image of your email address: Spambots can’t read the letters embedded in pictures like jpegs, with a graphics editor you can create a .jpeg with your email address inside it, after that you can then either upload it, if the site allows, or use a free file hosting image site and link to it, for example:
    Hacker10 Email address
    Hacker10 Email address inside graphic
    To email click on link: http://hotlinking.caitlin.proinbox.com/caitlin-hacker10-email.jpg
    There are free online services that will create a graphical image of your email address in seconds you don’t even need a graphics editor.
    Online Email obfuscator: http://www.emailerr.com
  3. Use email plus addressing:  If your main email address is example@gmail.com you could use example+hacker10@gmail.com and all of the messages to that email address not only will still be delivered to your main email account but also classified into the folders named after the email username + symbol, plus email addresses structure goes like this: username+foldername@domain.com
    You can create an unlimited number of throw away email addresses this way, not only you will be able to filter out one particular address if it receives unsolicited email, but also spot the source of the spam, if you have only used one email address for one site and nowhere else then it is clear where spammers harvested the email from.
    The main caveat to email plus addressing is that few free email services support this feature, Gmail and Fastmail do but with Yahoo it only works with its premium paid for email service. Another problem you might encounter using email plus addressing is that many webforms will not accept your email address because they do not recognise the + character as valid, Yahoo mail uses a – character instead, standing a better chance to be allowed inside webforms.
    Detailed old letter mail
    Detailed old letter mail
  4. Use a disposable email address: There are plenty of services available providing free disposable email addresses, aka DEA, most of them will erase your email address in just a few minutes or some weeks at most, disposable email addresses do not normally use a password and others choosing the same username could read the contents, you would have to avoid its use for emails containing personal information and choose a hard to guess username. Disposable Email Services:
    Yopmail: http://www.yopmail.com/en/
    Guerrillamail: http://www.guerrillamail.com/
  5. Use an email forwarding service: If you need a disposable email address that lasts for months choose an email forwarding service instead, you will be asked to sign up which takes longer but you know that all subsequent email messages will be forwarded to you. Mail forwarding services:
    TrashMail: https://ssl.trashmail.net/
    SpamGourmet: http://spamgourmet.com/
  6. Register a domain name and use it for email: For around $10 year you can register the domain name of your choice and use that domain as a mail forwarding address, your domain registrar will supply you with a control panel from where you can activate it for email and forward all of your messages to your real email address. Make sure to choose a domain name registrar with this facility, most of them do though. Domain registrars with email forwarding:
    Hover: https://www.hover.com/
    2Ya: http://www.2ya.com/
    Stop email spam
    Stop email spam
  7. Use RecaptCha mailhide: This free service from Google will convert your email address into a clickable link and it will ask users to enter a captcha code before they can see it, a captcha code is the same antispam system many blogs use to stop spambots commenting on them. reCAPTCHA Mailhide: http://www.google.com/recaptcha/mailhide/
  8. Choose a non obvious email addresses: Spammers use software to generate likely email username combinations. Do not use your own name or dictionary word as your main email address, it makes it harder to guess for an automated tool.If you need an easy to remember email address to give away you can use an alias email address that can be disabled if spam comes in but do not choose it as your main account email as you can not usually change it.
  9. Use email aliases: Many email services will allow you to create a second email address directing all of the email to your main account, always use an email alias when you communicate with someone, this way if that email is compromised you can always cancel it.
If you need to send secure encrypted emails check out my Email encryption page where you can find a list of email providers offering this facility.
3/26/2011
From Windows Vista Microsoft has added method to evaluate hardware and based on that rating is provide called as Windows Experience Index (WEI) to enable Aero glass effect. Similar way of evaluating hardware is still present in Windows 7. There is no way to bypass windows experience index enable Aero glass effect in windows 7.
However if you wish to change Windows 7 WEI without changing actual hardware then this guide is for you but keep in mind that by modifying Windows Experience index with following guide you can’t Enable windows 7 Aero effect, it’s only good for showoff purpose.

How to Change Windows Experience Index (WEI) On Windows 7

1. Open up Windows Explorer & Browse to C:\Windows\Performance\WinSAT\DataStore.
2.Click on the most recently created XML file there (its something like this….2009-07-05 01.12.28.985 Formal.Assessment (Recent).WinSAT) & take ownership of the file
Change WEI
3. Open above file fine in notepad or wordpad and make changes to following selected part shown in below image.
Windows 7 Windows Experience Index
For e.g
<WinSPR>
<SystemScore>7.9</SystemScore>
<MemoryScore>7.9</MemoryScore>
<CpuScore>7.9</CpuScore>
<CPUSubAggScore>7.9</CPUSubAggScore>
<VideoEncodeScore>7.9</VideoEncodeScore>
<GraphicScore>7.9</GraphicScore>
<GamingScore>7.9</GamingScore>
<DiskScore>7.9</DiskScore>
</WinSPR>
4. Save the file & Restart the performance information & tools in the control panel.
Windows Experience Index Before Change
Windows Experience Index After Change
3/22/2011
Hacktivism

The hackers are not breaking the flow for the money. They break because they do not agree with their victims. "Hacktivism is a new form of demonstration in the virtual world," said Sean-Paul Correll, researchers from PandaLabs.

Examples of hacktivism activities are DDoS attacks, sending a barrage of data that a web site server so that eventually overwhelmed serve stopped working-of PayPal and MasterCard in December because of both financial services were blocking the transfer of money from their users to WikiLeaks. Another example is a DDos attack against the Motion Picture Association of America and the Recording Industry Association of America conducted by the 4chan forum. Both were attacked for making a web site The Pirate Bay was closed.

Smart device

The popularity of smart phones or other mobile devices, such as the iPad, which connect to the internet is a "toy" just for criminals. Their main targets, according to security firm SecureWorks origin, is banking transactions conducted via smart phones or other smart devices.

"Where there is money, there is a villain," said Patricia Titus, Vice President & Chief Information Security Officer of Unisys.

"Clouds"

Cloud computing is a computing trend in 2010. Data is placed on the internet, can be accessed anytime and anywhere as long as there is a network. A solution so bright point for some businesses. However, clouds can be cloudy, right?

The most simple example is the discovery of malware in place penyimpananfileMalwarebernama Trojan-Dropper.Win32.Drooptroop.jpa was alarming, according to researchers from Kaspersky Lab Vicente Diaz, "Because not appear on the Rapidshare link and can deceive ordinary security devices." Rapidshare.

As more and more companies use cloud computing in this system, SecurityNewsDaily predicts many hackers dwell on it.

Social Engineering

Sophos said last December there is a false message spread through Twitter. Messages deceive computer users so that they believe their computer got a virus so they are encouraged to download a fake antivirus which link is included in the message as well.

This scam is not new, but will continue in 2011, even with higher numbers. "About 500 million," so called SecurityNewsDaily. Total number of users similar to Facebook. "Social engineering is more convincing, more subtle, more widely spread, as well as more professional," says Baumgartner from Kaspersky Lab.

One factor that will contribute to social engineering is a service penyingkat URL. Service is often used to shorten long URLs to fit with social media web sites, like Twitter, which limits the number of characters.

A computer science student named Ben Schmidt experimenting with the web site URL penyingkat product. The project is called "Evil URL Shortener" was not only shorten the URL, but also with techniques DDoS attacks. "This is evidence that penyingkat website can take people anywhere," said Schmidt.

Stuxnet

Stuxnet is the name of a type of malware worm that began spreading in June 2010 and is predicted to remain a scourge in 2011. The worm that attacks systems using Siemens software in industrial control system was found to attack a nuclear power plant in Iran.

It is estimated, Stuxnet sent by a particular country, not by individual. The Internet is a new place for the country to war, the researchers said, and will grow in 2011.

Examples of attacks launched by a country is to attack China via the Internet to Google and 34 other companies in January 2010. The attack, according to McAffee, very complicated.

Of all the threats that arise, what can we do? At the very least: be careful.
3/14/2011
Indonesian Security Conference 2010 in Bali












Every person shall maintain each server machine. But he also must be ready to attack other machines. There will be fights breaking ingenuity. This is a war simulation that hackers will be held in Bali.

It's one of the activities to be held in the Indonesian Security Conference 2010 (IDSECCONF 2010), on 16 and 17 October in Bali STMIK. The event was adu dikes, alias the game "capture the flag", it will position the guards server as a keeper of the castle. To seize the flag of the fort, first conquered guardian.

This year's conference theme is security in electronic transactions in banking and electronic payments. Various security issues and vulnerabilities in e-banking transactions and e-payment will be discussed.

A number of speakers will present various activities paved. For example y3dips who will talk about how to hack a private network. There is also carrying material indo.pick break into a safe with a lock pick. There are going to discuss the matter of skimming at ATM machines until a quick way to do hacking on the banks of the places that do not attract attention, even when queuing at the bank! The speaker was the result of selection of papers that are sent to the committee.

Then, two information technology security analysts, namely Yono Reksoprodjo and Jim Geovedi, also will give 'lectures' in there.

If you want to know even want to participate in events open to the public, you can see it in http://idsecconf.org. This event is open to students, student, follower of developments in information technology, practitioners, to ordinary people.