Archive for June 26, 2010

Late Night Computer Security: Half asleep at the keyboard

June 26, 2010 2 comments

I was up until 3:30am this morning researching something on the Internet and then all of a sudden, my desktop firewall pops-up a message asking me if I want to allow an unfamiliar “.exe” file to access the Internet.  My firewall is setup, so that anytime an executable that I haven’t marked as safe wants to access the Internet, it prompts me if I want to let it out. “Oh great,” I thought to myself, “I must have been hit by some type of zero-day exploit.” I click the disallow button and right after I click the button I think, “Wait. What was the name of that executable again?” Doh!

So then I’m sitting there thinking to myself, half-awake, that it really doesn’t matter if I go back to that Website, because at this point, I’m just going to save this VMware image for analysis.  I go back to the Website, click on link and sure enough, I get the firewall prompt again. The file is named plugin-container.exe. “What the heck is this?” I think. A quick Google check and yes, you probably already know this – it’s a Firefox process that runs your plug-ins under a separate process.

I recall reading headlines over the past week that Firefox has a new crash protection feature, but I didn’t realize this was it.  The crash feature is mentioned in the release notes and on Mozilla’s blog, but there is no mention that this feature spawns a new process named plugin-container.exe. Lame.

I hate when stuff like this happens, but I guess it’s to be expected when I’m half asleep at the keyboard.


What’s up with the Trusted Computing Group?

June 26, 2010 6 comments

After reading the post and comments at Cyber Arms the other day about Trusted Computing (TC) and the Trusted Platform Module (TPM), I decided to spend some time at the Trusted Computing Group Website.   I was introduced to the concepts behind TC several years ago and while I agree that it has its strong points, I have my own concerns and issues with the technology that I won’t get into here.  As a result, I haven’t paid much attention to its development over the years.

While browsing the TCG Website, I stumbled upon an article that struck me in a negative way:

Read more…