Ajit Gaddam on Security & Technology

Tracking Cookies while generally of a low threat level to your PC, they are still classified as Spyware. This article describes what a tracking cookie is, how to identify tracking cookies and finally how to remove tracking cookies.

What is a tracking Cookie?

Tracking cookies usually track the session of a user to a particular website. There are two kinds of tracking cookies in the simplest sense. The good kind and the bad kind. The good kind are used for authenticating and maintaining specific information about users such as site preferences and the contents of eshopping carts. Read more »

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

For IT Security folks, especially those in a large corporation, dealing with Threats Security or External Content Threats Security has a potential to take away a significant operations time. So what is External Content Threats Security?

External Content Threats Security usually involves threats through many threat agents which evolve over time. These threat agents could be across an Enterprise Office platform, a database or a website within a corporate environment’s intranet or on a public network such as the Internet. External Content threats security deals mostly with the following threat agents which include Hyperlinks, Data Connections and Web Beacons.

Hyperlinks: This threat agent is usually exploited by attackers who create websites containing malicious code or content. These might include phishing sites containing these hyperlinks enticing a user to click on a link outside their trusted domain.

Data Connections: This threat agent is exploited by attackers who create data connections to databases or other data sources and then use these connections to either extract data and use it to gain further access or manipulate the data.

Web Beacons: If you ever used Microsoft Outlook or most Desktop email clients or even web clients, you see that the email has not been fully downloaded and there might be images to be downloaded, waiting for your authorization. While saving network bandwidth is one of the reasons, it also helps in security.

Read more »

Spyware is computer software that is installed on your computer without your consent and intercepts or takes partial control over your interaction with your computer. Spyware such as Zedo “powered by Zedo” and URL.cpvfeed.com redirects your browser or opens popups displaying advertising. Zedo and URL.cpvfeed.com spyware also installs the core.sys rootkit resulting in slow internet speeds, different home pages and also loss of internet. In this article on Spyware and Adware removal, I will show you how to remove the Zedo(powered by Zedo) and URL.cpvfeed.com popups and also remove the core.sys rootkit.

How to Remove “Powered by Zedo” and URL.cpvfeed.com spyware

Step 1: Download PC Tools Spyware Doctor.

We will be using this free Anti Spyware tool provided by Google. Google is giving out this amazing Spyware product for free as part of its Google Pack. While the Google Pack has other good software, you can download just the PC Tools Spyware Doctor. Click here download Spyware Doctor from PC Tools website to remove the Zero and URL.cpvfeed spyware software.

http://www.pctools.com/spyware-doctor/

Step 2: Disable System restore on your computer.

On the Desktop, right click My Computer. Click Properties. Click the System Restore Tab. Check Turn off System Restore. Click Apply and OK. When prompted to restart your computer, Restart and Boot into Safe mode.

Read more »

Why Biometric Security CANNOT secure a Corporate Environment

Biometric Security is being billed as the next savior of personal and corporate security, a superior solution to our Identity and Access management problems. Solutions are often exotic and include voice for unlocking rooms housing servers or for reseting passwords. There are already systems in place for retinal scan for more secure access. The key to a door is always with you, and the key is YOU. Think about it, unlike passwords which can be guessed or read from that yellow sticky hanging on a monitor screen, it is hard to forge them. Someone can’t replicate your fingerprint or your iris scan. Sure some artists can mimic other people’s voices but getting past a security system is a whole different ball game.

So, if Biometrics is all this good, why it cannot secure a Corporate Environment?

Lets start of with what is the biggest strength of Biometric Security. It tells an authentication system that you are who you tell you are … because unlike usernames or passwords or even Smart cards or tokens, they cannot be lost or stolen, because your identity is unique to you and only you.

Now, Biometric security secures both your Authentication and Data privacy. Let us assume that a corporation is implementing Biometric access through a fingerprint reader on a Laptop. Typical authentication in a corporation involves verifying your credentials to those in the Active Directory or any other central “source of truth” in a corporation. Here, let us use a finger print as the biometric authentication input. A thumb is scanned on a laptop fingerprint scanner and travels over the network verifying with a master biometric on file. If everything matches, you are in or <bleep> incorrect password.

Read more »