Tuesday, March 25, 2008

Is your hard drive about to crash?

Hard drives form the basis of our computing. The use of computers comes down to manipulating data, and the hard drive is, of course, where we store all our data; family albums, music, work documents, email, the list goes on.

Most of the components in your computer are electronic devices. They don’t fail with time like a mechanical device such as a car. But your hard drive is one of the few mechanical devices used in modern computing, and as such, it’s destined to die eventually.

It’s important to learn to recognize the warning signs of an imminent hard drive failure, since you might not have the budget for an extensive back-up system, so you can rescue all that data before it’s lost—sometimes forever, not retrievable at any cost.

Why do hard drives fail?
Logical Failures
Logical failures occur when the electronics of the hard drive failure or the software (firmware) has a problem. This kind of failure is usually the cheapest and easiest to have fixed. Unfortunately, it’s also an uncommon failure.

Media Failures
If the hard drive has been handled roughly, or the magnetic platters are scratched, have read/write errors or low-level formatting problems, this is a media failure. These are also relatively uncommon. Once the platters are scratched, the data should be considered scrapped.

Head Failures
A head failure occurs when the read/write head crashes into the platters (the head crash), has an “improper flying height” or the wiring between the logic board and the head is faulty—among other failures related to malfunction of the read/write head. This is a common failure. The head crash is particularly nasty.

Mechanical Failures
Mechanical failures probably make up the bulk of hard drive failures. The motor burns out, the drive overheats, bearings get stuck—the kind of thing you’d expect to find when a car fails. These can be nasty but if the failure didn’t affect the platters, you might have a chance of recovery, but at a cost.

How do I find out when it’s going to fail before it fails?
That’s not always possible, and sometimes a hard drive will just die—but it’s still important to keep an eye on the symptoms of an imminent hard drive so you have the chance to back-up your data and get professional help.

Hard drives are incredibly sensitive bits of hardware, so don’t try to crack it open and have a look inside unless you know what you’re doing. And most definitely ensure that if you do crack it open, the platters don’t get exposed to the open air—hard drives can only be opened in Class 100 clean rooms or they’re pretty much instantly destroyed by dust.

It’s a lot easier to back-up than to get your data recovered. Once you detect any of the signs of failure you need to ensure that you have a back-up and if not, make one. Then when the drive dies, you can claim your warranty if you still have it, or buy a new drive, and be on your way.

Recovery can cost thousands and thousands of dollars; it sure is a ridiculous amount to pay, but there’s not much you can do but shop around and find the best price. The cost of transferring a back-up onto a brand new drive is much cheaper than having a recovery specialist do the same for you.

Strange Noises
Sometimes hearing strange grinding and thrashing noises means your drive is beyond repair—for instance, if you’ve had a head crash, it very often is. Or it could just be that the motor has failed or your hard drive is grinding away because of noisy bearings. If you’re hearing strange noises then act very, very quickly—you probably don’t have much time.

Disappearing Data and Disk Errors
Computer won’t let you save a document? Or you’re sure that you had a file on your desktop yesterday that’s nowhere to be seen today? Programs that always worked suddenly stop working, asking where a file it depends on is stored?

These are all potential signs that your hard drive is on its way out. Of course, it could be that your kids moved your files for fun or a virus is eating through them, but disappearing data is never a good sign for your drive if you can rule out those alternative causes.

Your computer stops recognizing your drive
This may seem obvious, but if your computer no longer recognizes your drive chances are there’s a problem with it, not the computer. Test it in a friend’s computer and see if your hard drive is recognized by it.

Often, this will be a logical failure—unless you can hear strange noises that indicate a severe mechanical or head problem.

Computer Crashes
Does your computer regularly blue-screen or suddenly reboot? Does it crash often, especially when booting your operating system? If your computer is crashing, especially at times when the computers is accessing files (such as during the boot sequence), it may indicate a problem with your drive.

Really Slow Access Times
It shouldn’t take half an hour to open a folder in Windows Explorer, or two hours to empty the trash. I’ve come across this problem plenty of times over the years, and it’s always followed by a failing hard drive within a month or two.

If you have this symptom on your computer and your drive does not fail, please uninstall Vista from your 486.

Sound is a great indicator. As soon as the sound changes from the norm, or you get plenty of clicking and grinding from your hard drive, you need to power it down immediately. Get to know the sound of your hard drive while it’s young and in working order, because you’ll need to be able to hear the slightest differences when it gets older.

What next?
Don’t try to be a hero. If there’s time, get your data backed up. If there’s not—nasty noises, for example—get it out of the computer or enclosure, wrap it in anti-static plastic or aluminium foil and keep it safe until you can send it to a professional. Hard drives are very sensitive, just like those kids who die their hair black and write poems about suicide. Don’t mess with them.

When you contact a recovery specialist, they will give you details on shipping the drive, though they tend to prefer you hand-deliver it to prevent further damage.

When it comes to hard drives, just remember to keep an eye on it and act quickly. And, of course, keep extensive back-ups, even if you have to skip groceries one week to do so.


Monday, March 24, 2008

Bank of India website hacked!

Bank of India website back online, without malicious code
Dan Kaplan 5 Sep 2007 19:17

The Bank of India website is operational today - approximately four days after security teams disabled it after hackers embedded malware on the home page.
The delay – Sunbelt Software researchers first notified the bank Thursday that its website was distributing 30 types of malware – was necessary to ensure complete removal, experts said. Often times, site engineers fail to shore up all of the holes, which may allow attacks to continue.

“You typically find that if the bad guys find a way to compromise one page, they compromise other pages as well,” Roger Thompson, chief technology officer of Exploit Prevention Labs, told SCMagazineUS.com today. “We often see that the sites get re-hacked.”

The hackers, believed by Sunbelt to be part of the Russian Business Network (RBN) criminal gang, unleashed two server exploits that took advantage of machines not patched with the latest MicrosoftWindows updates, Thompson said.

Visitors to the bank's home page could have been infected if their machines were not updated with the MS06-042 bulletin, a cumulative fix for Internet Explorer that was issued in August 2006, or January 2007's MS07-004 update, which corrects a vulnerability in vector markup language.

It is unknown what mode of attack the criminals used to drop malicious IFRAME links on the site, but experts believe the gang may have injected a malicious script.

Jeremiah Grossman, founder and CTO of WhiteHat Security, told SCMagazineUS.com today that hackers now focus their attacks on website visitors.

Reports today said the Bank of India site was compromised through a U.S.-based hosting provider. Grossman said hosting providers often fall victim to silent attacks and they offer big targets because they provide criminals with access to thousands of sites.

Bank officials could not be reached for comment. It is unknown how many Americans may have been affected, but experts believe many U.S. residents use the bank.

Thompson said end-users should be wary of similar website exploits, and they are more likely to be affected in the office than at home.

“Where they catch people is when they are doing their banking at work,” he said. “People think they're safer at work being behind the corporate firewall and corporate anti-virus, but companies tend not to patch automatically because they run a lot of home-grown applications.”

Grossman said bank customers should remember to patch their machines and run a platform or alternative web browser that attracts less attention from the malicious community.

“They're definitely out of harms way,” he said. “Nobody is going after these systems en masse.”

Source Link

Monday, March 17, 2008

Phishing attacks on banks rise six-fold

It could set the alarm bells ringing for Indian banking system, there has been a six-fold rise in phishing attacks on the country's lenders during the last four months alone, a study revealed in Mumbai.

Phishing is a form of internet fraud that aims to steal valuable information such as credit cards details, social security numbers, user IDs and passwords for financial gains.

The fraud is executed through spoof emails and fake websites that prompt users to disclose their personal details.

The 24X7 Security Response Lab of Pune-based internet security firm Symantec found that in October last year, there were 20 unique attacks on Indian banks while the figure has grown to 120 attacks as of January, 2008.

"The attacks are now becoming more localised, subtle and target-specific...the increase in the number of attacks reflects that they are getting successful," Symantec Director Security Response Prabhat Kumar Singh said.

From fame, the phishers are now turning towards making a fortune, he added.

The Symantec lab monitors the complete threat spectrum and malware activity all across the world. It provides support in 14 languages against phishers who are extensively using sophisticated methods to install spyware, trojans, worms and viruses.

But, it is not actually a security breach for the bank. "The banks have put in the best possible security but it is the unsuspecting user on whose back the phishers enter the system," Singh said.
16 Mar 2008, 1701 hrs IST,PTI - The Times of India



Friday, March 14, 2008

22by7 celebrates Pi Day

Today is International Pi Day! -- and also 22by7's 2nd Birthday!

Pi day is being celebrated throughout the world,specially in Universities & schools.

If you care to look there is an incredible numbers of sites on the web dedicated to Pi.

Here's a sample quote where the word-counts are pi decimals .

How I need a drink, alcoholic in nature, after the heavy lectures involving quantum mechanics.


A great palindrome: “I prefer pi.”

More Pi fun here:


22by7 will be celebrating Pi day with a slew of games & quizzes with Pi as the theme.

We have also scripted a play called "Pi-lay" - a take off on "Sholay".

Where the villain is "Daku Angle Singh" and who shouts "arre o! Lambda" regularly.

Other equivalent characters are :

Thakur T-square

Pi & Zero - Whose strategic weapons to kill Angle Singh are Protractors...

Infinity ( for Basanti) - 'cos she has to dance forever to save Zero's life.....

The village ? - "Pinagaram", obviously inhabited by Piwallon or Pindians...

Well like I keep saying :

We have loads of fun

At Twenty Two by Seven...

Wednesday, March 12, 2008

Indian Govt plans to tackle Hackers

Hackers attempts @gov.org

Date:   Tuesday, March 11, 2008 

New Delhi: Nowadays, government departments are facing big threats from some hitherto unfamiliar elements. Remote injection, authorization bypass and Cult of the Dead Cow are those that make up a wider nightmare of departments of Railways, TRAI, Customs, among others, reported The Economic Times.

Website hacking has attained critical momentum in India. The last few months have seen hackers attacking the website of TRAI, Indian Railways, Department of Telecom, Air Cargo Customs, National Institute of Social Defence, Forward Markets Commission, National Institute of Health and Family Welfare and BSNL, among others.

The hackers even disfigured the website of department of information technology, the nodal agency that is supposed to solve the very issue of hacking. Hackers have also tampered with the website of the wireless planning and coordination wing of the Department of Telecom, the body which handles the sensitive issue of spectrum allocation.

To stop the menace, the DIT says it is in the process of hosting all the servers of the key ministries in the country itself.

"We have entrusted the National Informatics Centre (NIC) with this task and the servers of most of the ministries have been moved to the government body," a DIT official said. The Indian Computer Emergency Response Team (CERT-IN), a DIT body, is in the process of implementing a high-end attack detection solution to make the systems, especially government-owned ones, safer. CERT-IN is also installing a network flow-based threat assessment solution to check the vulnerability of a particular website.

Despite all these efforts, the number of security-related incidents (of hackers crashing Indian websites) has been growing steadily. In January, 87 security incidents were reported as compared to 45 in December 2007. Out of all the incidents, 47 percent were related to phishing, 21 percent unauthorized scanning, 25 percent incidents related to virus under the malicious code category and seven percent incidents were related to technical help under other categories, government data reveal.

In January, only 30 incidents of defacement were reported compared to 509 in December and 305 in November. According to industry sources, the government sector now accounted for 30 percent of all defaced Indian websites in 2007, when compared to about 27 percent in 2006.


Monday, March 10, 2008

Security Tips : How to prevent Identity Theft

Most companies handle, process, and store personal information of employees, clients, and business partners every hour of every day. It is more important than ever to safeguard this information due to the growing problem of identity theft.

Identity theft occurs when someone takes another's personal data--such as their social security number (US), social insurance number (Canada), drivers license number, and birth date--and uses it to commit fraud. The thief might apply for telephone service, credit cards or loans, buy merchandise, lease cars or apartments, apply for a mortgage, even get a job--all in someone else's name. The victim could be left with serious damage to their credit record, their bank account, and their good name.

Your vigilance can help prevent identity theft. Follow these security tips at the office to lower your own risk and your company's exposure to this crime.
  1. Guard others' personal information as if it were your own.
    • Guard sensitive information such as social security numbers (US), social insurance numbers (Canada), drivers license numbers, addresses, birth dates, mother's maiden name, bank account and credit card numbers, policy numbers, health care data and employee numbers.

  2. Take care when exchanging sensitive personal data in conversations.
    • Do not discuss sensitive information in public places, such as in a restaurant, gym, lobby or elevator, or on public transportation.
    • Do not discuss sensitive information on a cell phone, which is vulnerable to casual and electronic eavesdropping.

  3. Lock up.
    • Lock up sensitive papers and digital media overnight.
    • Lock your computer with a password-protected screen saver before leaving your desk unattended.
    • Keep your wallet or purse in a locked drawer or cabinet.

  4. Don't give passers-by easy access to sensitive papers.
    • Put away sensitive papers before leaving your desk.
    • Don't leave sensitive papers unattended at copiers, fax machines, or printers.

  5. Rather than email sensitive personal information, consider other options.
    • Fax it, or send a printed copy in a sealed envelope.

  6. Shred papers containing sensitive information before discarding.
    • Preferably, use a cross-cut shredder, which cuts paper into confetti-like pieces, rather than a strip-cut shredder, which cuts paper into long strips that can be reassembled.

  7. Have an IT professional overwrite or destroy your digital media (such as a CD, diskette, hard drive or backup tape) before discarding.
    • Note that when you delete a file using the Windows "Delete" function--and when you empty your PC's Recycle Bin--the file is not actually deleted. Instead, that file's media space is simply made available to be overwritten by other data. "Deleted" data that is not overwritten can still be recovered, possibly by an identity thief.
    • Contact your IT support personnel to have them overwrite the data or physically destroy digital media before discarding.

  8. Contact internal or external information security specialists to take advantage of their expertise.
    • Information security specialists can help you design ways to store, transmit and process sensitive online and paper-based information in a secure manner.

  9. Learn more about how identity thieves steal personal information, ways to help protect yourself, and how to take action if you know or suspect you are a victim. You can begin at websites like these: