Archive for October, 2011

iOS 5 Upgrade Process

Monday, October 31st, 2011

by Christopher Tippins for the Software Synergy Group

As I mentioned in my article, “iOS 5 Features Review” the upgrade process to iOS5 is something you should set aside a couple of hours to complete.

Depending on the data set you have on your iPhone, the process could take less time but possibly more.  (Caveat:  this article focuses specifically on the iPhone 4, but I suspect it will be similar on an iPad or an iPhone 3GS.  You would be wise, however, to search the ‘net for any particular issues you might encounter for these devices).

Why?

Because the process basically does the following:

1.       Prior to doing the upgrade to iOS 5, you might have to download and install a new revision of iTunes.

2.       Your current iPhone will be backed up in it’s entirely.

3.       The new operating system will be downloaded.

4.       iOS 5 is then installed on your device.

5.       Once the new OS is installed on your device, all your data is then written back to the iPhone.

Keep in mind that I personally do a manual backup of my iPhone before ever doing any major upgrade as in the past I’ve run into some issues.  Note that I’ve also read accounts of early adopters of iOS 5 running into some problems.  I am probably being overly wary, but I’d rather have this backup and not need it then to need it and not have it.

OK, so let’s take a look at what happens once the process completes in iTunes and you turn on your iPhone for the first time since the upgrade.

(more…)

iOS 5 iCloud Review and Considerations

Thursday, October 27th, 2011

 by Christopher Tippins for the Software Synergy Group

In other articles (“iOS 5 Features Review” and “iOS 5 Upgrade Process” I’ve discussed new features of iOS 5 as well as the upgrade process.

In this article I’m going to focus on iCloud and important considerations before you make the leap into the cloud.

iCloud, as you may or may not know, is Apples answer (in some respects) to Google Docs as well as the many cloud services being offered by many vendors.  I’ve written an article previously that talks about some of these services and you can read it by clicking here.

You can read more about iCloud on Apple’s site by clicking here, but I want to focus here about some of the ramifications of using it that aren’t readily apparent on Apple’s site.

For starters we have to talk about the cloud in general.  Cloud computing is all the rage of late and everyone from Microsoft to Google are offering these services.

Why?

Storing data in the cloud allows users and businesses to store data on servers available on the Internet instead of storing this data on their local personal computers or servers.

This is a big plus as many people don’t back up their data and for business, the costs of running and upgrading servers can get very expensive over time.

There are pluses and minuses to both scenarios.

(more…)

The Duqu Virus – A New Stuxnet Variant

Friday, October 21st, 2011

by Christopher Tippins of the Software Synergy Group

Over the past year I’ve written several articles about a new type of computer virus – Stuxnet – one designed to infiltrate and destroy the control systems of Iran’s centrifuge systems that manufacture enriched uranium.

What has made Stuxnet (and now Duqu) so completely different than any other type of computer virus or malware is that it seems to have been state sponsored.  It is widely believed that it was either developed by Israel or the United States or perhaps by teams working for both countries.  Additionally, it was targeted to infect Siemens control systems and those specifically in Iran.

It’s unknown at this point where Duqu came from, but the first evidence of its existence seems to have occurred in Hungary sometime over the past four to six weeks.  Stuxnet wreaked havoc in Iran by targeting the systems that controlled the speed of the motors running the centrifuges and causing them to run wildly out of control and burning them out, all the while sending data indicating that the motors were operating within normal limits.  It is estimated that it set Iran’s nuclear program back a year or more.

The Duqu virus, which is believed to be based on code that came directly from Stuxnet, seems to have a completely different purpose.  First accounts indicate it is designed to do two things:

  • Gain remote access to systems for its designers and
  • Act as a keylogger to record keystrokes and other data and send that data package back to developers

Infection so far has been rare and this new virus may be nothing more than a test deployment to see how well it functions in the field as well as how easily it can be distributed without detection.  Interestingly, the payload or “dropper” program – the delivery application – has not been found, only the remnants of the infection and the resulting payload.

Aside from the amazing complexities of this malware and its design goal, these viruses represent a new era in warfare.  Ponder for a minute what the ramifications of these types of threats represent if code like this is developed to bring down portions of the power grid or the control systems of online nuclear reactors or communications systems.  In theory at least, these threats could do more damage to an infrastructure then an out and out barrage by conventional weapons.

Here are some links if you’d like to read more about this fascinating story:

http://www.forbes.com/sites/kenrapoza/2011/10/21/duqu-virus-likely-handiwork-of-sophisticated-government-kasperky-lab-says/

http://www.ynetnews.com/articles/0,7340,L-4137286,00.html

https://www.securelist.com/en/blog/208193178/Duqu_FAQ

http://www.zdnet.com/blog/security/hungarian-lab-found-stuxnet-like-duqu-malware/9683

http://www.nytimes.com/2011/10/19/technology/stuxnet-computer-worms-creators-may-be-active-again.html

10/23/2011:  Update:  The Boston Globe published an interesting article (click here) about a researcher who was able to duplicate at least some of the capabilities (remote access and control) of Stuxnet type applications – and do it with less then 20,000 dollars and in less then 2 months.