Avoiding virus from USB flash drive

Nowadays, virus programmers seemed to have an easy way of propagating their virus – through USB flash drive. A lot of computer users who does not know how virus propagates are the usual victim of this.

The most effective way of propagating virus from USB flash drive is when the user double-clicks on the flash drive icon to open the device. Through the autorun configuration of the drive which will be called during the double-click event, a malicious command maybe inserted in it.

Avoiding running the autorun script will prevent the virus to be activated. To do so, the next time you will use your flash drive, remember not to double-click it, instead go to the address bar and choose the drive. In this way, you were able to bypass the autorun script that might contain the malicious command. Another way of bypassing the autorun script is by doing a right-click on the drive and choose Open instead of Autoplay.

Furthermore, always scan your USB flash drive with an updated virus scanner especially after using it with an unprotected computer.

I miss the right course

Did I? I guess so. But it doesn’t really mean that I regret having the course that I have now.

One day, I am talking with my friend about the work that we have and how we wanted to go to the top. We realized that top personnel in a company have earned degrees inclined to economics. Every company needs somebody who knows how to deal with money. If you have that course then you that will help you reach the top.

So today I said to myself that if I have a kid of my own and wanted to have a course in economics, I will surely support him for the future in that field is very bright.

Politics of life

I feel good I have a friend who helped me yesterday as I board the fast craft going home. When I went to the ticket booth, the attendant told me that it impossible for me to get into the craft since it is fully book and there are 22 persons on the waiting list. Although I want to grab the chance for the 23^rd slot, he doesn’t want to give.

Then I remember I have a friend in our neighborhood working in that company so I tried to approach him. I have gone to some personnel to ask where my friend is. At long last I found him and he gives me assurance of getting a seat. Thanks for him, I was able to get home although a couple of inconveniences were met along the trip but that is another story.

Anyway, what I am trying to say here is politics. Politicking that is done everyday in a very simple manner. Politics that makes ones life easy. The act done by me and my friend can be considered as one. If you have a friend who has the power to do certain things and you ask him to do a favor for you then you are into politicking. Somehow someday I have to reciprocate the courtesy he has given to me.

For me it gives me convenience as I do not have to wait and cross my fingers and pray that I will get a seat. Somehow, I realized that I need to do things like that if given the chance. I need to increase my circle of friends and acquaintances so that I can ask a favor if needed. Although this is not a good idea but there are unavoidable circumstances that will push you to do so. Just don’t abuse your power.

So for this day, I learn that I should make my network of friends bigger and to help them in whatever I can because at some point in time you will need them.

If I die today

I guess I still like the challenge that my boss gives me today. It is so challenging since I am new to this.

So today, I don’t like to die.

Scale (1-100): 60%

How Vulnerable is the Serial Number Protection?

By: Zemog Xilef Sevet


Is it annoying to see “You have 15 days remaining”? or “Your evaluation period has expired. Please register soon!”? If you have this thing that pops up when you run your favorite game/ application, then you have the trial version. Some programmers do this so that after the given period, you will buy their product. This is one and most popular way of securing their application.

But is it really secured?

This article will show you that some of these security schemes that they are using are not really safe. I will provide you with the basic principles on how to tweak the application. This is for educational purpose only. There is nothing wrong knowing whether the application is secure or not, isn’t it?

There are two things that you need to know. First, learn how to read assembly language program. Next, do some homework on hex numbers or the equivalent hex numbers for the assembly language. Unfortunately, I will not provide information about these things here. So better check it yourself and come back later.

There is a variety of ways on how to set the number of times, date or time when to disable the application. However, they have the same principle.

If you only have one remaining day for your trial version, changing the system date will not work! It will even give an “early retirement” on the application.

So what to prepare?

1. Disassembler.
2. Hex Viewer
3. The application

What to do?

Some applications will tell you “The license number you entered is invalid” when you enter an incorrect number. Memorize the message. Disassemble the application using any available disassembler like W32Dasm. Once you disassemble your application, you will see a lot of lines in assembly codes and some hex numbers.

Search for the message you have earlier noted. When you have found it, usually you will locate the reference addresses for conditional (C) and unconditional (U) jumps prior to the line containing the message. It is very important that you will get the addresses of all conditional jumps. Copy all those addresses and close the disassembler.

Why are they so important? Because these are the addresses of the conditional jumps we needed.

Why are these jumps very important? Because they are our key to tweak the program

How?


This is how we usually do the conditions:

If input = license then
“don’t ask for a license anymore”
Else
“always ask for a license

So by revising our program to:

If input <> license then
“don’t ask for a license anymore”
Else
“always ask for a license

As you can see we only change the operator to its complement. Thus, if we will have less than, we change it to greater than. Simple.

In assembly, we have JE – Jump If Equal, JNE – Jump If Not Equal, JG – Jump If Greater, JNG – Jump If Not Greater, JL – Jump If Less, JNL – Jump If Not Less, etc. So to reverse the code, if its JE the reverse is JNE

Going back to our listed addresses, open the application with the Hex Viewer and start looking for the first address on the list. This will land you to a single line with lots of numbers. You need to know what number(s) you are going to change.

The table below will give you a guide:

75 or 0F85 JNE
74 or 0F84 JE
0F8F JG
0F8E JNG
0F8C JL
0F8D JNL

Now pass to the next address on your list and do the same. Save your work and run the application. See what happened.

As you can see, your security is really very easy to tweak. Whatever programming language the application is using, it will not matter since you are dealing with the program’s hex equivalent.

Again, this article is intended to teach developers how to protect their applications from being cracked. Furthermore this will tell the developers how vulnerable their application is and how to make considerations in their programs to avoid being cracked.

Online Game for Cell phones

By: Zemog Xilef Sevet

I attended a training about Game Development last May 23, 2005. On the third day, we were given an assignment to present our idea on games for the cell phones. We were asked to give our own game models. I was able to come up with three titles but my mind was so occupied that I was not able to fully conceptualize it.

Then today, something popped into my mind as I sit behind my desk. Maybe SMS center like Smart and Globe will consider this idea.


What is the idea?

They will promote an online game that will require two players. The idea here is that two players will log in. Or a player will just see who is logged in and send an invitation to that player (same concept with yahoo games).

What is the focus?

The focus is actually more on money generation for the centers. Each player will agree that whoever will lose on the game will be the one to be charged for the text payments.

How will it work?

Players will play by “sending commands” considered to be text messages (could be P 1.00 per move if we are talking about chess game). The game will continue until 1 player will quit or lose. Each “command” will be saved and counted. At the end game, whoever will lose or quit, his or her load will be deducted according the number of commands sent by both parties.

Conclusion

This idea just came up on my mind. There is no guarantee of any feasibility on this matter.

“Smart people make things great” 

Chain Emails and SMS

By: Zemog Xilef Sevet

This article is not meant for people who forward chain emails but to those who started it.

Sometimes we receive a forwarded email in our inbox that has a line “Pass this to everyone or else you will have bad luck”. Emails like this is what we called chain emails. This is also done in SMS.

Messages like this oftentimes have religious contents which will catch the attention of every reader and in a way “obey” to the sender by forwarding it to his/her friends.

Some people also like to start a chain merely because they think it’s harmless and its “cool” knowing how far your mail would go without knowing the real implications. Next time you hit the forward and send button please consider the following.

Technological Implication

Laymen may not know this but a bulk of unnecessary and redundant messages has great effect on the storage of emails. It will consume a large amount of space. It can also clog a network. Imagine a single person with 20 friends and each friend has 20 other friends, so on and so forth. Just imagine how many emails around the world will go to and fro the network. There are also instances wherein you can no longer receive emails because your inbox is full.

Social Implication

Contents of the chain email maybe amusing to some but not to others. Some people feel irritated, annoyed and harassed because of the implied threat contained in the email just like the example above. While some may just shrug it off, others can not.

What to do

I am not against the content of the email (unless it is negative) but the way we send the email. We should be responsible enough in sending it like getting only the part that you want to share and omit the line that will oblige the reader to send it to other people. Let them decide without any force. You may also tell the sender to be responsible enough in sending emails and ask not to do it again.

Using the words of God to do evil things

This doesn’t mean we are judging the writer of the chain email but the way things have been done sometimes suggest us to drive into conclusion that what he is up to is bad. Why would a person send a letter with a rebukable obligation that promises ill effects if you will not pass it? This is completely a reverse of what God wants us to do. Readers, you know what you are reading. Do not let fear or superstitions pollute your mind. Who among us has the right to cast bad luck to people? Unfortunately we can not read the mind of the composer. All we can do is draw a hypothetical conclusion about it.


This is an original article with reference to:
http://www.umich.edu/~policies/chain-mail.html
http://www.kith.org/logos/things/chain.html

Using Flash Drives

By Zemog Xilef Sevet

Flash Drives are in today especially to IT Professionals. Flash drive is a small, portable flash memory card that plugs into a computer’s USB port and functions as a portable hard drive with up to 2GB of storage capacity. It is very easy to use.
It is more durable than external drives since it does not contain internal moving parts. USB flash drives also are called pen drives, key drives or simply USB drives. http://www.webopedia.com/TERM/U/USB_flash_drive.html

I would like to share with you how useful these drives are to me. As a freelance programmer, I devout a lot of my spare time in making my client’s program. Although I have a laptop I could carry anywhere I go, it is not so convenient especially for a long travel. I sometimes work with my program in my office. After office hours I will have transfer it to a hard disk for me to continue the program at home. This is not a good idea since hard disk is vulnerable. If you drop your HD, there is a big chance it will not work anymore. This is where flash drives come into the picture. It has enough capacity to store my program. It is very light and it can be ported anywhere. All you have to do is to put it in your pocket or lace it on your neck.

What about CDs or floppy drives? Well, CDROMS and CD writers are not so common in computers compared to USB ports. Another thing is that you can add, save, update delete data in flash drives, unlike CDs that it is not that flexible. Apparently, floppy disks are out of the picture if we are talking about large storage media and data protection.

However, some operating system does not support plug and play on flash drives, like Win98 series, NT and early Linux distros. But it is ok if you bring with you the driver. In my opinion, it is still best to have flash drives around.

Thing to ponder:

There is no flash drive yet that could be detected in any OS (specially the old versions), so what I’m thinking is, can we make one? Hmm.. sounds a good thing huh! Bye.

Why Do You Need To Partition Your Hard Disk?

By Zemog Xilef Sevet

This article does not talk about the technical side of why we need to partition our hard disk rather this is intended to help the person realize that there is a need to do so whether you are a technical person or not.

This is based on my personal experience. Partitioning your hard disk will save you a lot of time, money and headache!

Partition your hard disk in such a way that your operating system and data files can be separated housed separately.

In the event that a virus will attack your PC and corrupt your operating system, what you can do is to format your disk and start with a fresh install or you can download anti-virus but it’s not a guarantee especially if the virus is new. You need to copy your data files if you didn’t partition your hard disk before formatting it.

Now, how much time will it take you to copy all the files if you have, say 40GB of data? Can you assure yourself that you have copied all the necessary files? How about your favorite links from websites? How about your hidden/secret files? You need to be sure that everything is copied before you proceed. What about the need of another hard disk to temporarily save your files? It’s quite a headache actually.

Now, if you have partitioned your hard disk, you will only format the part where the OS resides. No transferring of files! No headache!

So next time, take this as an advice. Partition your hard disk.

What’s The Gender of the Computer?

By Zemog Xilef Sevet

Computer and human beings have something in common. The latter has blood that runs in a vessel called veins that carries it to the heart. Computers also have blood called current that runs in a vessel called wires that carries it to and fro the heart, power supply. If humans don’t have a brain, he/she can not work, communicate or synchronized everything within his/her system. Same with computers, if it doesn’t have a CPU, it can not work, communicate or synchronized its accessories.

Human needs scratch pads or paper for him to store anything because his brain can not consume everything. Computer uses memories to store big files every time it processes since the registers are not big enough to store everything. We also need writing materials just like computers that need a printer to express what is on its mind.

Human beings has gender, whether male or female, what about computers? Computer is a she! Why? Because she is moody. Through experience, computers are very moody when you fix her. Why? I do not know! Sometimes when you fix a computer it will take you until midnight to fix her and still you can’t understand why she will not work until you decide to sleep. The next day, you turned it on, do some settings and it will work! What a mess of time . Just like females, sometimes you don’t understand why she’s like that.

So my conclusion is… Computer is a female.