Researchers have developed two new techniques for stealing data from computers that use some unlikely hacking tools: cameras and telescopes.
In two separate pieces of research, teams at the University of California, Santa Barbara, and Saarland University in Saarbrucken, Germany, describe attacks that seem ripped from the pages of spy novels. In Saarbrucken, the researchers have read computer screens from their tiny reflections on everyday objects such as glasses, teapots and even the human eye. The Santa Barbara team has worked out a way to analyze a video of hands typing on a keyboard in order to guess what was being written.
Computer security research tends to focus on the software and hardware inside the PC, but this kind of "side-channel" research, which dates back at least 45 years, looks at the physical environment. Side-channel work in the U.S. was kicked off in 1962 when the National Security Agency discovered strange surveillance equipment in the concrete ceiling of a U.S. Department of State communications room in Japan and began studying how radiation emitted by communication components could be intercepted.
Much of this work has been top secret, such as the NSA's Tempest program. But side-channel hacking has been in the public eye too.
In fact, if you've seen the movie Sneakers, then the University of California's work will have a familiar ring. That's because a minor plot point in this 1992 Robert Redford film about a group of security geeks was the inspiration for their work.
In the movie, Redford's character, Marty Bishop, tries to steal a password by watching video of his victim, mathematician Gunter Janek, as he enters his password into a computer. "Oh, this is good," Redford says, "He's going to type in his password, and we're going to get a clear shot"
Redford's character never does get his password, but the UC researchers' Clear Shot tool may give others a fighting chance, according to Marco Cova, a graduate student at the school.
Clear Shot can analyze video of hand movements on a computer keyboard and transcribe them into text. It's far from perfect -- Cova says the software is accurate about 40% of the time -- but it's good enough for someone to get the gist of what was being typed.
The software also suggests alternative words that may have been typed, and more often than not, the real word is in the top five suggestions provided by Clear Shot, Cova said.
Clear Shot works with an everyday webcam, but the Saarland University team has taken thing up a notch, training telescopes on a variety of targets that just might happen to catch a computer monitor's reflection: teapots, glasses, bottles, spoons and even the human eye.
The researchers came up with this idea during a lunchtime walk about nine months ago, said Michael Backes, a professor at Saarland's computer science department. Noticing that there were a lot of computers to be seen in campus windows, the researchers got to thinking. "It started as a fun project," he said. "We thought it would be kind of cute if we could look at what these people are working on."
It turned out that they could get some amazingly clear pictures. All it took was a $500 telescope trained on a reflective object in front of the monitor. For example, a teapot yielded readable images of 12-point Word documents from a distance of 5 meters (16 feet). From 10 meters, the researchers were able to read 18-point fonts. With a $27,500 Dobson telescope, they could get the same quality of images at 30 meters.
Backes said he has already demonstrated his work for a government agency, one that he declined to name. "It was convincing to these people," he said.
That's because even though the reflections are tiny, the images are much clearer than people expect. Often, first-time viewers think they're looking at the computer screen itself rather than a reflection, Backes said.
One of his favorite targets is a round teapot. Looking at a spoon or a pair of glasses, you might not get a good view of the monitor, but a spherical teapot makes a perfect target. "If you place a sphere close by, you will always see the monitor," he said. "This helps; you don't have to be lucky."
The Saarland researchers are now working out new image-analysis algorithms and training astronomical cameras on their subjects in hopes of getting better images from even more difficult surfaces such as the human eye. They've even aimed their telescopes and cameras at a white wall and have picked up readable reflections from a monitor 2 meters from the wall.
Does Backes think that we should really be concerned about this kind of high-tech snooping? Maybe, just because it's so cheap and easy to do. He said he could see some people shelling out the $500 for a telescope just to try it out on their neighbors.
So how to protect yourself from the telescopic snooper? Easy. "Closing your curtains is maybe the best thing you can do," he said.
(PSI) scans your PC, downloads a current vulnerabilities file, and alerts you to any software on your machine that is missing security patches. It also warns you if any software is out of date and no longer supported by the vendor. Out-of-date software no longer gets security patches, and so may be more vulnerable to hackers.When you get a list of insecure software, you can get more details about each piece of software, open the folder where the software resides, or download a patch. Click the + sign next to the software, and you'll get even more details about it, often including links to any tools for uninstalling the software. You also have the choice of having Secunia constantly monitor your software use and notify you when patches are available.
it examines them to see if they have any of private information. It then details what it finds and lets you remove the information with a single click. It deletes the information only from the copy of the file you send via e-mail, not the original on your hard disk. You can also have the documents turned into PDFs and sent that way instead of as Office documents.
Software. It's lightweight and takes up barely any RAM or system resources, it's simple to use, and it'll do everything you need by providing live, resident protection as well as scanning.The software uses a shield metaphor for its multiple types of protection. There's an antivirus shield, one that protects against Web-based threats, another for e-mail protection and so on. You can customize the sensitivity of each shield.
re that it doesn't install in the first place. That's where SpywareBlaster from Javacool Software comes in. It stops the installation of ActiveX-based spyware, browser hijackers and other malware, and can also block spyware cookies. It includes extras as well, such as disabling Flash running in Internet Explorer. And it also lets you create a system snapshot, so that if at some later point you get infected with spyware, you can always revert to a clean system.Note that if you don't use Internet Explorer, there's no need to install this software, because Firefox, Opera and Safari don't use ActiveX.
It scans your PC for hidden processes, folders and files, then reports on what it finds. If your PC is clean, it will tell you so. If it finds anything hidden, it tells you that as well and lets you clean it up. Double-click any entry, and you'll get more information about it, such as the file location, a description and company information. To kill a rootkit you've discovered, you have a choice of renaming or deleting the file using BlackLight's built-in tools. It's a good idea to first rename suspicious files, which gives them a .ren extension and prevents them from executing. Next, do a Google search for the file names to see whether they really are malware. Rootkits often hide legitimate files and processes, such as Explorer.exe, so make sure not to get rid of any legitimate ones. If you confirm that files are malware, then delete them.
do serious damage to your PC. They can deliver interactivity and other useful features, but they can also be used to wreak a great deal of havoc. To keep yourself safe on unfamiliar Web sites, you'll want to turn them off, but doing so means that you'll lose some of the nifty features on some of your favorite Web sites.
Note that this firewall is more aggressive than many in asking whether you should allow connections. So when you first run it, expect to see a good many pop-ups asking whether you want to let through a particular application. To help cut down on the pop-ups, run its Clean PC mode, which lets you scan your PC for applications and then register them as safe so that you're not inundated with quite so many pop-ups. In addition, there's an "install mode" that disables certain types of pop-ups for 15 minutes, allowing you to easily install new software. 
those sites. When you do a search in Google or Yahoo, it places a small icon to the right of each search result, indicating whether the site is safe, questionable or known to be harmful. A red X indicates danger, a green check indicates the site is safe, and a yellow exclamation mark indicates that it's questionable. If McAfee hasn't assessed a particular site, it displays a question mark.
t's great at cleaning your system as well. CCleaner gets rid of many different kinds of unneeded files, such as temporary files, Windows log files, chkdsk file fragments and a lot more. It can also check your Registry and clean it of bad or broken entries and help you stop programs from running on start-up. For anyone who wants to keep their browsing life private — and keep their system clean and running smoothly — this is a must-have download.