Starting an International Cybersecurity Conversation

crimeandpunishment writes "Every government in the world is dealing with cybercrime, but they're all doing it on their own. In the context of 'cyberwar' saber-rattling on all sides, getting governments to share information is a challenge. But an international security conference this week in Dallas is aimed at doing just that — even if only on an informal basis."

Re:OpenBSD could eliminate "cybercrime".

Mac OS X is based on BSD, right? So I'm guessing it's as good as OpenBSD?

Re:OpenBSD could eliminate "cybercrime".

OpenBSD could also eliminate cancer, starvation, AIDS, climate change and gay sex.

Re:OpenBSD could eliminate "cybercrime".

[YrWrstNtmr]

"Cybercrime" could be outright eliminated if OpenBSD was more widely used.

You
Are
High

yes, OpenBSD is more secure than windows/OSX.whatever. But a lot of 'cybercrime' happens as a result of userspace. Social engineering. Fraudulent emails. You will need to fix the users.

Also, what do you do about the desktop? You can go on all you want about OpenOffice, etc, but a decade ago when Company X went with Office 97 or 2000...those alternatives did not exist. So now they have 10+ years of corporate crap and tribal knowledge built around the MS Office ecosystem, which cannot change quickly. No matter how much you want it to, it cannot/will not change easily.

Technical problem? Ok, make [your fave distro] integrate as easily as Office/Exchange/Outlook/SharePoint. Not parts of it....all of it.

Re:"Blowbackers" blaming Baracky yet?

What the fuck does this have to do with Justin Bieber?

I guess... who cares?

[Moraelin]

All the talk about "cyberwar" is good and fine, but in the end it seems to me like it's already had a name: "security". In the end, there's very little difference between hardening a machine so chinese government blackhats don't get in, and hardening it so script kiddie asshats don't get in. Unlinke SF movies, there is no way to just type "retrieve password" on some terminal with big letters and get in a system that had no unpatched vulnerabilities to start with.

In the end, a buffer overflow is a buffer overflow, and an XSS exploit is still an XSS exploit, and files accessible by guessing the URL are still files accessible by guessing the URL. And so on. If that exploit is, well, actually exploited by a Russian government blackhat it's "cyberwar", if the exact same exploit is used by an asshat kiddie, it's just being pwned.

And it seems to me like security experts were already going to conferences and otherwise communicating with each other. Exactly what's the loss if they don't explicitly represent some government?

Re:I guess... who cares?

It'll benefit geeks if they cooperate less and thus hire more geeks.

Re:"Blowbackers" blaming Baracky yet?

The blowback part...

Imaginary problem

[girlintraining]

Everybody's talking about cyberwarfare, but nobody's ever come up with an example of it. Identity theft? Viruses? malware? That's not war. War involves people being hurt -- and I mean really hurt. Not skimming a few extra bucks off the till or organized crime, which is the closest any of this has come so far.

Has anyone managed to shut off the internet? Disable emergency services (911) across the country (or even a state)? Have planes fallen out of the sky, power gone out, hospital computers taken down, or any other act that can be directly attributed to a malignant entity (as opposed to mere human error)? No. And it's not likely to happen anytime soon either.

It's just not cost effective to spend tens of thousands of dollars finding and exploiting security weaknesses in those systems when a 5 gallon tank of diesel, fertilizer, and a match can take out those same systems for a lot less cost. Cyberwarfare between countries isn't likely to happen until other, cheaper methods of warfare somehow become ineffective. At best, cyberwarfare would consist of espionage efforts and manipulating data to advance certain political goals -- and countering that threat is currently handled by the intelligence community.

Re:Imaginary problem

[TubeSteak]

You didn't RTFA did you.

Underscoring the threats: recent attacks on Google Inc. that caused the Internet search leader to move its search engine out of mainland China, and the revelation last year that spies hacked into the U.S. electric grid and left behind computer programs that would let them disrupt service.

There's one concrete example of cyberwarfare.
I'm not even going to bother with the rest of your post.
There's just too much ignorance and "it hasn't happened yet, so it won't" thinking.

Re:Imaginary problem

[ehinojosa]

You're wrong. See Russia's cyberwars on Estonia (2nd story) and Georgia.

Re:Imaginary problem

[girlintraining]

There's one concrete example of cyberwarfare.

... which was apparently detected and corrected. And so what if they knock out a small part of the grid for a few hours or days -- What damage does that actually cause? Unless it's part of a coordinated strike, it doesn't do much.

Re:Imaginary problem

[Agarax]

Cyberwarfare between countries isn't likely to happen until other, cheaper methods of warfare somehow become ineffective.

And how is a $569K cruise missile to destroy a powerplant cheaper than having someone hack into their systems and leave a program behind to brick the whole thing on invasion night?

Re:Imaginary problem

[davester666]

Well, it entirely depends on how much of the grid they would have control of and what kind of control they could gain. If this gave them control over how generators operated, or how nuclear plants operated, or how hydro-electric dams operated, then they could potentially cause floods, damage to the plant itself [by say, overdriving the plant] or just something like what happened in the Northeast US/Canada, where a small grid failure killed power to a fairly large number of people for a significant amount of time. Do this at the right time, like in the middle of summer or winter, and the potential for a significant number of deaths goes up rather quickly.

Re:Imaginary problem

[grcumb]

There's one concrete example of cyberwarfare.

... which was apparently detected and corrected.

Er, yeah, those are the only ones they can talk about, because they're the only one they want the public to know about. If a problem's been detected and the damage report isn't complete yet, or if a fix hasn't been fully implemented or even if the damage done was embarrassing... there's no way you'd want to tip your hand and let the attacker know your reaction.

And so what if they knock out a small part of the grid for a few hours or days -- What damage does that actually cause? Unless it's part of a coordinated strike, it doesn't do much.

Asked and answered. At the right moment, a power cut can be catastrophic. Perhaps military channels remain open, but if civilian channels are closed, it throws the environment into chaos, making a coordinated response to the civilian crisis vastly more difficult to manage. This ties up resources that could have been focused on defence or counter-attack.

Disabling these services also denies the military the ability to fall back to using the civilian infrastructure in the event of excessive damage to its own capability. That's a great way to shorten the conflict. Why do you think the very first things to get hit during an attack are military and civilian communications and logistics?

The ability to do so over the Internet, without any significant expenditure of personnel or materiel, must seem like a godsend to some.

Re:Imaginary problem

[JWSmythe]

None of your examples have to be cybercrime related. They can easily be done by someone internally. It's more likely that kind of stuff would happen accidentally by the non-malicious staff working it. Look at the power plant incidents that have happened in the past.

    As far as that goes, you could have a major impact on the power grid with some improvised explosives (or several other methods) and knowing where the high tension lines run. If the tower looks like this, it isn't going to work quite as well as expected.

Re:Imaginary problem

[JWSmythe]

    You should try to live in some of the harsh weather states, like Florida.

    When I was a kid, we'd experience up to 12 hours of power outages about once a month. If it was night time, the most chaos was to look to see if the neighbors lights were on.

    During (and after) hurricanes, it's a given that you will probably expect a prolonged power outage. People get along fine without the need of electricity. You'll find both LEOs and civilians directing traffic at busy intersections. You'll even find people helping out with anything they can. I've helped move large trees out of the road and off of houses with little more than a pickup truck, chains, a few helpful people, and a little effort.

Re:Imaginary problem

[grcumb]

You should try to live in some of the harsh weather states, like Florida.

I was born in Canada, ran an ISP in the Arctic for 3 years and now live in the South Pacific, land of earthquakes, tsunamis, hurricanes and volcanoes. I've lived for extended periods of time without power, including the Great Canadian Ice Storm and the blackout of 2002.

I accept what you're saying, but my conclusions from the same evidence differ a little. What we're talking is losing power over wide areas at a crucial moment:

• 12 hours of power loss in NYC is a problem;
• 12 hours of it in the immediate vicinity of a 9/11-style event would severely exacerbate the effects;
• 12 days of it would be a disaster.

Re:Imaginary problem

[JWSmythe]

    Well, from both of our observations, and from what I have seen from other people, we all survive fine.

    The Northeast US gets really nasty storms (i.e., nor'easters). I was only 4 during the blizzard of 1978, but I do remember seeing ice floating in the road and our yard, and houses that had been swept out to sea. I asked my mom about it recently, and she said we were without power or gas for 14 days. Our basement (where the gas heater was) was flooded for a while, so until that got cleared up, we were warmed by whatever they could burn in the fireplace.

    Around mid-summer 2002 (I believe), I remember widespread power outages in the Southeast US due to a hurricane. I was moving from Florida to California, and every hotel (that had power) along I-10 was booked up because the utility companies took all the rooms for their crews. That's also when I found that it's possible but less than comfortable for two people to sleep in the cab of a U-Haul truck. We didn't find a hotel with an available room until we hit Texas.

    In digging around, there have been instances of outages in major cities, including a week long blackout for major parts of New York City in 2006.

Re:Imaginary problem

I just can't respect a country that acts preemptively for things like this one, and at the same time doesn't do anything (useful) for drugs problem, abusive banks/insurance-companies or even basic human rights

Re:Imaginary problem

[DWRECK18]

OK you want to know an example, how bout the constant attacks on DOD and DOE systems from china, that are not publicly published all the time. The US infrastructure is a huge vulnerability and if the right person(s) were hired to do the job we could be seeing a sever outage of gas, power, and yes even the internet itself in the US. Lets think now, most companies are moving to web-based apps as a way of providing more for less. Records are mostly stored on servers anymore and not so much in hardcopy form. There are countless things we would need power for and if someone were to take out huge chunks of the power grid the results though may not cause extreme physical harm, unless followed up by another attack, could cause the loss of millions of dollars for companies. I'm not talking take out one source, I am saying multiple sources of power and energy all at the same time. Following that up with any type of physical attack would be even worse. So all they are doing is preparing for a worse case scenario and talking about how they can better harden their networks. Cyberwarfare is real and it is a threat, don't ever think it doesn't exist. Because though you may not recall it the Internet was down for a time in our history as was Google, and other services that society is coming to rely on. And though some of us could get a long without technology, others have it so intwined in their lives, that they just might lose their minds if they lost it.

Re:Imaginary problem

[HungryHobo]

"how bout the constant attacks on DOD and DOE systems from china"

How about the constant attacks on everywhere from everywhere all the time.

"that they just might lose their minds if they lost it."

So that's where the canibles in all the post apoc movies come from. They're teenagers who lost access to facebook!

Re:Imaginary problem

[DWRECK18]

Such valid points that do have a sense of humor. Still it does not negate the point I was making. As it just enforces it, now if you want to debate my point feel free but if your just trying to enforce it then I agree.

Re:Imaginary problem

After two days, most places with backup generators are out of fuel. The east coast outage a few years back already demonstrated casing failures are possible or even probable. If you had something even remotely regional in spread--you couldn't get enough trucks into the cities to run backup generators at all of the places. Nevermind Katrina already demonstrated people will riot within a week.

Now--the last example, I can tell you for a fact was *not* corrected. It was detected. Parts of it were corrected. Most of the problem is still ongoing, cultural, and too costly to fix.

That's before you take into account *all* the other services that have online interfaces that could royally screw things up.
    - energy generation/routing/purchasing. Just screwing with the purchasing is enough to take things offline. California issues haven't been fixed--they're just illegal. Hacking a traders desktop...good enough.
    - gas flow--there's plants with all types of electronic controls. They're hooked up to the internet. I write them. I'm not allowed to use security measures. By spec. Forbidden.
    - sewage systems: Back in 2002 or so somebody hacked Australian sewers--caused discharges into a bay. That's right--those flood gates...electronic, internet enabled.
    - Water systems: processing, safety, sanitation, reporting...electronic systems. Even if there aren't controls (I don't know) --most of the monitoring is internet enabled. Worked with that too at one point. If somebody changes the monitoring protocol (no VPNS or passwords for the most part), you can cause it to report falsely. Here's what it gets *real* fun--if you cause false reports, automated processes depending on those reports working on a secure control grid *will* take actions as if they're real. Oh yeah--water problems cascade into almost every other system BTW.
    - Allright...let's keep going....

Do you know that a lot of the computers that control process systems run off of ancient versions of windows? Win98-2000 is what I've encountered. Saw one running XP a few months ago. They're literally old desktops with weird USB boards plugged in that measure dozens to hundreds of analog inputs.

Most of the guys who write this software are Indian contractors. Not just incompetent, but afraid to touch or patch things--for good reason, it's probably not allowed. I had a guy who wanted to get our data onto one of the systems to expand the 'controller' part of the logic they used-- but couldn't use anything but FTP to acquire our data b/c it wasn't part of the operating system and he was only allowed to write batch files for the acquisition of a CSV. No, he couldn't compile an executable and install it. Batch file. Only. No new executables allowed. Of course, he was going to pull this down over the internet... this for a plant that processed at least hundreds of thousands worth of natural gas a day.

These systems are either on the internet, plugged directly into a cable/dsl/telephone modem with the port forwarded by these dudes, or sometimes with a custom VPN client. Either way--no antivirus installed. That's not certified for use on the setup. Don't worry, if it's on a VPN, I'm *sure* all of the antivirus inside it is totally safe and well patched.

Look--there may not be a lot of examples of cyberwar, but that's because nobody's looking for it, nobody wants to know, and people certainly don't want to tell their boss or shareholders they were compromised. And burying their head in the sand is the easiest way.

Re:Imaginary problem

[HungryHobo]

My point is that "cyberwar" ,while a silly made up word that I'm fully expecting to lead to as much stupidity in the next decade as the "war on drugs" has in the last, is nothing special.

Defendin against *hackers working for your favorite hostile government* and defending against every other hacker, cracker, script kiddie or bot out there is pretty much the same.

The internet is already the a bandlands filled with bandits armed with the digital equivilent of nuklear weapons yet it's puttered along for decades without problem.

Our own politicians and their desire to control the internet are inifitely more dangerous to the net than any real or imagined malicious force out there.

Re:Imaginary problem

[HungryHobo]

I get too used to the spellcheck feature in firefox.
And I'm far too used to typing nuklear rather than nuclear from visiting nuklearpower.com

Industrial espionage

[Weezul]

We're mostly talking about industrial espionage here. Companies often don't buy security just like people often don't buy health insurance. China's has set an example of government backed industrial espionage, which plays a big role in their growth. So governments see this as an opportunity to provide a service.

In fact, the companies would probably learn they need good geeks eventually, unlike people and health care. Governments could help the most by explaining good people security, which I'm sure get way more subtle than "don't hire chinese nationals for sensitive work."

PEBKC

[Agarax]

The problem exists between keyboard and chair.

An OS is only as secure as the person who uses it.

Anything else is fanboyism.

Re:PEBKC

[Antique+Geekmeister]

Oh, dear. So that excuses passwords written in cleartext and sent via email? Failure to patch systems for published, known security holes? Leaving the backup tapes in an unlocked cabinet? Using NFS to store medical data in a place with open access wireless services?

The "chair" in question is not necessarily the one the user is sitting in.

Re:PEBKC

[DWRECK18]

Your right that the "chair" in question is necessarily the one that the user is sitting in, however you make it sound as if the OP by Agarax is is wrong when its not. For as much as you harden a network and lock it down and secure everything those issues where some user looks at an e-mail and says sure i'll visit your BOA page and input all my information again because well you apparently need it, come on. I have work on secure facilities where things were locked down tighter on the network than fort knox and yet still a user managed to get some form of malware on the network. It happens, unless you completely take away use of the internet from users which by the way I dont recommend as it makes for a very unhappy workplace. However, Antique Geekmeister you aren't wrong either as security through obscurity and just all around poor physical security and network security could also cause as much damage. So as we step back and look at this, we can't blame any single person because depending on what the vulnerability is that was exploited is truly what dictates where the problem started.

Fake Conference?

[An+anonymous+Frank]

This just totally feels like those fake conferences that were posted about recently, where people would book hotel/voucher packages online only to find out the conference itself did not even exist!

Wouldn't that be sweet irony?

Re:Fake Conference?

[qwerty8ytrewq]

If you had posted a link to your own double-blind fake conference on fake conferences that would be ironic genius.

Re:Fake Conference?

I kind of got the same vibe, but it seems more like people who don't know the subject matter well are hosting the conference.

it would seem like with the audience there they should be focusing on attribution, acceptible response and coordination, but those topics (at least attribution) don't show up in the material.

"Cyber"

[Arancaytar]

How long is it going to take till I can read a word starting with "cyber" without grinning? :D

Re:"Cyber"

:D :D: D:D

I dunno

Re:"Cyber"

[qwerty8ytrewq]

When the cyber-retro movement takes hold and is used to sell big macs and office stationary and cordless drills... oh wait...

Re:OpenBSD could eliminate "cybercrime".

yes, OpenBSD is more secure than windows/OSX.whatever. But a lot of 'cybercrime' happens as a result of userspace. Social engineering. Fraudulent emails. You will need to fix the users.

You're right. Except you can't "fix" the users. Any security solution that involves the users to know what they are doing is doomed to fail. I agree the software does not exist and it is a very hard problem, but security is a technical problem (at least at the level of prevent malware and identity theft).

No worries under Ninnle

When you run Ninnle Linux, security ceases to be an issue. So why have any conversation, except maybe to convert everybody to Ninnle.

Re:OpenBSD could eliminate "cybercrime".

You say that- but I can assure you that many people CAN switch as I have a company that IS switching people. We are doing it quite successfully. We have three operations in three states and are only a year and a half old.

What happenned to...

Defcon?

Re:OpenBSD could eliminate "cybercrime".

[BhaKi]

Your logic is flawed. Your argument is like - OS2 is based on OS1, and OS1 is secure, therefore OS2 is secure. When it comes to security, the valid argument is - If OS2 is based on OS1, and OS2 is secure, then OS1 is secure. This is because the number of bugs in OS2 would be greater than or equal to (but not less than) the number of bugs in OS1. Of course, I'm assuming that bugs are the only mechanism for the emergence of vulnerabilities. But you get the point, right?

Re:"Blowbackers" blaming Baracky yet?

[JWSmythe]

    I think the major parts of that are,

    1) It wasn't high tech. This is primarily a tech site.

    2) It didn't work, unless you count some smoke and getting the attention of the police.

    3) It barely involved tech, unless you consider M80's and a child's clock to be high tech. If so, you don't belong here.

    I could build a better bomb in my garage, but I have no reason to, and I don't really like jail. :)

hi

[tommydesai]

This just totally feels like those fake conferences that were posted about recently, where people would book hotel/voucher packages online only to find out the conference itself did not even exist! Holidays in Croatia

Two points..

[cheros]

1 - There are no real problems with information sharing if they really wanted to. The model for this that would allow control over what is shared has existed for years in the military. However...

2 - The participants are hopefully aware that part of the job is protecting themselves against the others. What one nation labels "organised crime" is for another nation simply "economic espionage". For starters, I would love to be near US customs when all these delegates arrive and are temporarily relieved of their laptops...

Any OS can be further security-hardened though

"OpenBSD is more secure than windows/OSX.whatever" - by YrWrstNtmr (564987) on Sunday May 02, @05:49PM (#32066704)

By default, perhaps yes. However, any Operating System out there today can be "security hardened" (including BSD variants such as MacOS X, because Apple themselves publish a guide for doing it that's pretty thorough & comprehensive on their website no less), including Windows, Linux (yes, even SeLinux bearing distros of Linux), MacOS X, Solaris, and BSD's other than MacOS X too. This is indicated by the existence of CIS Tool versions out there, and for each of them, and yes, it does do more to security-harden them all than the std. oem distribution setups they're issued with (inclusive of SeLinux bearing distros).

Examples of what the outcome is once it is applied, along with other layered security measures, in the case of Microsoft Windows-NT based OS of more modern varieties:

----

HOW TO SECURE Windows 2000/XP/Server 2003, & even VISTA/Windows 7 (+ make it "fun-to-do" via CIS Tool Guidance & beyond):

http://www.tcmagazine.com/forums/index.php?s=568d95985ad83ef4add94de09f6026d3&showtopic=2662

----
http://forums.theplanet.com/index.php?s=80bbbffc22d358de6b01b8450d596746&showtopic=89123&st=60&start=60

"the use of the hosts file has worked for me in many ways. for one it stops ad banners, it helps speed up your computer as well. if you need more proof i am writing to you on a 400 hertz computer and i run with ease. i do not get 200++ viruses and spy ware a month as i use to. now i am lucky if i get 1 or 2 viruses a month. if you want my opinion if you stick to what APK says in his article about securing your computer then you will be safe and should not get any viruses or spy ware, but if you do get hit with viruses and spy ware then it will your own fault. keep up the good fight APK." - Kings Joker, user of my guide @ THE PLANET

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2

"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral

AND

"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral

AND

http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3

"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I am glad it worked and I am sure her wallet is appreciated too now that it works. Speaking of which, I need to call her to see if I can get some leads. APK - I will say it again, the guide is FANTASTIC! Its made my PC e

As many as it takes

[Max_W]

I think it is the only real way to support some resemblance of good order in the Internet. I mean an international cooperation in prosecution of cyber-thieves, spammers, bot-net owners, virus writers, etc.

The ideas from IT industry can be well used in this area. For example, outsourcing. Building vast camps in the North of Russia for cyber-crimianls, sort of the New Int'l Cyber-GULAG, but this time a human one. There a camp does not need an expensive fencing and guard-towers, as there is not way to walk out from there due to long distances, weather, marshes, wolfs, etc.

Cyber-criminals could acquire in the camp a new non-computer profession: joinery, tailoring, etc. under supervision of an UN correctional officers. And it could be a good business for Russian North, and it will be still cheaper than to keep a criminal, say, in Arizona for 10 - 15 years.

It is impossible to maintain an order in the Internet only by passive defensive measures (firewalls, anti-virus soft, etc.). It is like trying to keep an order in a city only by distributing bullet-resistant vests and helmets to the population, but not actually policing and locking criminals up.

10 millions, 15 millions, 20 millions in such camps is OK; as many as it takes. But it is impossible for a modern society to function in an environment where it is at the mercy of spammers, cyber-thieves, etc. and is on the knees.

Thank you for a "mod up" + more interesting info

The "interesting info.", per my subject-line above, AND BEST PART of his testimonial that I feel you guys ought to be aware of? Is this:

Kings Joker runs Windows 2000, oem release, no service packs or hotfixes either...

He is only using a HOSTS file as his single "line of defense", to test its efficacy vs. malware infestations (which he DEFINITELY was a massive victim of, and nearly constantly too), and yet he has reduced his infestation rate to only 1% of what he used to get, at 200++ viruses a month, down now to only MAYBE, 2 a month tops IF that!

(Pretty neat eh?)

Even a person like Kings Joker, whom I quoted in my last reply above (who does not follow that guide "to the letter" mind you) has drastically reduced his infestation rate to nearly nothing by using a HOSTS file alone (especially compared to what it was before he used a HOSTS file only, which allows the simplest principle in the world to take effect of "you can't get burned if you don't go into the kitchen"!)

Fact is, I actually used him as my "lab rat #1" in fact, because of his radical infection rates, and that's how/why he gets infested sometimes is because he uses javascript indiscriminately/everywhere he does online, and he also downloads executable files from 'less than reputable sources' and execute them, these points are his 'downfall' typically! He only RECENTLY (after 3 yrs. of testing this all mind you between us both doing so on his end) loaded some antispyware programs (Spybot S&D) and antivirus program (Norton Corporate Edition iirc, but not sure here) to scan his system, and finds such MINIMAL infestation now, by comparison to what he had before, it's amazing really.

He knows where and HOW he gets hit too, which is why he said "if you want my opinion if you stick to what APK says in his article about securing your computer then you will be safe and should not get any viruses or spy ware, but if you do get hit with viruses and spy ware then it will your own fault. keep up the good fight APK." - Kings Joker, user of my guide @ THE PLANET

(IF you find this hard to swallow/believe, well - write him yourself at -> walburgerj@yahoo.com, and preceed the subject-line with my initials "APK", and he will answer back (Then, he can fill you in directly if you wish on this much)).

APK

P.S.=> If Kings Joker were to apply all of what's in the security-hardening guide for windows, he'd probably get the type of results that THRONKA's testimonial above yields (i.e.-> 3++ years of solid uninfested uptime - because I've had that same kind of result, albeit for nearly 13++ yrs. now here (that's why I put that guide out, for the same benefit, for others too)... apk