In This Issue
* Security Alerts
* Google Chrome
* Security Programs – Total Security?
* Sites of Interest
==================
Happy International Day for Tolerance! Today is dedicated to bringing attention to the idea of acceptance and tolerance in the world. It was started by the United Nations in 1996, with activities directed towards both schools and the general public. Tom Lehrer may have said it best, when he commented about National Brotherhood week:
“I know there are people in the world that do not love their fellow human beings and I hate people like that.”
I thank you for your tolerance of my lack of communication over the last couple of months. My life got very crazy for a while as I started school (online), a new job, and still had to deal with a project from my old company. I was VERY busy with all of that, and barely had time to sleep, let alone get a newsletter out. But things have calmed down for now, so here we go with the update!
There have been a couple of stories in recent weeks about spam hosting sites being shut down, and how that has reduced the amount of unsolicited e-mail flowing around the Net. Each of these hosts have accounted for major amounts of spam (about 30% and 60%, respectively) according to the articles, but the effects are short lived. Already there are more junk e-mail messages making their way into inboxes around the world as the companies that have had their service disrupted simply move their operations to another web host.
The economic woes of the world provide fodder for the spammers, so expect to see any number of credit offers and get rich quick schemes coming your way. The Holidays are another major source of junk mail schemes as people try to get you to buy things at a reduced price by going to their “secret” site. Be careful about clicking a link in any e-mail that you are even remotely suspicious about, because there are all kinds of nasty things that you could get on your computer just by visiting – including programs that adds your computer to the “zombie network” that helps send out more messages like the one you just opened!
==================
**** SECURITY ALERTS ****
* Patch Tuesday has come and gone, and Microsoft has fixed a number of things that needed to be corrected in Windows, Office, and a host of other services. October’s update was massive, and November had only a few updates, but one of them addressed a hole that has been around for about seven years!
* Adobe, Firefox, Apple and several other vendors have released patches or upgrades for their products recently. If you get a message telling you about an update when you start a program like Adobe Reader, Flash or Apple Quicktime, make sure that you get it as soon as you can. There are a number of ways that hackers can attack your computer that may slip under the radar of your security programs, and these updates will help prevent that from happening!
==================
**** GOOGLE CHROME ****
Just about the time that Microsoft came out with Internet Explorer 8 (IE8), Google released their Internet browser, Chrome. As with everything Google, it was the source of much fanfare and rejoicing on some fronts, and derision and suspicion on others. The reality is somewhere in between these two views.
Chrome is in Beta (as all things Google seem to be) which means that there are still things being worked out. In spite of this it is a decent browser, and the problems that it had with Flash and the way it displayed some web pages have been addressed through updates that you may not even be aware you have been getting. The biggest advantage of Chrome is the small amount of resources it uses on your computer – my memory usage goes up about 4% when I launch Chrome versus about 10% when I launch Firefox or IE8. That smaller footprint means that your system will not noticeably slow down if you have a lot of things going on when you go online with Chrome.
Like the Google homepage, Chrome has a very minimalist interface. It takes some getting used to the tabs at the top of the window, instead of below the address and toolbar. This is a reminder that each tab is running as a new instance of the Chrome browser, a design that allows one tab to crash without affecting the whole browser. That also means that as you open more tabs the amount of system memory being used goes up, but that holds true with any browser. Chrome has one nice feature because of the way it handles tabs - you can actually drag a tab out of the main Chrome window and have it as a separate window. This makes going back and forth between two web sites very easy since they can be placed side by side.
The security of Chrome is better than most browsers according to reports from people who study that kind of thing, and there is a security warning if you click on a link that leads to a potentially dangerous site. Chrome is designed to use your web history to help suggest sites when you start to type a web address and to influence the design and performance of future releases, so there is some information being gathered by Google. Although most browsers do this to some extent, it has given rise to the accusation that Google is spying on their users. If you use Google to find anything on the web, through Chrome or any other browser, you are giving Google the same information anyway, so in my opinion the point is moot.
One feature that Chrome offers is the “incognito” mode that keeps the surfing history and cookies from being saved to your computer when you are incognito, but it allows you to save bookmarks from incognito mode and visit them in normal browsing. The description sounds good at first, but the description of incognito includes: “websites you visit may still have records of your visit. Any files saved to your computer will still remain on your computer.” There is a way around the website tracking if you are signing into your Google account, but that is not a feature that other sites offer.
Overall I have found Chrome to be a good browser, and features like the thumbnail view of most visited sites are nice. It takes some getting used to, and I have not put a lot of work getting used to it because I have yet to see anything that really grabs my interest. Lack of plugins or add-ons for extra functionality are one big drawback for me, but because this is an Open Source program there will probably be additional functionality coming out soon. As it matures, Chrome may become a browser to contend with. Right now it is interesting to work with but will not replace Firefox as my main web browser.
==================
**** SECURITY PROGRAMS –TOTAL SECURITY? ****
You have the latest version of your favorite antivirus program, your firewall is up to date and your malicious software checker is running – so you are safe from attacks, right? Not necessarily, according to Secunia (1), a security company that monitors risks and vulnerabilities that you may encounter on your computer. Although security vendors argue about the validity of the testing (2), the fact that Secunia found security holes on computers running up-to-date security suites underscores the need to keep your system patched using the updates that programs require.
It is easy to dismiss a warning if you are in a hurry to get to your e-mail, or to check out a web site, but the companies that supply the programs you use every day work to keep them as secure as possible. The warnings that come up occasionally telling you to get the latest version are designed to apply the latest patches or upgrade the program so that recently discovered security holes can be closed. It is very difficult for any third party to be able to keep up with all of the patches and exploits that are present in every program you have on your computer, and expecting them to be able to prevent attacks focused on a programming oversight is unrealistic. That is why it is so important to keep your system up to date when a company releases a new version of their program.
When a company is made aware of a security problem in a program they are faced with two decisions right away – how do they correct it, and do they let anyone else know about the problem before they have that fix in place. They have to find a way to fix that problem without breaking anything that is currently working, not just in their program but in any other program that might be on a computer that could run their program. And they have to find the solution as quickly as possible, before other people find out about it and design a way to exploit the problem. This makes patching a security hole a difficult proposition since it has to be fast and it has to be right the first time.
I have made changes in programs I have written KNOWING that the change is not going to make any difference to the way other parts of the program run, only to find out that something isn’t working that used to work before I made the change. My programs have been aimed at specific computers and environments that I know about before I start, and even with that advantage I have run into problems with code that fixes one thing but breaks another.
It is unrealistic to think that a security vendor like Symantec or McAfee will be able to detect every possible hole in every possible program and alert you if they detect a security problem. Security programs are designed to do what they do – antivirus scans, firewalls, stopping known malicious behavior – but they are not they final word on whether your computer is fully secured against every threat that is out there.
The Secunia testing was not designed to slam the security vendors; it was designed to point out that having security programs on your computer is not enough to keep you safe. Whether you side with the security vendors or with Secunia on the testing methodology, it is a good reminder that computer security is not a simple “one solution” proposition.
(1) http://www.theregister.co.uk/2008/10/13/secunia_security_suite_tests/
(2) http://www.theregister.co.uk/2008/10/15/secunia_tests_backlash/
==================
**** SITES OF INTEREST ****
* Secunia offers a free tool to scan your system for unpatched programs, either online or as a program that you can download. The nice part of it is that after it identifies a program that needs to be updated it has a link to the update so that you can be sure you are running the latest version. http://secunia.com/vulnerability_scanning/
* The Bumplist is back! After a hiatus of several years, Bumplist is back online. If you are not familiar with it, BumpList is a mailing list with a limit of 6 subscribers at a time. When a new person subscribes, the person who has been subscribed the longest is bumped from the list. It sounds silly at first, but it is VERY addicting. Visit www.bumplist.net to participate, or www.markkaren.com/bumplist for a recap of what it was like in its original inception. You won’t be sorry!
* If you want to play some online games, check out Kongregate at www.kongregate.com for a whole collection of Flash games. They even have Guitar Geek, a version of a popular X-Box title! http://www.kongregate.com/games/Megadev/guitar-geek
Monday, November 17, 2008
Sunday, September 7, 2008
Common Sense Security Newsletter
In This Issue
* Security Alerts
* Internet Explorer 8 Beta
* Programs to Clear Browsing Information
* Sites of Interest
==================
Happy “Neither Rain Nor Snow” Day! September 7th is the anniversary of the 1914 opening of the New York Post Office building, which has that famous weather phrase inscribed on it. Although this has become known as the US Postal Service motto, there actually is no official motto or creed for our letter carriers!
In the last newsletter I wrote about the fake e-mail messages I was getting from CNN, and since then I started getting them from MSNBC. They have stopped for now, but it kept me on my guard for a while.
Babette wrote in about sending a copy of the e-mail to the company that it supposedly came from so that they know about the problem and can (possibly) take steps to shut down the web site that is sending them. This is excellent advice, and most business sites have a way to send them suspect e-mail messages. I could not find a link on the CNN site (or the MSNBC site) to report the problem, which is a shame.
Babette told me about the one she got from Bank of America (supposedly), and there were a few clues that alerted her to the fact that it was a fake e-mail. First, it came to an e-mail address that she did not use with Bank of America. Second, it was asking her to confirm her online identity. Either of these should be enough to make you suspicious of an e-mail being authentic, but combined they are a definite red flag!
Babette said, “I immediately sent it to BofA's abuse reporting address and they confirmed it was not from them and that they are trying to shut down the site that sent it.
In addition to not ever following links in such messages, one should also report it to appropriate sites so that more action can be taken”. This is the way suspicious e-mails should be handled – IF the supposed sender has a way to report the message!
Microsoft has a listing of the top 5 e-mail scams at http://emailsupport.spaces.live.com/blog/cns!5D6F5A79A79B6708!7926.entry. Even if you think you know how to spot a scam e-mail, it is worth reading!
==================
**** SECURITY ALERTS ****
* Patch Tuesday is coming up, and Microsoft has 4 security updates that are all rated as “Critical” waiting to come to your computer. In contrast to last month’s 12 patches this month seems to be lighter, but they have grouped a LOT of patches into one main patch so the total number of programs affected is more than it appears at first. The Windows patch, for example, deals with Windows XP, Vista and various servers, Office, SQL server and the .NET framework. Be ready for a longer update process than usual this month!
* There have been a lot of new web sites registered recently that sound like they are donation sites for hurricane relief. A lot of them are scam sites, only interested in getting your money. With the number of storms coming at the US these sites this week, there will doubtless be more sites like this showing up soon. If you want to help with the relief efforts, go to a reputable site like the Red Cross (http://american.redcross.org) so that you don’t end up making donations to someone that doesn’t have anything to do with the hurricanes!
==================
**** INTERNET EXPLORER 8 BETA ****
The big Internet news in the past weeks included the release of Internet Explorer 8 (IE8) Beta 2. This is expected to be the final beta release before the final version is rolled out (which is still not officially scheduled according to Microsoft). Although there are some nice features included in the new version, I don’t see anything that is going to get people to switch from their favorite Web browser unless that happens to be IE7.
The two main security features that come in IE8 are the SmartScreen Filter and the InPrivate Browsing option. The SmartScreen Filter helps detect and alert you to potentially dangerous pages and web sites by displaying a red-bordered warning page rather than connecting to a site that could download viruses or trojans, try to collect personal data, or otherwise damage your computer. The screen allows you to continue if you want, or return to your home page by clicking on the links provided. You can also report the site as safe, but I have a feeling it will be like trying to get off the TSA no fly list to get the site delisted.
The InPrivate Browsing feature is an interesting addition, and many people are calling it the “porn mode”. Basically it is a way to prevent any information from that browsing session from being saved so that other people can’t see where you have been. Any history of web sites visited, cookies that were accepted, passwords or form information that you fill out in this mode are erased as soon as you close the InPrivate session. Microsoft says that this will help when you are shopping for that special gift for a family member, or if you are checking your e-mail from an Internet Café (assuming they have IE8 installed). It also will block some third party sites from tracking your Web activity through ads or images, which can be a good thing.
Some of the features new to IE8 are things that other browsers already have, or are available through extensions or plug ins. The advantage is that you don’t have to find the extension or plug in that you want and install it, as in Firefox, but Microsoft is offering add-ons that will add functionality to the browser, so you are back in the same situation of having to find the add-ons that you want and installing them!
I haven’t seen anything in IE8 that is a real show stopper – it is a good browser and has some nice features. But as far as the security aspects go there are a number of tools available that do the same things for all of your Web browsers instead of limiting you to IE8. The advantage to using these tools (even if you are using IE8) is that you clear all of the information on your computer that has your web browsing information regardless of which browser you use.
One thing to note about the Beta 2 release – if you have upgraded Windows XP to Service Pack 3 and install IE8 Beta2, you may not be able to uninstall it and go back to IE7. There are limited situations where this will happen, but you may want to wait until the final release before you install IE8. That way you should be able to go back to IE7 without having to reload your system.
Next time I will get into the other big Internet news – the release of Google’s Chrome browser!
==================
**** PROGRAMS TO CLEAR BROWSING INFORMATION****
Clearing out your Web browsing history is not just a good idea from a security standpoint - it can also help keep your computer running faster. As you surf the Web your computer is downloading files and recording the sites that you have visited. All of this information is stored to make it faster and easier to return to the web sites that you visit regularly, or to find a site that you went to a few days ago but cannot remember how you got there. All of this information takes up room on your hard drive, and that can slow your computer over time. By removing the files and history from your Web browser’s cache, you can speed up the computer a bit, and unless you have a slow Internet connection you will not see a difference in how fast a web site loads.
All Web browsers have settings that can limit the amount of room that you devote to the history and temporary files, but trying to configure these can be difficult to figure out. How many days do you want you want to keep the temporary Internet files? How much disk space do you set up for the cache? Do you want to have the browser delete all of the information when you close it, or only certain information? The decision to change these settings can be daunting. Fortunately there are programs that will handle this kind of clean up for you, and do a lot more to get the junk off your computer at the same time.
One of my favorites programs is CCleaner (www.ccleaner.com). This free utility will let you clear the Temporary Internet files, cookies, saved form history and more from any Web Browser you have installed. It can also clean up the temporary files and extra information that Windows Explorer and other applications store. The interface is clean and easy to understand, and you can select only the information and files that you want to clear.
Privacy Eraser (www.privacyeraser.com) is similar to CCleaner, and they offer a Pro version that has a lot of optional plug-ins for handling almost any program that is on your computer. The Pro interface is full of options and can be hard to configure the first time, but the earlier version (Privacy Eraser 5) is a bit easier to figure out. Both of these programs have a 15-day free trial period.
Webroot (www.webroot.com) offers several programs that will scan and clean unnecessary files from your computer (Window Washer), check for spyware (Spy Sweeper) and viruses (Webroot Antivirus), and other utilities for parental controls and backup. Their firewall is free, and there are trial versions of all of their programs.
==================
**** SITES OF INTEREST ****
* If you live in the San Rafael, CA area you may want to check into the Golden Gate Computer Society (www.ggcs.org) They are a non-profit organization, and one of the foremost PC user groups in the San Francisco Bay Area. They have monthly General Meetings (open to the public without charge), Special Interest Groups and a whole lot more.
* When I lived in Virginia I knew what Barbecue was. Then I found out about Carolina Barbecue. Then I moved to Texas and found out that Barbecue was different here than it was in Memphis. If you want a rundown on what Barbecue is throughout the South, watch the video at www.youtube.com/watch?v=6ubTQfr_tyY.
* Beta News has a series of articles on the Presidential and Vice-Presidential candidates’ potential views on technology issues. The link below is for the Sarah Palin article because it is the last of the series and contains links to the other three articles. No inferences should be made as to my political leanings because I am using this link – it can be difficult to find the other articles from the main Beta News page! (http://tinyurl.com/6akbpm)
www.betanews.com/article/Where_does_Sarah_Palin_stand_on_technology_issues/1220649619
* Security Alerts
* Internet Explorer 8 Beta
* Programs to Clear Browsing Information
* Sites of Interest
==================
Happy “Neither Rain Nor Snow” Day! September 7th is the anniversary of the 1914 opening of the New York Post Office building, which has that famous weather phrase inscribed on it. Although this has become known as the US Postal Service motto, there actually is no official motto or creed for our letter carriers!
In the last newsletter I wrote about the fake e-mail messages I was getting from CNN, and since then I started getting them from MSNBC. They have stopped for now, but it kept me on my guard for a while.
Babette wrote in about sending a copy of the e-mail to the company that it supposedly came from so that they know about the problem and can (possibly) take steps to shut down the web site that is sending them. This is excellent advice, and most business sites have a way to send them suspect e-mail messages. I could not find a link on the CNN site (or the MSNBC site) to report the problem, which is a shame.
Babette told me about the one she got from Bank of America (supposedly), and there were a few clues that alerted her to the fact that it was a fake e-mail. First, it came to an e-mail address that she did not use with Bank of America. Second, it was asking her to confirm her online identity. Either of these should be enough to make you suspicious of an e-mail being authentic, but combined they are a definite red flag!
Babette said, “I immediately sent it to BofA's abuse reporting address and they confirmed it was not from them and that they are trying to shut down the site that sent it.
In addition to not ever following links in such messages, one should also report it to appropriate sites so that more action can be taken”. This is the way suspicious e-mails should be handled – IF the supposed sender has a way to report the message!
Microsoft has a listing of the top 5 e-mail scams at http://emailsupport.spaces.live.com/blog/cns!5D6F5A79A79B6708!7926.entry. Even if you think you know how to spot a scam e-mail, it is worth reading!
==================
**** SECURITY ALERTS ****
* Patch Tuesday is coming up, and Microsoft has 4 security updates that are all rated as “Critical” waiting to come to your computer. In contrast to last month’s 12 patches this month seems to be lighter, but they have grouped a LOT of patches into one main patch so the total number of programs affected is more than it appears at first. The Windows patch, for example, deals with Windows XP, Vista and various servers, Office, SQL server and the .NET framework. Be ready for a longer update process than usual this month!
* There have been a lot of new web sites registered recently that sound like they are donation sites for hurricane relief. A lot of them are scam sites, only interested in getting your money. With the number of storms coming at the US these sites this week, there will doubtless be more sites like this showing up soon. If you want to help with the relief efforts, go to a reputable site like the Red Cross (http://american.redcross.org) so that you don’t end up making donations to someone that doesn’t have anything to do with the hurricanes!
==================
**** INTERNET EXPLORER 8 BETA ****
The big Internet news in the past weeks included the release of Internet Explorer 8 (IE8) Beta 2. This is expected to be the final beta release before the final version is rolled out (which is still not officially scheduled according to Microsoft). Although there are some nice features included in the new version, I don’t see anything that is going to get people to switch from their favorite Web browser unless that happens to be IE7.
The two main security features that come in IE8 are the SmartScreen Filter and the InPrivate Browsing option. The SmartScreen Filter helps detect and alert you to potentially dangerous pages and web sites by displaying a red-bordered warning page rather than connecting to a site that could download viruses or trojans, try to collect personal data, or otherwise damage your computer. The screen allows you to continue if you want, or return to your home page by clicking on the links provided. You can also report the site as safe, but I have a feeling it will be like trying to get off the TSA no fly list to get the site delisted.
The InPrivate Browsing feature is an interesting addition, and many people are calling it the “porn mode”. Basically it is a way to prevent any information from that browsing session from being saved so that other people can’t see where you have been. Any history of web sites visited, cookies that were accepted, passwords or form information that you fill out in this mode are erased as soon as you close the InPrivate session. Microsoft says that this will help when you are shopping for that special gift for a family member, or if you are checking your e-mail from an Internet Café (assuming they have IE8 installed). It also will block some third party sites from tracking your Web activity through ads or images, which can be a good thing.
Some of the features new to IE8 are things that other browsers already have, or are available through extensions or plug ins. The advantage is that you don’t have to find the extension or plug in that you want and install it, as in Firefox, but Microsoft is offering add-ons that will add functionality to the browser, so you are back in the same situation of having to find the add-ons that you want and installing them!
I haven’t seen anything in IE8 that is a real show stopper – it is a good browser and has some nice features. But as far as the security aspects go there are a number of tools available that do the same things for all of your Web browsers instead of limiting you to IE8. The advantage to using these tools (even if you are using IE8) is that you clear all of the information on your computer that has your web browsing information regardless of which browser you use.
One thing to note about the Beta 2 release – if you have upgraded Windows XP to Service Pack 3 and install IE8 Beta2, you may not be able to uninstall it and go back to IE7. There are limited situations where this will happen, but you may want to wait until the final release before you install IE8. That way you should be able to go back to IE7 without having to reload your system.
Next time I will get into the other big Internet news – the release of Google’s Chrome browser!
==================
**** PROGRAMS TO CLEAR BROWSING INFORMATION****
Clearing out your Web browsing history is not just a good idea from a security standpoint - it can also help keep your computer running faster. As you surf the Web your computer is downloading files and recording the sites that you have visited. All of this information is stored to make it faster and easier to return to the web sites that you visit regularly, or to find a site that you went to a few days ago but cannot remember how you got there. All of this information takes up room on your hard drive, and that can slow your computer over time. By removing the files and history from your Web browser’s cache, you can speed up the computer a bit, and unless you have a slow Internet connection you will not see a difference in how fast a web site loads.
All Web browsers have settings that can limit the amount of room that you devote to the history and temporary files, but trying to configure these can be difficult to figure out. How many days do you want you want to keep the temporary Internet files? How much disk space do you set up for the cache? Do you want to have the browser delete all of the information when you close it, or only certain information? The decision to change these settings can be daunting. Fortunately there are programs that will handle this kind of clean up for you, and do a lot more to get the junk off your computer at the same time.
One of my favorites programs is CCleaner (www.ccleaner.com). This free utility will let you clear the Temporary Internet files, cookies, saved form history and more from any Web Browser you have installed. It can also clean up the temporary files and extra information that Windows Explorer and other applications store. The interface is clean and easy to understand, and you can select only the information and files that you want to clear.
Privacy Eraser (www.privacyeraser.com) is similar to CCleaner, and they offer a Pro version that has a lot of optional plug-ins for handling almost any program that is on your computer. The Pro interface is full of options and can be hard to configure the first time, but the earlier version (Privacy Eraser 5) is a bit easier to figure out. Both of these programs have a 15-day free trial period.
Webroot (www.webroot.com) offers several programs that will scan and clean unnecessary files from your computer (Window Washer), check for spyware (Spy Sweeper) and viruses (Webroot Antivirus), and other utilities for parental controls and backup. Their firewall is free, and there are trial versions of all of their programs.
==================
**** SITES OF INTEREST ****
* If you live in the San Rafael, CA area you may want to check into the Golden Gate Computer Society (www.ggcs.org) They are a non-profit organization, and one of the foremost PC user groups in the San Francisco Bay Area. They have monthly General Meetings (open to the public without charge), Special Interest Groups and a whole lot more.
* When I lived in Virginia I knew what Barbecue was. Then I found out about Carolina Barbecue. Then I moved to Texas and found out that Barbecue was different here than it was in Memphis. If you want a rundown on what Barbecue is throughout the South, watch the video at www.youtube.com/watch?v=6ubTQfr_tyY.
* Beta News has a series of articles on the Presidential and Vice-Presidential candidates’ potential views on technology issues. The link below is for the Sarah Palin article because it is the last of the series and contains links to the other three articles. No inferences should be made as to my political leanings because I am using this link – it can be difficult to find the other articles from the main Beta News page! (http://tinyurl.com/6akbpm)
www.betanews.com/article/Where_does_Sarah_Palin_stand_on_technology_issues/1220649619
Monday, August 11, 2008
Common Sense Security Newsletter
In This Issue
* What is the DNS Flaw and What Does it Mean to You?
* Security Alerts
* Sites of Interest
==================
Happy S'Mores Day! Depending on the source, S’mores Day is August 10 or 11, but it really doesn’t make that much difference to me. As long as it is a real S’more (graham crackers, toasted marshmallow and chocolate) it is worth celebrating whenever the mood strikes you. If you go for one of the variations that can include peanut butter or “red licorice” (an oxymoron in the first place), you can celebrate S’mores whenever you want, but don’t expect me to take part in the festivities!
I have been very busy this past month, shutting down the main office and setting up the boss in his home office. There have been a lot of challenges along the way, but it looks like they are all taken care of now, except for me finding a new job. Lots of interviews, but I am either over-qualified or under-qualified for the position, so the search goes on.
I started getting e-mails from CNN Alerts last week, and was confused at first because I don’t have any alerts set up with CNN. I went to the CNN site and tried to change the Alert settings and was told that I did not have an account, which is what I thought in the first place, so I just deleted the messages. Since they landed in the Spam folder, I wasn’t very concerned about them. On Friday CNN blogged about “a spam message purporting to be from CNN began circulating the Internet” and disavowed any involvement in the message. Their suggestion was to delete the message. (See http://behindthescenes.blogs.cnn.com for the complete “coverage” of the problem.)
One problem with the CNN report (aside from the fact that it was almost buried in the site navigation) is that there are many more messages circulating than just the one they make it sound like, and another problem is that they don’t take the time to explain what danger these messages present. By clicking on the link in the message, you are sent to a fake CNN site and told that you have to download the latest version of Adobe’s Flash Player in order to see the video. The download is not an update to the Flash Player, but a program that infects the computer and downloads all kinds of additional malicious programs.
This form of attack – telling people that they have to download an update in order to continue on the site - has become quite common in recent months. One thing to keep in mind is that if you follow a link in an e-mail or Instant Message, you are more likely to get caught by a fake site. Your best bet is to go to the site through your web browser, by typing in the address you want to visit. This isn’t foolproof, but it is a lot safer than simply clicking a link.
Another way to help keep your computer safe is to visit the web site that makes the program that “needs to be updated” to see if there really IS a new version. If a site says that you need a new version of Flash, go to www.adobe.com and look for the Flash Player button. If you are supposed to update QuickTime, visit www.apple.com/downloads for the latest version.
Beware of any site that wants you to download a certain video player that is only for their site. There are many web sites that have a proprietary video player, and you need to read through the terms of service and privacy policy very carefully to make sure that they will be (somewhat) careful with your information. Some of these players will collect a LOT of information on your surfing habits, and that is not something that is very good for your privacy. Sharing your web browsing information with third party companies is one way the site can make money, and in return you get a lot of new spam coming your way from these third parties.
I can understand that CNN doesn’t want to make their name synonymous with a scam, but I think that they need to be more forthcoming about the risks associated with the spam that uses their brand. For a news organization to minimize the severity of a problem and pass it off as an isolated incident is not only bad reporting, it is irresponsible. Telling only part of a story is a disservice to their readers, and can only hurt their reputation in the long run. But that seems to be the way of the news in the USA these days, so I am not too surprised at the way they handled the story.
==================
**** WHAT IS THE DNS FLAW AND WHAT DOES IT MEAN TO YOU? ****
If you type in www.amazon.com to get to the online retailer’s site, you are actually going to 207.171.160.0. That is the IP address for the Amazon web site, and your computer is directed to the IP address through a process handled by Domain Name System (DNS) Servers. These servers are the computers throughout the Internet that translate the IP addresses into names so that you don’t have to remember 72.14.207.99 when you want to search for something – you just type in www.google.com and there you are.
When a new domain is registered a primary DNS Server is assigned, and this server lets other DNS Servers know that there is a new domain at the IP address assigned to that domain. Over the course of time (usually within 24 hours) all of the other DNS Servers on the Net get updated to reflect the new domain / IP combination. Until the DNS Server your Internet Service Provider (ISP) uses has that information you could see an error message indicating that the domain is invalid. When your DNS Server does not know the new domain / IP combination, is asks other DNS Servers for that information, and eventually all of them are up to date. Instead of having to ask other servers each time a request for www.commonsensessecurity.info is made, the DNS Servers cache (store) the information, and this is where a problem can come in.
DNS was not originally designed with security in mind, and it is possible to “poison” the cache with fraudulent domain /IP combinations. This means that a web site designed to look like Amazon could be the one you go to instead of the real Amazon site, and you would have no way of knowing. All of the information you enter there would be recorded by the criminals that set up the site and poisoned the DNS cache, and they could use it however they want.
Several months ago a researcher found a major flaw in the way that DNS Servers handled their task, and was working with a lot of other people to get this flaw patched. Unless everyone patched their DNS Servers, it would do no good, and although a lot of companies were willing to apply the patch there were a few hold outs who wanted more information before they would agree to make the changes. In the process of disclosing that information, it was leaked to the web and active cache poisoning tools were soon available to those who wanted to use them.
The good news is that the majority of DNS Servers have been patched. The bad news is that there is a flaw in the patch that needs to be corrected. As one researcher put it, it is the difference between having a hole in your boat and having a small leak – the leak allows you to bail out the water until help can arrive while the hole is almost sure to sink the boat before anything can be done. So even though the major problem has been resolved, there is still more work to do.
There are several things that you can do to make your computer as resistant to DNS cache poisoning as possible, but the easiest is to use Open DNS at http://opendns.com. There is nothing to install, no files to change, no registry hacks to make – just a change in the DNS settings that your web browser uses. The site walks you through the process with step-by-step directions tailored to your operating system. If you know how to change the DNS settings and want to do it yourself, their name servers are 208.67.222.222 and 208.67.220.220. Even though your ISP provides DNS settings when you set up your Internet connection with them, you can use any valid DNS to get to the Internet, and using the Open DNS Servers will help keep you safer until the final patches are in place.
==================
**** SECURITY ALERTS ****
* On Patch Tuesday this month. Microsoft will release updates that will patch holes in just about every version of Windows and Office, including embedded programs like Outlook Express and Windows Messenger. These updates will patch holes that range from “Information Disclosure” to “Remote Code Execution” issues.
* Due to the DNS problem, there are several vulnerable programs that you may be using. If you get Update Warnings about WinAmp, WinZip or Open Office, do not update them yet as you may be downloading malicious code. For now your best bet is to disable the automatic update feature of these programs.
==================
**** SITES OF INTEREST ****
* Greg sent a link to ThreatFire http://www.threatfire.com He said,
“I've used ThreatFire on four of my machines, and I like it, although I had to remove it from one of my machines because it seems to have had a bad interactions with something else I had installed: overnight the machine would invariably get into a low memory state that I was unable to recover from except by rebooting the machine. The other three machines have been great.”
I have been impressed with the program and have not had any issues on my computers. Another free layer for your security arsenal!
* Chris Bliss does a fantastic juggling act at www.flixxy.com/juggling-talent.htm using the end of the Beatles’ Abbey Road Album as the inspiration. Well worth watching.
* For the politically minded, don’t miss Paris Hilton’s answer to John McCain’s ad. It is at www.funnyordie.com. It’s totally hot!
* What is the DNS Flaw and What Does it Mean to You?
* Security Alerts
* Sites of Interest
==================
Happy S'Mores Day! Depending on the source, S’mores Day is August 10 or 11, but it really doesn’t make that much difference to me. As long as it is a real S’more (graham crackers, toasted marshmallow and chocolate) it is worth celebrating whenever the mood strikes you. If you go for one of the variations that can include peanut butter or “red licorice” (an oxymoron in the first place), you can celebrate S’mores whenever you want, but don’t expect me to take part in the festivities!
I have been very busy this past month, shutting down the main office and setting up the boss in his home office. There have been a lot of challenges along the way, but it looks like they are all taken care of now, except for me finding a new job. Lots of interviews, but I am either over-qualified or under-qualified for the position, so the search goes on.
I started getting e-mails from CNN Alerts last week, and was confused at first because I don’t have any alerts set up with CNN. I went to the CNN site and tried to change the Alert settings and was told that I did not have an account, which is what I thought in the first place, so I just deleted the messages. Since they landed in the Spam folder, I wasn’t very concerned about them. On Friday CNN blogged about “a spam message purporting to be from CNN began circulating the Internet” and disavowed any involvement in the message. Their suggestion was to delete the message. (See http://behindthescenes.blogs.cnn.com for the complete “coverage” of the problem.)
One problem with the CNN report (aside from the fact that it was almost buried in the site navigation) is that there are many more messages circulating than just the one they make it sound like, and another problem is that they don’t take the time to explain what danger these messages present. By clicking on the link in the message, you are sent to a fake CNN site and told that you have to download the latest version of Adobe’s Flash Player in order to see the video. The download is not an update to the Flash Player, but a program that infects the computer and downloads all kinds of additional malicious programs.
This form of attack – telling people that they have to download an update in order to continue on the site - has become quite common in recent months. One thing to keep in mind is that if you follow a link in an e-mail or Instant Message, you are more likely to get caught by a fake site. Your best bet is to go to the site through your web browser, by typing in the address you want to visit. This isn’t foolproof, but it is a lot safer than simply clicking a link.
Another way to help keep your computer safe is to visit the web site that makes the program that “needs to be updated” to see if there really IS a new version. If a site says that you need a new version of Flash, go to www.adobe.com and look for the Flash Player button. If you are supposed to update QuickTime, visit www.apple.com/downloads for the latest version.
Beware of any site that wants you to download a certain video player that is only for their site. There are many web sites that have a proprietary video player, and you need to read through the terms of service and privacy policy very carefully to make sure that they will be (somewhat) careful with your information. Some of these players will collect a LOT of information on your surfing habits, and that is not something that is very good for your privacy. Sharing your web browsing information with third party companies is one way the site can make money, and in return you get a lot of new spam coming your way from these third parties.
I can understand that CNN doesn’t want to make their name synonymous with a scam, but I think that they need to be more forthcoming about the risks associated with the spam that uses their brand. For a news organization to minimize the severity of a problem and pass it off as an isolated incident is not only bad reporting, it is irresponsible. Telling only part of a story is a disservice to their readers, and can only hurt their reputation in the long run. But that seems to be the way of the news in the USA these days, so I am not too surprised at the way they handled the story.
==================
**** WHAT IS THE DNS FLAW AND WHAT DOES IT MEAN TO YOU? ****
If you type in www.amazon.com to get to the online retailer’s site, you are actually going to 207.171.160.0. That is the IP address for the Amazon web site, and your computer is directed to the IP address through a process handled by Domain Name System (DNS) Servers. These servers are the computers throughout the Internet that translate the IP addresses into names so that you don’t have to remember 72.14.207.99 when you want to search for something – you just type in www.google.com and there you are.
When a new domain is registered a primary DNS Server is assigned, and this server lets other DNS Servers know that there is a new domain at the IP address assigned to that domain. Over the course of time (usually within 24 hours) all of the other DNS Servers on the Net get updated to reflect the new domain / IP combination. Until the DNS Server your Internet Service Provider (ISP) uses has that information you could see an error message indicating that the domain is invalid. When your DNS Server does not know the new domain / IP combination, is asks other DNS Servers for that information, and eventually all of them are up to date. Instead of having to ask other servers each time a request for www.commonsensessecurity.info is made, the DNS Servers cache (store) the information, and this is where a problem can come in.
DNS was not originally designed with security in mind, and it is possible to “poison” the cache with fraudulent domain /IP combinations. This means that a web site designed to look like Amazon could be the one you go to instead of the real Amazon site, and you would have no way of knowing. All of the information you enter there would be recorded by the criminals that set up the site and poisoned the DNS cache, and they could use it however they want.
Several months ago a researcher found a major flaw in the way that DNS Servers handled their task, and was working with a lot of other people to get this flaw patched. Unless everyone patched their DNS Servers, it would do no good, and although a lot of companies were willing to apply the patch there were a few hold outs who wanted more information before they would agree to make the changes. In the process of disclosing that information, it was leaked to the web and active cache poisoning tools were soon available to those who wanted to use them.
The good news is that the majority of DNS Servers have been patched. The bad news is that there is a flaw in the patch that needs to be corrected. As one researcher put it, it is the difference between having a hole in your boat and having a small leak – the leak allows you to bail out the water until help can arrive while the hole is almost sure to sink the boat before anything can be done. So even though the major problem has been resolved, there is still more work to do.
There are several things that you can do to make your computer as resistant to DNS cache poisoning as possible, but the easiest is to use Open DNS at http://opendns.com. There is nothing to install, no files to change, no registry hacks to make – just a change in the DNS settings that your web browser uses. The site walks you through the process with step-by-step directions tailored to your operating system. If you know how to change the DNS settings and want to do it yourself, their name servers are 208.67.222.222 and 208.67.220.220. Even though your ISP provides DNS settings when you set up your Internet connection with them, you can use any valid DNS to get to the Internet, and using the Open DNS Servers will help keep you safer until the final patches are in place.
==================
**** SECURITY ALERTS ****
* On Patch Tuesday this month. Microsoft will release updates that will patch holes in just about every version of Windows and Office, including embedded programs like Outlook Express and Windows Messenger. These updates will patch holes that range from “Information Disclosure” to “Remote Code Execution” issues.
* Due to the DNS problem, there are several vulnerable programs that you may be using. If you get Update Warnings about WinAmp, WinZip or Open Office, do not update them yet as you may be downloading malicious code. For now your best bet is to disable the automatic update feature of these programs.
==================
**** SITES OF INTEREST ****
* Greg sent a link to ThreatFire http://www.threatfire.com He said,
“I've used ThreatFire on four of my machines, and I like it, although I had to remove it from one of my machines because it seems to have had a bad interactions with something else I had installed: overnight the machine would invariably get into a low memory state that I was unable to recover from except by rebooting the machine. The other three machines have been great.”
I have been impressed with the program and have not had any issues on my computers. Another free layer for your security arsenal!
* Chris Bliss does a fantastic juggling act at www.flixxy.com/juggling-talent.htm using the end of the Beatles’ Abbey Road Album as the inspiration. Well worth watching.
* For the politically minded, don’t miss Paris Hilton’s answer to John McCain’s ad. It is at www.funnyordie.com. It’s totally hot!
Sunday, July 6, 2008
Common Sense Security Newsletter
In This Issue
* Hyping the Danger
* Security Alerts
* Sites of Interest
==================
Happy Be Nice to New Jersey Week! To set the record straight, New Jersey's official state bird is not the mosquito, and their actual state bird, the eastern goldfinch, is not a commuter. Although it is the butt of many jokes, New Jersey is my mother’s home state so that makes it a good state as far as I am concerned.
Gizmo Richards writes the Tech Support Newsletter, which is a great resource for advice on securing your computer and finding free software to help do that (as well as a LOT of other freeware utilities you may not even know exist). He has recently started a wiki site at www.techsupportalert.com/ that lists the best of the best freeware available. It is broken down into categories for easier searching, and provides a wealth of information on the pros and cons of the free programs he features.
If you are not already subscribed to his newsletter, this site will show you almost everything he publishes, and it is well worth adding to your Bookmarks. From privacy tools to picture editing, computer maintenance to desktop enhancements, you are sure to find several programs that you will wonder how you ever lived without!
==================
**** HYPING THE DANGER ****
In the last issue I discussed a report from McAfee that made it sound like a lot of web sites are dangerous to visit if they have a certain ending (.hk, .cn, .info, etc). I believe that, although the report is true, it is not necessarily factual as it ranks minor risks (like linking to “risky” web sites) alongside real risks (like sites that download programs without you knowing about it). The main problem I see with this kind of report is that it magnifies the dangers of surfing the web in order to promote a product.
Recently, USA Today released a story about the dangers of video game consoles, claiming that “sexual predators are using gaming consoles such as the Wii, PlayStation and Xbox to meet children online.” (Due to a certain word in the USA Today web site that I would normally link to here, I cannot post it without setting off spam filters. You can search for “predators gaming console” to find the story in several places, but USA Today was the first to run it.)
The basic premise of the article is that these game consoles present a danger to children, and I can just see the politicos writing laws to somehow restrict what the consoles can do in order “to save the children”. This is another story that magnifies the dangers and totally distorts what they are actually reporting. But how many people will see this for what it is – sensationalism in order to sell their paper?
The report cites only three cases - two where a 12 year old child was lured into meeting with the predator and one where a sexually explicit video was shown to a 10 year old child. That seems like a small number of instances to use for a story that makes it sound like an epidemic, and is especially troubling when one looks at the facts. In one case the 12 year old was playing World of Warcraft, which is rated T for Teen - which means it has content that may be suitable for ages 13 and older. The 10 year old was playing Halo which is rated M for Mature - suitable for persons ages 17 and older. And both 12 year olds managed to go somewhere by themselves without arousing their parents’ suspicions? I don’t think the fault lies with the video game consoles at all.
The main thing I see as a problem is the lack of parental supervision over their children’s activities. Would these parents let their kids watch an R rated movie? If not, why are they allowed to play age inappropriate games? The game consoles have parental controls that allow certain things to be blocked, like text and voice messages, and it is something that a parent needs to check into before allowing their child to connect their game console to the Internet. Why are these devices connected to the Internet at all if the parent is not going to supervise their use? There are a lot of potential dangers on the Net, and just because a child is not on a computer does not mean that they are not potentially exposed to these dangers.
I was talking with my father a while back and he mentioned the old adage about “if it is on TV then it MUST be true”. I corrected him by saying that if it is on the Internet it must be true. We both knew that we were joking, but too many people aren’t in on the joke. Stories like this one tend to distract attention from the real dangers one can find on the Net, and they totally absolve the parents from any responsibility for their children. If you have a child accessing the Net in any way (including through their cell phone) you need to educate yourself on the way the device can be restricted BEFORE you give your child access to it.
Common Sense Media (www.commonsensemedia.org) offers a lot of information about all kinds of things to be aware of when it comes to your children, and it is a very good place to start when you want to find out about a new video game or website that your child wants. I keep Safe (www.ikeepsafe.org) has a lot of information on how to educate your child to the dangers that can be found online and how to avoid them. Windows has built in parental controls for XP (www.windows-help-central.com/parental-controls-in-windows-xp.html) and Vista (www.microsoft.com/protect/products/family/vista.mspx) that are easily set up and managed. Many of the cell phone carriers provide some form of parental control for a child’s phone, usually at no charge.
Although stories like the one USA Today ran prey on our fears, we cannot afford to lose sight of the more mundane threats like phishing (trying to get personal information under false pretenses), viruses and malicious programs. These threats may not be sexy enough to feature in a story, but they are very real and very widespread. Keeping your computer safe is not difficult, but it does take some time and attention. Keeping your children safe requires time and attention, too. Education and involvement in our child’s life are the best things we can give our children.
==================
**** SECURITY ALERTS ****
* Looks like a quiet Patch Tuesday this month. Microsoft will release two “Important” Windows updates, one of which affects only Vista and Server 2008. Two other patches address SQL Server and Exchange Server, and will probably not affect most users’ computers.
* If you downloaded Firefox 3 on June 17th, you helped Mozilla set a World Record of 8,002,530 downloads in 24 hours. The download servers had some problems with the volume of visitors at first, but a few hours into Download Day they had that fixed and the attempt at a World Record started.
Just a few hours after the download was available, a critical flaw in the new version was discovered which could permit remote execution of arbitrary code. The flaw requires you to click on a specially crafted link, so as usual beware clicking on links that you get in e-mails, especially if they are hidden in a button or picture. A fix is in the works.
* Adobe Acrobat versions prior to 8.1.2 have a security flaw that has been recently patched. If you see that annoying little Updates Available message when you are viewing a PDF file, get the update!
* Apple has patched Safari for Microsoft Windows so that you can now customize the download folder location without running the risk of getting a boatload of files downloaded (see last issue). They have also fixed a JavaScript error, so it is safer to run this web browser if you so choose.
==================
**** SITES OF INTEREST ****
* Mike S. wrote to me about a favorite site of his, along the lines of the Running the Numbers site I featured last issue. He says that The MegaPenny Project at www.kokogiak.com/megapenny is one of his favorite sites for putting numbers into perspective. I was very surprised to see how heavy just $10.00 worth of pennies is, and astounded at the size and weight of even larger amounts!
* Doug sent in a very creative “ad” for Windows Vista. Be warned – there are a few words that you might find offensive, but the video is very creative and funny! blimptv.blogspot.com/2007/11/vista-sucks.html
* If you think that you might not be as educated as you would like to be, check out this clip. I almost guarantee that you will feel smarter! (In French, but subtitled) www.youtube.com/watch?v=42xykzW27Q4
* Trade Pub has a lot of magazines, white papers and downloads all for free. Want to learn how advance the learning process through the use of technology? Go to commonsensesecurity.tradepub.com/free/the . How about a magazine that caters to the business of running a website? commonsensesecurity.tradepub.com/free/webs. Total Landscape Care is a news magazine for green industry and landscaping. commonsensesecurity.tradepub.com/free/tolc How about an e-book titled "Happy About Website Payments with PayPal"? commonsensesecurity.tradepub.com/free/w_ha02
Take a few minutes to browse the offerings – there is sure to be something that interests you!
* Hyping the Danger
* Security Alerts
* Sites of Interest
==================
Happy Be Nice to New Jersey Week! To set the record straight, New Jersey's official state bird is not the mosquito, and their actual state bird, the eastern goldfinch, is not a commuter. Although it is the butt of many jokes, New Jersey is my mother’s home state so that makes it a good state as far as I am concerned.
Gizmo Richards writes the Tech Support Newsletter, which is a great resource for advice on securing your computer and finding free software to help do that (as well as a LOT of other freeware utilities you may not even know exist). He has recently started a wiki site at www.techsupportalert.com/ that lists the best of the best freeware available. It is broken down into categories for easier searching, and provides a wealth of information on the pros and cons of the free programs he features.
If you are not already subscribed to his newsletter, this site will show you almost everything he publishes, and it is well worth adding to your Bookmarks. From privacy tools to picture editing, computer maintenance to desktop enhancements, you are sure to find several programs that you will wonder how you ever lived without!
==================
**** HYPING THE DANGER ****
In the last issue I discussed a report from McAfee that made it sound like a lot of web sites are dangerous to visit if they have a certain ending (.hk, .cn, .info, etc). I believe that, although the report is true, it is not necessarily factual as it ranks minor risks (like linking to “risky” web sites) alongside real risks (like sites that download programs without you knowing about it). The main problem I see with this kind of report is that it magnifies the dangers of surfing the web in order to promote a product.
Recently, USA Today released a story about the dangers of video game consoles, claiming that “sexual predators are using gaming consoles such as the Wii, PlayStation and Xbox to meet children online.” (Due to a certain word in the USA Today web site that I would normally link to here, I cannot post it without setting off spam filters. You can search for “predators gaming console” to find the story in several places, but USA Today was the first to run it.)
The basic premise of the article is that these game consoles present a danger to children, and I can just see the politicos writing laws to somehow restrict what the consoles can do in order “to save the children”. This is another story that magnifies the dangers and totally distorts what they are actually reporting. But how many people will see this for what it is – sensationalism in order to sell their paper?
The report cites only three cases - two where a 12 year old child was lured into meeting with the predator and one where a sexually explicit video was shown to a 10 year old child. That seems like a small number of instances to use for a story that makes it sound like an epidemic, and is especially troubling when one looks at the facts. In one case the 12 year old was playing World of Warcraft, which is rated T for Teen - which means it has content that may be suitable for ages 13 and older. The 10 year old was playing Halo which is rated M for Mature - suitable for persons ages 17 and older. And both 12 year olds managed to go somewhere by themselves without arousing their parents’ suspicions? I don’t think the fault lies with the video game consoles at all.
The main thing I see as a problem is the lack of parental supervision over their children’s activities. Would these parents let their kids watch an R rated movie? If not, why are they allowed to play age inappropriate games? The game consoles have parental controls that allow certain things to be blocked, like text and voice messages, and it is something that a parent needs to check into before allowing their child to connect their game console to the Internet. Why are these devices connected to the Internet at all if the parent is not going to supervise their use? There are a lot of potential dangers on the Net, and just because a child is not on a computer does not mean that they are not potentially exposed to these dangers.
I was talking with my father a while back and he mentioned the old adage about “if it is on TV then it MUST be true”. I corrected him by saying that if it is on the Internet it must be true. We both knew that we were joking, but too many people aren’t in on the joke. Stories like this one tend to distract attention from the real dangers one can find on the Net, and they totally absolve the parents from any responsibility for their children. If you have a child accessing the Net in any way (including through their cell phone) you need to educate yourself on the way the device can be restricted BEFORE you give your child access to it.
Common Sense Media (www.commonsensemedia.org) offers a lot of information about all kinds of things to be aware of when it comes to your children, and it is a very good place to start when you want to find out about a new video game or website that your child wants. I keep Safe (www.ikeepsafe.org) has a lot of information on how to educate your child to the dangers that can be found online and how to avoid them. Windows has built in parental controls for XP (www.windows-help-central.com/parental-controls-in-windows-xp.html) and Vista (www.microsoft.com/protect/products/family/vista.mspx) that are easily set up and managed. Many of the cell phone carriers provide some form of parental control for a child’s phone, usually at no charge.
Although stories like the one USA Today ran prey on our fears, we cannot afford to lose sight of the more mundane threats like phishing (trying to get personal information under false pretenses), viruses and malicious programs. These threats may not be sexy enough to feature in a story, but they are very real and very widespread. Keeping your computer safe is not difficult, but it does take some time and attention. Keeping your children safe requires time and attention, too. Education and involvement in our child’s life are the best things we can give our children.
==================
**** SECURITY ALERTS ****
* Looks like a quiet Patch Tuesday this month. Microsoft will release two “Important” Windows updates, one of which affects only Vista and Server 2008. Two other patches address SQL Server and Exchange Server, and will probably not affect most users’ computers.
* If you downloaded Firefox 3 on June 17th, you helped Mozilla set a World Record of 8,002,530 downloads in 24 hours. The download servers had some problems with the volume of visitors at first, but a few hours into Download Day they had that fixed and the attempt at a World Record started.
Just a few hours after the download was available, a critical flaw in the new version was discovered which could permit remote execution of arbitrary code. The flaw requires you to click on a specially crafted link, so as usual beware clicking on links that you get in e-mails, especially if they are hidden in a button or picture. A fix is in the works.
* Adobe Acrobat versions prior to 8.1.2 have a security flaw that has been recently patched. If you see that annoying little Updates Available message when you are viewing a PDF file, get the update!
* Apple has patched Safari for Microsoft Windows so that you can now customize the download folder location without running the risk of getting a boatload of files downloaded (see last issue). They have also fixed a JavaScript error, so it is safer to run this web browser if you so choose.
==================
**** SITES OF INTEREST ****
* Mike S. wrote to me about a favorite site of his, along the lines of the Running the Numbers site I featured last issue. He says that The MegaPenny Project at www.kokogiak.com/megapenny is one of his favorite sites for putting numbers into perspective. I was very surprised to see how heavy just $10.00 worth of pennies is, and astounded at the size and weight of even larger amounts!
* Doug sent in a very creative “ad” for Windows Vista. Be warned – there are a few words that you might find offensive, but the video is very creative and funny! blimptv.blogspot.com/2007/11/vista-sucks.html
* If you think that you might not be as educated as you would like to be, check out this clip. I almost guarantee that you will feel smarter! (In French, but subtitled) www.youtube.com/watch?v=42xykzW27Q4
* Trade Pub has a lot of magazines, white papers and downloads all for free. Want to learn how advance the learning process through the use of technology? Go to commonsensesecurity.tradepub.com/free/the . How about a magazine that caters to the business of running a website? commonsensesecurity.tradepub.com/free/webs. Total Landscape Care is a news magazine for green industry and landscaping. commonsensesecurity.tradepub.com/free/tolc How about an e-book titled "Happy About Website Payments with PayPal"? commonsensesecurity.tradepub.com/free/w_ha02
Take a few minutes to browse the offerings – there is sure to be something that interests you!
Sunday, June 8, 2008
Common Sense Security Newsletter 8 June, 2008
In This Issue
* Risky Domains?
* Security Alerts
* Sites of Interest
==================
Happy Anniversary, Baby! 16 years ago today my lovely wife, Karen, and I got married, and in spite of everything we are still together and going strong. Since she only reads the first part of my newsletters I wanted to make sure that she knows how happy I am to have her in my life, especially when times get a bit rough for us. It makes it easier to keep plugging along knowing that we are working together. (You can skip to the Sites of Interest now, Honey.)
There is an increasing amount of e-mail known as backscatter spam, and it can be cause for concern if you get these messages. Most mail servers have the ability to determine if the "From" address in an e-mail is based on a real domain and block those messages that are not, so the spam can be stopped before it gets very far. Backscatter is the result of a spammer using a legitimate e-mail address as the "From" address when they send out their mass mailings in an effort to avoid the messages being blocked by mail servers.
If your address is out on the Net somewhere, it is susceptible to being used by a spammer and the result is that you may start to see messages that indicate you have tried to send messages to accounts that do not exist, or that the message was not delivered because it was marked as spam. If you are like me, the first time you got one of these messages you probably ignored it, but as more of them arrive you may start to wonder if there is a security problem on your computer. Messages that your e-mail is not getting through to a person that you have never heard of can raise all sorts of red flags. Are you part of a zombie network that sends spam without your knowledge? Is there a virus on your computer?
Chances are good that your computer is not the problem if you have your antivirus program up to date, and if the messages are coming to your web-based e-mail (Yahoo, Hotmail, Gmail, etc.) then you have very little to worry about. But the security issues with these messages lie in the links that may be contained in the messages - they often WILL try to infect your computer by suggesting you visit a site to find out the reason behind the rejected message. Your best course of action is to just delete the message.
One favorite trick is to disguise the backscatter as a challenge/response message where you have to click on the link to verify that your e-mail address is valid. This is an annoying practice for legitimate e-mails, but it becomes even more dangerous with backscatter on the rise. If your e-mail is set up with a challenge/response you may want to rethink using it, not just because of the backscatter issue but because it tends to annoy people who send you legitimate e-mail. Many security experts say that this is a poor attempt at controlling spam, and gives the user a false sense of security.
Until the mail providers stop bouncing messages that cannot be delivered because of a non-existent user, backscatter will continue to grow. Don't get too worried if you start seeing these messages- just make sure that you have the latest update to your antivirus program and scan you computer regularly.
==================
**** Risky Domains? ****
McAfee has released a report about the most dangerous domains to visit. The report focuses on the Top Level Domain (TLD) which is the last part of the address (.com, .info, .uk, etc.). Web sites found in each TLD that contained adware, spyware, viruses, spam, excessive pop-ups, browser exploits or links to other risky sites were added to the list, and the relative percentage of these results formed the basis for the rankings.
McAfee found the most dangerous TLDs to visit are ".hk" (Hong Kong - 19.2% of the sites), ".cn" (China - 11.8%) and ".info" (information - 11.7%). Some of the safest are ".gov" (government use - 0.05%), ".jp" (Japan - 0.1%), and ".au" (Australia - 0.3%). One thing to keep in mind is that these domains are not necessarily based in the country they may seem to be, since registering a domain name usually does not require the site to be hosted in a specific place. This allows hackers to find he easiest and cheapest domain name in order to try to get people to visit their sites.
My major complaint about this report is that it does not differentiate among the different risks that are found. Browser exploits and viruses should get a higher weighting than "excessive pop ups" since the former are true security threats and the latter is usually more of an annoyance. By lumping all of the risks together I feel that the report does us a disservice - I would rather know how the really dangerous threats from the TLDs stack up.
There are a number of ways to help keep yourself safer online, especially if you visit any of the sites listed in the report
(http://us.mcafee.com/en-us/local/docs/Mapping_Mal_Web.pdf?cid=45044). The first thing to keep in mind is that ANY link in an e-mail is suspicious, even if you think that the person sending it to you is trustworthy. If you get an e-mail from someone you do not know, don't click on the links the mail contains. Be especially careful about the attachments that you get through e-mail since there is no way of knowing where they came from. Think about it - does your friend have the time and skill to create PowerPoint or Flash presentations that make their way to your inbox?
When you are surfing the Web and are clicking links, you have several options to help warn you about potential security issues on the sites you visit. As far as free security toolbars go, there are few that get any recommendations from security sites. McAfee wants you to get their Site Advisor (http://www.siteadvisor.com/) which works on both Internet Explorer and Firefox. The Comodo Verification Engine
(http://www.vengine.com/products/vengine/index.html) will add a green border around a web page when you place the mouse over the site's logo (if it is registered with them). Many other antivirus companies have a toolbar that install with their program in order to help alert you to potential problems.
And both Internet Explorer 7 and Firefox 2 have this capacity built in.
Google, Microsoft and Yahoo offer browser toolbars that provide a minimal amount of warning for sites that may be malicious, but their main function is to aid in searching or accessing features of their respective web sites.
Your best bet, as always, is to have an antivirus program that is updated regularly, coupled with an anti-spyware program that you run on at least a weekly basis. And keep in mind that the TLDs mentioned in the McAfee report are a small percentage of the sites you are likely to visit, so even though you need to be on the lookout for potential problems you should not be too concerned about the report. It is helpful to know about, but is more of a marketing tool to sell more McAfee programs as far as I can tell.
==================
**** SECURITY ALERTS ****
* On Tuesday Microsoft will release three critical security patches for Internet Explorer, DirectX and Bluetooth that affect just about every version of Windows. There are three Important security patches and one Moderate patch scheduled for release as well.
* A combination of factors in Apple's Safari Web Browser and Windows creates a threat where files may be downloaded to your machine without prompting, allowing them to be executed. Apple is looking at the possibility of changing the way files are downloaded, but it does not seem to be a priority for them. Microsoft is looking at ways they can stop this from happening, but has no firm plans to do so. Apple claimed that Safari was "Secure from Day 1" but they have patched security holes ever since they released it - more patches for the Windows version than for Apple computers - so their Marketing lives up to its reputation of overpromising and under delivering.
If you use the Safari web browser, you can go to the Edit menu, select
Preferences and change "Save Downloaded Files To" to anything other than
the desktop. This will help mitigate the problem, if not provide an actual fix.
==================
**** SITES OF INTEREST ****
* Firefox 3 is due out sometime this month, and Mozilla is going to try to set a World Record for the most downloads in a 24 hour period when it is finally released. If you want to be a part of the record attempt, visit http://www.spreadfirefox.com/en-US/worldrecord/ and sign up to get an e-mail when it is available. Firefox 3 claims to have better security, customization and faster download speed, and the beta testers seem to back up these claims. It will be a worthwhile upgrade whether you get it on Day 1 or wait for the automatic update, so why not help set a record?
* Because it was "running an ancient operating system, DOS" data from the Columbia Space Shuttle's hard drive was recovered even though the casing was melted and the dust seal was broken. It amazes me that the data was recovered, and that DOS is referred to as "ancient"!
http://ap.google.com/article/ALeqM5gSPhPhnN0CdPu3CtirtSkuILl1UgD90IIQQ82
* Running the Numbers: An American Self-Portrait shows large images composed of smaller images in an effort to "raise some questions about the role of the individual in a society that is increasingly enormous, incomprehensible, and overwhelming." Very interesting to see - more difficult to comprehend the scale of what we use. http://chrisjordan.com/current_set2.php
* Risky Domains?
* Security Alerts
* Sites of Interest
==================
Happy Anniversary, Baby! 16 years ago today my lovely wife, Karen, and I got married, and in spite of everything we are still together and going strong. Since she only reads the first part of my newsletters I wanted to make sure that she knows how happy I am to have her in my life, especially when times get a bit rough for us. It makes it easier to keep plugging along knowing that we are working together. (You can skip to the Sites of Interest now, Honey.)
There is an increasing amount of e-mail known as backscatter spam, and it can be cause for concern if you get these messages. Most mail servers have the ability to determine if the "From" address in an e-mail is based on a real domain and block those messages that are not, so the spam can be stopped before it gets very far. Backscatter is the result of a spammer using a legitimate e-mail address as the "From" address when they send out their mass mailings in an effort to avoid the messages being blocked by mail servers.
If your address is out on the Net somewhere, it is susceptible to being used by a spammer and the result is that you may start to see messages that indicate you have tried to send messages to accounts that do not exist, or that the message was not delivered because it was marked as spam. If you are like me, the first time you got one of these messages you probably ignored it, but as more of them arrive you may start to wonder if there is a security problem on your computer. Messages that your e-mail is not getting through to a person that you have never heard of can raise all sorts of red flags. Are you part of a zombie network that sends spam without your knowledge? Is there a virus on your computer?
Chances are good that your computer is not the problem if you have your antivirus program up to date, and if the messages are coming to your web-based e-mail (Yahoo, Hotmail, Gmail, etc.) then you have very little to worry about. But the security issues with these messages lie in the links that may be contained in the messages - they often WILL try to infect your computer by suggesting you visit a site to find out the reason behind the rejected message. Your best course of action is to just delete the message.
One favorite trick is to disguise the backscatter as a challenge/response message where you have to click on the link to verify that your e-mail address is valid. This is an annoying practice for legitimate e-mails, but it becomes even more dangerous with backscatter on the rise. If your e-mail is set up with a challenge/response you may want to rethink using it, not just because of the backscatter issue but because it tends to annoy people who send you legitimate e-mail. Many security experts say that this is a poor attempt at controlling spam, and gives the user a false sense of security.
Until the mail providers stop bouncing messages that cannot be delivered because of a non-existent user, backscatter will continue to grow. Don't get too worried if you start seeing these messages- just make sure that you have the latest update to your antivirus program and scan you computer regularly.
==================
**** Risky Domains? ****
McAfee has released a report about the most dangerous domains to visit. The report focuses on the Top Level Domain (TLD) which is the last part of the address (.com, .info, .uk, etc.). Web sites found in each TLD that contained adware, spyware, viruses, spam, excessive pop-ups, browser exploits or links to other risky sites were added to the list, and the relative percentage of these results formed the basis for the rankings.
McAfee found the most dangerous TLDs to visit are ".hk" (Hong Kong - 19.2% of the sites), ".cn" (China - 11.8%) and ".info" (information - 11.7%). Some of the safest are ".gov" (government use - 0.05%), ".jp" (Japan - 0.1%), and ".au" (Australia - 0.3%). One thing to keep in mind is that these domains are not necessarily based in the country they may seem to be, since registering a domain name usually does not require the site to be hosted in a specific place. This allows hackers to find he easiest and cheapest domain name in order to try to get people to visit their sites.
My major complaint about this report is that it does not differentiate among the different risks that are found. Browser exploits and viruses should get a higher weighting than "excessive pop ups" since the former are true security threats and the latter is usually more of an annoyance. By lumping all of the risks together I feel that the report does us a disservice - I would rather know how the really dangerous threats from the TLDs stack up.
There are a number of ways to help keep yourself safer online, especially if you visit any of the sites listed in the report
(http://us.mcafee.com/en-us/local/docs/Mapping_Mal_Web.pdf?cid=45044). The first thing to keep in mind is that ANY link in an e-mail is suspicious, even if you think that the person sending it to you is trustworthy. If you get an e-mail from someone you do not know, don't click on the links the mail contains. Be especially careful about the attachments that you get through e-mail since there is no way of knowing where they came from. Think about it - does your friend have the time and skill to create PowerPoint or Flash presentations that make their way to your inbox?
When you are surfing the Web and are clicking links, you have several options to help warn you about potential security issues on the sites you visit. As far as free security toolbars go, there are few that get any recommendations from security sites. McAfee wants you to get their Site Advisor (http://www.siteadvisor.com/) which works on both Internet Explorer and Firefox. The Comodo Verification Engine
(http://www.vengine.com/products/vengine/index.html) will add a green border around a web page when you place the mouse over the site's logo (if it is registered with them). Many other antivirus companies have a toolbar that install with their program in order to help alert you to potential problems.
And both Internet Explorer 7 and Firefox 2 have this capacity built in.
Google, Microsoft and Yahoo offer browser toolbars that provide a minimal amount of warning for sites that may be malicious, but their main function is to aid in searching or accessing features of their respective web sites.
Your best bet, as always, is to have an antivirus program that is updated regularly, coupled with an anti-spyware program that you run on at least a weekly basis. And keep in mind that the TLDs mentioned in the McAfee report are a small percentage of the sites you are likely to visit, so even though you need to be on the lookout for potential problems you should not be too concerned about the report. It is helpful to know about, but is more of a marketing tool to sell more McAfee programs as far as I can tell.
==================
**** SECURITY ALERTS ****
* On Tuesday Microsoft will release three critical security patches for Internet Explorer, DirectX and Bluetooth that affect just about every version of Windows. There are three Important security patches and one Moderate patch scheduled for release as well.
* A combination of factors in Apple's Safari Web Browser and Windows creates a threat where files may be downloaded to your machine without prompting, allowing them to be executed. Apple is looking at the possibility of changing the way files are downloaded, but it does not seem to be a priority for them. Microsoft is looking at ways they can stop this from happening, but has no firm plans to do so. Apple claimed that Safari was "Secure from Day 1" but they have patched security holes ever since they released it - more patches for the Windows version than for Apple computers - so their Marketing lives up to its reputation of overpromising and under delivering.
If you use the Safari web browser, you can go to the Edit menu, select
Preferences and change "Save Downloaded Files To" to anything other than
the desktop. This will help mitigate the problem, if not provide an actual fix.
==================
**** SITES OF INTEREST ****
* Firefox 3 is due out sometime this month, and Mozilla is going to try to set a World Record for the most downloads in a 24 hour period when it is finally released. If you want to be a part of the record attempt, visit http://www.spreadfirefox.com/en-US/worldrecord/ and sign up to get an e-mail when it is available. Firefox 3 claims to have better security, customization and faster download speed, and the beta testers seem to back up these claims. It will be a worthwhile upgrade whether you get it on Day 1 or wait for the automatic update, so why not help set a record?
* Because it was "running an ancient operating system, DOS" data from the Columbia Space Shuttle's hard drive was recovered even though the casing was melted and the dust seal was broken. It amazes me that the data was recovered, and that DOS is referred to as "ancient"!
http://ap.google.com/article/ALeqM5gSPhPhnN0CdPu3CtirtSkuILl1UgD90IIQQ82
* Running the Numbers: An American Self-Portrait shows large images composed of smaller images in an effort to "raise some questions about the role of the individual in a society that is increasingly enormous, incomprehensible, and overwhelming." Very interesting to see - more difficult to comprehend the scale of what we use. http://chrisjordan.com/current_set2.php
Sunday, May 18, 2008
Common Sense Security Newsletter 18 May, 2008
In This Issue
* Windows XP Service Pack 3 Hell
* Antimalware Programs
* Security Alerts
* Sites of Interest
==================
Happy Birthday Karol Jozef Wojtyła! Today is also Devil's Food Cake Day, which seems a bit of a contradiction considering that Karol Wojtyta was better known as Pope John Paul II.
If you have subscribed to the newsletter through your AOL account, you may not be getting it delivered. Unless you visit the online newsletter (http://mouseholeproductions.blogspot.com) you may not even realize that you are not getting it, since AOL has decided to block emails that contain links to certain web sites. They don’t bother to let you know that you got an e-mail that may be junk, they just delete it and pat themselves on the back for keeping their users safe. Chalk one up for stupid filtering practices.
This kind of blocking crops up every now and then, and when the last newsletter went out I got a lot of “undeliverable” messages sent back to me. There were a couple of “mailbox is over size limit” errors, which is common, but the majority of the messages came from AOL indicating that the message was blocked because, “There is at least one domain in your email that is generating substantial complaints from AOL members.” This is troubling on a number of levels, but especially because the e-mail content is being evaluated and rejected because of certain links it contains. A common sense way of dealing with links that may be dangerous would be to alert you to the fact that the links might be dangerous, but AOL is not known for having much common sense.
Many Internet service Providers (ISPs) have filters set up for blocking “unsolicited bulk e-mail”, commonly referred to by a brand name for a Hormel product. (I won’t use it here since that could trigger other e-mail filters. I will just refer to it as “junk mail”.) If the ISP has a filter set up that is doing its job right, it will move the suspected junk mail to a special folder that you can access, and choose for yourself if the mail actually belongs there. Most web based e-mail (Hotmail, Google, Yahoo, etc.) does that, and the advantage of knowing what mail has been blocked is that you can unblock it as necessary. The disadvantage is that you will often see junk mail that was not caught by the filter, and you have to delete it manually.
When an ISP blocks mail and does not even let you know that the message was sent to you, they are taking away your choices by deciding that *their* opinion of what is acceptable is right, and you have no say in their decision. This is just wrong. The ISPs that practice this have ways for a sender to have their e-mails bypass these filters, and they charge the sender a lot of money to verify their e-mail as “safe”. So basically they extort the sender to allow users to get e-mails that they have requested. Heck of a way to make a profit.
If you are with AOL (or know someone who is) it is a good idea to switch to a different e-mail provider. Even though you will still have an AOL internet account you can get the messages that would otherwise be blocked by using Hotmail, Google, Yahoo, or other web based e-mail programs instead of your AOL address. I have an SBC e-mail address that came with my ISP account, but I never use it because I have little control over what I can filter.
It is up to you to decide what you want to get in your e-mail, and any provider that does not allow you to make that decision is not one you should stay with.
==================
**** WINDOWS XP SERVICE PACK 3 HELL ****
Windows XP Service Pack 3 (SP3) has been released to the world through Windows Update, and it has not been as well received as Microsoft wanted. Sounds kind of like Vista, but that’s a different story.
Microsoft originally had SP3 ready to roll out at the end of April but delayed it due to a compatibility problem that had been discovered. They managed to put in a filter that kept SP3 from installing on certain computers, and had it on Windows Update about a week later. That is when the real fun began.
It seems that some computers enter an endless reboot cycle after SP3 is installed, and the blame game has started. In a nutshell, the Service Pack “updates” a file that was not on the computer in the first place, and when the computer starts up this file tries to load. The file cannot load, and the system crashes and tries to reboot. When it reboots it tries to load the file, which crashes the system, and the whole process starts over again.
HP machines with AMD processors have received the most press about this problem, but there have been reports about other computer makers and Intel processors having the same problem. Microsoft blames HP for the way they loaded Windows XP, and claims that if they had followed the Microsoft recommendations on how to preinstall Windows XP there would not be any problems. This doesn’t address all of the problems that people have seen, and sounds a lot like Microsoft trying to wash their hands of the responsibility.
If the video driver you have is the wrong one for SP3, you can have the same reboot issue. Also, if the BIOS of the main board does not meet certain specifications you could have the same problem. And if you have a certain Asus motherboard, this issue may rear its ugly head. Maybe the blame lies with Microsoft after all?
To help make things right, Microsoft is offering free support for this problem through April 2009. Information on how to get help from them is at
http://support.microsoft.com/oas/default.aspx?ln=en-us&prid=11273&gprid=522131 and they provide telephone, chat and e-mail support. Free support for a problem that is someone else’s fault doesn’t sound like the Microsoft way, so again it looks like a faux pas on their part regarding the testing of SP3.
Glenn has had this problem and "....after spending 4 1/2 hrs with tech help over the phone, I’m now waiting for 2 days to get ‘advanced upper level help’". I pointed him to a site that has a lot of suggestions on how to correct the problem. You can go to Jesper’s blog at http://msinfluentials.com/blogs/jesper/archive/2008/05/08/does-your-amd-based-computer-boot-after-installing-xp-sp3.aspx (http://tinyurl.com/6zs52d) . Microsoft has several support pages to try to help out, including how to disable the offending file (http://support.microsoft.com/kb/888372), how to install the Recovery Console to allow you to disable the file (http://support.microsoft.com/kb/307654), and how to uninstall SP3 (http://support.microsoft.com/kb/950249/en-us).
If you have not installed SP3 and are concerned about potentially hosing up your system, I would recommend waiting a little while. Eventually this will get straightened out, and SP3 will work for all computers. To keep from getting SP3 installed automatically you will have to disable Automatic Updates, or change the settings for them. Right click on the My Computer icon and then click on Properties. Click on the Automatic Updates tab and choose anything other than Automatic. If you choose “Download updates for me, but let me choose when to install them” you will have the option to install the updates as Custom update. That allows you to check off the updates you want, and only those updates will be installed. The advantage to this is that you can keep the rest of your system up to date without entering XP SP3 Hell!
==================
**** ANTIMALWARE PROGRAMS ****
Most programs that detect malicious programs use a signature-based scan that looks for known malicious activity and block the program from running. That is fine for known programs, but it is imperative that these programs are kept up to date in order to do their job. And they are totally ineffective when it comes to brand new threats – the so called zero-day exploits which are released before the security companies are even aware of the existence of a software flaw.
There are reports coming out about the way malicious programs are changing to avoid detection, and the implications are pretty scary. The new breed of malware has the ability to change its signature after it gets to your computer, rendering the signature-based programs ineffective even if they are updated regularly. There are programs available that allow people to write their malware with this signature changing capability, so the use of this process is growing.
A number of companies have come up with behavior-based antimalware programs that look at what a program is trying to do, and alerts you to activity that may be malicious. Some behavior-based programs take time to “learn” the things you do on your computer and pop up a lot of warnings during this time. You have to decide if you want to allow or block the program, and unless you are careful you could end up disabling programs that you want (or need). After a week or so, these antimalware programs show fewer messages and those that they do show tend to be more of what you expect – actual malware instead of programs that you run all the time.
Greg sent me a link to ThreatFire (http://www.threatfire.com) which is a behavior-based antimalware program that has received a PC Magazine Editor’s Choice award. It is a free program for personal use, and Greg’s experience has been pretty good:
“I've used ThreatFire on four of my machines, and I like it, although I had to remove it from one of my machines because it seems to have had a bad interactions with something else I had installed: overnight the machine would invariably get into a low memory state that I was unable to recover from except by rebooting the machine. The other three machines have been great.”
My initial impression of the program is favorable – I have not seen the low memory issue that Greg had, and the program is pretty unobtrusive. There is a paid version that allows you to call for support rather than using web support, and it will allow automatic updates rather than having to manually update the program. But the free version seems to be a good addition to your current security programs since it protects just as well as the paid version.
Installation is straightforward and although there are lot of optional configuration settings you can use, it works well with the default settings. One thing that helps determine what to do when a warning comes up is a link to a Google search for that warning. The color coded alerts also help you determine what the threat level is, and if you want to really dig deep you can use the System Activity Monitor to see everything that is running on your computer.
Keep in mind that behavior-based programs are not meant to replace the security programs you currently use; they are an enhancement to your current programs. Just as you should use several different programs (spyware, antivirus, firewalls, online scans, etc.) to help keep your system safe, you want to add a behavior-based program to your arsenal, and ThreatFire is a good choice.
For some other programs that you might want to use, there are reviews of several at http://www.pcmag.com/article2/0,1895,2047391,00.asp. And I have no interest in promoting ThreatFire over the other programs other than the fact that it works as I like my security programs to work – in the background until I need to know about a threat to my computer.
==================
**** SECURITY ALERTS ****
* On Tuesday Microsoft released security patches for Microsoft Word, Microsoft Publisher, Microsoft Office, Microsoft Jet Database Engine 4, Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, and Microsoft Forefront Security. They are ranked as Critical to Moderate, so they are definitely worth getting. My only question is, who uses Microsoft Publisher anymore?
* Word 2003 has a security hole that is currently being exploited through a Word document attached to an e-mail. This showed up after the last round of patches (a zero-day exploit), and Microsoft says they will have a patch between now and June 13, the next scheduled Patch Tuesday. Even though the attack is only successful in Word 2003, it can crash other versions of Word. As always, be very careful about opening e-mail attachments.
==================
**** SITES OF INTEREST ****
*If you are a cat lover, you might want to check out how compatible you and your feline friend really are. http://community.breezeforcats.com/quiz.html asks a series of questions and then scores your compatibility. I got a Best Buddies rating.
*When the Lunar Reconnaissance Orbiter is launched in November it will orbit the moon looking for safe landing places, attempt to locate potential resources and provide more data on the moon in preparation for establishing a lunar outpost. There will be a microchip on it with the names of people who want to support the effort, and the deadline for getting your name on the chip (and a certificate to that effect) is June 27. Visit http://lro.jhuapl.edu/NameToMoon/index.php to sign up!
* Think you know about how companies handle your personal information? Check out http://www.darkreading.com/document.asp?doc_id=154134&WT.svl=news1_1 to see how you would answer these 9 True /False statement, and you might be surprised!
* Windows XP Service Pack 3 Hell
* Antimalware Programs
* Security Alerts
* Sites of Interest
==================
Happy Birthday Karol Jozef Wojtyła! Today is also Devil's Food Cake Day, which seems a bit of a contradiction considering that Karol Wojtyta was better known as Pope John Paul II.
If you have subscribed to the newsletter through your AOL account, you may not be getting it delivered. Unless you visit the online newsletter (http://mouseholeproductions.blogspot.com) you may not even realize that you are not getting it, since AOL has decided to block emails that contain links to certain web sites. They don’t bother to let you know that you got an e-mail that may be junk, they just delete it and pat themselves on the back for keeping their users safe. Chalk one up for stupid filtering practices.
This kind of blocking crops up every now and then, and when the last newsletter went out I got a lot of “undeliverable” messages sent back to me. There were a couple of “mailbox is over size limit” errors, which is common, but the majority of the messages came from AOL indicating that the message was blocked because, “There is at least one domain in your email that is generating substantial complaints from AOL members.” This is troubling on a number of levels, but especially because the e-mail content is being evaluated and rejected because of certain links it contains. A common sense way of dealing with links that may be dangerous would be to alert you to the fact that the links might be dangerous, but AOL is not known for having much common sense.
Many Internet service Providers (ISPs) have filters set up for blocking “unsolicited bulk e-mail”, commonly referred to by a brand name for a Hormel product. (I won’t use it here since that could trigger other e-mail filters. I will just refer to it as “junk mail”.) If the ISP has a filter set up that is doing its job right, it will move the suspected junk mail to a special folder that you can access, and choose for yourself if the mail actually belongs there. Most web based e-mail (Hotmail, Google, Yahoo, etc.) does that, and the advantage of knowing what mail has been blocked is that you can unblock it as necessary. The disadvantage is that you will often see junk mail that was not caught by the filter, and you have to delete it manually.
When an ISP blocks mail and does not even let you know that the message was sent to you, they are taking away your choices by deciding that *their* opinion of what is acceptable is right, and you have no say in their decision. This is just wrong. The ISPs that practice this have ways for a sender to have their e-mails bypass these filters, and they charge the sender a lot of money to verify their e-mail as “safe”. So basically they extort the sender to allow users to get e-mails that they have requested. Heck of a way to make a profit.
If you are with AOL (or know someone who is) it is a good idea to switch to a different e-mail provider. Even though you will still have an AOL internet account you can get the messages that would otherwise be blocked by using Hotmail, Google, Yahoo, or other web based e-mail programs instead of your AOL address. I have an SBC e-mail address that came with my ISP account, but I never use it because I have little control over what I can filter.
It is up to you to decide what you want to get in your e-mail, and any provider that does not allow you to make that decision is not one you should stay with.
==================
**** WINDOWS XP SERVICE PACK 3 HELL ****
Windows XP Service Pack 3 (SP3) has been released to the world through Windows Update, and it has not been as well received as Microsoft wanted. Sounds kind of like Vista, but that’s a different story.
Microsoft originally had SP3 ready to roll out at the end of April but delayed it due to a compatibility problem that had been discovered. They managed to put in a filter that kept SP3 from installing on certain computers, and had it on Windows Update about a week later. That is when the real fun began.
It seems that some computers enter an endless reboot cycle after SP3 is installed, and the blame game has started. In a nutshell, the Service Pack “updates” a file that was not on the computer in the first place, and when the computer starts up this file tries to load. The file cannot load, and the system crashes and tries to reboot. When it reboots it tries to load the file, which crashes the system, and the whole process starts over again.
HP machines with AMD processors have received the most press about this problem, but there have been reports about other computer makers and Intel processors having the same problem. Microsoft blames HP for the way they loaded Windows XP, and claims that if they had followed the Microsoft recommendations on how to preinstall Windows XP there would not be any problems. This doesn’t address all of the problems that people have seen, and sounds a lot like Microsoft trying to wash their hands of the responsibility.
If the video driver you have is the wrong one for SP3, you can have the same reboot issue. Also, if the BIOS of the main board does not meet certain specifications you could have the same problem. And if you have a certain Asus motherboard, this issue may rear its ugly head. Maybe the blame lies with Microsoft after all?
To help make things right, Microsoft is offering free support for this problem through April 2009. Information on how to get help from them is at
http://support.microsoft.com/oas/default.aspx?ln=en-us&prid=11273&gprid=522131 and they provide telephone, chat and e-mail support. Free support for a problem that is someone else’s fault doesn’t sound like the Microsoft way, so again it looks like a faux pas on their part regarding the testing of SP3.
Glenn has had this problem and "....after spending 4 1/2 hrs with tech help over the phone, I’m now waiting for 2 days to get ‘advanced upper level help’". I pointed him to a site that has a lot of suggestions on how to correct the problem. You can go to Jesper’s blog at http://msinfluentials.com/blogs/jesper/archive/2008/05/08/does-your-amd-based-computer-boot-after-installing-xp-sp3.aspx (http://tinyurl.com/6zs52d) . Microsoft has several support pages to try to help out, including how to disable the offending file (http://support.microsoft.com/kb/888372), how to install the Recovery Console to allow you to disable the file (http://support.microsoft.com/kb/307654), and how to uninstall SP3 (http://support.microsoft.com/kb/950249/en-us).
If you have not installed SP3 and are concerned about potentially hosing up your system, I would recommend waiting a little while. Eventually this will get straightened out, and SP3 will work for all computers. To keep from getting SP3 installed automatically you will have to disable Automatic Updates, or change the settings for them. Right click on the My Computer icon and then click on Properties. Click on the Automatic Updates tab and choose anything other than Automatic. If you choose “Download updates for me, but let me choose when to install them” you will have the option to install the updates as Custom update. That allows you to check off the updates you want, and only those updates will be installed. The advantage to this is that you can keep the rest of your system up to date without entering XP SP3 Hell!
==================
**** ANTIMALWARE PROGRAMS ****
Most programs that detect malicious programs use a signature-based scan that looks for known malicious activity and block the program from running. That is fine for known programs, but it is imperative that these programs are kept up to date in order to do their job. And they are totally ineffective when it comes to brand new threats – the so called zero-day exploits which are released before the security companies are even aware of the existence of a software flaw.
There are reports coming out about the way malicious programs are changing to avoid detection, and the implications are pretty scary. The new breed of malware has the ability to change its signature after it gets to your computer, rendering the signature-based programs ineffective even if they are updated regularly. There are programs available that allow people to write their malware with this signature changing capability, so the use of this process is growing.
A number of companies have come up with behavior-based antimalware programs that look at what a program is trying to do, and alerts you to activity that may be malicious. Some behavior-based programs take time to “learn” the things you do on your computer and pop up a lot of warnings during this time. You have to decide if you want to allow or block the program, and unless you are careful you could end up disabling programs that you want (or need). After a week or so, these antimalware programs show fewer messages and those that they do show tend to be more of what you expect – actual malware instead of programs that you run all the time.
Greg sent me a link to ThreatFire (http://www.threatfire.com) which is a behavior-based antimalware program that has received a PC Magazine Editor’s Choice award. It is a free program for personal use, and Greg’s experience has been pretty good:
“I've used ThreatFire on four of my machines, and I like it, although I had to remove it from one of my machines because it seems to have had a bad interactions with something else I had installed: overnight the machine would invariably get into a low memory state that I was unable to recover from except by rebooting the machine. The other three machines have been great.”
My initial impression of the program is favorable – I have not seen the low memory issue that Greg had, and the program is pretty unobtrusive. There is a paid version that allows you to call for support rather than using web support, and it will allow automatic updates rather than having to manually update the program. But the free version seems to be a good addition to your current security programs since it protects just as well as the paid version.
Installation is straightforward and although there are lot of optional configuration settings you can use, it works well with the default settings. One thing that helps determine what to do when a warning comes up is a link to a Google search for that warning. The color coded alerts also help you determine what the threat level is, and if you want to really dig deep you can use the System Activity Monitor to see everything that is running on your computer.
Keep in mind that behavior-based programs are not meant to replace the security programs you currently use; they are an enhancement to your current programs. Just as you should use several different programs (spyware, antivirus, firewalls, online scans, etc.) to help keep your system safe, you want to add a behavior-based program to your arsenal, and ThreatFire is a good choice.
For some other programs that you might want to use, there are reviews of several at http://www.pcmag.com/article2/0,1895,2047391,00.asp. And I have no interest in promoting ThreatFire over the other programs other than the fact that it works as I like my security programs to work – in the background until I need to know about a threat to my computer.
==================
**** SECURITY ALERTS ****
* On Tuesday Microsoft released security patches for Microsoft Word, Microsoft Publisher, Microsoft Office, Microsoft Jet Database Engine 4, Windows Live OneCare, Microsoft Antigen, Microsoft Windows Defender, and Microsoft Forefront Security. They are ranked as Critical to Moderate, so they are definitely worth getting. My only question is, who uses Microsoft Publisher anymore?
* Word 2003 has a security hole that is currently being exploited through a Word document attached to an e-mail. This showed up after the last round of patches (a zero-day exploit), and Microsoft says they will have a patch between now and June 13, the next scheduled Patch Tuesday. Even though the attack is only successful in Word 2003, it can crash other versions of Word. As always, be very careful about opening e-mail attachments.
==================
**** SITES OF INTEREST ****
*If you are a cat lover, you might want to check out how compatible you and your feline friend really are. http://community.breezeforcats.com/quiz.html asks a series of questions and then scores your compatibility. I got a Best Buddies rating.
*When the Lunar Reconnaissance Orbiter is launched in November it will orbit the moon looking for safe landing places, attempt to locate potential resources and provide more data on the moon in preparation for establishing a lunar outpost. There will be a microchip on it with the names of people who want to support the effort, and the deadline for getting your name on the chip (and a certificate to that effect) is June 27. Visit http://lro.jhuapl.edu/NameToMoon/index.php to sign up!
* Think you know about how companies handle your personal information? Check out http://www.darkreading.com/document.asp?doc_id=154134&WT.svl=news1_1 to see how you would answer these 9 True /False statement, and you might be surprised!
Sunday, May 4, 2008
Common Sense Security Newsletter 4 May, 2008
In This Issue
* Windows XP Update
* Security Alerts
* Sites of Interest
==================
Happy "International Respect for Chickens Day". May is International Respect for Chickens Month, designed to celebrate the beauty, dignity and life of chickens, and I plan to celebrate with a cheese omelet for breakfast and a roast chicken for dinner. That may not be the point that the United Poultry Concerns wanted to make, but it works for me! (See http://www.upc-online.org/spring08/irfcd.html for the real reason behind this campaign.) On the other hand, celebrating Cinco de Mayo tomorrow probably calls for chicken fajitas.
We have a lot of plants coming back that we thought had died out over the winter - most notably the hibiscus (that looked like they were nothing but sticks for a long time). As leaves come out and flowers bloom, I have a tendency to look at the flower beds and think that everything is growing just the way I want it, for the most part. But closer inspection reveals that there is ivy coming up in places that it has never been before, and I have to get in there and pull it out as best I can. Ivy is one of those plants that never seem to die out completely, no matter what I do. I could go for the radical solution and kill off everything to get rid of the ivy, but that is a lot of work, and during the time it would take to get the flowerbeds back to what they look like now I would have large patches of dirt for a major portion of the yard. Not exactly what I am looking for.
My computer can have the same kind of problem - everything looks good on the surface, but on closer inspection I find the tendrils of programs that I don't want to have. In most cases these can be explained by programs that did not uninstall completely, or that were added when I installed another program and didn't pay attention to what other programs were being installed. Sometimes these are programs that I had no idea were being installed, and those are the worst ones to come across since they indicate my computer's security may not be performing as I expect. I say "may not be" since it is possible that I have allowed these programs to get onto my computer by not being careful with e-mail attachments and links that are sent to me.
I read all of my e-mails in plain text unless I know who I am getting them from, and that helps me to see the actual web address of the links that they contain. In the HTML format, with all of the pictures and links nicely formatted, it is possible for a person to send a link to a totally different site than the one you think you are going to see when you click on it. This is the way that phishing works (spoofing a web site's address and appearance so that it looks like a legitimate web site that wants personal information), and is also a way to get people to download programs from these sites. I got an e-mail that purported to be from Hallmark.com, but the link that would lead me to the "greeting card" was actually a link to a program that would have done who-knows-what had I clicked on it. If you don't read your e-mails in plain text, look for a clue from your e-mail program before you click a link. Some programs will show you the actual link if you place your cursor over it, either in a small window or along the status bar at the bottom of the program. If the address that you see is not even close to what it says in the e-mail, you are better off not clicking it.
Attachments are another way that unwanted programs can get onto your computer, even though they come from a person that you know. If the sender's computer has been infected with a virus or worm, it could be responsible for sending itself out to you. But that technique is not as prevalent as it once was - now we are seeing programs that are embedded in the slideshows and other documents, and when you open these attachments you can watch the pretty pictures while your computer is being infected behind the scenes.
If you want to be safe(r) with the attachments you get in e-mails, save the file to your computer and then scan it with your antivirus and antispyware programs. This is not an optimal solution, since some programs will scan the whole computer to see if there are any problems, and that can take a while. To scan a single file you can use a service like Kaspersky's File Scanner at http://www.kaspersky.com/scanforvirus or Virus Total at http://www.virustotal.com. These are just two of a growing number of
sites that let you upload a file to their servers so that they can scan for all known malicious programs and let you know if the file is safe to open or not. Both of these sites can be accessed in different languages so that you don't have to try to figure out the instructions if English is not your native tongue.
Before you open an attachment or follow a link in an e-mail, do what you can to make sure that it is what it appears to be. And if you decide to forward the e-mail to others, you owe it to them to scan it before you click on Send. There is no reason to help the nasties spread if you can help it!
==================
**** WINDOWS XP UPDATE ****
In spite of the hype and marketing push to get people to start using Windows Vista, the majority of people seem to want to stick with Windows XP.
Microsoft has released repots that claim that Vista has "sold" more copies than Windows XP, but the majority of those sales are based on computers that are sold with Vista preinstalled. If you look at the number of sales for Vista DVDs that are designed to go on an existing computer, the numbers go down significantly.
Even though the market seems to want to stick with Windows XP, Microsoft has decided to keep their June 30 deadline for ending the sale of Windows XP as a standalone program. You can still get XP through some computer manufacturers after June 30 - they will use a downgrade option to allow a Vista computer to be loaded with XP - but it is anybody's guess as to how long that will last, and you are limited to certain computer models and configurations if you want XP when you order the computer. Microsoft still maintains that Vista is the most successful Operating System they have ever released, in spite of all of the problems with hardware and software incompatibility that people have reported.
There was a ray of hope last week when Steve Ballmer, CEO of Microsoft, mentioned that they might keep XP alive if enough people wanted it but he seems to believe that those who want to stick with XP are in the minority.
There are online petitions to attempt to open Microsoft's eyes to reality, including one at InfoWorld
(http://weblog.infoworld.com/save-xp/archives/2008/04/steve_ballmer_c.html)
so if you want to keep XP available it is in your best interest to head there and sign the petition.
Meanwhile, the much anticipated Windows XP Service Pack 3 (SP3) is on hold.
It was originally set to be available through Windows Update by the end of April, but some problems have come up that caused Microsoft to pull it from the site. It seems that SP3 can cause data corruption in a particular small business application (made by Microsoft) and to prevent other problems from cropping up the "final update" for XP has been halted for now. They are also curtailing automatic downloads of Vista Service Pack 1 for the same reason. You can get the XP SP3 through a link at ZDNet
(http://blogs.zdnet.com/hardware/?p=1778) if you want to have it and are not running Microsoft Dynamics RMS.
So why download XP SP3 manually? There are no major enhancements to the operating system, but the Service Pack does include all of the Windows XP updates that have been released so far. This can be a big help when you get a new computer (or reinstall XP on your current computer) since there can be a boatload of updates needed - even on a new computer. I set up a new computer recently and there were 48 High Priority updates to download, which took a while even with the high speed line we have at the office. If you have the SP3 download in hand, these updates can be applied before you get the computer online which will help reduce the risk of attacks while you are downloading the updates.
One warning though, this standalone program is over 300 Mb so it will take some time to download. The Update version that will be available (sometime) from the Windows Update site will be less than a third of that size, so unless you need to buy a new computer or reinstall XP, you might want to hold off on this download.
==================
**** SECURITY ALERTS ****
* Greg wrote in a while back about a phishing scam regarding tax refunds.
With the rebate checks on their way I thought it would be a good idea to remind folks about this potential fraud attempt. Greg said:
Just about now, those of us who file early and electronically may indeed anticipate a lovely refund. And according to Message Labs, the bad guys have cranked up the verisimilitude of their fraudulent refund messages.
The current IRS phish redirect their victims to sites hosted in Russia and other former SSRs, according to Message Labs, and they mimic the actual Internal Revenue Service web site almost perfectly. And to complete the illusion, as soon as you've entered your personal and financial information you get redirected to the actual IRS site.
Fiendish! Message Labs reports that this type of spam spiked in January, hitting ten times the normal level.
The IRS isn't unaware of this problem - in fact it has a page devoted to warning about scams. They point out that "The IRS does not send unsolicited e-mail about tax account matters to individual, business, tax-exempt or other taxpayers." If you're wondering how your refund is doing, go directly to www.irs.gov and check the "Where's My Refund?" page. Don't click any links in email that claims to come from the IRS--it doesn't!
==================
**** SITES OF INTEREST ****
* My nephew got back from Afghanistan recently and went to the barracks in Ft. Bragg, NC. He left just a couple of days later to live in off post housing because of the state of disrepair in the barracks. If you have not seen the video that a father put together about his son's experience with the barracks, you need to visit http://www.youtube.com/watch?v=46vYZFU1Dew
to see what our soldiers are coming home to.
* If you want to entertain your friends (or just yourself) you can play tunes on your cell phone keypad. Visit http://www.dialsongs.com to get the numbers you need to press for everything from Twinkle Twinkle Little Star to Love Me Tender.
* If you want to help out with the UN food program AND expand your
vocabulary, visit http://www.freerice.com/index.php. For each word you get
define correctly they will donate 20 grains of rice. It may not sound like much, but they have donated over 30 billion grains of rice in a little over
8 months!
* Windows XP Update
* Security Alerts
* Sites of Interest
==================
Happy "International Respect for Chickens Day". May is International Respect for Chickens Month, designed to celebrate the beauty, dignity and life of chickens, and I plan to celebrate with a cheese omelet for breakfast and a roast chicken for dinner. That may not be the point that the United Poultry Concerns wanted to make, but it works for me! (See http://www.upc-online.org/spring08/irfcd.html for the real reason behind this campaign.) On the other hand, celebrating Cinco de Mayo tomorrow probably calls for chicken fajitas.
We have a lot of plants coming back that we thought had died out over the winter - most notably the hibiscus (that looked like they were nothing but sticks for a long time). As leaves come out and flowers bloom, I have a tendency to look at the flower beds and think that everything is growing just the way I want it, for the most part. But closer inspection reveals that there is ivy coming up in places that it has never been before, and I have to get in there and pull it out as best I can. Ivy is one of those plants that never seem to die out completely, no matter what I do. I could go for the radical solution and kill off everything to get rid of the ivy, but that is a lot of work, and during the time it would take to get the flowerbeds back to what they look like now I would have large patches of dirt for a major portion of the yard. Not exactly what I am looking for.
My computer can have the same kind of problem - everything looks good on the surface, but on closer inspection I find the tendrils of programs that I don't want to have. In most cases these can be explained by programs that did not uninstall completely, or that were added when I installed another program and didn't pay attention to what other programs were being installed. Sometimes these are programs that I had no idea were being installed, and those are the worst ones to come across since they indicate my computer's security may not be performing as I expect. I say "may not be" since it is possible that I have allowed these programs to get onto my computer by not being careful with e-mail attachments and links that are sent to me.
I read all of my e-mails in plain text unless I know who I am getting them from, and that helps me to see the actual web address of the links that they contain. In the HTML format, with all of the pictures and links nicely formatted, it is possible for a person to send a link to a totally different site than the one you think you are going to see when you click on it. This is the way that phishing works (spoofing a web site's address and appearance so that it looks like a legitimate web site that wants personal information), and is also a way to get people to download programs from these sites. I got an e-mail that purported to be from Hallmark.com, but the link that would lead me to the "greeting card" was actually a link to a program that would have done who-knows-what had I clicked on it. If you don't read your e-mails in plain text, look for a clue from your e-mail program before you click a link. Some programs will show you the actual link if you place your cursor over it, either in a small window or along the status bar at the bottom of the program. If the address that you see is not even close to what it says in the e-mail, you are better off not clicking it.
Attachments are another way that unwanted programs can get onto your computer, even though they come from a person that you know. If the sender's computer has been infected with a virus or worm, it could be responsible for sending itself out to you. But that technique is not as prevalent as it once was - now we are seeing programs that are embedded in the slideshows and other documents, and when you open these attachments you can watch the pretty pictures while your computer is being infected behind the scenes.
If you want to be safe(r) with the attachments you get in e-mails, save the file to your computer and then scan it with your antivirus and antispyware programs. This is not an optimal solution, since some programs will scan the whole computer to see if there are any problems, and that can take a while. To scan a single file you can use a service like Kaspersky's File Scanner at http://www.kaspersky.com/scanforvirus or Virus Total at http://www.virustotal.com. These are just two of a growing number of
sites that let you upload a file to their servers so that they can scan for all known malicious programs and let you know if the file is safe to open or not. Both of these sites can be accessed in different languages so that you don't have to try to figure out the instructions if English is not your native tongue.
Before you open an attachment or follow a link in an e-mail, do what you can to make sure that it is what it appears to be. And if you decide to forward the e-mail to others, you owe it to them to scan it before you click on Send. There is no reason to help the nasties spread if you can help it!
==================
**** WINDOWS XP UPDATE ****
In spite of the hype and marketing push to get people to start using Windows Vista, the majority of people seem to want to stick with Windows XP.
Microsoft has released repots that claim that Vista has "sold" more copies than Windows XP, but the majority of those sales are based on computers that are sold with Vista preinstalled. If you look at the number of sales for Vista DVDs that are designed to go on an existing computer, the numbers go down significantly.
Even though the market seems to want to stick with Windows XP, Microsoft has decided to keep their June 30 deadline for ending the sale of Windows XP as a standalone program. You can still get XP through some computer manufacturers after June 30 - they will use a downgrade option to allow a Vista computer to be loaded with XP - but it is anybody's guess as to how long that will last, and you are limited to certain computer models and configurations if you want XP when you order the computer. Microsoft still maintains that Vista is the most successful Operating System they have ever released, in spite of all of the problems with hardware and software incompatibility that people have reported.
There was a ray of hope last week when Steve Ballmer, CEO of Microsoft, mentioned that they might keep XP alive if enough people wanted it but he seems to believe that those who want to stick with XP are in the minority.
There are online petitions to attempt to open Microsoft's eyes to reality, including one at InfoWorld
(http://weblog.infoworld.com/save-xp/archives/2008/04/steve_ballmer_c.html)
so if you want to keep XP available it is in your best interest to head there and sign the petition.
Meanwhile, the much anticipated Windows XP Service Pack 3 (SP3) is on hold.
It was originally set to be available through Windows Update by the end of April, but some problems have come up that caused Microsoft to pull it from the site. It seems that SP3 can cause data corruption in a particular small business application (made by Microsoft) and to prevent other problems from cropping up the "final update" for XP has been halted for now. They are also curtailing automatic downloads of Vista Service Pack 1 for the same reason. You can get the XP SP3 through a link at ZDNet
(http://blogs.zdnet.com/hardware/?p=1778) if you want to have it and are not running Microsoft Dynamics RMS.
So why download XP SP3 manually? There are no major enhancements to the operating system, but the Service Pack does include all of the Windows XP updates that have been released so far. This can be a big help when you get a new computer (or reinstall XP on your current computer) since there can be a boatload of updates needed - even on a new computer. I set up a new computer recently and there were 48 High Priority updates to download, which took a while even with the high speed line we have at the office. If you have the SP3 download in hand, these updates can be applied before you get the computer online which will help reduce the risk of attacks while you are downloading the updates.
One warning though, this standalone program is over 300 Mb so it will take some time to download. The Update version that will be available (sometime) from the Windows Update site will be less than a third of that size, so unless you need to buy a new computer or reinstall XP, you might want to hold off on this download.
==================
**** SECURITY ALERTS ****
* Greg wrote in a while back about a phishing scam regarding tax refunds.
With the rebate checks on their way I thought it would be a good idea to remind folks about this potential fraud attempt. Greg said:
Just about now, those of us who file early and electronically may indeed anticipate a lovely refund. And according to Message Labs, the bad guys have cranked up the verisimilitude of their fraudulent refund messages.
The current IRS phish redirect their victims to sites hosted in Russia and other former SSRs, according to Message Labs, and they mimic the actual Internal Revenue Service web site almost perfectly. And to complete the illusion, as soon as you've entered your personal and financial information you get redirected to the actual IRS site.
Fiendish! Message Labs reports that this type of spam spiked in January, hitting ten times the normal level.
The IRS isn't unaware of this problem - in fact it has a page devoted to warning about scams. They point out that "The IRS does not send unsolicited e-mail about tax account matters to individual, business, tax-exempt or other taxpayers." If you're wondering how your refund is doing, go directly to www.irs.gov and check the "Where's My Refund?" page. Don't click any links in email that claims to come from the IRS--it doesn't!
==================
**** SITES OF INTEREST ****
* My nephew got back from Afghanistan recently and went to the barracks in Ft. Bragg, NC. He left just a couple of days later to live in off post housing because of the state of disrepair in the barracks. If you have not seen the video that a father put together about his son's experience with the barracks, you need to visit http://www.youtube.com/watch?v=46vYZFU1Dew
to see what our soldiers are coming home to.
* If you want to entertain your friends (or just yourself) you can play tunes on your cell phone keypad. Visit http://www.dialsongs.com to get the numbers you need to press for everything from Twinkle Twinkle Little Star to Love Me Tender.
* If you want to help out with the UN food program AND expand your
vocabulary, visit http://www.freerice.com/index.php. For each word you get
define correctly they will donate 20 grains of rice. It may not sound like much, but they have donated over 30 billion grains of rice in a little over
8 months!
Subscribe to:
Posts (Atom)
