tag:blogger.com,1999:blog-222026392024-03-07T00:42:54.082-08:00PChucks Network News<strong>News About Microsoft Windows Networking, Security, and Support</strong>Chuckhttp://www.blogger.com/profile/12567784744046514146noreply@blogger.comBlogger35125tag:blogger.com,1999:blog-22202639.post-52925779473840304102008-08-02T19:04:00.000-07:002009-11-18T16:02:19.065-08:00Placebo AV - The Ultimate SolutionFrom <a href="http://www.doxdesk.com/" target="_blank">the well known security icon DOXdesk</a>, we are told<br /><a href="http://www.doxdesk.com/" target="_blank"><img style="border-width:0px; float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3KHljuAQ6c1FXJY0Pd9jFT_T7fp1og-k2tHwNkPFM91uKiHEPI78L2EO9WKw0P4Og3VRg20yJjQP2iHdwQ84vDXGYvxYbZ9uK2PvO2s7u8PJsg-KdtX8rQGzuCCo0ZsEpRD6SSg/s320/Placebo+AV.gif" border="0" alt=""id="BLOGGER_PHOTO_ID_5230109096184977410" /></a><br /><blockquote>Today's AV is a dead loss. But you can't simply not install any, or everyone will complain. That's where PlaceboAV comes in! It's the fantasic anti-virus solution that's super-fast and absolutely reliable... because it does nothing at all.</blockquote><br /><br clear=left /><br />A detailed evaluation by <a href="http://www.dslreports.com/forum/r20890846-" target="_blank">a DSLReports Anonymous Poster</a> boasts<br /><blockquote><span style="font-weight:bold;">PlaceboAV from 419 Software Development, the Nigerian anti-malware experts, is absolute magic!</span><br /><br />I'm beta testing the soon-to-be-released ProPlus version which has anti-virus anti-rootkit, anti-spam, anti-popup, anti-adware and antiphlogistine in one small (only 22kb) package.<br /><br />I had Norton, Kaspersky, NOD32, Trend, McAfee and Avira running on my PC and they all told me I had Vundo, Zlob, Mist, Badtrans, and several serious rootkit infections.<br /><br />When I uninstalled them all and installed PlaceboAV ProPlus it gave my PC a clean bill of health on the first run. How's that for disinfection efficiency?<br /><br />PlaceboAV never needs updates, and it won't slow down your PC because it uses no CPU resources.<br /><br />The good news is that the 5 years ProPlus license will be free! (419 Software requires a notarized copy of your birth certificate and your credit card details and bank account password for identification purposes only.)<br /><br />Best of all, if you join the beta team you get a bonus of 100,000 shares in the company for only $10,000.<br /><br />My friends and business associates keep telling me I'm sending them infected emails, but they're still using the same old crappy AVs I got rid of, so what would they know?</blockquote><br /><br />Better <a href="http://www.doxdesk.com/" target="_blank">get yours</a>, folks, before the introductory price expires, and they go to 6 month subscriptions.<br /><br />But, if you actually install it, heed this warning from DOXdesk.<br /><blockquote>DOXdesk is not responsible for any viruses you get whilst using PlaceboAV under the impression it is actually doing something. Well, we probably are <span style="font-style:italic;">responsible</span>, but we're not going to do anything about it and you'll not get a penny out of us. Go away now.</blockquote><br /><br />And, if you're humour impaired, note the <a href="http://en.wikipedia.org/wiki/Placebo" target="_blank">Wikipedia definition of <span style="font-weight:bold;">placebo</span></a>.<br /><blockquote>A placebo is a substance or procedure which a patient accepts as a medicine or therapy but which has no specific therapeutic activity for the condition. Any effect is thought to be based on the power of <a href="http://en.wikipedia.org/wiki/Suggestion" target="_blank">suggestion</a>.</blockquote><br /><br /><a href="#Top">>> Top</a><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com1tag:blogger.com,1999:blog-22202639.post-71633323818032685922008-02-11T12:21:00.000-08:002008-02-11T12:56:39.484-08:00419 Conference And Travel Scams NowSurely you're well used to the email that starts<blockquote>Dear Sir,<br />I so desperately need your assistance.</blockquote>and goes on to suggest to you how you can get $1,000,000 or more by helping some endangered African citizen smuggle a quantity of hidden funds, or maybe diamonds, into the USA. I bet you'll appreciate a new twist on that old 419 scam - where you are invited to a two site International Conference (first California, then Africa), and you pay only for your hotel booking in the African half of the conference.<br /><br /><a href="http://www.paperghost.com/" target="_blank">PaperGhost, MVP - Security</a>, presents an intriguing description of his invited participation, in the <a href="http://www.vitalsecurity.org/2008/02/beware-fake-conference-invites.html" target="_blank">2008 World Youths Organisation conference on ChilD Abuse and Racism</a>.<br /><br />Get your passports up to date, folks (not).<br /><br /><a href="#Top">>> Top</a><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-39833726378464246252008-02-09T08:27:00.000-08:002008-02-11T12:49:53.360-08:00Kaspersky Internet Security Falsely Identifies All BlogSpot URLs With Phishing Attack Warning MessagesKaspersky Internet Security, with its update of 8 February 2008, has apparently falsely identified <a href="http://bloggerstatusforreal.blogspot.com/2008/02/phishing-attack-warning-messages-from.html" target="_blank">all of "*.blogspot.com" as containing malicious code</a> which indicates a phishing attack. Kaspersky customers, as well as numerous bloggers, are discussing this issue in their various support forums.<br /><br />If your computer is protected by Kaspersky, you've probably already observed a warning, as most of my blogs are hosted on BlogSpot. My apologies to you, if you've been alarmed by this unfortunate problem already.<br /><br /><a href="#Top">>> Top</a><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-18718905488747242862008-01-23T14:36:00.000-08:002008-01-23T14:53:43.277-08:00RIAA Again, Admitting To Lies This TimeThe RIAA has been pushing our legislators for bills to protect their pocketbooks, such as the <a href="http://www.govtrack.us/congress/bill.xpd?bill=h110-4137" target="_blank"><span style="font-style:italic;">College Opportunity and Affordability Act of 2007</span></a>. This was justified based upon a 2005 MPAA study, where they blamed 44 percent of the movie industry's losses on college students illegally downloading movies.<br /><br />Associated Press <a href="http://ap.google.com/article/ALeqM5j33CBI8sUdc5ni7RlxSj5SIEc2mwD8UB6S0O2" target="_blank"><span style="font-style:italic;">MPAA Admits Mistake on Downloading Study</span></a> reports<br /><blockquote>But now the MPAA, which represents the U.S. motion picture industry, has told education groups a "human error" in that survey caused it to get the number wrong. It now blames college students for about 15 percent of revenue loss.</blockquote><br /><br />And it gets better.<br /><blockquote>Mark Luker, vice president of campus IT group Educause, says it doesn't account for the fact that more than 80 percent of college students live off campus and aren't necessarily using college networks. He says 3 percent is a more reasonable estimate for the percentage of revenue that might be at stake on campus networks.</blockquote><br /><br />NewsWeek, in <a href="http://www.newsweek.com/id/98009/page/2" target="_blank"><span style="font-style:italic;">MPAA admits mistake on downloading study</span></a> reports<br /><blockquote>The original report, by research firm LEK, claims the U.S. motion picture industry lost $6.1 billion to piracy worldwide, with most of the losses overseas. It identified the typical movie pirate as a male aged 16-24. MPAA said in a statement that no errors had been found in the study besides the percentage of revenue losses that could be attributed to college students, but that it would hire a third party to validate the numbers.</blockquote><br /><br />It's time for our legislators to take a hard look at bills like H.R.4137. The MAFIAA has been out of control for some time, and this needs to stop.<br /><br /><a href="#Top">>> Top</a><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-58997526859335823882008-01-21T09:43:00.000-08:002008-02-09T11:02:25.439-08:00Talk About Mixed Emotions<a href="http://torrentfreak.com/riaa-website-hacked-080120/" target="_blank">Hackers vs the RIAA</a>. Hackers 1, RIAA 0.<br /><blockquote>Apparently the RIAA is so busy suing consumers that they forgot to hire a decent programmer. With a simple SQL injection, all their propaganda has been successfully <a href="http://riaa.com/goldandplatinumdata.php?table=tblDiamond&resultpage=1&action=%3E%22%3E%3Cscript%3Ealert('XSS')%3C/script%3E" target="_blank">wiped from the site</a>.</blockquote><br /><br />As a networking / security consultant, I dislike hackers, even though <a href="http://nitecruzrhacking.blogspot.com/">I was one (very lame, I know) long, long ago</a>.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1s10zydRMccNAcbeX0mKMFksGPsmzB6thR6geBpu0KoKoO4lYwCa9ZLnhqIdG8aIQtWw3D-DGkNa4PNBw8cuUTaMEbWHj1evQ-Mydeujn5MywLPAgH7HbM5V3dOw0yMzxYsaWJQ/s1600-h/RIAA+Website.jpg" target="_blank"><img style="border-width:0px; float:left; margin:0 10px 10px 0;cursor:pointer; cursor:hand;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1s10zydRMccNAcbeX0mKMFksGPsmzB6thR6geBpu0KoKoO4lYwCa9ZLnhqIdG8aIQtWw3D-DGkNa4PNBw8cuUTaMEbWHj1evQ-Mydeujn5MywLPAgH7HbM5V3dOw0yMzxYsaWJQ/s400/RIAA+Website.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5157989579035424162" /></a><br />Big smile of the week.<br /><br clear=left /><br /><br />But I hate the RIAA (now <a href="http://mafiaa.org/" target="_blank">calling themselves the MAFIAA</a> - seriously!) even more. So I will say<blockquote>Congrats</blockquote>to the hackers.<br /><br /><a href="#Top">>> Top</a><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-42097378846020956172008-01-04T12:52:00.000-08:002008-01-10T13:03:55.101-08:00Alan Ralsky IndictedThe Detroit Free Press reports, in <a href="http://www.freep.com/apps/pbcs.dll/article?AID=/20080103/NEWS06/80103045/1002/BUSINESS" target="_blank">Mich. spammer, 10 others indicted in alleged Chinese stock pump-and-dump scam</a>, that<blockquote>Michigan spam king Alan Ralsky , his son-in-law and nine others have been indicted in Detroit on charges of violating federal anti-spam laws</blockquote>.<br /><br />Unfortunately, the most serious charges carry a maximum penalty of 20 years in prison and a $250,000 fine. But, it's a start.<br /><br />Happy New Year 2008.<br /><br /><a href="#Top">>> Top</a><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1165117398746725362006-12-02T19:35:00.000-08:002008-02-11T12:47:54.515-08:00Captchas and Online GamesThis is a pretty long video (50 some minutes), but it's worth the time to watch. It discusses these issues, and more.<ul><li>What is a <a href="http://en.wikipedia.org/wiki/Captcha">Captcha</a>, and why is it not the ultimate protection against automated attacks?<li>Why do I see a Captcha sometimes, when I'm looking at pictures?<li>Why are there so many free online games?<li>How does Google Images get their pictures labeled so accurately?<li>How do hackers and spammers setup multiple online accounts, using scripts, even with Captchas required by the online accounts?</ul><br /><br />Captchas and Online Games: <a href="http://video.google.com/videoplay?docid=-8246463980976635143&q=CAPTCHA&hl=en"><span style="font-style:italic;">Human Computation</span> (Luis Von Ahn: July 26, 2006)</a><br /><br /><a href="#Top">>> Top</a><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1163125032227588272006-11-09T18:05:00.000-08:002008-02-11T12:49:53.361-08:00MySpace? Stay Away!MySpace, as all active Internet services, is creating new possibilities for its members to "smarten up" their space, in this case, their home pages. In their attention to detail (or lack of attention), MySpace appears to make it possible for someone to create a home page that overwrites the portion of the screen whereon sits the account name and password, where you login.<br /><br />Here is a very nice phishing opportunity. And the phishers didn't pass it up.<br /><br />When you login, you innocently enter your account name (user name) and password. It's picked up by the phisher script, and added to their database. You login again, see your home page, and never realise that your details are now in the hands of the bad guys. Somewhere around 35,000 phishes, and you're one.<br /><br />As reported in DSLR Forums <a href="http://www.dslreports.com/shownews/79500?brk=2"><span style="font-style:italic;">Huge myspace phishing scam</span></a><br /><blockquote>MySpace is unable to recognize the risks when a new user creates their page to host a copy of the myspace login box that steal passwords.<br /><br />We have verified that the simple scam has netted over 700,000 myspace login email addresses and passwords so far, and the data is still being collected as these trojan myspace pages are still scattered all over the site.</blockquote><br /><br />Note that 700,000 myspace login email addresses and passwords apparently resulted from a mere 35,000 individuals, each MySpace phish victim being fooled an average of 20 times each.<br /><br />The average MySpace member is 13 and probably lacking in capital. The possibility of similar services, eBay and PayPal for instance, with duplicated account names and passwords, is probably going to keep the phishers happy for a while, though.<br /><br />If you've used your MySpace account recently, you need to change your password there, and on any other accounts or services (eBay and Paypal, to start) where you're using similar account names and passwords. When you change your password, <a href="http://psynch.com/docs/choosing-good-passwords.html">make it complex</a> - not something simple like "password1".<br /><br />If you've used your MySpace account recently, don't count on MySpace sending you a vulnerability warning. Get this done now.<br /><br /><a href="#Top">>> Top</a><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1162314541372078052006-10-31T09:01:00.000-08:002008-02-09T11:03:17.724-08:00Another Reason To Avoid ICSI've told you so many times that using your computer to share your Internet service - <a href="http://nitecruzr.blogspot.com/2005/05/ics-is-ok-but-you-can-do-better.html">using ICS - is not a good idea</a>. My reasons center around the needless complexity, and load, placed upon the server.<br /><br />Now we have a new reason to avoid ICS. This week, ICS is being used as an attack vector. NetworkWorld: <a href="http://www.networkworld.com/news/2006/103006-new-windows-attack-can-kill.html"><span style="font-style:italic;">New Windows attack can kill firewall</span></a> points out<br /><blockquote>The code, which was posted on the Internet early Sunday morning, could be used to disable the Windows Firewall on a fully patched Windows XP PC that was running Windows' Internet Connection Service (ICS).</blockquote><br /><br />So, if you're running ICS because you have 2 computers, and you think that Windows Firewall protects you, think again. Even if your computer is fully patched, if you have ICS behind WF, you are at risk.<br /><br />Perimeter protection, aka <a href="http://nitecruzr.blogspot.com/2005/05/what-is-nat-router.html">a NAT router</a>, is <a href="http://nitecruzr.blogspot.com/2005/05/please-protect-yourself-layer-your.html">the only real protection</a>.<br /><br /><a href="#Top">>> Top</a><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1161931348859908022006-10-26T22:59:00.000-07:002006-10-27T07:48:35.750-07:00And Now Fake CodecsSo an EBud just sent you an E-Card greeting, supposed to be soo cute. And you play it, and you get a notice<br /><blockquote>Your player needs an extra codec. Shall we find it for you?</blockquote><br /><span style="color: rgb(255, 0, 0);">STOP!</span> Right now, it's time to close the browser, flush your cache, and restart the computer.<br /><br />Sometimes, you may see the above advice when surfing to various web sites that provide free movies (and no, we won't discuss what type of movies, though this problem is more common on certain types). It's the same thing though. The content (E-Card, online movies, whatever) is the attraction. The trojans are the payload. It's all just another way of <a href="http://nitecruzr.blogspot.com/2005/07/hacking-redefined.html">hacking your computer</a>.<br /><br />Lavasoft News <a href="http://www.lavasoft.de/company/newsletter/2006/09/hijacks.html"><span style="font-style: italic;">Beware - Desktop Hijacks on the Rise Again</span></a> says<br /><blockquote>Watch out for the Zlob Trojan that poses as a codec needed to view a video, then installs a fake virus and urges its victims to download a rogue anti-spyware program to remove it.</blockquote><br /><br />And again we see the repeated advice<br /><blockquote>...even a spoofed e-mail that claims to be Windows Update (Microsoft never sends updates via e-mail)</blockquote><br />as if I haven't harangued you about <span style="font-weight: bold;">that</span> before.<br /><br />The best prevention is avoidance. Stay safe.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1161217543703226942006-10-18T17:20:00.000-07:002006-10-18T17:29:31.000-07:00Email Offering IE7? PASS!Did you recently get email from "support@microsoft.com"? How many times have I pointed out that<br /><blockquote>Microsoft <span style="font-weight:bold;">does not</span> email software offers or updates.</blockquote><br /><br />Today, The Register: <a href="http://www.theregister.co.uk/2006/10/18/hack_site_spoofs_ie7_download/"><span style="font-style:italic;">Trojan download site spoofs IE7 release outlet</span></a> points out that<br /><blockquote><br />Hackers have created a bogus Internet Explorer 7 download site that attempts to load Trojan code onto the PCs of visiting surfers.<br /><br />Traffic to the malicious website is being driven by a spoofed email message, claiming to be from support@microsoft.com, offering a link to download Release Candidate 1 (RC1) of Microsoft Internet Explorer 7.<br /></blockquote><br />Once again, here's a clue.<blockquote>Microsoft <span style="font-weight:bold;">does not</span> email software offers or updates.</blockquote><br />And, if you ignore the warning, yet another chance to become part of a growing trend: <a href="http://nitecruzr.blogspot.com/2006/09/bots-and-you.html">botnet membership</a>, a club that you do not need to join.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1161182550144555792006-10-18T07:29:00.000-07:002006-10-18T07:42:30.550-07:00Would You Like Fries With Your Virus?A couple years ago, <a href="http://nitecruzr.blogspot.com/2006/12/todays-security-alert.html#10/31">music giant Sony got caught</a> loading their customers with hidden software, when they were stupid enough to load "extra content" from legally purchased CDs onto their computers.<br /><br />Today, we hear of Apple, who shipped a small quantity of iPods <a href="http://www.apple.com/support/windowsvirus/">infected with a virus</a>.<br /><blockquote>As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it.</blockquote><br /><br />And earlier this week, we hear that MacDonalds in Japan gave out MP3 player <a href="http://www.f-secure.com/weblog/archives/archive-102006.html#00000997">infected with yet another virus</a>.<br /><blockquote>We haven't seen these players ourselves, so we can't confirm how exactly you would get hit by this trojan, but some sources report you only had to plug it into your Windows PC.</blockquote><br /><br />Once again, practice <a href="http://nitecruzr.blogspot.com/2005/05/please-protect-yourself-layer-your.html">Layered Security</a> on all computers. Please. Botnets are <a href="http://bloggerstatusforreal.blogspot.com/2006/10/blog-hijack.html">more and more useful</a>, so don't contribute to the population.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1160012101430240412006-10-04T18:32:00.000-07:002008-02-11T12:55:20.693-08:00The Good Guys Win OneFrom Nigeria, actual <a href="http://www.noob.us/entertainment/nigerian-419-scammer-arrest-caught-on-tape/">tape of a cybercafe raid</a>, with a band of 419 scammers arrested.<br /><br />Interestingly, those not directly involved in the scamming still profit. Neighbours outside the cafe didn't react well to the arrests being made.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1157083867263405312006-08-31T20:59:00.000-07:002006-08-31T21:11:07.283-07:00A New Security Risk: Your Old Cell PhoneIn <a href="http://nitecruzrnews.blogspot.com/2006/05/dufus-or-joe-job-victim-your-call.html"><span style="font-style:italic;">Dufus Or Joe Job Victim?</span></a>, we looked at an idiot who sold a laptop computer, and came to regret it. Amir probably deserved what came to him, but it doesn't mean that we shouldn't learn from his mistake.<br /><br />So how about your cell phone? You may be surprised to learn that it's a small computer. It may have an amazing storage capacity, and what's stored there can cause you embarassment, if you give away, lose, or sell the phone. Apparently, what's stored on your cell phone can be resurrected, even if erased - just as the contents of your computers hard drive can be recovered.<br /><br />CNN Technology: <a href="http://www.cnn.com/2006/TECH/ptech/08/30/betrayed.byacellphone.ap/index.html"><span style="font-style:italic;">Cell phones won't keep your secrets</span></a> discusses experiences where<br /><blockquote>Curious software experts resurrected information on 10 used phones (purchased on eBay), including the racy exchanges between guarded lovers, and<ul><li>One company's plans to win a multimillion-dollar federal transportation contract.<li>E-mails about another firm's $50,000 payment for a software license.<li>Bank accounts and passwords.<li>Details of prescriptions and receipts for one worker's utility payments.</ul>The recovered information was equal to 27,000 pages -- a stack of printouts 8 feet high.</blockquote><br /><blockquote>"Most people toss their phones after they're done; a lot of them give their old phones to family members or friends," said Miro Kazakoff, a researcher at Compete Inc. of Boston who follows mobile phone sales and trends.</blockquote><br />Think next time, before you give your old phone away.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1156657839925761712006-08-26T22:37:00.000-07:002008-02-11T12:55:20.693-08:00One Small Bit Of Good News21 year old Christopher Maxwell was <a href="http://seattlepi.nwsource.com/local/282674_botnet26.html?source=mypi">sentenced to 37 months in federal prison</a> on Friday for hacking, that in the estimate of the Seattle FBI's cybersquad, netted Maxwell and two unnamed teenage accomplices "more than $100,000".<br /><br />Maxwell, holding back tears, pleaded for probation in lieu of prison time.<br /><blockquote>I am a 21-year-old boy with a good heart and I made a mistake. I never realized how dangerous a computer could be. I thank God no one was hurt.</blockquote><br /><br />The judge was not taken by the tears, or the plea. While Pechman took Maxwell's age and lack of criminal record into account, she said the prison term was necessary to provide a deterrent to other hackers.<br /><br />Victims of the hack included<ul><li>Colton Unified School District in California.<li>Northwest Hospital in Seattle.<li>The US Defense Department.</ul><br />and doubtless thousands of unknown private computers that will never be identified.<br /><br />He got off lightly, but it's a start. Hopefully the FBI is getting better at this now.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com1tag:blogger.com,1999:blog-22202639.post-1156174648318914672006-08-21T08:31:00.000-07:002006-08-21T20:23:26.546-07:00Pizza Order Credit Card ScamOK, tonite you want a pizza for dinner. So you call your local pizza restaurant, and have one delivered.<br /><br />But there's a problem. They don't accept cash payments anymore - it's pay by credit card only.<br /><br />Right now is when you should smell a rat. But you're hungry, and you want to smell pizza. So you give them the number, they take your order, and you hang up.<br /><br />Your pizza never comes, and your credit card is now being used in a major shopping spree by the guy who just took your order. And he's not a pizza call center employee.<br /><br />The bad guys convinced AT&T to route calls, intended for the pizza shop, to their phone number.<br /><blockquote>Hello, Big Cheese Pizza. How can I rip you off today?</blockquote><br />The police know about this in Southern California, but it's possible that it's going on elsewhere. You don't really know.<br /><br />What's the story here? <a href="http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2006/08/20/BUG11KJVGJ1.DTL">>>> AT&T Service Reps must be really gullible.</a><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com1tag:blogger.com,1999:blog-22202639.post-1155531955792728952006-08-13T21:48:00.000-07:002006-08-17T14:55:12.340-07:00August 2006 Patch Tuesday ReportLast week, Microsoft issued <a href="http://www.microsoft.com/technet/security/bulletin/ms06-aug.mspx">12 security patches</a>, 9 which they rated as Critical (Patch ASAP), and 3 Important (Patch As Soon As Convenient). <a href="http://isc.sans.org/diary.php?storyid=1573">ISC / SANS rated those patches</a>, for computers used as network clients, as 2 Extra Critical (<span style="font-weight: bold; color: rgb(255, 0, 0);">PATCH NOW</span>), 8 Critical, and 2 Important.<br /><br />One of those patches, <a href="http://www.microsoft.com/technet/security/Bulletin/MS06-040.mspx">MS06-040</a> (<a href="http://support.microsoft.com/kb/921883">KB921883</a>), fixes a vulnerability in the Server service (remember that <a href="http://nitecruzr.blogspot.com/2005/05/troubleshooting-network-neighborhood.html#Components">almost all Windows computers</a> will run the Server service, even though they may not be dedicated servers).<br /><br />Today, ISC SANS issued <a href="http://isc.sans.org/diary.php?storyid=1597"><span style="font-style:italic;">MS06-040: BOLO -- Be On the LookOut (NEW)</span></a>, stating that<br /><blockquote>Over the weekend there was a botnet doing fairly wide scale scanning for hosts affected by the vulnerabilities in the <a href="http://isc.sans.org/diary.php?storyid=1557">MS06-040 advisory</a>. While technically a botnet, it was spreading in a worm like fashion.</blockquote><br />MS06-040 is one of the two patches that were rated as <span style="font-weight: bold; color: rgb(255, 0, 0);">PATCH NOW</span> by ISC SANS. Among the advice given:<ul><li>If you have not done so yet:<ul><li>Roll out the <a href="http://www.microsoft.com/technet/security/Bulletin/MS06-040.mspx">MS06-040 patches</a> <span style="font-weight: bold;">ASAP</span>.</li><li>Do not forget to reboot those machines after patching!</li></ul></li></ul><br />MS06-040 has passed from vulnerability, to <a href="http://en.wikipedia.org/wiki/Proof_of_concept">Proof Of Concept</a> exploit, and to <a href="http://isc.sans.org/diary.php?storyid=1593">active exploit in progress</a>. This is <a href="http://www.us-cert.gov/current/current_activity.html#msvuls">a serious situation</a>, as documented by US CERT. <span style="font-weight: bold; color: rgb(255, 0, 0);">Patch Now</span>, please.<br /><br />For convenient immediate downloads, I offer direct links here. Or you can use Windows Update, or Automatic Update.<br /><ul><li><a href="http://nitecruzr.blogspot.com/2006/01/windows-xp-system-restore.html">Take a system checkpoint</a> first.<li>Verify your Operating System name and service pack level:<ul><li>My Computer<li>Properties</ul><li>Download the most urgent patches, properly chosen for your operating system and service pack level, to an organised folder on your disk.<ul><li><a href="http://www.microsoft.com/technet/security/Bulletin/MS06-040.mspx">MS06-040 (KB921883)</a><li><a href="http://www.microsoft.com/technet/security/Bulletin/MS06-042.mspx">MS06-042 (KB918899)</a></ul><li>Run each update, from the folder, using Windows Explorer.</ul><br /><br /><span style="font-weight:bold;">Ongoing Stories.</span><br /><ul><br /><li><a href="http://isc.sans.org/diary.php?storyid=1611&rss"><span style="font-style:italic;">SANS Microsoft August 2006 Patches: STATUS</span></a><br /><li><a href="http://isc.sans.org/diary.php?storyid=1592"><span style="font-style:italic;">MS06-040 exploit in the wild</span></a><br /><li><a href="http://groups.google.com/group/de.comp.os.ms-windows.misc/browse_thread/thread/8b7fbf8c9d8e49f4/9533fcadf063ac2b?lnk=st&q=wgareg.exe&rnum=1#9533fcadf063ac2b"><span style="font-style:italic;">Windows 2000 [!] - WGA-Dienst hat sich heimlich installiert</span></a><br /></ul><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1155016608510604882006-08-07T20:03:00.000-07:002006-09-28T07:50:09.663-07:00Bots And YouFor those of you who are maybe living in a cave (and if so, what ISP services you?), of the millions of computers in the world, a good portion of them are not controlled completely by the person who is paying for their Internet service. These computers, hijacked by a successful <a href="http://nitecruzr.blogspot.com/2005/07/hacking-redefined.html">hacking campaign</a>, and controlled by another person, we call <a href="http://en.wikipedia.org/wiki/Internet_bot">bots</a>. One bot is useless; bots are maintained in collections, called botnets. A botnet could range in size <a href="http://en.wikipedia.org/wiki/Botnet">from 10,000 to 1.5 million</a> hijacked computers.<br /><br />I've been observing, and writing about, botnets for some time.<ul><li>In November 2004, some bad guys very deviously hijacked a German advertising server, and 4 other servers, and <a href="http://www.theregister.co.uk/2004/11/22/apache_hijack_serves_iframe_exploit/">delivered the Bofra / IFrame exploit</a> to 5,000 - 10,000 computers. These computers became part of a botnet.<li>In May 2005, we saw <a href="http://nitecruzr.blogspot.com/2005/12/yesterdays-security-alert.html#2005/05/23">a practical application of a botnet</a>, as the Sober worm was used to distribute spam relevant to a German political battle.<li>This year, we have <a href="http://bloggerstatusforreal.blogspot.com/2006/07/splogging-bots.html">botnets being used to hijack Blogger blogs</a>, and create networks of blogs serving spam.</ul><br />Most people don't realise that botnets are both <a href="http://nitecruzr.blogspot.com/2006/09/bots-and-you.html">the attack vehicle, and the payload</a> of a successful attack.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1154898690581151272006-08-06T13:56:00.000-07:002006-08-06T17:01:03.270-07:00Bump Keys - A Growing Security ProblemSecuring your computers, and your network, begins with physical security. This is one reason why <a href="http://nitecruzr.blogspot.com/2005/05/setting-up-wifi-lan-please-protect.html">WiFi Security</a> is so important, and so problematic.<br /><br />But, if you're depending upon a cylinder lock on your front door, to restrict physical access to your network, you need to be aware of <a href="http://www.youtube.com/watch?v=7Uv45y6vkcQ">the newest threat - Bump Keys</a>.<br /><br />This looks real scary. But is it real? One would hope not.<br /><br />Well, in typical You Tube fashion, when you watch that video, you will have a choice of several others like it in the You Tube library. Watch the others too. One video - maybe somebody's imagination. Two videos - maybe a game by some college studants. Five videos, a <a href="http://www.dslreports.com/forum/remark,16653522">DSLR Forums thread</a>, and an <a href="http://www.msnbc.msn.com/id/14157179/">MSNBC article</a> - <a href="http://nitecruzr.blogspot.com/2005/05/getting-help-on-usenet-and-believing.html">a very real problem</a>.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1152673874827659472006-07-11T20:02:00.000-07:002006-07-11T20:17:28.853-07:00Stolen Computers And YouThere are probably millions of computers, all over the world, being used or controlled by someone who is not legally entitled to do so. We've discussed botnets before. Once used mainly for spam delivery, they are now being used for <a href="http://bloggerstatusforreal.blogspot.com/2006/07/stolen-computers.html">hijacking Blogger blogs</a>.<br /><br />Since blogs and instant messaging, together, is replacing email for those tired of spam, the spammers have turned to <a href="http://bloggerstatusforreal.blogspot.com/2006/05/spam-blogs-2.html">spam blogs, or splogs</a>. And botnets are being used to hijack legitimate blogs, with value to search engines, and make them part of splog nets.<br /><br />Right now, this activity is, I believe, limited to <a href="http://bloggerstatusforreal.blogspot.com/2006/07/stolen-computers.html">attacks against Blogger blogs</a>. It doesn't take too much imagination, though, to see the same techniques being used against online communities like MySpace and Yahoo 360.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1150498996774917902006-06-16T15:56:00.000-07:002006-06-16T16:03:16.786-07:00PirateBay Strikes BackPirateBay, one of the larger BitTorrent trackers, and based in Sweden, was <a href="http://www.wired.com/news/culture/0,70358-0.html">recently under attack</a> by the MPAA / RIAA. PirateBay is trying to keep the RIAA / MPAA from strangling the future of recorded music.<br /><br />Well, <a href="http://www.dnsstuff.com/tools/ptr.ch?ip=83.140.176.146">PirateBay is back</a>.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1150497424420694142006-06-16T15:32:00.000-07:002006-06-16T15:39:29.016-07:00Patch Tuesday Was This WeekAnd already trouble calls are coming in.<br /><br />If your computer connects by dialup to the Internet, you may find problems, after applying <a href="http://isc.sans.org/diary.php?storyid=1409">Critical Patch MS06-025 (KB911280)</a>.<br /><br />Microsoft currently is requesting individual problem reports, from anybody experiencing problems with dialup service, after appling the patch. ISC / SANS <a href="http://isc.sans.org/diary.php?n&storyid=1419"><span style="font-style:italic;">Potential Patch Problem with MS06-025</span></a> reports:<br /><blockquote>They want each customer to open their own case. You need to mention MS06-025 breaking dial up and your case will be created and then added to the master case. The number to use to contact Microsoft for free support, for issues such as these, remains the same: 1-(866) PC-SAFETY.</blockquote><div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1149819827140670392006-06-08T19:12:00.000-07:002006-07-05T09:18:55.196-07:00R.I.P., Windows 98, 98SE, ME, and XP SP1Windows 98, 98SE, and ME have reached the end of their <a href="http://support.microsoft.com/gp/lifean18">support lifecycles</a>.<br /><blockquote><br />Support for Windows 98, Windows 98 Second Edition, and Windows<br />Millennium Edition (Me) ends on <span style="font-weight:bold;">July 11, 2006</span>, which is the July 2006<br />Monthly Bulletin Release date. This means Microsoft will end public and<br />technical support on July 11, 2006. This also includes security updates.<br /></blockquote><br /><br />Also, an anticipated update to Windows Explorer <a href="http://www.microsoft.com/technet/security/Bulletin/MS06-015.mspx">won't be provided</a>, either. See the FAQ.<br /><blockquote><br />After extensive investigation, we’ve found that it’s not<br />feasible to make the extensive changes necessary to Windows Explorer on<br />these older versions of Windows to eliminate the vulnerability.<br /></blockquote><br /><br />Windows XP SP1 will be soon reaching the end of its <a href="http://support.microsoft.com/gp/lifesupsps#Windows">support lifecycle</a>, too. Update, before it's too late.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com1tag:blogger.com,1999:blog-22202639.post-1149693887382009682006-06-07T08:05:00.000-07:002006-06-07T09:16:47.596-07:00Sharing The PainLast year, Microsoft produced a very popular video called <a href="http://a3.v14853d.c14853.g.vm.akamaistream.net/5/3/14853/v003/1a1a1a72db3eb01f920167db4fb41745a9188ffd69d8399dcb2c97f865c62f5dc02f9ccbfc30689dd0ff6cdf44bc2c5bc83ba01888b7fc356ea7e0/9999_w.asf" target="_blank"><span style="font-style:italic;">We Share Your Pain</span></a>, where they describe a Microsoft Quality Assurance program where their employees are properly motivated to not cause problems by writing problem code.<br /><br />The program (regrettably mythical) includes a rather special desk chair used by Microsoft employees. The chair would punish the employee, who writes the defective code, in several possible ways. One way, demonstrated by the engineer of the chair, would involve<br /><blockquote><br />2 needles, released from the bottom of the chair, into the fleshly part of the buttocks<br /><br />unorthodox, but effective - it's more people related<br /></blockquote><br /><br />This month, we learn that even <a href="http://www.itworld.com/Man/2676/nls_solutinons_vista060525/index.html">Steve Ballmer felt the pain once</a>. He tried to cleanup an infected computer, unsuccessfully. Even a crack team of Microsoft engineers could not clean up this computer.<br /><br />According to the teller of the tale, Jim Allchin, the brilliant mind behind Windows Vista and Windows XP,<br /><blockquote><br />Ballmer eventually gave up and instead lugged the machine back to Microsoft's Redmond, Wash. campus. There, several engineers spent several days, burrowing deep into the system to figure out the problem. Imagine, CSI: Redmond.<br /><br />It turns out there were more than a hundred pieces of malware of various types. Things that these engineers using Microsoft's own private tools could not ferret out and fix.<br /></blockquote><br />There are many points to this tale. Most will say that it merely indicates that malware is out of control. Those folks would be wrong.<br /><br />The point here is that, if you depend upon periodically cleaning up your computer, you are wasting your time. Eventually, cleaning up your computer won't work. Some malware is written to protect itself from being removed.<br /><br />The best way to not share the pain, or ever feel the pain, is to protect your computer. Keep malware off your computer, and your network. <a href="http://nitecruzr.blogspot.com/2005/05/please-protect-yourself-layer-your.html">Layer Your Security</a>. That's the answer.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0tag:blogger.com,1999:blog-22202639.post-1149614630212793952006-06-06T09:57:00.000-07:002006-06-06T18:36:22.946-07:00Happy Devil's DayToday is 6/6/6, and we have a new devil noted.<br /><br />Taking a cue from some <a href="http://news.zdnet.com/Miscreants+encrypt+files%2C+hold+them+for+ransom/2100-1009_22-5718678.html?part=rss&tag=feed&subj=zdnn">earlier bad guys</a>, the virus of the week, <a href="http://www.viruslist.com/en/viruses/encyclopedia?virusid=86369">GpCode.af</a>, will encrypt the contents of your hard drive, then leave you a message directing who to contact. Upon sending email to the instructed address, you will supposedly be provided with payment instructions.<br /><br />This threat appears rather alarming.<ul><li>One expert, <a href="http://msmvps.com/blogs/harrywaldron/archive/2006/06/06/99618.aspx">Harry Waldron</a>, notes that<br /><blockquote>...at the moment, we're still not 100% sure how this virus penetrates victim computers.</blockquote><li>This devil is using a very high level encryption - One version uses RSA 330 bit. To bring this to an understandable reference, for those of you who have seen the <a href="http://nitecruzr.blogspot.com/2005/12/yesterdays-security-alert.html#2005/06/13">WEP cracking video</a> - I don't think you'll be recovering your computer, if infected by GPCode, quite as quickly as the demo shows a WEP AP being cracked.<li>F-Secure <a href="http://www.f-secure.com/v-descs/gpcode.shtml"><span style="font-style:italic;">Virus Descriptions : Gpcode</span></a> calls this<br /><blockquote>...a type of criminal activity that has not been seen for a long time.</blockquote></ul><br /><br />Kaspersky Labs has <a href="http://www.viruslist.com/en/viruses/alerts?alertid=188171360">very specific instructions</a> for you, should you find yourself infected.<br /><blockquote><br />Kaspersky Lab strongly recommends that anyone who has had files encrypted should contact the Virus Lab. Under no circumstances should users give in to blackmail, as this will encourage the authors of this program to create new versions.<br /></blockquote><br />We certainly don't want this behaviour to spread. What if the bad guys discover that it's simpler to simply scramble your data, then ask for money? What do you do when the "password" that they deliver to you, in response to your "payment", doesn't work? Do you think you'll get your money back?<br /><br />Interesting spam out too. SANS Diary <a href="http://isc.sans.org/diary.php?storyid=1384"><span style="font-style:italic;">Spam - spam - spam</span></a> reports<br /><blockquote>Some of our readers report receiving messages apearing to originate from themselves, with only numbers as subject and body.</blockquote><br />The number in the body, according to <a href="http://www.dslreports.com/forum/remark,16245502">several DSL Reports members</a>, appears to be<br /><blockquote>969</blockquote><br />SANS Diary <a href="http://isc.sans.org/diary.php?storyid=1384"><span style="font-style:italic;">Spam - spam - spam</span></a> further notes that<br /><blockquote><br />Some guesses as to what the cause of the spam might be have been received by now and I'd like to point out a few:<br /><ul><br /><li>Today's date is the number of the beast, it might attract some old style hackers.<br /><li>There is a possible link to Bagle seeding as it was done in the past and we might need to expect a new variant of it soon.<br /></ul><br /></blockquote><br />It's now 18:00 here in California. Most parts of the world are already into 6/7. Devils Day is almost over.<br /><br />I don't think it's effects will end very soon though.<div class="blogger-post-footer"><div class='adsense' style='text-align:center; padding: 0px 3px 0.5em 3px;'>
<script type="text/javascript"><!--
google_ad_client="ca-pub-4423168646993253";
google_ad_width=234;
google_ad_height=60;
google_ad_format="234x60_as";
google_ad_type="text";
google_color_border="0000FF";
google_color_bg="FFFFFF";
google_color_link="000000";
google_color_url="000000";
google_color_text="0000FF";
//--></script>
<script type="text/javascript"
src="http://pagead2.googlesyndication.com/pagead/show_ads.js">
</script>
</div></div>Nitecruzrhttp://www.blogger.com/profile/08069634565746003311noreply@blogger.com0