Do You Really Know Where That Link Is Taking You?

Posted on March 19, 2010 by wjimenez275

These are some scary technical times we live in. Yes, it’s very nice that everything is available with a click of the mouse button, but do you really know where that click is taking you?

Scammers are taking advantage of every hot news story out. Do a search for an issue and the results may contain poisoned links that lead to malware. The malware could be in the form of rogue antivirus software, which looks like a professional looking antivirus program and warns you of non-existent infections. The fake apps then push you to buy a license for the software to clean up the fake malware it finds. Once you’ve clicked on that link, look out. Some of the things the downloaded malware will do is steal passwords and logins by recording your keystrokes. It can install programs that will turn your computer into  bot to be used in future infections of other computers. It could be used to hold your data for ransom, where the owner of the malware charges you in order to receive the removal information. In many instances,  you’re reformatting your hard drive and reinstalling your programs.

So, how do you really know that the link you’re clicking on is safe? My preference is to install W.O.T. (Web of Trust) in your browser. When you do a search, W.O.T. will place a circle next to the link and it will be Green for safe, Yellow for caution, and Red for stay-away. The other thing you can do with W.O.T. is to right-click on a link on a website and choose View WOT Scorecard. That will take you to a page that shows you the ratings of the page before you actually visit it. The latest browsers are trying to help keep you safe as well, with built-in phishing and malware protection so it’s recommended that you update your browsers to the most recent versions. You can find the latest version of Firefox here, Internet Explorer here, and Google Chrome here.

Now and in the future, it’s really important to be careful about your browsing. Make sure the links you click on are going to be good for you.

Filed under: Instructional, PC Security, Uncategorized | 2 Comments »

You might be breaking the law with your computer: UPDATED | 10 Things | TechRepublic.com

Posted on March 17, 2010 by wjimenez275

Twice this week I’ve had people ask me that  if they connect to a neighbor’s unsecured wi-fi if it is possible that their neighbor could gain access to their files or information. I told them that since they were actually joining that neighbor’s network, than under certain circumstances, yes their information could be accessed. I was reminded of the other reason you may not want to ride your neighbor’s wi-fi in this article of 10 ways you might be breaking the law with your computer. The item pertaining to this topic follows.

State and federal laws regarding access to networks

Many states have criminal laws that prohibit accessing any computer or network without the owner’s permission. For example, in Texas, the statute is Penal Code section 33.02, Breach of Computer Security. It says, “A person commits an offense if the person knowingly accesses a computer, computer network or computer system without the effective consent of the owner.” The penalty grade ranges from misdemeanor to first degree felony (which is the same grade as murder), depending on whether the person obtains benefit, harms or defrauds someone, or alters, damages, or deletes files.

The wording of most such laws encompass connecting to a wireless network without explicit permission, even if the Wi-Fi network is unsecured. The inclusion of the culpable mental state of “knowing” as an element of the offense means that if your computer automatically connects to your neighbor’s wireless network instead of your own and you aren’t aware of it, you haven’t committed a crime. But if you decide to hop onto the nearest unencrypted Wi-Fi network to surf the Internet, knowing full well that it doesn’t belong to you and no one has given you permission, you could be prosecuted under these laws.

A Michigan man was arrested for using a café’s Wi-Fi network (which was reserved for customers) from his car in 2007. Similar arrests have been made in Florida, Illinois, Washington, and Alaska.

The federal law that covers unauthorized access is Title 18 U.S.C. Section 1030, which prohibits intentionally accessing a computer without authorization or exceeding authorized access. But it applies to “protected computers,” which are defined as those used by the U.S. government, by a financial institution, or used in or affecting interstate or foreign commerce. In addition to fines and imprisonment, penalties include forfeiture of any personal property used to commit the crime or derived from proceeds traceable to any violation. You can read the text of that section here.

In a recent case regarding unauthorized access, a high profile lawsuit was filed against a school district in Pennsylvania by students who alleged that district personnel activated their school-issued laptops in their homes and spied on them with the laptops’ webcams. The FBI is investigating to determine whether any criminal laws were broken. Because the school district owned the computers, there is controversy over whether they had the right to remotely access them without the permission of the users.

via 10 ways you might be breaking the law with your computer: UPDATED | 10 Things | TechRepublic.com.

Filed under: Instructional, Internet Items, PC Security | Leave a comment »

Are you still texting while you drive?

Posted on March 12, 2010 by wjimenez275

I see it all of the time. People driving next to me looking down at their phones while texting. If they knew about this site, they’d be able to send texts verbally to anyone on their contact list.

I came across Dial2Do the other day. I’m signing up for the 30 day trial period and will let you know my thoughts, but what it proposes to do is great for those of us on the road a lot.

Not only can you  send texts, but you can create reminders, and even listen to and send e-mail – all while keeping your hands on the wheel and your eyes on the road. For those using Twitter, you can send your tweets verbally. The reminders are transcribed and sent to your listed e-mail account. You can send thoughts and ideas to your Evernote account. You can get local weather, and listen to news feeds, and much more.

The cost? $40/year or $4/month. The cost of a cell phone usage ticket? Around here it’s $275.  I’m going to try it. I’ll report back in a few weeks.

Filed under: Instructional, Uncategorized | 1 Comment »

Trojan Pretends to Be Microsoft Security Suite – www.esecurityplanet.com

Posted on March 4, 2010 by wjimenez275

Microsoft is warning users that a Trojan is masquerading as the company’s popular free Microsoft Security Essentials (MSE) package.

The alert came from Microsoft’s (NASDAQ: MSFT) Malware Protection Center (MMPC) on Wednesday.

“One of the oldest tricks used by rogue antivirus products is to use a similar name as, or have a similar look and feel to, legitimate security software,” Microsoft said in a post on the MMPC’s Threat Research & Response Blog. “So it was inevitable that the day would arrive when a rogue would masquerade as something similar to Microsoft Security Essentials.”

The masquerading rogue security tool goes by the name Security Essentials 2010, which is very similar to the actual name of Microsoft’s suite, though the real suite does not have a date in its name.

Users who encounter the fake will see a bogus malware detection scanner that reports many files on a PC are infected with various types of malware, including Trojans and adware, replete with what looks like a legit “system warning.”

Users infected with the Trojan, known as Win32/Fakeinit, will be presented with a screen informing them that the software is just a “trial version” and that “removal and real-time protection features are disabled.”

The solution, the fake software informs users, is to “activate [the] full version.”

That’s not a good idea, however.

“Fakeinit’s downloader not only installs the fake scanner component — it also monitors other running processes and attempts to terminate the ones it doesn’t like, claiming that they are infected,” Microsoft’s blog entry cautions.

The bogus anti-malware product also makes changes to the user’s registry to lower security settings, and to prevent users from deleting the “Your System Is Infected” background that it displays in order to raise the user’s anxiety level.

According to the blog post, Fakeinit also downloads a second Trojan that installs the Alureon rootkit — another piece of malware that Microsoft warned a week ago was the source of many Windows XP machines exhibiting blue screens and constant reboots.

Additionally, the malware cuts off access to a list of URLs popular with users, including Ask.com, Amazon.com, Craigslist.com and many others, according to Microsoft.

Aside from some minor grammatical errors in the text — a common tipoff that a piece of software is actually malware — what gives away the real purpose of the bogus software are the statements identifying it as a “trial version” and requests to activate the full product.

The actual Microsoft Security Essentials suite is available without charge from Microsoft.com.

via Trojan Pretends to Be Microsoft Security Suite – www.esecurityplanet.com.

Stuart J. Johnston is a contributing writer at InternetNews.com, the news service of Internet.com, the network for technology professionals.

Filed under: Instructional, PC Security | 4 Comments »

Realtime Updates On Your Google Search Results

Posted on March 1, 2010 by wjimenez275

Cool Google Search Tip: Google has a feature that brings your search results to life with a dynamic stream of real-time content from across the web. Now, immediately after conducting a search, you can see live updates from people on popular sites like Twitter and FriendFeed, as well as headlines from news and blog posts published just seconds before. When they are relevant, Google ranks these latest results to show the freshest information right on the search results page.

Try searching for your favorite TV show, sporting event or the latest development on a recent government bill or world event. Whether it’s an eyewitness tweet, a breaking news story or a fresh blog post, you can find it on Google right after it’s published on the web.

Click on “Latest results” or select “Latest” from the search options menu (see the following tip to access this menu) to view a full page of live tweets, blogs, news and other web content scrolling right on Google. You can also filter your results to see only “Updates” from micro-blogs like Twitter, FriendFeed, Jaiku and others.

An example: I did a Google search for “Chile earthquake”. From the search results page, I scrolled down until I found “Latest results for Chile earthquake”. Once I clicked on that link, I was taken to a page that continually updated with links to the most recent web entries from all over that dealt with the earthquake in Chile.

Another Cool Google Tip: Kind of a hidden feature on the Google search results page is the light blue bar just above the search results. If you look at the left side of the bar, you’ll see an option to “Show Options”. When you click on this, Google opens a column on the left that allows you to further refine your search. One of the most useful sections of this column is the time frame filter. You can click “Latest” to see what I discussed in the first section, or find results that occurred in the past 24 hours, week, or year.

Filed under: Instructional, Internet Items, PC Tips and Tools | Leave a comment »

Many Microsoft Products Going Off Support Soon – Security Watch

Posted on February 25, 2010 by wjimenez275

In the coming months Microsoft will be ending support—including security updates—for a number of important products. If you’ve avoided updating so far, you might want to get moving.

The first event will be April 13, 2010 (like all end-of-support days, a patch Tuesday), when support will end for 2 important configurations: Windows Vista with no service packs a.k.a. Vista RTM and Vista SP0, and Windows XP SP2. If you are running these versions after that April 13 you will no longer receive updates or support. In each case, the answer is obvious: Apply the latest service pack SP2 for Vista, SP3 for XP. Better yet, if you’re running XP, go get a new PC running a secure operating system, such as Windows 7.

On July 13, 2010, Windows 2000 in all service packs will reach the end of its “Extended Support Phase,” meaning no updates anymore. Its not in any of the announcements, but I presume that this implies the end of all support for Internet Explorer 5, currently only supported on Windows 2000.

On the same July date, all editions of Windows Server 2003 will be moving from the Mainstream Support phase to the Extended Support phase. This wont matter to many, perhaps most users, but it signals the end of “no charge” support and Microsoft will no longer be providing new non-security hotfixes. So you’ll need to open a paid support case in order to get support from Microsoft.

via Many Microsoft Products Going Off Support Soon – Security Watch.

Filed under: Instructional, PC Maintenance, PC Tips and Tools | 1 Comment »

When webcams go bad: Students sue school officials for remote spying | Between the Lines | ZDNet.com

Posted on February 20, 2010 by wjimenez275

Big Brother is coming in more ways than one. Technology is often a two-edged sword. In this case, this school district apparently decided that since they owned the laptops they could control it at all times.

If your laptop computer’s webcam could talk about what it sees, what would it say?

Students of a Pennsylvania school district are hauling educators to court over allegations that administrators remotely activated the webcams on school-issued laptops and used that remote access to spy on students and their family members. (Techmeme)

The civil suit (PDF) was filed last week against the Lower Merion School District in Ardmore, PA, its board of directors and the Superintendent. It alleges violations of the electronic Communications Privacy Act, The Computer Fraud Abuse Act, the Stored Communications Act, the Civil Rights Act, the Fourth Amendment of the U.S. Constitution, the Pennsylvania Wiretapping and Electronic Surveillance Act and Pennsylvania Common Law. In part, the suit reads:

Unbeknownst to Plaintiffs and the members of the Class, and without their authorization, Defendants have been spying on the activities of Plaintiffs and Class members by Defendants’ indiscriminant use of and ability to remotely activate the webcams incorporated into each laptop issued to students by the School District, This continuing surveillance of Plaintiffs’ and the Class members’ home use of the laptop issued by the School District, including the indiscriminant remote activation of the webcams incorporated into each laptop, was accomplished without the knowledge or consent of the Plaintiffs or the members of the class.

The suit notes that there are about 1,800 students in the district’s two high schools and that students were each assigned a laptop computer that was purchased, in part, through state and federal grants secured over the past few years. The suit also notes that all of the written documentation that accompanied the laptop made no reference to the district’s ability to remotely activate the embedded webcam.

The issue came to light in November when an assistant principal informed a student about improper behavior in his home and produced a photograph captured from the laptop’s webcam as proof. The suit did not specify the type of activity the student was engaged in.

Because the webcam would capture images of anything in its range, including the actions of other household members and their guests, the plaintiffs in the case extend to family members, as well as the students themselves.

Sam Diaz

Sam Diaz is a senior editor at ZDNet. See his full profile and disclosure of his industry affiliations.

via When webcams go bad: Students sue school officials for remote spying | Between the Lines | ZDNet.com.

Filed under: Instructional, PC Security, Uncategorized | Leave a comment »

Lesson Learned

Posted on February 16, 2010 by wjimenez275

I went against a few of my computer “thou-shalt-not” rules the other day and, well, I remembered why they are rules. I was reading a newsletter from a very trusted security site and came across an ad they had posted from a company that claims it’s software can:
Clear malware. Fix PC errors. Restore speed & performance. Prevent crashes & stability issues. Enjoy a ‘just like new’ computer – starting now. More Than 1 Million PCs Fixed.

My home computer is a Media Center PC and I’ve had a cable box plugged into it so that I can watch TV shows on it when the other TVs are being used. For several months, I hadn’t been able to run the media program as one of the drivers was bad and I had to disable the program. The only fix seemed to be reformatting the computer and restoring it back to its original state. I really didn’t want to do that since I’d then have to reinstall programs, etc. so I’d just delayed in doing anything at all. That is until I saw this ad, posted on this reliable newsletter…

So, I went to the site, saw what it claimed to be able to do, downloaded the program and ran the free scan. Sure enough, there in the results was what I was hoping to find. Among the listed items that needed to be repaired was the one dealing with the Media Center program. Well, let’s get to it then. First was that minimal $50 charge to run the fix. If it said it could fix my computer issues without me having to reformat and reinstall then that was okay by me. Then, instead of the 30 minute estimate for repair, it was actually closer to 2 hours, but it was going to fix my computer problem.Then, came the reboot and the test. Sure enough, my Media Center program ran great and I was able to watch TV programs again on my computer, and it did seem to be running a little faster. Cool, no harm no foul.

But wait…why won’t my anti-virus program and firewall program start up? Why is my e-mail program not logging in? What’s going on? I placed a call to the anti-virus company and the tech support mentioned that yes, they had someone else call in with the same problem after running this program and there was probably a fix out there someplace for it but they couldn’t help. So, I went online to the website of the company (Reimage) to contact their tech support and found out that tech support was available by e-mail only but have a look at the FAQ section of the website to see if anything there can help with my issue. Of course, there was nothing that did so I sent an e-mail to the company about my problem. Then, I did a little more searching online and found that this company was pretty bad in getting back to people for help. And, when fixes are done with this software, it rolls back a large majority of Microsoft Updates that need to be reinstalled. And, there were a few other things there that probably would have been nice to know before I had run the fix.

While I was waiting for the e-mail reply from tech support that I wasn’t even sure I was going to get, I was able to fix my anti-virus and firewall programs and downloaded and installed the Microsoft updates I needed, and somehow managed to keep my Media Center program running so all is well that ends well. And I did get a reply back from the company the next day with a supposed fix for my new problems but since I had already fixed those problems I didn’t run their fix.

The lesson learned? If I had done my homework before running Reimage’s fix I most likely wouldn’t have purchased it. I always check user reviews before purchasing hardware but for some reason didn’t even think of it before running this software. Actually, I know why I didn’t. I respected the newsletter that had the ad and believed that they too endorsed that company. Turns out they didn’t and the next newsletter stated that they were not going to be putting ads in their newsletters any longer because they don’t want their readers to think they endorse these companies. My recommendation before purchasing anything is to google the item with the word “reviews” after the item name. Read the user reviews since they are mostly honest. Go to the support page of the manufacturer of the item and see what’s posted there. Usually the FAQ’s will have answers to most common questions about the item but if there’s a blog of any sort, check that out as well. Weigh the positives and the minuses of the user reviews and then make a decision on whether the item is for you or not. My lesson re-learned.

Filed under: Instructional, PC Maintenance, PC Tips and Tools, Uncategorized | 3 Comments »

Simple Passwords Remain Popular, Despite Risk of Hacking – NYTimes.com

Posted on January 26, 2010 by wjimenez275

If Your Password Is 123456, Just Make It HackMe

By ASHLEE VANCE

Published: January 20, 2010

Back at the dawn of the Web, the most popular account password was “12345.”

The New York Times

Today, it’s one digit longer but hardly safer: “123456.”

Despite all the reports of Internet security breaches over the years, including the recent attacks on Google’s e-mail service, many people have reacted to the break-ins with a shrug.

According to a new analysis, one out of five Web users still decides to leave the digital equivalent of a key under the doormat: they choose a simple, easily guessed password like “abc123,” “iloveyou” or even “password” to protect their data.

“I guess it’s just a genetic flaw in humans,” said Amichai Shulman, the chief technology officer at Imperva, which makes software for blocking hackers. “We’ve been following the same patterns since the 1990s.”

Imperva found that nearly 1 percent of the 32 million people it studied had used “123456” as a password. The second-most-popular password was “12345.” Others in the top 20 included “qwerty,” “abc123” and “princess.”

More disturbing, said Mr. Shulman, was that about 20 percent of people on the RockYou list picked from the same, relatively small pool of 5,000 passwords.

That suggests that hackers could easily break into many accounts just by trying the most common passwords. Because of the prevalence of fast computers and speedy networks, hackers can fire off thousands of password guesses per minute.

via Simple Passwords Remain Popular, Despite Risk of Hacking – NYTimes.com.

There are several password generation programs available that will make and remember random passwords for different sites and needs. I highly recommend them. The one I use is Roboform. You can read my blog entry about it here: Now What Was That Password Again?

Filed under: Instructional, PC Security, Uncategorized | 1 Comment »

Microsoft urges Windows XP users to ditch old Flash version

Posted on January 16, 2010 by wjimenez275

Microsoft has had it with old versions of Adobe Flash and has issued Security Advisory 979267 to urge users to either uninstall old versions, or upgrade to the latest. More specifically, the software giant is asking users ditch Flash Player 6.0 as the multimedia player plugin contains multiple bugs. Microsoft rarely issues security advisories on third-party products, but since this version of Flash originally came bundled with Windows XP, Microsoft feels it needs to warn its users. Adobe discontinued security support for Flash Player 6.0 in 2006; the current version is Flash 10.0.42.34.The advisory outlines Microsoft’s stance very clearly, making sure to emphasize that the vulnerabilities only occur with the combination of the old version of Flash and old version of Windows other supported versions of Windows do not include the Flash. “The Adobe Flash Player 6 was provided with Windows XP and contains multiple vulnerabilities that could allow remote code execution if a user views a specially crafted Web page. Adobe has addressed these vulnerabilities in newer versions of Adobe Flash Player. Microsoft recommends that users of Windows XP with Adobe Flash Player 6 installed update to the most current version of Flash Player available from Adobe.” The good news is that the advisory says Microsoft is “not aware of attacks that try to use the reported vulnerabilities or of customer impact at this time.”The security advisory was posted on Patch Tuesday, the same day Microsoft releases security patches for all of its software for the month. This month though, the company only posted a single bulletin, Microsoft Security Bulletin MS10-001. It affects all supported versions of Windows, but is only rated as “Critical” for Windows 2000, and “Low” for all later versions. As a result, the Adobe Flash flaw is slightly more serious and should take priority.

via Microsoft urges Windows XP users to ditch old Flash version.

Filed under: Instructional, PC Security | 1 Comment »

« Previous PageNext Page »