Author Archive

04 06 2006

What You Need To Know About Web Browser Security

Posted by: admin in Self Help
Name Description Actions On
Surfing on the internet is risky business. Apart from electronic pests like viruses and spyware, the web is increasingly full of criminals hunting for sensitive information left unsecured.  Online surfers should be as selective with their browser as real- life surfers are with their surfboards. After all, this is the program that is used to navigate the virtual world. And regardless of which browser is used, one single false setting can expose   online surfers to dangerous security leaks.  

“The browser is the most dangerous application,” says Christoph Fischer, an expert in IT security from Karlsruhe. Browser programs are indispensable for depicting internet pages on the computer, but are anchored deep into the operating system. At the same time they make direct contact with the chaotic realm of the internet. That makes them an inviting target for the ill-intentioned.

Adding to the problem is the increasing complexity of browsers, Fischer notes. All modern browsers include embedded support programs and languages like Java, Java Script, Flash, and ActiveX. This is a result of the trend toward more colourful web sites loaded down with animated “do-dads.” Without the corresponding plug-ins, the pages cannot be properly depicted with the browser.

This “featuritis” has made no friends at the German Federal Agency for Information Technology (BSI) in Bonn.

Frank W Felzmann, the division head for IT safety in operating systems, says, “That makes the browser easier to attack.” Every program has weak points that can be exploited once they are discovered. Among other problems, this means that market leader Microsoft has “grave security problems with its older browsers,” Fischer feels.

Even the Firefox browser from the Mozilla Foundation, developed as a stripped down counterpart to Microsoft’s Internet Explorer (IE), now features numerous add-ons. These helper programs allow the browser to be customized to meet personal preferences.

BSI expert Felzmann estimates that the current version of IE has more weak spots than Firefox. Yet this has cost IE many users. “That makes Firefox more interesting for attackers, since they react to the market share,” Felzmann explains. “Attackers will go after the browser that is most widespread.” The new IE 7, expected on the market in the second half of this year, may well become a prime target for so-called malware authors.

Microsoft has recognized, however, that “significant investments in security are a constant necessity,” explains Andreas Schoenberger, the company’s marketing manager in Munich. Dangers through phishing must be taken just as seriously as viruses and worms. The new IE 7 browser will therefore also offer both an anti-spyware function and a “phishing filter.” This involves tests to prevent attacks luring online banking users into revealing their access data.

The first step in the process is a comparison of the web site being visited with a local list of recognized genuine sites. Another step involves checking the site for characteristics typical of phishing sites. Finally a comparison is made against a constantly updated online service from Microsoft, which notes “good” and “bad” sites. If a phishing alarm is triggered, then the surfer is provided a warning or the page is blocked.

BSI expert Felzmann warns against overconfidence. The new IE 7, whose beta version is already available, has not been written completely from scratch. “Parts of earlier versions were used, and these contain some security holes.” Moreover, protection based on a list of banned sites is a “cat-and-mouse game,” since new phishing sites appear on the web constantly.

IT expert Christoph Fischer points out that this process also involves certain privacy risks. Microsoft is ultimately being informed about visited web sites in real time, which not all internet users may appreciate. Fischer also complains about the lack of transparency for the browsers. Certain functions can in fact be turned off, but “Which users know about it? They are too complex for normal users to master.”

As a result, many simply ignore security issues “because they’re annoying.” The IT expert also implores surfers to take basic precautionary measures, regardless of which browser they use. This includes switching off browser features like ActiveX and Java Script, which can be used to sneak in spy programs. The automatic downloading of plug-ins should also be deactivated.

Alongside the regular update of the operating system, virus protection program and firewalls, Felzmann also advises surfers to be vigilant about security threats and to approach unknown web sites with caution. The consequences of security gaps are not clear to everyone, Christoph Fischer adds: “Millions of people are spied on every day by spyware. They’re standing buck naked on the web.”

INFO BOX: Create separate user profile for surfing. Computer users should create a user profile with restricted access rights to be used when web surfing, advises Frank W. Felzmann from the German Federal Agency for Information Technology (BSI) in Bonn. Most users foolishly surf using their administrator account. That allows any malware that sneaks onto the machine to gain full control of it.   

By Felix Rehwald, 
   

No Comments »

03 06 2006

Outpost Firewall Pro 3.0 Product Review

Posted by: admin in Product Review
Name Description Actions On
Outpost Firewall Pro 3.0
BOTTOM LINE:
Outpost Firewall Pro’s plug-in architecture made it easy for Agnitum to add spyware protection to the suite. However, its spyware-fighting ability just doesn’t measure up. We suggest you use a best-of-breed standalone instead, or wait for a better plug-in.   

PROS:
Detected five of six commercial keyloggers in testing. Firewall module aided in spyware detection.

CONS:
Only removed half the spyware it found. Only blocked half the spyware installations it detected. Very little information about found threats.

COMPANY: 
Agnitum Ltd.

 

SPEC DATA
  

Price: $39.95 Direct
Type: Personal

Antispyware:
Agnitum’s Outpost Firewall Pro is a firewall by nature, but Version 3.0 takes advantage of the product’s plug-in architecture to add full-scale spyware removal and prevention. Other plug-ins handle ad blocking, e-mail attachment quarantine, content filtering (based on user-defined lists of unwanted URLs or keywords), and more. We tested its abilities against our standard antispyware regimen.

Outpost detected all but one commercial keylogger and removed three, but didn’t successfully block installation of any of them. Although it detected two-thirds of our sample spyware in both tests, it succeeded in blocking or removing less than half of those. In a few cases the firewall element prevented suspicious activity by the installer, effectively halting the installation. Many of the successful removal operations required a reboot.

Outpost was sig-nificantly better at detecting spyware than at either removing it or preventing its initial installation. Future versions may improve the program’s performance; until they do, you’d be better off with a best-of-breed standalone antispyware product.

No Comments »

01 04 2006

Never delay installing Microsoft security updates

Posted by: admin in Self Help

 

Name Description Actions On

It is always an on going battle to keep your computer safe, and free of vermin. In an effort to keep everyone on the same page I will pass on articles I think will be of interest

Be safe out there! And if you have a little reminders in the bottom right tray that you have updates ready to apply, PLEASE take the time to do it NOW! Remember by waiting is how the Blaster virus spread!

Wayne

 

Trojan Dropper Deposits Many Viruses into User Computer
TechWhack (press release) - New Delhi,India
Security Experts at MicroWorld Technologies inform that “Trojan-Dropper.Win32.Agent.alv” is a new addition to the Trojan Dropper family, known to drop various Trojans and Viruses into user computers while working in the system background.

No Comments »

27 03 2006

OK, You’re Infested with Spyware. Now What?

Posted by: admin in Self Help
 

Name Description Actions On

 

Name Description Actions On
When you get Spyware on your computer it is time for a reality check. You’ve got to start thinking “outside the box” and ask yourself how it get there. It goes far beyond whether you have a Spyware program on your computer. It is lifestyle in most cases. ie: Where do you go on the web? Sites that can get you in deep trouble are the ADULT SITES. Do you download “free music” using programs like Kazaa or any other pier to pier program? Just remember when you use a pier to pier program you are actually connecting to the user who’s songs you are downloading. Hence if he is infected you soon will be. Are you starting to catch on?  

 

OK, So what to do:

  • Arm yourself with some good Reactive Spyware Cleaners.

Get programs like Spybot, Ad_aware, Xcleaner, Hi-Jacks can all be downloaded off the web for free and they update their pattern files often to keep up to date.

 

  • Take yourself off the web and your home network if you have one while you’re cleaning.

If you don’t take yourself off the web, or remove yourself from your network you’ll be shoveling against the tide. And if you are connected via a cable modem you are ALWAYS on the web, even if you’re not actively browsing so you must unplug it or remove the cat5 cable from your PC.

 

  • Learn how to use the Spyware Cleaners.

These tools are no good to you if you don’t take the time to thoroughly read the instruction. You will also have to update the definition files because these downloaded programs could be weeks or months old. As I have preached before “Spyware and Viruses do not take a holiday…EVER!!”

 

  • Run these programs over and over.

In order to be sure you are clean, it is necessary to run these programs more than once until finally you get a scan that produces no new problems. In what order you run your programs doesn’t matter. Since each program finds different type of problems it is always good if you have more than one tool in your arsenal. So run them all. One last thing. The program Hi-Jacks is something best left in the hands of a professional as it can really mess your computer up in the wrong hands. Be forewarned!!

If you have a PC related question that you would like to see answered in this blog click here: Ask Wayne

 

If you don’t want to search the web and download these tools yourself you can get them from me for $0.01 plus postage by clicking on this link: Fix It Yourself Yes I said one Cent!!! This special is not going to last long and will be discontinued without notice so don’t snooze. You must enter coupon code “Waynes world” (no quotes) into shopping cart to get this price.

 

Wayne

 

No Comments »

26 03 2006

Steps to Prevent Spyware

Posted by: admin in Self Help
Spyware and other unwanted software can invade your privacy, bombard you with pop-up windows, slow down your computer, and even make your computer crash. Here are several ways you can help protect your computer against spyware and other unwanted software. 

 

· Use a firewall:

While most spyware and other unwanted software come bundled with other programs or originate from unscrupulous Web sites, a small amount of spyware can actually be placed on your computer remotely by hackers. 

If you are using any version of Windows XP make sure you turn the firewall on. I you are using a commercial software internet security package (like Norton Internet Security) It wants to turn off the windows fore wall in favor of its own firewall. This is OK, but take setting it up or you will block yourself out of the internet by having settings too high. I you are behind a router you have a hardware firewall built into it, but you need to set it up properly so it doesn’t block ports needed to get to the internet or make your favorite chat program from working. If you don’t understand what I just said, you probably should see some help in setting this up.

 

· Update your software

 

If you use Windows XP, one way to help prevent spyware and other unwanted software is to make sure all your software is updated. Get into the habit of not saying “remind me later” when windows alerts you that an update is ready.

 

· Adjust Internet Explorer security settings

 

You can adjust your Internet Explorer Web browser’s security settings to determine how much—or how little—information you are willing to accept from a Web site. Microsoft recommends that you set the security settings for the Internet zone to Medium or higher.

 

· Install antispyware protection

 

There are two type of spyware software. Proactive (prevents it from getting into your computer) or reactive (trys to remove it once your infested). You need proactive. Examples of proactive programs are Spy Sweeper, Trend Micro Anti-Spyware, Spyware Doctor…etc there are a lot to choose from but get one that PREVENTS spyware from getting into your computer in the first place 

  

Microsoft currently offers antispyware beta software for download; more information is available on their Windows Defender (Beta 2) site.

 

I’ll discuss what to do if you do get infected with Spyware in one of my next Blogs. If you have any PC Related questions write to me at ask_wayne@pricecomputersupport.com and I’ll try to answer as many as I can in my Blogs

 

Wayne

BTW: Not too sure what’s going on with the formating of this Blog. No matter what I do it keeps getting worse….Gremlins or maybe it’s Spyware…(Grin)

 

No Comments »

24 03 2006

What is spyware?

Posted by: admin in Articles

Â

Name Description Actions On

Spyware is a general term used for software that performs certain behaviors such as advertising, collecting personal information, or changing the configuration of your computer, generally without appropriately obtaining your consent. You might have spyware or other unwanted software on your computer if:

  • You see pop-up advertisements even when you’re not on the Web. Some unwanted software will bombard you with pop-up ads that aren’t related to a particular Web site you’re visiting. These ads are often for adult or other Web sites you may find objectionable. If you see pop-up ads as soon as you turn on your computer or when you’re not even browsing the Web, you may have spyware or other unwanted software on your computer.
  • The page your Web browser first opens to (your home page) or your browser search settings have changed without your knowledge. Some unwanted software has the ability to change your home page or search page settings. This means that the page that opens first when you start your Internet browser or the page that appears when you select “search” may be pages that you do not recognize. Even if you know how to adjust these settings, you may find that they revert back every time you restart your computer.
  • You notice a new toolbar in your browser that you didn’t want, and find it difficult to get rid of. Spyware and other unwanted software can add additional toolbars to your Web browser that you don’t want or need. Even if you know how to remove these toolbars, they may return each time you restart your computer.
  • Your computer takes longer than usual to complete certain tasks. Spyware and other unwanted software are not necessarily designed to be efficient. The resources these programs use to track your activities and deliver advertisements can slow down your computer and errors in the software can make your computer crash. If you notice a sudden increase in the number of times a certain program crashes, or if your computer is slower than normal at performing routine tasks, you may have spyware or other unwanted software on your machine.
  • You experience a sudden rise in computer crashes. If you notice a sudden increase in the number of times a certain program crashes, or if your computer is slower than normal at performing routine tasks, you may have spyware or other unwanted software on your machine.

we’ll talk about how to prevent Spyware from getting onto your computer in one of my next blogs. Stay tuned!

No Comments »