EBC_Reports

Elephant Boy Computers Reports

We occasionally send out email reports to our clients and friends covering various Windows security issues, computing tips and tricks, and other information we hope will be helpful. You can view the reports either by date or by subject. Please note that some of the links to online articles in older EBC Reports might not be live any more. However, there may still be useful information in the Reports so they still have a home here.

Administrivia - Since the mailing list is private, directions for members who receive EBC Reports by email to unsubscribe, change the email address at which they receive the Reports, and/or add members to the list are at the end of each EBC Reports email.

EBC Reports Chronologically: 2008, 2009, 2010, 2011

EBC Reports for 2002 through 2007 are archived here.

2008:

01-09-08 - Another year of malware; Xbox Live holiday problems; using legal software
01-17-08 - Rogue antispyware for the Mac; Valentine's Day Storm Worm; social engineering
01-30-08 - Income Tax-related scams; New MSN worm
02-22-08 - Upcoming Service Packs - Vista and XP
03-11-08 - Fake Government emails; Malware disguised as 3D screensavers; "The Myth of the Transparent Society"; Pi Day and Albert Einstein's birthday
04-08-08 - New phishing prevention website; Email attack tied to Microsoft's April Security Bulletin; End of the line for Windows XP and what to do about it
04-23-08 - Hotmail and Outlook Express; MSN Music Store is dead; Windows XP Service Pack 3 RTM
06-19-08 - Rogue antispyware programs; Firefox 3; DNS Changer Zlob trojan
08-23-08 - XP Antivirus 2008; Malvertisements; Recycling; Restore Disks
10-16-08 - Java update; Adobe Flash update; Infostealer trojan; Warezov botnet is back
11-12-08 - Staying safe by not getting tricked - email security; Too much security; Charity
11-27-08 - "Staying Safe" and "Too Much Security"; Christmas/Holiday images and links; EBC Christmas Card
12-17-08 - Microsoft out-of-band patch for Internet Explorer security flaw; Apple update; Fun things - ringtones and clipart; Holiday guests using your computer

Back to top
Home

2009:

01-24-09 - Recycling; Conficker worm; Webmail vs. Email Client
02-09-09 - Firefox and Java updates; Keeping track of updates; Tax-related scams
02-22-09 - Adobe vulnerability; hardware lifespans and Mac vs. PC
03-05-09 - Firefox update; Gaming scam, Apple tip
03-23-09 - Program updates - Adobe Reader, iTunes, Thunderbird; Internet Explorer 8
03-28-09 - Firefox update; Passwords; Mac malware; Fonts
04-11-09 - Java & iTunes updates; Telemarketer scammers; Internet Explorer 8 rollout
04-29-09 - Firefox 3.0.10; Microsoft Office 2007 Service Pack 2; IE8 as a "High Priority Update"; Odds and Ends - Replica and ooVoo
05-09-09 - Vista Service Pack 2; Windows 7
06-06-09 - HP Battery Recall; Apple OS X Update; Adobe Update; Windows and Office Updates; Windows 7
06-27-09 - Various program updates; Microsoft Money discontinued; Microsoft Morro; Windows 7 pricing
08-04-09 - Firefox, Adobe, and Java updates; Windows 7 RTM and upgrading; Seagate's Replica
08-12-09 - Mac OS X & Safari updates; Java update; Rogue security product; Antivirus programs on Mac OS X
09-10-09 - Updated Firefox and iTunes; Outlook troubleshooting; Snow Leopard; Guides to Snow Leopard and Windows 7; Reminder about Microsoft's Patch
Tuesday; International Talk Like A Pirate Day (and other fun Days)
09-25-09 - Program updates; New phishing worm; Casual gaming sites; Cuteness
10-13-09 - Security Updates for Adobe Reader and Acrobat; Patch Tuesday; Serious bug in Snow Leopard resulting in data loss; Fences; MS Office 2010
11-04-09 - Program updates; Recommendations for setting up users in Vista and Windows 7
11-30-09 - Holiday computer safety; Buying a computer for Christmas
12-14-09 - Staying computer-safe during the Holidays; Holiday music; Seasonal amusements

2010:

02-07-10 - Pre-Internet Explorer 8 vulnerability; Current versions of popular programs; Reminder about rogue security programs; Facebook as a vector for infection
02-12-10 - Beware this Facebook phish; New "Genuine Windows Activation" patch; Adobe updates
03-10-10 - IE 6 is dead; Switching from Windows to Mac OS X; Microsoft Help File Exploit; Windows 7 "Genuine Windows Activation"; Adobe Reader most targeted for malware
                   attacks; Another way social networking sites are being used for rogue security program scams
03-21-10 - Facebook password reset scam; Microsoft removes hardware barrier to XP Mode in Windows 7; Mozilla news - Firefox vulnerability patch, Thunderbird update
03-29-10 - End of support for XP with Service Pack 2 (and earlier) and end of support for Vista with no Service Packs; Firefox 3.6.2 available now; St. Anthony's School recycling;
                   Out-of-band security update for Internet Explorer
04-01-10 - Apple updates OS X Leopard and Snow Leopard; Bogus Windows Live Messenger invitations; Large percentage of Windows 7 vulnerabilities mitigated by running as
                   Standard user; Program updates - iTunes/QuickTime and Java; Annual ThinkGeek April 1st foolery
04-14-10 - Firefox update; Adobe Reader/Acrobat updates; Patch Tuesday; Facebook Farm Town malvertising; McAfee lawsuit; Koobface trojan
04-24-10 - Updates - Apple OS X, Java JRE 6u20; Identity theft article; Privacy and staying safe on Facebook; Warning about phish aimed at QuickBooks users; Some general
                   malware information
05-05-10 - Learning Windows; Fast-spreading worm; Facebook and privacy; Two scams
05-16-10 - New version of Adobe Shockwave Player; More on Facebook privacy (or lack thereof); Microsoft Office 2010
05-26-10 - Apple iTunes phish; New Facebook privacy settings; Google Chrome out of beta for Mac OS X and Linux; Apple's Back to School program
06-02-10 - Malware on OS X; No one should still be using Internet Explorer 6 (or even 7); Malware attacks on Facebook; Greeting card spam/malware - again!; Security update for
                   Adobe Photoshop CS4 - Windows and Mac; On a lighter note...
06-10-10 - Securing Facebook; Program updates - Safari, Adobe Flash Player; Microsoft force-installs an add-on into Firefox; Microsoft Office Web Apps
06-29-10 - The Upgrade Edition - various program updates
07-10-10 - Free wifi at Starbucks; Java update - JRE 6 Update 21; OpenDNS FamilyShield; Windows 2000 is officially obsolete
08-01-10 - Rogue security programs; Program updates - iTunes, Firefox, Safari; Out-of-band critical security update for Windows; Using OpenDNS
08-17-10 - Drive partitioning; Adobe out-of-band patch; QuickTime update; Another Facebook scam; Top Ten Most Dangerous Things You Can Do Online
08-26-10 - Recovery discs and partitions; Imaging; Various updates
09-06-10 - iTunes update; New rogue security technique; Controlling your domain name; Reminder: International Talk Like A Pirate Day
09-20-10 - Mac 101; Program updates; Free Staying Safe Online book from Microsoft; More about OpenDNS
10-08-10 - Collection of useful articles about backing up, Internet safety, wireless network range, and password management; Adobe Reader update; Microsoft Office for Mac 2011
10-28-10 - Program updates; Facebook privacy kerfuffle; LimeWire loses its court case; Koobface worm ported to OS X
11-14-10 - Program updates; Mac antivirus; holiday scams
11-29-10 - Adobe updates; Using wireless networks when traveling; Charities
12-17-10 - Holiday safety tips; Program updates; Spam; Cyberbullying

2011:

01-29-11 - Current versions of popular programs; Mac App Store; Cold call scammers; OpenOffice/LibreOffice; New Year's resolution: backing up
02-09-11 - Google Art Project; More on backing up online for home users; Facebook love/hate; Adobe program updates
02-15-11 - Service Pack 1 for Windows 7/Server 2008 R2; Google Stuff; Java Update; Death and Taxes
03-11-11 - Program updates; Pi Day; PDF Reader issues; New Google goodness; Disaster scammers
03-15-11 - Internet Explorer 9 RTW (Release To Web); Scammers and the disaster in Japan; Adobe emergency out-of-band patch
03-25-11 - Various program updates
04-13-11 - New critical vulnerability in Adobe Flash Player; New Facebook scams; Email attachment (malware); Microsoft updates for Tuesday, 4/12/11
05-02-11 - Program updates; Sony Playstation Network debacle; Reminder about event-based malware (Osama Bin Laden's death)
05-07-11 - Hoaxes - Please don't spread them; Rogue security programs targeted at Mac OS X (and one for Windows); Skype vulnerability on Mac OS X
05-28-11 - Antivirus on Mac OS X; Update to Adobe Flash 10.3; New Amazon.com Mac Store; Mozy Online Backup update; Recycling
06-04-11 - How did you pick up that rogue security program?; Online surveys; HP's exploding laptop battery recall; Apple security update
06-09-11 - Program updates; Apple news from the Worldwide Developers' Conference on 6/6; General malware links of interest
06-21-11 - Program updates; Managing Facebook privacy; Should you change your passwords?
07-03-11 - Mac OS X Updates; Thunderbird update; Microsoft Office 2010 Service Pack 1; Fake security software article; Tumblr targeted by malware; Fourth of July links
08-08-11 - Various program updates; Mac OS X Lion; Google Takeout; Apple iCloud
09-22-11 - Various program/operating system updates; backing up - a cautionary tale
09-28-11 - Invalid security certificates; Facebook changes; Mac OS X trojans; Firefox update
10-19-11 - Cloud storage comparison; iCloud; Program updates
11-09-11 - Examples of why I tell people not to click on links on social networking sites; Microsoft Office 2007 Service Pack 3; Website tracking; Quick check for email compromise
                  Firefox 8; Another online legal music website
12-11-11 - iTunes Match, Google Music; Adobe & Picasa updates; Google Chrome; Download.com mess

1-9-08 - No matter where you go, there you are. -- Buckaroo Banzai

1. Another year, more security warnings
2. Xbox Live problems during the holidays
3. Using legal software

1. Another year, more of the usual - just nastier:

A. Evil codecs - Here is a very good post by MVP Harry Waldron about deceptive music sites to avoid:
http://tinyurl.com/ys7qeh

It references the Sunbelt Blog, which also has some new information on more fake codec sites.
http://sunbeltblog.blogspot.com/2007/12/fake-codecs-on-blogger.html

The Sunbelt blog is an excellent source of information for new forms of malware, evil websites where you can pick up malware, etc. Highly recommended.

B. Malware-laced banner ads, etc.:

From The Register - "If you haven't patched that media player or web browser in a while, now might be a good time. MySpace, Excite and Blick have been caught serving banner ads that attempt to install malware on machines running unpatched software."

http://www.channelregister.co.uk/2008/01/04/malware_laced_banners/

Secret Crush widget on Facebook spreads malware. Don't use this!
http://www.theregister.co.uk/2008/01/04/facebook_adware/

Update: Facebook has blocked Secret Crush
http://www.theregister.co.uk/2008/01/08/facebook_blocks_secret_crush/

Also see the Sunbelt Blog for good articles on RealPlayer vulnerabilities, the malicious ads on MySpace, and phishing/malware on Facebook:
http://sunbeltblog.blogspot.com/

2. For those of you (like us) who bought an Xbox 360 during the holidays and had problems with Xbox Live - Microsoft apologizes for the inconvenience. Apparently they had a lot of issues with the service because of the huge number of signups. They will be offering "all of our Xbox LIVE members around the world" a free LIVE Arcade game. No details on the offer or what game, but here's the link:

http://www.majornelson.com/archive/2008/01/03/xbox-live-holiday-performance.aspx

3. You know how I'm always warning my small business clients about getting caught by the BSA using illegal copies of Microsoft software? Seems the BSA just scored $420,000 in fines from three firms. So, I'm just sayin'...

http://www.theregister.co.uk/2008/01/09/six_firms_unlicensed_software/
http://www.bsa.org/country/News%20and%20Events/News%20Archives/en-01082008-General-Finance.aspx

Back to top
Home

1-17-08 - Well, I've wrestled with reality for 35 years, Doctor, and I'm happy to state I finally won out over it. -- Elwood P. Dowd in "Harvey"

1. Rogue antispyware program for the Mac
2. Storm Worm gearing up for Valentine's Day
3. Beware of social engineering

1. Well, well, well... the first rogue antispyware program for the Mac has just surfaced. This is not really such a surprise; this sort of scumware has been targeting PCs for years - Winfixer, SpySheriff, WinAntivirus, and all their unpleasant cousins. With a lot more people buying Macs - and a lot of those people are coming from the Windows world where spyware is a Fact Of Life - it was only a matter of time before The Bad Guys would try to get a piece of that.

Even we Mac users need to be sensible and exercise common sense. You all know how to stay safe; it isn't any different on the Mac side. Here's F-Secure's post about the rogue "MacSweeper":

http://www.f-secure.com/weblog/archives/00001362.html

Protect your Mac - http://www.getsafeonline.org/nqcontent.cfm?a_id=1165

I don't agree with them about antivirus software - I never ran it on my Linux machines and I don't run it on my MacBook (but I don't do risky computing, either) - so this is your call. In any case, I wouldn't use products from Symantec (Norton) or McAfee.

2. Users should beware of email or e-card Valentine's Day type themes as these are already circulating. You may receive a Valentine-themed email with a subject like “I Dream of You”, “For You….My Love”, “Sending You My Love”, etc. The body text will prompt you to click on a link typically looking like http://some.numeric.address. Of course you are smart and won't click on it!

Storm Worm - Gearing up for Valentines Day - http://isc.sans.org/diary.html?storyid=3855

http://www.avertlabs.com/research/blog/index.php/2008/01/15/from-nuwar-with-love/
http://sunbeltblog.blogspot.com/2008/01/new-storm-variant-in-time-for-valentine.html
http://blog.trendmicro.com/storms-spamming-out-some-love/
http://blog.trendmicro.com/chasing-storm-into-2008/
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_NUWAR.BK

3. Remember that social engineering is a big part of getting malware onto your computer and/or stealing your personal information (phishing). Social engineering plays on the facts that a) most people are nice and want to help others; b) most people are easily frightened by emails from "official" sources. I was reminded of this because Doug, one of my smartest clients, called to ask about an email he'd received that looked like a legal complaint. The complaint was supposed to be contained in an attachment which looked like a legitimate .pdf file - except it wasn't. The ever-brilliant Doug felt sure this email wasn't legitimate but he just thought he'd get my input. Naturally he deleted the email, but it was official and scary-looking enough to give him - and me! - pause initially.

So be cautious and unless you are in the middle of legal entanglements and are expecting an email with an attachment, delete those messges unread.

http://en.wikipedia.org/wiki/Social_engineering_(computer_security)
http://www.securityfocus.com/infocus/1527
http://www.getsafeonline.org/
https://www.mysecurecyberspace.com/
http://www.antiphishing.org/

The latest IRS email scams - http://blogs.consumerreports.org/money/2008/01/the-latest-irs.html

Back to top
Home

1-30-08 - "Logic clearly dictates that the needs of the many outweigh the needs of the few... or the one." -- Mr. Spock

1. Income Tax-related scams
2. New MSN worm

1. I got a very useful email from Alexis Vollgraff (one of my smartest clients!). Alexis would like to share this with all of you:

"Just a few reminders you might want to send out, since I work for the IRS. We never ever email people. You would have to be on our secure messaging to get an email.   Also & this is one that is really important, when you go into any government site, local, state or federal, it will be .gov, not .com. I was checking out the JK Harris site, that I won't even comment on & found what looked like a link to the IRS, but it was the .com site & wasn't ours. We offer the free file file which is really good, but you just have to be so careful."

Thanks very much for this, Alexis. I also went to the JK Harris site Alexis mentioned and saw the link. They certainly make it look official. Creeps.

I see that MVP Harry Waldron has some excellent information on a new wave of IRS and tax-based scams. This should come as no surprise as malware writers/phishers are well known to time attacks based on Real World events; e.g., Katrina, devastating weather in Europe (Storm Worm), and of course US tax time (possibly not as much of a crisis as natural disasters but still A Big Deal to most of us). Here's Harry's blog entry:

http://msmvps.com/blogs/harrywaldron/archive/2008/01/30/irs-and-tax-based-scams-new-wave-of-attacks.aspx

2. Just in case you need a reminder (or your kids do) not to click on links that come in instant messages, a polyglot worm is spreading over MSN. See this article by The Register for details:
'
http://www.channelregister.co.uk/2008/01/23/polyglot_msn_worm/

Here's a description of it from TrendLabs Malware Blog:

http://blog.trendmicro.com/namedropping-msn-worm-also-a-polyglot/

"A new worm detected as WORM_IRCBOT.SN is currently making its rounds via MSN Messenger. In some instances, it drops popular social networking sites’ names MySpace and Facebook as it spreads itself. It sends any of the following messages together with a link where the picture referred to in the messages can be “viewed” by its recipients:

    * can i throw this picture of you and me on myspace?
    * Wanna see my pictures before i send em to facebook?
    * can I throw this picture of us on my facebook.. please?
    * I think this picture is terrible. but my friends on myspace want to see it. please dont show noone.
    * do I look dumb in this picture? I want to put it on myspace.
    * do you think I look ugly in this pic? its one of my new ones too :(
    * hey i found your picture on hotornot.com! I swear its you!
    * OMG, i found ur pic on cuteornot.com! im not kidding either!!!
    * jesus this person really looks like you!
    * This picture isnt you… right? lol

"This is only a partial list; it has a lot more lines that are mostly talking about photos. Another interesting thing about this worm, as observed by our senior analysts, is that the messages change according to the language of the affected operating system used. Based on the ploys used (using the MySpace and Facebook names and having references to country codes in its registry) as well as the varying languages by this localizing MSN worm, its authors are trying to capture a wide audience."

Update: Since I made a note of this last week for the next EBC Report (this one!), I see that this trojan is really picking up steam. So remind your kids (and yourselves!) to be careful out there.

Back to top
Home

2-22-08 - ++?????++ Out of Cheese Error. Redo From Start. -- Hex (Terry Pratchett, "Interesting Times")

Upcoming Service Packs - Vista and XP

Service Pack 1 (SP1) for Vista is finished. Those of us with MSDN/TechNet subscriptions have already received it. At this writing it is expected that end users will receive SP1 from Windows Update next month. (Microsoft issues regular Windows Updates on the first Tuesday of each month.) Service Pack 3 for XP is still in beta but getting close to RTM (Release To Manufacturing, a fancy way of saying "it's ready"). Do not just slide into an operating system Service Pack install without any preparation. You might get lucky, but then again there might be Much Gnashing Of The Teeth.

For instance, there is a new Microsoft Knowledge Base article listing some programs that will not work after Vista SP1:

http://support.microsoft.com/kb/935796

Of the programs listed, probably only Trend Micro Internet Security and Zone Alarm Security Suite are commonly found on most people's computers but you should still take a look anyway. I've seen a fair number of new laptops with the Trend Micro program preinstalled.

Proper preparation is essential to having a successful experience installing any operating system Service Pack.

Make sure you have set your Windows Updates to not be automatic. Choose the option that downloads the updates and then alerts you that updates are ready. Then take the Custom installation option in XP or click on the link that will let you view the updates in Vista. If you haven't done preparation for a Service Pack, don't take the update until you do. You'll be offered it again. And again. ;-)

Typical preparation for an operating system Service Pack upgrade:

1. Back up all your data to external media. This can mean burning to CD/DVD-Rs, copying to an external hard drive, creating an image of the system with something like Acronis True Image and storing it on an external hard drive, or a combination of all of these things. Having an image of your working system is a wonderful thing and now that external hard drives (like a MyBook or One-Touch) and imaging software like True Image are so reasonably priced, this procedure is easy.

2. Make sure the computer is completely virus/malware-free. This is crucial.

3. Do maintenance - clean up temporary files, defrag, get rid of stuff you don't need, etc. You want your system to be in tip-top shape before you apply a Service Pack.

4. People who have OEM machines (HP, Dell, Sony, Toshiba, etc.) should first go to the OEM's website to see if there are special instructions. For example, there were approximately 8 patches that needed to be installed on HP computers before installing XP's SP2.

5. If you have major software that you use every day - QuickBooks, ACT, antivirus programs, third-party firewalls, industry-specific programs, etc. - go to the companies' websites first and see if there are special instructions or known issues with a Service Pack. If you just install a Service Pack blindly and then find out that the program your company uses to do business is broken afterwards, there will be Tears Before Bedtime (at the very least).

6. If you know that some of your programs won't work with the Service Pack - CD/DVD burning software, antivirus/firewall/security programs, etc. - uninstall them first. Don't just not run them.

7. Once you've done all your prep work, close all programs before you install a Service Pack. This means your antivirus and firewall also. If your computer connects directly to a cable/DSL modem, unplug the ethernet cable first so you are not connected to the Internet and will be protected. If you have a router, you will be safe during the time your antivirus and firewall are off. If you have a laptop, make sure it is plugged into a wall outlet and not running on battery. If you think there is a possibility of a power outage, purchase an Uninterruptible Power Supply (UPS) and have the computer plugged into it. Having a UPS is a good idea anyway. A UPS is not the same thing as those power strips; a USP is an actual battery backup.

8. Be patient while you install the Service Pack. If you followed best practices for your prep work as outlined above, everything should go smoothly.

Back to top
Home

3-11-08 - "If you can't get the threat model right, you can't hope to secure the system." -- Bruce Schneier

1. Targeted malware spam attacks disguised as official Government email - Spy-Agent.cf trojan
2. Spam pushing malware disguised as 3D screensavers
3. "The Myth of the Transparent Society"
4. Pi Day and Albert Einstein's birthday

1. Be on the lookout for spam that appears to be official Government business. These new attacks will even download actual PDF forms from the government site to make them appear more legitimate. Of course you should delete these emails without opening them; under no circumstances should you open the attachments.

http://vil.nai.com/vil/content/v_142478.htm

As you can see from the McAfee description of Spy-Agent.cf at the link above, the emails can be quite frightening and official-looking. Don't be fooled.

2. Alex Eckelberry of Sunbelt has some interesting blog entries about a rash of spam pushing malware disguised as screensavers. You don't need that "free" 3D screensaver, people! Don't help the Bad Guys by downloading this garbage.

http://sunbeltblog.blogspot.com/2008/03/rash-of-new-spam-pushes-malware.html
http://sunbeltblog.blogspot.com/2008/03/dangerous-loadscc-malware-gang-re.html

3. Bruce Schneier, my favorite security guru, has a great article at Wired.com about "The Myth of the Transparent Society". There has been a lot of talk in security/IT circles lately about the virtues of transparency; i.e., if I have nothing to hide, you have nothing to use against me. Schneier punctures this myth by saying that the theory of transparency sounds nice but doesn't work because "it ignores the crucial dissimilarity of power". A very interesting read and not just for the paranoid among us.

http://www.wired.com/politics/security/commentary/securitymatters/2008/03/securitymatters_0306

Even if you are a person who doesn't pay too much attention to IT/security issues, the ongoing debates about privacy are interesting and important to all of us.

http://www.schneier.com/blog/

4. And on the lighter side, March 14th is Pi Day and Albert Einstein's Birthday. Coincidence? I think not. Celebrate by eating pie and thinking of Relativity. Have another piece of pie and don't think about Mass. ;-)

http://en.wikipedia.org/wiki/Pi_Day
http://www.piday.org/

http://en.wikipedia.org/wiki/Albert_Einstein

Back to top
Home

4-8-08 - "Roads? Where we're going we don't need... roads." -- Emmet Brown - Back to the Future

1. New phishing prevention website
2. Email attack tied to Microsoft's April Security Bulletin
3. End of the line for Windows XP and what to do about it

1. There is a new and rather well done site from the Federal Trade Commission (go, FTC!) with tips to help you avoid Internet fraud. The "Phishy Videos" are actually rather cute. This one is worth your time.

http://onguardonline.gov/index.html

2. US-CERT (United States Computer Emergency Readiness Team) has a brief notice about a targeted trojan.

"US-CERT has seen reports of an email attack targeting Microsoft's April Security Bulletin release cycle. This attack arrives via email messages withthe subject line 'Critical Patch Released: Microsoft Security BulletinMS08-64738.' These email messages contain a link to a fraudulent Microsoft Update web site that hosts malicious code or contains an attachment that is embedded with malicious code. Users who follow the link or open the attachment may become infected with a Trojan."

http://www.us-cert.gov/current/index.html#email_attack_targeting_microsoft_s

I know all of the Gentle Readers of this Report are smart enough not to get Windows Updates from anywhere except Microsoft. Still, it's good to remind you what an excellent resource US-CERT is. They have information targeted at non-technical users, alerts and tips, and lots of security-related goodies.

"The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors. Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation."

http://www.us-cert.gov/index.html

3. We are rapidly coming up on the end of XP's availability preinstalled on regular computers and in the normal retail channels. Except for preinstallation on specialized mini-PCs like the Asus EeePC, XP will not be sold on their computers by OEMs (Dell, HP, etc.) by the end of June, 2008. I know I wrote about this issue before, but after participating in a newsgroup thread yesterday about the difficulties of moving to Vista, I wanted to remind everyone about the issues involved here.

Note: If you are a home user who mostly uses the Internet, does email, has a recent version of MS Office, and doesn't have specialized software/hardware needs, Vista will work just fine for you. You can skip this lengthy part and go do something amusing instead. We're done with you. ;-)

A. Not all software will work under Vista. Now is the time to find out and be prepared, particularly if you are a small business owner using proprietary (niche) specialized software that is crucial to your company's well-being. You need to plan your actions if the computers you're currently using need to be replaced.

You - or one of your many minions - need to sit down and inventory what software you use. If you use niche software, contact that program's tech support or go to its website and find out if it works with Vista. The fellow I was working with in that newsgroup thread found out that the program his entire company used for its major business would not run under Vista and there are no plans to make it compatible with Vista. If you don't use this type of niche software, you still need to inventory your main programs. This includes knowing the version of the program. Usually you can find this information by clicking Help>About from within the program itself. You need to know whether your program version will work with Vista or plan for its upgrade. Examples are QuickBooks, Microsoft Office editions older than Office 2003, Adobe programs, etc.

B. Not all hardware will work under Vista. Usually this involves printers, but also includes any specialized hardware like bar scanners, point-of-sale equipment, health-related monitors or the like. To find out about Vista-compatibility, go to the hardware manufacturer's website and look for drivers for your specific model machine (like a printer). If there are no Vista drivers, you can't use that piece of hardware with Vista.

Don't make assumptions either way about hardware and software - check.

C. What do you do if you can't run your stuff under Vista?

1. Small business owners should consider purchasing a few extra XP computers from a decent OEM like Dell or HP. You can stick them in the closet if you don't need them now. As always, I recommend that you not be "penny-wise, pound-foolish"; if you have a business you should not buy crap like eMachines computers from Costco.

2. You can do what is called "virtual computing" on Vista. This means using either Microsoft's Virtual PC 2007 (free) or VMware Workstation (not free but I like it better than VPC) and creating a virtual machine running the older operating system. The operating system running in the virtual machine is a real operating system and you must have a license for it. You can't use the XP that came with your OEM machines so if you think you might want to do this, purchase a few extra retail copies of XP from your favorite online or brick-and-mortar store. You will probably want to get technical help from someone like Elephant Boy Computers if you are going to set up virtual computing.

3. If you are considering purchasing a Vista computer and then downgrading it to XP, here are some things you must consider first:

a. Go to the OEM's website and look for XP drivers for your specific model computer. If there are no XP drivers, then you can't install XP. End of story. If there are drivers, download them and store on a CD-R or USB thumbdrive; you'll need them after you install XP.

b. Check with the OEM - either from their tech support website or by calling them - to see if you will void your warranty if you do this. If you will void the warranty, you make the decision.

c. If the OEM does support XP on the machine, call them and see if you can have downgrade rights and have them send you an XP restore disk. This will be far the easiest and best way of getting XP on the machine.

d. If XP is supported on the machine but the OEM doesn't have an XP restore disk for you, understand that you'll need to purchase a retail copy of XP from your favorite online or brick/mortar store.

e. Also understand that you will need to do a clean install of XP so if you have any data you want, back it up first.

f. If none of the above is applicable to you because you can't run XP on that machine (see Item #1 above), return the computer and purchase one running XP instead.

Back to top
Home

4-23-08 - "You should listen to your heart, and not the voices in your head." -- Marge Simpson ("The Simpsons")

1. Hotmail and Outlook Express - the party's over
2. MSN Music Store is dead - another party that's over
3. Windows XP Service Pack 3 RTM

1. For those of you who still use Hotmail and who access it via your Outlook Express inbox, the party is over after June 30th.

http://emailsupport.spaces.live.com/Blog/cns!5D6F5A79A79B6708!5359.entry

"As of June 30, 2008, Microsoft is disabling the DAV protocol and you will no longer be able to access your Hotmail Inbox via Outlook Express. As an alternative, we recommend that you download Windows Live Mail, a free desktop e-mail client that has the familiarity of Outlook Express and much more."

I read this as meaning that while MS isn't getting rid of the Hotmail.com webmail service, they really really would prefer you move over to Windows Live Mail. Since I don't use Hotmail, Windows Live Hotmail, or Windows Live Mail, I can't comment on the differences between them. Since Windows Live Mail is free, it won't hurt you to give it a try. It doesn't seem as though you'll lose anything:

"After you provide your user name and password, you will automatically be linked to your Hotmail account, providing continued access to your email and contacts."

Personally, I use Google's Gmail for a free webmail account because it doesn't have all those ads and blinkenlights. But maybe you like those. ;-)

2. Another reason why DRM (Digital Rights Management) is Evil - If any of you were unfortunate enough to have purchased music from the now-dead MSN Music store, Microsoft is giving you another shaft by turning off their license servers at the end of this August.

Ars Technica has the story:

http://arstechnica.com/news.ars/post/20080422-drm-sucks-redux-microsoft-to-nuke-msn-music-drm-keys.html

"Customers who have purchased music from Microsoft's now-defunct MSN Music store are now facing a decision they never anticipated making: commit to which computers (and OS) they want to authorize forever, or give up access to the music they paid for. Why? Because Microsoft has decided that it's done supporting the service and will be turning off the MSN Music license servers by the end of this summer.

"MSN Entertainment and Video Services general manager Rob Bennett sent out an e-mail this afternoon to customers, advising them to make any and all authorizations or deauthorizations before August 31."

As the article suggests, the only way to be sure you'll always have this music is to burn it to audio CD.

3. Windows XP Service Pack 3 has now released to manufacturing (RTM) and will be available for separate download and from Windows Update on April 29th. While I'm not expecting anything really dreadful to come out of installing SP3, as I've previously pointed out it would be extremely foolish to blindly apply an operating system service pack without doing any preparation work at all. Again, check on your OEM's website (Dell, HP, Sony, etc.) to see if there are any pre-SP3 patches to apply. Have all your data backed up first in case Something Goes Sour. Businesses should definitely test before deployment. It's never a bad idea to wait a few weeks after the release of a Service Pack to see if anything crawls out of the Windows Rift Between The Worlds anyway. Do you really want your computer to be in thrall to the Elder Gods? Oh wait, you're using Windows so it already is. ;-)

Back to top
Home

6-19-08 - Osborn's Law - Variables won't; constants aren't.

1. Beware of rogue antispyware programs
2. Firefox 3 is out
3. DNS Changer Zlob trojan warning

1. One of my favorite clients recently got nailed by several rogue antispyware programs and fell for the scam. I've also had a rash of infected machines come into the shop with this sort of thing. So this is just a reminder about what we in the industry call "rogue antispyware" programs. We call them "rogue" because they pretend to be one of The Good Guys but are really Bad Guys. If you see popups with messages like "Warning! Your computer is infected with Spyware! Click here to purchase the removal for only $29.95" or the like, you need to a) clean up your computer (or have someone like Elephant Boy Computers do it for you); and b) don't click on that!

Here are some examples of rogue antispyware programs:

XP Cleaner, Antispykit, Antispywareshield, Virusprotect, Ultimate Cleaner, Privacy Protector, Registry Cleaner 2.5, Systemdoctor, WinAntivirus. There are many more. You can look at some of them and view the removal steps here:

http://www.bleepingcomputer.com/forums/forum55.html

2. The Firefox 3 browser is available now and it's great. For those of you who are going "what?", a browser is a program that allows you to "see" the Internet graphically. Internet Explorer is the browser that comes built into Windows. Safari is the browser that comes with Mac OS X. There are other browsers in the world (Opera, Sea Monkey, Epiphany, etc.), but Firefox is probably the best-known alternate browser (one that isn't built into or comes with an operating system).

It's always good to have more than one browser installed. That way if you have any Internet issues, you can determine if the problem is just with your browser (Internet Explorer for example) or if the problem is systemic. And it's nice to try new things!

Get the new Firefox here:
http://www.mozilla.com/en-US/firefox/?from=getfirefox

You can take a short video tour at that link, too.

See the new features:
http://www.mozilla.com/en-US/firefox/features/

And try some tips and tricks:
http://www.mozilla.com/en-US/firefox/tips/

If you already have Firefox 2 installed, you can install Firefox 3 right over it. Your bookmarks and preferences will be preserved.

3. There's a new nasty going around called DNS Changer. This is a member of the Zlob trojan family which checks to see if the victim's computer is on a network governed by a router. If it finds a router, the trojan will try and guess the router's password so it can get into the configuration utility and from there change the victim's DNS settings. This means that all your network's Internet traffic can flow through the Bad Guys' servers instead of your Internet Service Provider's. These articles explain this:

Malware Silently Alters Wireless Router Settings
http://blog.washingtonpost.com/securityfix/2008/06/malware_silently_alters_wirele_1.html

http://www.trustedsource.org/blog/42/New-DNSChanger-Trojan-hacks-into-routers

When I set up a router for a client, I always change the router configuration utility's username (when applicable) and password. I also change the wireless settings to an SSID (network name) that isn't the default and an encryption scheme that is as high as all devices on the network will support. You never want to leave these settings at the default to protect yourself from neighborhood hackers and now also to protect yourself from the DNS Changer trojan. I'm sure that the DNS Changer is just the first of its kind and that there will be others.

Refer to your router's manual or the router manufacturer's website for instructions if you don't know how to administer your router. Or you can always have Elephant Boy Computers do it for you. Oh, and don't forget to write down the username and password you choose!

Back to top
Home

8-23-08 - "OH!!! THEY HAVE THE INTERNET ON COMPUTERS NOW!!?" - Homer J Simpson.

1. XP Antivirus
2. Malvertisements
3. Tech recycling
4. Making Restore Disks

Yes, I've been very remiss in not writing more EBC Reports. Frankly, I assumed that you all know not to open attachments, to ignore spam tied to current events (like the Olympics), and not to click on Questionable Content. But there have been a few developments in the malware world that I think you should know about, particularly because I'm seeing lots of people who don't surf irresponsibly get nailed by XP Antivirus 2008/09 recently. Most of these machines will need to have a clean install, unfortunately. So onward....

1. There is a whole class of malware that we in the industry call "rogue antispyware". We call these programs "rogue" because they pretend to be Good Guys but are really Evil. You'll get a notice from one of these rogues saying that your computer is infected and the only way to clean it is by paying [some amount] to the rogue. Some of these rogues can be easily removed by someone skilled (like me!), but many of them also download Zlob and Vundo trojans that are protected by a rootkit. Rootkits run invisibly and are extremely difficult to remove. For all practical purposes, if your computer is infected with rootkit-protected malware and multiple trojans, a clean install is the way to go.

The extremely Awesome And Talented security expert Jesper M. Johansson has written an excellent article, "The Anatomy of a malware scam - The evil genius of XP Antivirus 2008". It is well worth reading.

http://www.theregister.co.uk/2008/08/22/anatomy_of_a_hack/

2. One way we've seen malware get onto users' computers lately is from legitimate websites unknowingly hosting malware-laden advertisements. People in the security industry have dubbed these "malvertisements". MVP Sandi Hardmeier has written extensively about them on her "Spyware Sucks" blog, and the Windows Secrets website has some suggestions as to how to combat the problem.

http://msmvps.com/blogs/spywaresucks/Default.aspx (scroll down for the various entries about malware)
http://windowssecrets.com/2008/04/24/03-Keep-malvertisements-from-infecting-your-PC

In addition to having the latest version of Flash Player, it is also wise to make sure you have the latest version of Java. To get Java, go here:

http://java.sun.com/javase/downloads/index.jsp (you want the JDK Runtime Environment (JRE) [some number some update] that is in the middle of the page)

First go to Add/Remove Programs (or Programs & Features if you have Vista) and uninstall any older versions of Java. Sun usually updates Java because of vulnerabilities and if you leave the older versions installed, you aren't protected.

3. When you replace an older computer, the question arises as to what to do with the old hardware. You can't just throw it in the trash because computers have dangerous heavy metals and most municipal garbage services have restrictions. So here are a few suggestions:

a. When you purchase a computer or printer from Dell, they offer you the opportunity to recycle the old equipment. Depending on the equipment, the option is free or a low $20.

b. Local schools - California State University Fresno has a recycling program, as does St. Anthony's School. You need to call them to see when the recycling is offered. If you aren't in Fresno, check with your own local schools. You get rid of your old equipment for nothing and the school makes a little money from it.

c. I noticed that Office Depot has a "tech recycling" program now. You ask a salesperson for a box, put your old stuff in it, and bring it back to the store. The store does make some money from recycling the equipment, but it costs you nothing. Again, if you're not in Fresno you can check at your own local office supply stores.

d. The City of Fresno has a once-a-year "big garbage pickup". There are restrictions on how much of what you can put out for pickup, but that's another way to get rid of old equipment for nothing.

4. It's that time of the year when lots of people are buying new laptops for kids returning to school. For quite a few years now, OEM ("Original Equipment Manufacturer") computer companies like HP, Sony, etc. no longer include physical disks so you can restore your computer to factory condition. Most new computers come with a restore image on a special and/or hidden partition on the hard drive. However, if your hard drive dies or the special partition is damaged, you won't be able to use this image. This is why it is important to have physical CD/DVD restore disks. If you don't have the option of purchasing restore disks (or operating system/drivers disks) when you buy the machine (Dell still offers this option), then make sure you create the restore disks right away. Since each OEM's method of doing this varies (and often varies from model to model within an OEM's line), refer to your manual, the OEM Help files, or the OEM's website for how to do this in your particular case. Then put the restore disks in a safe place and don't lose them! Sometimes you can purchase restore disks from the OEM later at a nominal cost (HP is very good about this), but some OEMs don't provide restore disks for older models. So Be Prepared.

Back to top
Home

10-16-08 - "Some books contain the machinery required to create and sustain universes." -- Tycho Brahe, Penny Arcade

1. Java update
2. Adobe Flash update - fixes clickjacking attack
3. Infostealer trojan attached to fake emails from "Microsoft"
4. Beware using "free .mp3 downloads" sites - Warezov botnet is back

1. As I've told you before, it is important to keep software updated to close security holes. While the first software one thinks of is your operating system, other programs also get patched. Sun has released a new update for Java. Go here and download Java Runtime Environment (JRE) 6 Update 10. Uninstall older versions of Java (Add/Remove Programs in XP, Programs & Features in Vista) and then install the latest version. Most people will want the 32-bit version but if you're running Vista 64-bit, download the 64-bit version of Java. If you are still running XP, you would have installed a 64-bit version yourself (and therefore know this) so if you didn't, don't worry about it; download Java 32- bit.

http://java.sun.com/javase/downloads/index.jsp

How to tell if your computer is running 32-bit or 64-bit Windows:
http://support.microsoft.com/kb/827218

2. There has been quite a bit of talk in tech news about the clickjacking exploit arising from vulnerabilities in Adobe Flash Player. A temporary workaround for Firefox was to install the NoScript extension. Nothing was available to protect Internet Explorer. While useful, NoScript can be more restrictive than desired. Adobe has come out with a new version of the Flash Player which fixes those vulnerabilities. I strongly recommend updating to the latest version of Flash Player. There are separate Flash Players for Internet Explorer and plugin-based browsers like Firefox and Safari, so if you have both types of browsers installed you need to download and install both Players.

Clickjacking article - http://blogs.zdnet.com/security/?p=1972

Go to http://www.adobe.com/ using each of your different browsers and download/install Flash Player 10. You don't need to uninstall the older version first.

3. I'm sure you all know this already, but I'd like to remind you that Microsoft never sends updates or patches attached to emails. The latest social engineering spoof email purports to come from Microsoft Customer Service and urges you to install an attached patch. The patch is the Infostealer trojan. I know that everyone reading this is way too smart to get caught by this.

4. Just another reason to beware of "free" .mp3 download sites - the Warezov Russian botnet is back.

http://www.theregister.co.uk/2008/10/16/warezovs_second_coming/

Back to top
Home

11-12-08 - "It does not matter who wins, it matters who helps." -- Alex Nichol

1. Staying safe by not getting tricked - email security
2. Too much security
3. Charity

1. Back in late July there was a surge of malicious emails purporting to be from UPS (and later FedEx). These emails looked official, The subject line was "UPS Tracking Number [some number]. The message body said something like:

"Unfortunately we were not able to deliver postal package you sent on [some date] in time because the recipient's address is not correct. Please print out the invoice copy attached and collect the package at our office."

The attachment was called "UPS_INVOICE-[some number].zip. If you were tricked and opened the attachment, your computer was infected with a very nasty trojan that was very difficult - and sometimes impossible - to remove. I've got a machine in the shop right now waiting for me to pull the client's data and clean-install Windows because the owner was tricked into opening the attachment. With the holiday season upon us we can expect to see an upsurge in this type of malicious email so please be on your guard.

Remember, UPS and FedEx do *not* send emails with attachments.

http://www.ups.com/content/us/en/about/news/service_updates/fraud.html
http://fedex.com/us/fraud/

2. We all know the old saying "you can never have too much money or be too thin"*, but can you have too much security? Absolutely. In the last month I've had two computers in the shop from different clients. The complaint in both cases was that the computer couldn't get on the Internet or Internet access was unbearably slow, they couldn't get email, and even off the Internet, Windows was so sluggish that it was basically unusable. Classic case of malware infection, yes? No.

In both cases, each computer owner had installed multiple firewalls, multiple antivirus programs, multiple antispyware programs, and had set the security "immunization" features of all those programs to "High" without really understanding what they were doing. And although that was bad enough, they had also chosen the most bloated, problematic, resource-hogging, and invasive security programs out there. Major culprits with these characteristics are products from Norton (Symantec), McAfee, Zone Alarm, and Webroot SpySweeper, to name only a few. No wonder those computers performed so badly and couldn't get to the Internet - their owners had unknowingly crippled them in the name of "security".

And even though they had piled on all this "security", some of the programs used were obsolete, other applications that are avenues for attack (Java, Adobe Reader) were not updated, and Windows itself was not patched to the latest Service Pack. The machines were also jammed up with unwanted programs preinstalled by the computer mftr., all running in the background.

This is typically what happens when someone thinks he knows a lot about computer security and enjoys tinkering - a perfect example of "a little knowledge is a dangerous thing". Once I removed all the cruft and did basic maintenance and optimization, both computers ran sweetly. Here's how to do it right (and what I do on my own Windows machines):

a. Install and keep current one antivirus. I recommend NOD32 or Kaspersky for commercial programs, Avast if you want a free one.

b. Use the Windows Firewall built into XP and Vista.

c. Install the free version of MalwareBytes' Antimalware (MBAM) from http://www.malwarebytes.org. Update it and do a Quick Scan once a week. Vista has Windows Defender built into it. I don't care for WD in XP and I don't like antispyware programs that run resident in the background, but it doesn't hurt to have WD in Vista. There is no need to have more than these antispyware programs installed.

d. Keep Windows patched. Keep major programs that are known vectors for attacks updated - Microsoft Office, Adobe Reader, Java, Adobe Flash.

e. Do other general maintenance regularly. See http://www.elephantboycomputers.com/page2.html#Maintenance for more details.

f. And remember to practice safe computing. None of the foregoing will help you if you indulge in risky behavior. See #4, "Practice Safe Hex" here:
http://www.elephantboycomputers.com/page2.html#Removing_Malware (scroll down to "E. After the machine is clean").

*I certainly agree with the first part although the second part is questionable.

3. Even with the economy so bad, we are entering the season when many people give to charities. Be wise about to whom you give and don't get caught by charity fraud. Give to legitimate organizations like the Red Cross, your church/synagogue/mosque, etc. Here are some websites to help you avoid charity fraud:

http://www.ftc.gov/charityfraud/
http://www.ftc.gov/bcp/edu/pubs/consumer/telemarketing/tel18.shtm
http://en.wikipedia.org/wiki/Charity_fraud
http://www.usps.com/postalinspectors/fraud/charity.htm

My favorite charity is Child's Play, a community-based charity that donates toys, games, books, and cash to kids in children's hospitals all over the United States.

http://www.childsplaycharity.org/

Back to top
Home

11-27-08 - Ninjas can't catch you if you're on fire.

1. "Staying Safe" and "Too Much Security"
2. Christmas/Holiday images and links
3. EBC Christmas Card

1. I have written two small articles that I hand out to my clients. The first one, which I usually give to people after I've dealt with viruses and malware on their computers, is "Staying Safe or How to Not Have This Happen Again". I wrote the second one, "Too Much Security", after covering the subject in the last EBC Report. I've put both of those informational articles on the website for download in case you might find them useful. You can download them in .pdf form by right-clicking on the links and choosing "Save Link As".

http://www.elephantboycomputers.com/staying-safe.pdf
http://www.elephantboycomputers.com/Too_Much_Security.pdf

2. Once Thanksgiving is finished and we've recovered from too much turkey and pumpkin pie, our thoughts naturally turn to Christmas. I wrote an EBC Report last year with some good tips/sites for Xmas. Some of the URLs in that Report are obsolete (or have changed unpleasantly*), so here is an updated list:

How to wrap a present - http://www.wikihow.com/Wrap-a-Present

http://simplyxmas.wordpress.com/2007/12/13/desktop-wallpaper-bw-retro-christmas/

http://www.wincustomize.com - General Desktop images but you can search for holiday ones

Caedes is still a nice wallpaper site. Here's a link to their Christmas gallery:
http://www.caedes.net/Zephir.cgi?lib=Caedes::Gallery&gallery=holidays-%3Echristmas

The Lifehacker URLs are all still good and they will undoubtedly have more for this year - http://lifehacker.com/

I see that NORAD will continue its great tradition of tracking Santa - http://www.noradsanta.org/

*The Flickr URL in the 2007 Report now leads to a number of rather naughty pictures so you may want to give this one a miss. A better solution for Flickr is to just go to http://flickr.com and then search for "Christmas". This will get you quite a few very nice images and you won't take the chance of seeing something you would rather avoid.

The excellent wallpaper site VladStudio has put all the Christmas-related wallpapers up in one place. Go to http://www.vladstudio.com/home/ (don't forget to click the "view all..." link just below the first set of Xmas pictures to see all of the related images).

InterfaceLIFT has a nice collection of Desktop wallpaper. I don't see any way to sort by holiday theme but I would expect to see some Christmas-y stuff appear as the holiday nears - http://interfacelift.com/wallpaper_beta/downloads/date/any/

Another thing you can do to get seasonal images is go to Google Images and search for "Christmas". Just bear in mind that the images are not hosted on Google's servers so you need to exercise your usual good caution on unfamiliar websites. Stay away from places like Freeze.com or you'll pick up something nasty.

I added a few more vintage Christmas-y clipart images to my own page for you - http://www.elephantboycomputers.com/xmas.html

3. Like everyone else, I'm watching my pennies very carefully. I decided not to spend the hundreds of dollars it normally costs to send Christmas cards this year, but I made you one anyway because I still love you. ;-) Here it is - http://www.elephantboycomputers.com/page4.html#Christmas_Messages

Best wishes to all of you for a joyous Holiday Season and a New Year filled with Hope and Happiness.

Back to top
Home

12-17-08 - "Give a man a fire and he's warm for the day. But set fire to him and he's warm for the rest of his life." -- Terry Pratchett

1. Microsoft out-of-band patch for Internet Explorer security flaw
2. Apple update
3. Fun things - ringtones and clipart
4. Holiday guests using your computer

1. Microsoft is issuing an out-of-band (not on the regular first Tuesday of the month) patch for a very serious vulnerability in Internet Explorer. Do not delay in applying the patch to your systems.

ALERT: Out of band security patch to be released tomorrow, 17 December at 10.00am Pacific time
http://msmvps.com/blogs/spywaresucks/archive/2008/12/17/1656924.aspx

Microsoft IE Security Advisory
http://www.microsoft.com/technet/security/advisory/961051.mspx

F-Secure: Extremely Dangerous Internet Explorer Security Hole - Beware!
http://www.f-secure.com/weblog/archives/00001561.html

Microsoft will issue emergency Internet Explorer fix on December 17th
http://www.msnbc.msn.com/id/28258894/
http://isc.sans.org/diary.html?storyid=5497
http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx
http://www.theregister.co.uk/2008/12/16/microsoft_ie_emergency_patch_warning_dec_16_2008/

2. On the Mac side, Apple has issued a new security rollup for both Leopard and Tiger. Get the update by either running Software Update from System Preferences or going to Apple and downloading the update for your particular system.

http://www.apple.com/downloads/macosx/apple/

3. On the lighter side, I found this great site where you can download ringtones in .mp3 format for free. It is safe and malware-free. You can also upload your own ringtones if you want to share them. Another site I found recently has lots of free, safe clipart.

http://audiko.net/en.html - ringtones
http://www.wpclipart.com/ - clipart

4. This is the time of year when it is common to have holiday guests visiting. If you are a hospitable sort and want to let them use your computer but are concerned about security, here are a few tips. They are applicable to both XP and Vista.

a. Do not use the Guest account you see in the User Accounts applet in Control Panel. The Guest account is a special system account, not one meant for when you are feeling hospitable. It is disabled by default in Windows XP, Vista, Linux, Unix, and OS X for a reason. If you want the technical explanation:

http://technet.microsoft.com/en-us/library/bb418978(TechNet.10).aspx

b. Instead, create a new user account called "Visitor" or "my precious mother-in-law" or the like. In XP, make this user a Limited Account. In Vista, make this user a Standard account.

c. If you are concerned about the visitor being able to see your personal files (maybe Grandma shouldn't see your collection of "playful pictures"), you can make your My Documents private in XP.

HOW TO: Set the My Documents Folder as "Private" in Windows XP
http://support.microsoft.com/kb/298399

In Vista, only an administrative account can see inside your Documents folder.

d. Some people will get the bright idea to encrypt the files. Encryption is not available natively in XP Home and Vista Home Basic/Premium but it is in XP Pro and Vista Business/Ultimate. If you decide to do this, read about encryption and really understand what you are doing. I can't tell you the number of newsgroup posts I've seen over the years where people are wailing about not being able to get their encrypted files back because they didn't take the necessary precautions.

e. You could move any "sensitive" files to a USB thumb drive or an external hard drive and hide that device in a Really Good Place.

Back to top
Home

1-24-09 - "Scotty, I need warp speed in three minutes or we're all dead." - James T. Kirk (Star Trek: The Wrath of Khan)

1. Electronic recycling at St. Anthonty's School
2. Conficker worm
3. Webmail vs. Email Clients

1. St. Anthony's School will take your old electronic devices for recycling February 15th through February 21st, 9:00 AM to 3:30 PM. The service to you is free. They will take:

TV's, Monitors, LCD Screens, Plasma Screens, Laptops, Computer Towers, Printers, Copiers, Faxes, Calculators, Stereo Systems, Keyboards, Mice, Cell Phones, Telephones, Toner and Ink Cartridges

The School's address is 5680 N. Maroa in Fresno, just south of Bullard. So if you are wondering what to do with that old computer, you can bring it there. They ask that you drop off items next to the trash bins near the southeast corner of the School parking lot. If you want more information, contact Mr. Don Olson at dolson@sasfresno.com.

2. The big news in security circles recently is the attack of the Conficker worm. According to security company F-Secure, more than one million Windows PCs have been infected with the worm (also known as Kido or Downadup). Since the malware is a worm, this means that it spreads throughout unpatched computer networks. The worm works by exploiting the vulnerability in Windows patched by the Microsoft security update MS08-067. If you install Windows Updates when they are available, you have received the patch. The reason I'm writing is that a surprisingly large number of people either turn off Windows Updates or don't install them. I had a client in here last week and he told me that he never installed Windows Updates because he was afraid to. Other people have not applied the patch because they're running pirated versions of Windows and so don't receive Windows Updates. I'm sure that the latter case doesn't apply to any of you!

Conficker infection has created a massive botnet comprised of millions of Windows computers (see http://en.wikipedia.org/wiki/Botnet for a definition). It is only a matter of time before security researchers find out to what uses the Conficker botnet will be put.

So make sure that all your Windows computers (home and business) are fully patched. Here are various links with good information about Conficker:

General information - http://en.wikipedia.org/wiki/Conficker

How the worm works (illustrated)
http://arstechnica.com/news.ars/post/20090116-conficker-worm-spikes-infects-1-1-million-pcs-in-24-hours.html

Alert - http://aumha.net/viewtopic.php?f=48&t=37919

Centralized information from Microsoft Malware Protection Center
http://blogs.technet.com/mmpc/archive/2009/01/22/centralized-information-about-the-conficker-worm.aspx

Speculation about the "superbotnet" being formed
http://www.theregister.co.uk/2009/01/23/conficker_worm/

3. Webmail vs. Email Client - I've had quite a few clients lately who were confused about the difference between webmail and email clients like Outlook Express so I wrote up this little explanation:

When you sign up with an Internet Service Provider (ISP) like AT&T or Comcast, they give you an email address, like YourName@comcast.net or YourName@att.net. When someone sends an email to you at that address, the email goes and lives on one of your ISP's computers. This computer is called a mail server. Now you have a choice as to how to get that email.

A. You can access it by reading it online in your browser (Internet Explorer, Firefox, etc.), using your ISP's mail program. This is called webmail.

1. The advantage of webmail is that you can read your mail from any computer that's on the Internet. You just need to open a browser, go to the ISP's website, login, and go to your Inbox. The email still lives on the ISP's mail server, not on your computer and it stays there until you delete it from the webmail's Inbox. It is scanned for viruses by the ISP's antivirus software. Since your email and your addressbook are on the ISP's mail server, you don't need to back anything up unless you want to change ISPs.

2. The disadvantages to webmail are a) if you have dialup and/or pay for Internet access by the minute, you have to be online to read your mail; b) you might not like the ISP's webmail interface.

B. The alternative to webmail is accessing your email by using an email program (called an email client) like Outlook, Outlook Express, Windows Mail, Thunderbird, etc. Using an email client downloads the email onto your computer. The email has been scanned for viruses by the ISP's antivirus software and again by the antivirus software you have installed on your own computer when you download it. Unless you choose to keep the messages on the ISP's mail server and remember to delete them from webmail regularly, once downloaded onto your computer those email messages are gone from the ISP's mail server. You can no longer access your email from anywhere except on your own computer in the email client you use. Since your mail and addressbook are on your computer in your email client, backing up regularly is your responsibility.

So if you don't want to use the ISP's webmail, you need to set up an email client. Go to the ISP's website and they will have instructions for doing this with whatever email client you chose. No matter which method you choose - webmail or email client - it's the same email account. One method isn't inherently "better" than the other; it's a matter of personal preference.

Back to top
Home

2-9-09 - "Ever tried. Ever failed. No matter. Try again. Fail again. Fail better." -- Samuel Beckett (Worstward Ho)

1. New updates for Java and Firefox
2. Keeping track of updates
3. Tax-related scams

1. There are new versions of Java and Firefox out. I'm pleased that Sun (maker of Java) has finally come to its corporate senses and this latest update will uninstall all the older versions instead of leaving your computer vulnerable. So all you need to do to update both Java and Firefox is to download the updates to a location where you will find them (the Desktop or a Downloads folder are good choices) and double-click each file to install.

Java - http://java.sun.com/javase/downloads/index.jsp
You want the first Item, JRE 6 Update 12

Firefox - http://www.mozilla.com

2. Updates are important because they patch vulnerabilities in programs that can be exploited by malware writers. How do you find out when updates are available for various programs? Some of this can be done automatically and some can be done manually. Here are a few suggestions:

A. Windows operating system - This is handled by Windows Update settings. You have a choice here. I prefer to set Windows Update to download updates automatically and then notify me when updates are ready. Then I look at the updates to see what they are. This is important because sometimes driver updates are included and it's a bad idea to install driver updates from Windows Update. The end result is usually Tears Before Bedtime. See Item B. for information about updating drivers. The alternative is to just set Windows Update to download and install automatically. You know yourself best - if you are the type of person who won't know what to look for and/or doesn't think about updates, then the automatic option is preferable for you. Neglecting to patch is not an option!

B. Drivers - Every piece of hardware inside and outside (like printers) a computer has software called a "driver". Drivers tell the operating system (Windows) how to use the hardware. The First Law of Driver Updates is "if it ain't broke, don't fix it". Normally if everything is working you want to leave things as they are. The exception is that heavy-duty gamers will usually want to update their video and sound drivers to squeeze every last bit of performance out of the hardware to get the fastest frame rates. If you're not one of those people, you don't need to update your drivers if there are no problems you are trying to solve.

Never get drivers from Windows Update. Get them from:

a. The device mftr.'s website; OR
b. The motherboard mftr.'s website if hardware is onboard and you have a generic-built computer; OR
c. The OEM's website for your specific machine if you have an OEM computer (HP, Dell, Sony, etc.).

Read the installation instructions on the website where you get the drivers.

To find out what hardware is in your computer:

a. Read any documentation you got when you bought the computer.
b. If the computer is OEM, go to the OEM's website for your specific model machine and look at the specs (you'll be there to get the drivers anyway)
c. Download, install and run a free system inventory program like Belarc Advisor or System Information for Windows.

http://www.belarc.com/free_download.html - Belarc Advisor
http://www.gtopala.com/ - System Information for Windows

Note: It is never necessary and is definitely undesirable to use a third-party program to check for driver updates. Most of these third-party "driver guide" programs cost money and are very often wrong. In addition, using them contravenes The First Law of Driver Updates.

C. Important program updates - It is necessary to keep important programs updated, in particular programs that are known targets for malware exploits. The most common examples are Microsoft Office, Java, Adobe Reader, browsers (Internet Explorer, Firefox, Safari), and Apple Quicktime.

a. Microsoft Office - You can manually check for updates by going to the Microsoft Office website and clicking on "check for free updates". There is a confusing link there to Microsoft Update, which is not the same thing. Microsoft Update replaces Windows Update and will check for operating system *and* Office updates. In my experience, Microsoft Update doesn't work well under Windows XP and I manually check for Office updates. It does work well under Vista and in fact, using Microsoft Update is the only way you can "check for free updates" for Office under Vista. Again, you know yourself best. If you know you'll never check for Office updates and you have Windows XP, Microsoft Update is the better choice for you.

b. Java - Now that Sun has finally written software that will remove the old, vulnerable version of Java when it updates, you can leave Java to automatically check for updates (the default) if you like. I don't like extra processes running in the background (and if you have an old, slow machine this can negatively impact performance) so I disable automatic checking and do it manually. But that's me - you do what's best for you.

c. Adobe Reader - Adobe products will automatically check for updates. Again, it's your choice whether to leave this as automatic or manually check periodically.

d. Browsers - The default behavior of Firefox is to automatically check for updates. I think this is a good idea and you should leave it that way. Internet Explorer updates are covered by Windows/Microsoft Update. Safari (Apple's browser) is covered by Apple Software Update (see #e. below).

e. Apple Software Update covers Safari, Quicktime, iTunes, and of course other Apple software if you're using a Mac. On Windows, I prefer not to have this automatic update checking run in the background. On the Mac, I leave it at the default of automatically checking once a week. Again, it's your choice what to do.

An informed computer user will look at the options in all of the programs s/he uses to see if there is automatic update checking enabled and make the correct decision based on the "Know Thyself" data.

3. Scams are commonly tied to current events. As we all know, the big upcoming event right now is getting ready for April 15th and Income Taxes. Of course, I'm sure all the EBC Report readers are far too wise to get caught by one of these scams, but you might have friends and relations who aren't as smart as you. Here's the link to the IRS's page about "How to Report and Identify Phishing, E-mail Scams and Bogus IRS Web Sites":

http://www.irs.gov/privacy/article/0,,id=179820,00.html?portlet=5

Beware of this Property Tax Reassessment scam. The Consumerist (http://www.consumerist.com) has an article about this evil company that is sending junk mail disguised as a tax document. The scam tries to get California homeowners to pay $179 before February 26th to avoid missing a "deadline". Here's the link to the full article:

http://consumerist.com/5148469/property-tax-reassessment-company-sends-junk-mail-disguised-as-tax-doc

Back to top
Home

2-22-09 - Let me correct you on a few things; Aristotle was not Belgian! The central message of Buddhism is not "Every man for himself!" And the London Underground is not a political movement! Those are all mistakes. I looked them up. -- Wanda in "A Fish Called Wanda"

1. Zero-day vulnerability in Adobe Reader and Acrobat
2. Computer lifespans and Mac vs. PC

1. Adobe has issued a critical security alert for its Adobe Reader and Adobe Acrobat, versions 7 through 9. If you downloaded a malicious .pdf file this vulnerability could cause the program to crash and potentially allow an attacker to take over your computer. There is no need to panic, but you should always be careful about what you download. Windows, Linux, and Mac OS X are affected.

http://www.adobe.com/support/security/advisories/apsa09-01.html
http://arstechnica.com/security/news/2009/02/adobe-issues-critical-security-alert-for-acrobat-and-reader.ars

Adobe has stated that it expects a fix for the latest version (9.0) on March 11th with fixes for older versions coming shortly thereafter. You'll be able to download the new version (or a patch for Acrobat; I'm not sure how Adobe will handle this) from Adobe's website. In the meantime, you can mitigate the threat most easily by using a different .pdf reader. In Windows, Foxit is a very good reader. In Mac OS X, I prefer to use Preview. If you don't want to do that, then at least disable JavaScript (not the same thing as Java) in your Adobe Reader/Acrobat products. In the Adobe program, Edit>Preferences>JavaScript and uncheck "Enable Acrobat JavaScript".

Again, there is no reason to panic. I just want you to be an informed user. Here's the download link for Foxit (Windows only). If I recall correctly, the last time I installed the free program it came bundled with some toolbar or other. Don't install the toolbar! That said, Foxit is quite good.

http://www.foxitsoftware.com/pdf/rd_intro.php

2. I've had quite a few clients purchasing new computers lately. One of them asked me whether she should get a Mac or a PC. Her concerns were reliability and she wanted the laptop to last until she got to college (2 or 3 more years for her). I thought that the information I gave her might also be useful to the EBC Report readers, so here it is:

As to its reliability, I can't really know how a Mac will last for you. The average lifespan of a laptop is 4-5 years and it will typically have had some repairs during that time (the reason for an extended warranty!). My IBM Thinkpad is 5 years old and still going strong but it was very expensive and well-made. Its hard drive and CD drive failed last year (so in Year 4) and I got a new keyboard since the old one was faded, all replaced under warranty. My Dell Inspiron 6000 is 4 years old but has had 3 motherboards, speaker issues, 2 keyboard replacements because of broken keys, and a loose screen over the course of its life (all replaced under warranty).

My MacBook is now 2 years old and its hard drive died this past December (replaced under warranty). I bought a new MacBook Pro while the black MacBook was being fixed by Apple. As I always do with laptops, I bought the extended warranty* (Apple Care).

Hardware fails. This is a fact of computing life. That's why we buy warranties (and why we back up our data regularly). Usually if a component is faulty it will fail very quickly, sometimes out of the box or in a month. If it makes it through the early days, most hardware will normally stay good for years. The average life of a hard drive is 3-4 years. Same for an optical drive. Motherboards and processors tend to last longer because there are no moving parts. Laptops owned by kids (even careful ones) don't usually last as long as laptops owned by careful adults. I mean no disrespect to kids when I say that and of course it's a generalization, but it's one that my friend who runs the tech at St. Anthony's School has seen for years.

I hope this has given you more accurate expectations for computer lifetimes. You should make the decision whether to buy a Mac or a PC based on which operating system and computer you like best. If you really want a Mac, then you should get one. The difference in cost between a Dell Studio laptop (after you include both warranties) and a MacBook with AppleCare (Apple's warranty) is a few hundred dollars. Now, I'm not turning up my nose at a few hundred dollars but in the bigger scheme of things it isn't that much more to get something you really want and hope to have for quite a while. But I can't promise you that the MacBook will last forever, any more than I could promise you the PC would.

*I always counsel prospective laptop buyers to spend the extra money and purchase at least a 3-or-4-year extended warranty PLUS matching accidental coverage (if offered). You will be very glad you did. I never purchase an extended warranty on a desktop computer because the parts that generally fail are easily and relatively inexpensively replaced - hard drive, optical drive, memory. If the motherboard (or its onboard components) fails, it will usually do so in the first year while still under the basic warranty. By the time the computer is 4 or 5 years old, if the motherboard fails it will be almost as expensive to replace as just buying a new computer. The exception to this is Apple. Because of their proprietary nature and the difficulty of end user repair on some Apple models, I would probably purchase Apple Care for a Mac desktop computer too.

Back to top
Home

3-5-09 - Hello. My name is Inigo Montoya. You killed my father. Prepare to die. ("The Princess Bride")

1. Firefox update
2. Avoid gaming scams
3. Apple tip

1. Firefox 3.0.7 security and stability release is now available:

http://blog.mozilla.com/blog/2009/03/04/firefox-307-security-and-stability-release-now-available/
http://www.mozilla.com

Download the update and install or start Firefox, click on Help>Check for updates.

2. My gamer kids love Steam and probably so do yours. Steam is a digital service for PC games and while it is really good, if someone steals your username/password they've stolen all your games. Of course adults can be caught by phishing scams, but kids are particularly vulnerable.

Chris Boyd at SpywareGuide has written an excellent short two-part series about Steam scams.

Part 1 - http://blog.spywareguide.com/2009/03/the-gift-of-steam.html
Part 2 - http://blog.spywareguide.com/2009/03/the-gift-of-steam-part-2.html

And interestingly, today Consumerist.com has an entry about some poor guy whose Steam account seems to have been stolen. He's having a hard time getting attention from Valve, Steam's owners. So make sure the gamers in your life are aware of Steam phishing scams.

http://consumerist.com/5164851/months-later-valve-has-still-not-reset-my-steam-password

3. For those of you who are switching to a Mac from Windows for the first time, here are some very useful How-To videos from Apple:

http://www.apple.com/findouthow/mac/

For new switchers, the tutorial "PC to Mac: The Basics" is excellent. These are short videos and are very well done.

Back to top
Home

3-23-09 - The Analytical Engine weaves Algebraical patterns just as the Jacquard loom weaves flowers and leaves. -- Ada Augusta, Countess of Lovelace, the first programmer

1. Program updates available - Adobe Reader, iTunes, Thunderbird
2. Internet Explorer 8

1A. Anyone using Adobe Reader should update to the latest 9.1 version to protect against vulnerabilities. Go to http://www.adobe.com/ and click on the "Get ADOBE READER" button. You don't need to uninstall the older version first. In spite of how much most people hate software that does this, Adobe insists on installing Adobe AIR and a link to Adobe.com (on your Desktop!) when you install Reader as well as sticking the Adobe Speed Launcher into your Startup. Adobe AIR is another developer's tool like Flash and Shockwave which can be used to write programs. The AIR component you get with Reader is a player in case you go to a website that has AIR-based programs. You can do what you like of course, but after I install Adobe Reader, I always:

a. Go to Control Panel>Add/Remove Programs (XP) or Control Panel>Programs and Features (Vista) and uninstall Adobe.com and Adobe AIR. I don't like extra stuff loaded in my computers and if I ever need AIR on a website (haven't yet), I'll be prompted to install it then.

b. I also don't like updaters, "speed launchers", etc. running in the background on my machines. Again, you need to make the choice for yourself. If you want to remove the Adobe Reader Speed Launcher you'll need to edit the Registry or run the System Configuration Utility. Since doing the latter is safer for you (messing up in the Registry can immediately hose your Windows installation) here are the instructions:

For XP - Start>Run>msconfig [enter]

This brings up the System Configuration Utility. Look on the Startup tab and find Adobe Speed Launcher. Uncheck the box next to its name, Apply and OK out. You don't need to restart immediately, but the next time you do you'll get a dialog saying you've used the Utility. Just tick the box that says in effect, "don't bother me about this again".

For Vista - Start Orb>Search box>type: msconfig and when it appears in the Results box above, right-click and choose "Run as Administrator".

If you are prompted for an administrator password or for a confirmation, type the password, or click Continue. Then do as above. The dialog after restart will usually be blocked by Windows Defender and you'll need to allow it so you can then tick the "don't bother me about this again" box.

(Important Safety Note - Do not use the System Configuration Utility to stop processes. You won't need to be on that tab to stop Adobe Reader and tinkering with processes here can make your computer unbootable.)

1B. iTunes 8.1 is now available from Apple. Go to http://www.apple.com/downloads/ to get it. You don't need to uninstall the older version first. Apple also shoves extra stuff in Startup - QuickTime and iPod Helpers. If you don't want these things running, use the System Configuration Utility (msconfig) to disable them.

1C. Mozilla Thunderbird 2.0.0.21 an excellent free email client, is available from http://www.mozillamessaging.com/en-US/thunderbird/. You don't need to uninstall the older version first.

2. Internet Explorer 8 is now out of beta. This doesn't mean you should run right out and install it. Unless you have a testbed machine and/or like living on the bleeding edge (and are prepared to reinstall Windows), it is always smarter to wait until a new version of IE has been out for a while and the first patches/fixes have been created. Microsoft may say this browser isn't beta any more but reportedly there are still a lot of rough spots and incompatibilities. I'll be installing it in one of my virtual machines so as not to mess up anything used for production so I can play around with it. I've gathered some links and advice for you. I would definitely read and follow the installation/incompatibility caveats. In addition to all of that, many of you have Windows Update set to automatically download and install updates. While IE8 will not appear in Windows Update as a critical update for a while, eventually it will. Since a successful installation requires quite a bit of research and work on the end user's part, I strongly suggest you change the Windows Update settings to "Download updates and prompt me to install when they are ready" (paraphrasing here). Then you can look at what the updates are and if IE8 is there, uncheck it so you can prepare your system for it instead of just blindly installing it. I know this is more work, but much better safe than sorry.

IE8 System Requirements - http://www.microsoft.com/windows/internet-explorer/support/system-requirements.aspx

IE8 Fact Sheet - http://www.microsoft.com/presspass/newsroom/windows/factsheets/IE8FS.mspx

IE8 Home Page (with Download link) - http://www.microsoft.com/windows/internet-explorer/default.aspx

HOW TO solve IE8 installation problems - http://support.microsoft.com/kb/949220

Per MVP Robear Dyer (an IE expert) - "I would strongly recommend disabling your anti-virus application and any anti-spyware applications (other than Defender [in Vista]) before installing (or uninstalling) an IE upgrade. If you're running a third-party firewall, I would recommend disabling it and then enabling the Windows Firewall before installing (or uninstalling) an IE upgrade.

"Tip: Reboot twice after installing IE8 Final.

"Tip: Make certain that your anti-virus application, any anti-spyware applications (other than Defender), and your third-party firewall (if any) is supported in IE8 Final before you decide install it.

"No-charge support for Internet Explorer 8 installation, set-up and usage (only) is available via the phone based on your locale through 31 December 2009. Customers must be running Windows XP or Windows Vista in a non-domain environment. US & CA Residents: 866-234-6020. Other: https://support.microsoft.com/oas/default.aspx?&prid=13043

http://blogs.msdn.com/ie/archive/2006/10/11/IE7-Installation-and-Anti_2D00_Malware-Applications.aspx " [end of quote]

In addition to Mr. Dyer's advice, I would also suggest uninstalling any security software that uses the Host/Restricted Sites such as SpywareBlaster, IE-Spyads, custom Hosts file (return to default), and Spybot Search & Destroy immunization. With the latter, make sure to turn off immunization and stop TeaTimer (if being used) before you uninstall the program since the registry changes will not revert to default if you don't.

A few articles about IE8 features:

http://arstechnica.com/microsoft/news/2009/03/mix09-internet-explorer-8-released-progress-unmistakable.ars
http://news.cnet.com/8301-17939_109-10200670-2.html
http://www.pcworld.com/article/161587/is_ie8_actually_safer.html

Back to top
Home

3-28-09 - I'm delighted you have survived another night. May I add my own congratulations to the roar of the world's approval? Thank you, sir. -- Jeeves to Bertie Wooster

1. Important Firefox patch
2. Passwords
3. Macs and malware
4. Fonts

1. There is an important Firefox update (to 3.0.8) that fixes some very nasty vulnerabilities. Everyone using Firefox should install this.

http://www.mozilla.com/en-US/
http://blog.mozilla.com/security/2009/03/26/cansecwest-2009-pwn2own-exploit-and-xsl-transform-vulnerability/

2. Passwords are a fact of life for all of us. It's hard to balance having strong passwords and having passwords you can remember. I have all of mine on a spreadsheet because there is no way my aged brain could remember them all. I've collected some useful links and programs to help you:

Microsoft Password Checker to see if you have a strong password
http://www.microsoft.com/protect/yourself/password/checker.mspx

Microsoft - Strong passwords and how to create them
http://www.microsoft.com/protect/yourself/password/create.mspx

Microsoft - Security at home
http://www.microsoft.com/protect/default.mspx

Password Lesson and Tips:
http://lifehacker.com/5180925/password-lessons-and-tips-from-our-readers

Choose (and remember) great passwords:
http://lifehacker.com/software/top/geek-to-live--choose-and-remember-great-passwords-184773.php

Write passwords down:
http://lifehacker.com/software/passwords/use-a-wallet-to-keep-passwords-safe-330057.php

Password Safe (written by security expert Bruce Schneier and free)
http://passwordsafe.sourceforge.net/

KeePass Password Safe (free)
http://keepass.info/

3. We Mac users tend to be a bit smug about not getting viruses and malware the way That Other Platform (OK, it's Windows!) does but complacency in this case is foolish. While OS X isn't the main object of attack that Windows is, Macs can get infected too. The fact that one needs to supply an administrator's password to install anything is no deterrent. Sophos (a major security protection company) has published an interesting demonstration of Mac malware in action. Watch the short video to see what happened:

http://www.sophos.com/blogs/gc/g/2009/03/25/apple-mac-malware-caught-camera/

Of course, in the video Sophos Antivirus saves the day. Now, I don't run antivirus software on my Macs and have no intention of doing so but I'm very very careful about what I download. Many Mac users aren't particularly computer-savvy and could be fooled into installing malware, especially if they think they are getting a legitimate program which looks like something they want. This is no reason to panic; I just want you all to be well-informed.

4. Lots of you enjoy fonts. Lifehacker has a great article on typography tools and links to font downloads that you might like:

http://lifehacker.com/5182958/killer-typography-tools-and-free-font-downloads

Back to top
Home

4-11-09 - Do not meddle in the affairs of wizards, for they are subtle and quick to anger. -- Gandalf

1. Java and iTunes updates
2. Telemarketers scamming malware
3. Internet Explorer 8 rollout

1. Both Java and iTunes have been updated.

A. Java - JRE 6 Update 13 - http://java.sun.com/javase/downloads/index.jsp

You don't need to uninstall JRE 6 Update 12 first; the new installation will remove it for you. However, it will put the Sun Java Update back in Startup, change the Control Panel applet's preference to automatically update, and start the Java Quick Start Service (XP only). If you don't want this, use msconfig to remove the update from Startup, go to the Java Control Panel update and change the preference to "never check for updates", and stop the service using services.msc (I always set mine to Disabled).

a. Msconfig - For XP:

Start>Run>msconfig [enter]

This brings up the System Configuration Utility. Look on the Startup tab and find the Sun Java Update. Uncheck the box next to its name, Apply and OK out. You don't need to restart immediately, but the next time you do you'll get a dialog saying you've used the Utility. Just tick the box that says in effect, "don't bother me about this again".

For Vista:

Start Orb>Search box>type: msconfig and when it appears in the Results box above, right-click and choose "Run as Administrator".

If you are prompted for an administrator password or for a confirmation, type the password, or click Continue. Then uncheck Sun Java Update. As with XP, you don't need to restart immediately, but the next time you do you'll get the dialog saying you've used the Utility. Usually in Vista this will be blocked by Windows Defender and you'll need to allow it so you can then tick the "don't bother me about this again" box.

b. Services - For XP, Start>Run>services.msc [enter] - scroll down to the Java Quick Start. Double-click it to get its Properties, stop the service, and set it to Manual or Disabled (your choice). For Vista, Start Orb>Search Box>type: services. When Services appears in Results above, right-click it and choose "Run as administrator". Then follow the XP directions.

B. iTunes - http://www.apple.com/itunes/download/

You don't need to uninstall the older version of iTunes first. However, the update will put the iTunes Helper and QuickTime Task in Startup, start the Apple Mobile Device and iPod Service in Services, and sometimes sets the Quick Time Control Panel applet to automatically check for updates. You can deal with this the same way as you do with Java. If you have an iPod or iPhone that you connect to your computer, leave the Apple Mobile Device and iPod Service alone (in Services).

2. Beware of telemarketers trying to sell you rogue antivirus/spyware programs. The Register has an interesting article about this:

Scareware scammers adopt cold call tactics - Supportonclick scam spreading - http://www.theregister.co.uk/2009/04/10/supportonclick_scareware_scam/

It is particularly worrying that these scammers are claiming to be from Malwarebytes since I install the legitimate Malwarebytes' Antimalware (MBAM) program on all my clients' machines.

Of course I know that all of you are intelligent people who are wary of telemarketers, but I thought I'd give you a heads-up because of the false MBAM connection.

3. IE8 rollout information from Microsoft:

"Starting on or about the third week of April [2009], users still running IE6 or IE7 on Windows XP, Windows Vista, Windows Server 2003, or Windows Server 2008 will get will get a notification through Automatic Update about IE8.This rollout will start with a narrow audience and expand over time to the entire user base. On Windows XP and Server 2003, the update will be [a] High-Priority [update]. On Windows Vista and Server 2008 it will be [an] Important [update].

"IE8 will not automatically install on machines. Users must opt-in to install IE8. Users will see a Welcome screen that offers choices:
Ask later, install now, or don’t install.

"Users who decline the automatic update can still download it from http://www.microsoft.com/ie8 or from Windows Update as an optional update.

"Automatic Updates will notify all such users (including those with Automatic Updates configured to automatically download and install updates) when Internet Explorer 8 has been downloaded and is ready to install. The notification and installation process will not start unless and until a user who is a local administrator logs on to the machine. Users who are not local administrators will not be prompted to install the update and will thus continue using Internet Explorer 6 or Internet Explorer 7."

I strongly suggest that you do not install IE8 without extensive preparation.* In addition, I normally don't install a new version of Internet Explorer until it has been out for 6 months or longer, giving the inevitable bugs time to surface and Microsoft to patch them.

*See EBC Report 3-23-09 for details.

Back to top
Home

4-29-09 - "It's today!" said Piglet. "My favorite day," said Pooh. -- A. A. Milne

1. Firefox 3.0.10
2. Microsoft Office 2007 Service Pack 2
3. IE8 as a "High Priority Update"
4. Odds and Ends - Replica and ooVoo

1. Last week Mozilla updated Firefox to 3.0.9; blink and you missed it because this week there is another update bringing Firefox up to 3.0.10. Quite a few vulnerabilities have been patched, so download Firefox 3.0.10 from http://www.mozilla.com. You don't need to uninstall the older version first.

2. Service Pack 2 for Office 2007 is now available for download. There are apparently a lot of improvements and everyone with Office 2007 is encouraged to install Service Pack 2.

Overview of Service Pack 2 improvements - http://support.microsoft.com/kb/953195
Download details - http://support.microsoft.com/kb/968170

3. Internet Explorer 8 is now included in Windows Update as a "High Priority Update". That is Microsoft's assessment of its importance; my tech colleagues and I will wait at least 6 months before deploying IE8 to clients' machines. I previously gave you links to help prepare for IE8 (EBC Report 4-11-09). I strongly urge you to read that information thoroughly before installing IE8. Then if you still want it, by all means install it. Note: Even if you have Windows Update set to automatically download and install updates, it is my understanding that you will be prompted to accept the IE8 update and that it will not be installed automatically - so you can still refuse it even if you use automatic updating.

4. Here are a few odds and ends:

a. Seagate has taken a page from Apple and produced what they say will be a Time Machine for Windows. For those of you unlucky enough to not have Macs running Leopard, Time Machine backs up your entire Mac once an hour. You can in effect go back in time to restore deleted or changed files, and you can also restore an entire system - even to a completely different Mac. Time Machine works on any external hard drive and while it has a few little quirks, it performs beautifully. Up until now there have been no backup/restore solutions as elegant and easy as Time Machine for Windows.

Seagate has announced "Replica", an external hard drive appliance that is supposed to do the same thing as Time Machine, with availability in May. Their suggested price is around $130 for a 250GB drive and probably $100 more for a 500GB drive. They are billing the 500GB drive as a device for multiple computers. The 250GB drive seems a tad small to me for one machine and I think 500GB/1TB sizes might have been more practical. I also haven't seen any information on the mechanics of a full restore. Still, Replica sounds like an intriguing backup/recovery possibility for Windows. I don't know that I'd run right out and buy first-generation hardware for something as important as backup, but I'll definitely be keeping an eye out for Replica news and reviews.

Seagate's Replica - http://www.seagate.com/replica/
Available in May - http://foxyurl.com/wh

b. Lots of people use Skype with their webcams for video chat. One of my favorite clients has a brilliant and beautiful daughter who says that "Skype is old"* and recommends ooVoo video chat software instead. I haven't tried ooVoo because I'm too boring for video conferencing, but some of you with-it young people might like it.

You can video-conference with up to 3 people for free, up to 6 people for a $10/month. This might be a good solution for small businesses if you have a lot of video conferencing needs.

Thanks and props to Taylor for being so cool. Check out ooVoo if you're interested and then get off of my lawn. ;-)

http://www.oovoo.com

*Imagine that damning assessment said in the scornful tones that only a 13-year-old person can utter.

Back to top
Home

5-9-09 - "I've got a bad feeling about this." -- Han Solo

1. Vista Service Pack 2
2. Windows 7

1. Vista Service Pack 2 is officially out of beta and the final version is available. As of this writing, while the Service Pack is available on Microsoft Technet and MSDN as a hefty combination download (Service Pack 2 for Vista/Server 2008 32-bit, Vista/Server 2008 64-bit, and Server 2008 with Itanium processor), the individual downloads aren't on Microsoft's public download site yet. I'm writing about this now so you will know what to do when Windows Update offers you Service Pack 2.

Service Packs in general are rollups of previous security patches and will often include bug fixes and sometimes added functionality to an operating system or program. It is extremely important to keep your operating system patched and up to the current Service Pack level and you definitely want to update your Vista machines to Service Pack 2. I was a beta tester and can tell you that almost no one experienced any problems with the upgrade. However, you should always take precautions before installing a Service Pack. If you follow the steps below, your upgrade experience should be a good one. Naturally Elephant Boy Computers is always available to do this work for our clients.

a. Back up your data to external media (external hard drive, CDs or DVDs). You should be doing this regularly anyway, of course. In all probability nothing will go wrong, but since Stuff Happens you should be prepared. You Have Been Warned.

b. Do system maintenance.

1. For Internet Explorer's Temporary Files, go to Control Panel>Internet Options>General tab. You'll see where you can delete cookies and files.
2. For Firefox, clear its cache by going to Tools>Options>Privacy>Cache> Clear.
3. For Windows Temporary files, run the Disk Cleanup.You can find the shortcut for Disk Cleanup in your Start Menu under Programs>Accessories>System Tools>Disk Cleanup.

A very good utility for cleaning things out is CCleaner. CCleaner is a powerful tool and I strongly urge you not to use the more advanced tools unless you totally know what you're doing. I never use the registry cleaner portion of this utility and I do know what I'm doing! If you don't know how to work in the registry by hand, you shouldn't be playing in there. You Have Been Warned.

c. Make sure your computer is completely virus/malware-free. After you've done the system maintenance, run a scan with Malwarebytes' Anti-malware (MBAM). Make sure to update MBAM before scanning. Do not attempt to upgrade Vista to Service Pack 2 if your computer is infected! You Have Been Warned.

d. If you have one of those really annoying and invasive garbage antivirus programs like Norton or McAfee, now would be a great time to uninstall it. After you have applied Service Pack 2, you can install something better. I recommend NOD32 (commercial) or Avast (free). Disable/shutdown all running programs - particularly antivirus and third-party firewall programs - before you start the Service Pack install.

e. Now you are ready to install the Service Pack(s). In a bone-headed move that is too annoying for me to write about, Microsoft has made it so Service Pack 2 will only install onto a computer that already has Service Pack 1. If your computer has NO Service Pack, you will need to install Service Pack 1 first and then Service Pack 2. You can tell what Service Pack level Vista is at by doing:

Start Orb>Search Box>type: winver [enter]

Or you can go to the System applet in Control Panel.

f. Getting Service Packs - Most people will wait until Service Pack 2 is offered from Windows Update. If you need Service Pack 1, it probably is already being offered to you and you're ignoring it. Or you can download the Service Packs from Microsoft directly. If you go this route, you must be sure to get the correct version - 32-bit or 64-bit. If you have Vista 64-bit, it will say so on the System applet and also from the winver command.

You can keep an eye on this page for links to Service Pack 2. Right now it is only linking to Service Pack 1.

http://www.microsoft.com/windows/downloads/default.aspx

g. Now you are ready to install the Service Pack. Do the installation from a user account with administrative privileges. Accept the End User License Agreement and leave the box for "Automatically reboot" checked. Your computer will reboot two or three times during the Service Pack installation process. Just let it go. Service Pack 2 takes slightly less time to install than Service Pack 1, but we're still talking about a fair slice of time for the job. To give you an idea, I had a client's machine in here that needed both Service Packs installed. I started installing Service Pack 1 around 11:00 AM and Service Pack 2 was finished at 2:30 PM. After each Service Pack is finally finished installing, you will be at the Welcome Screen. Log into the same user account from which you started the Service Pack installation and you will be presented with a box telling you that the Service Pack was installed successfully. Reward yourself with the treat of your choice. I had a vodka.

2. Now that Windows 7 Release Candidate 1 (RC1) is publicly available, I suppose it's time to talk about it. A Release Candidate is usually the last version of the software before it is finished and Released To Manufacturing (RTM). However, there can be more than one RC so the software it is still considered Beta and not fully cooked. Here are a few observations about Win7:

a. It is less demanding of hardware than Vista. While I wouldn't upgrade a very old machine to Win7, Win7 runs really well on my older testbed computer on which Vista was sluggish at best.

b. Most hardware that works with Vista will work with Win7. Most hardware.

c. Although there are some new features (which some people will love and some will hate), Win7 is similar to Vista but a lot less annoying. It has its own annoyances, of course. It is much better than Vista, but then again what isn't?

d. There has been quite a bit written about the XP Mode feature. XP Mode will allow you to run Windows XP in a special version of Microsoft's Virtual PC. In effect, XP Mode gives you a free copy of XP along with your Win7 but there are some important limitations. XP Mode is only available in the far more expensive Win7 Business and Win7 Ultimate versions. The processor and motherboard must support hardware virtualization and not all do. Of course even if you don't have the proper hardware and/or you have Win7 Home you can still run XP in a virtual machine using software like Virtual PC or VMware Workstation (my preference) but you will need to purchase a legal copy of XP. Virtual machines don't support heavy 3D gaming; they are most appropriate for when you have an important business program that isn't supported in your host operating system.

e. I was very pleasantly surprised at how much Local Area Networking has been improved. I filed quite a few bugs about this area of the operating system and someone must have been listening.

By making Win7 RC1 publicly available, Microsoft is in effect letting people try their new operating system for free. If you want to play with it, be aware of the following:

a. NEVER EVER EVER install beta software on a production machine or on a computer which you are unwilling to wipe and lose everything. RC1 is still beta, which means there are still bugs. In fact, a huge ugly I-Can't-Believe-This-Bug-Wasn't-Caught-In-Testing bug was discovered a few days ago. The kind of bug that is a show-stopper (it has to do with permissions on root folders not being created properly which means Things Will Break). We beta-testers were quite surprised at the speed at which Microsoft is rushing this operating system out the door. It definitely feels like this is a Marketing push to me. That doesn't mean Win7 won't be good, but it does mean that when a bug of the magnitude of this one got overlooked it is probable that there are other unpleasantnesses lurking under that pretty interface. You Have Been Warned.

b. Win7 RC1 is time-bombed. It will expire on June 1, 2010 at which point it will Stop Working. Starting on March 1, 2010 your computer will begin shutting down every two hours. To quote Microsoft, "To avoid interruption, you'll need to install a non-expired version of Windows before March 1, 2010". This means that when next March comes around, you will need to do a clean install of the operating system of your choice on that computer. If you want Win7, you'll need to buy a copy. No more free ride. While there were some hacks floating around at the end of the Vista beta to allow people to install the final version over the RC, they didn't always work. When you have a beta or an RC, you always have to go on the assumption that you will need to do a clean install of the final. You Have Been Warned.

c. There is no "official" support of RC1. If you have problems with it you can post in Microsoft's forums, other public forums, or newsgroups. You're a tester, not a customer at this point. You have to troubleshoot issues yourself. You Have Been Warned.

If you still want to give Win7 a spin, you can download it here - http://www.microsoft.com/windows/windows-7/download.aspx

If any of my clients don't want to do this but are curious and want to take a look at Windows 7, give me a call. You can come over and try it out here if you like.

Back to top
Home

6-6-09 - If you drink much from a bottle marked 'poison' it is almost certain to disagree with you, sooner or later. ~ Lewis Carroll

1. HP Notebook PC Battery Pack Replacement Program
2. Apple OS X Leopard update to 10.5.7
3. Adobe updates
4. Windows and Office updates
5. Windows 7

1. http://bpr.hpordercenter.com/hbpr/M14.aspx

"In cooperation with the U.S. Consumer Product Safety Commission, on May 14, 2009. HP announced a worldwide voluntary recall and replacement program for battery packs used in certain HP notebook PCs."

"HP and the battery cell manufacturer believe that certain battery packs shipped in HP notebook PC products manufactured between August 2007and January 2008 may pose a potential safety hazard to customers. The batteries can overheat, posing a fire and burn hazard"

You can validate your battery from the link above.

2. Apple has released the 10.5.7 update to OS X. You can get it by using the Software Update on your Mac or by downloading the Combo Update from here:

http://www.apple.com/downloads/macosx/apple/macosx_updates/macosx1057comboupdate.html

Even though it is a larger download (729MB in this case), I always use the Combo Update on my Macs. And of course, never do a major update like this without taking the precaution of backing up your system first. I use a combination of Time Machine and SuperDuper since I don't have a Time Machine drive for my backup MacBook.

3. Adobe has gone to a quarterly patch cycle, beginning this Tuesday, June 9th. This means that if you don't have your Adobe products set to automatically update, you should go to Adobe's website and download them or manually check for updates from within whatever Adobe products you have. Tuesday's update will include a patch for vulnerabilities in versions 7.x, 8.x, and 9.x of Adobe Reader and Adobe Acrobat.

http://blogs.adobe.com/psirt/2009/06/adobe_security_bulletin_advanc.html

4. Microsoft will have some very critical updates this upcoming Patch Tuesday also (6/9). These updates will include important patches for various versions of Microsoft Office, so if you aren't using Microsoft Update (as I don't on my XP machines - I prefer to use Windows Update there), then go to the Office Downloads page and click on Office Update in the left-hand column.

http://www.microsoft.com/technet/security/bulletin/ms09-jun.mspx

http://office.microsoft.com/en-us/downloads/FX101321101033.aspx

5. Microsoft has announced that their newest operating system, Windows 7, will be available for purchase (retail and preinstalled on new computers) on October 22, 2009.

http://www.winsupersite.com/win7/

I'll be covering Windows 7 in more detail as we get closer to the RTM (Release To Manufacturing) date. Of course my clients are always welcome to give me a call about Windows 7. I'll be putting up a page for it on the Elephant Boy Computers website pretty soon.

Basically, although there are changes from Vista, Windows 7 is similar to Vista (only better). If you are happy with Vista or XP, there will be no reason to upgrade to Windows 7. If you are running Vista and don't like it, then upgrading to Win7 might be A Good Thing. If you are running XP and have older programs and hardware (like printers) that wouldn't run under Vista, they won't run under Win7 either. Businesses should always be cautious about upgrading to a new operating system, with savvy techs preferring to wait a year or until the first Service Pack comes out.

Most consumers will get Win7 preinstalled when they buy a new computer. It has also been announced that new computers purchased after July will be eligible for a free upgrade to Win7 when it comes out. Of course, this will also depend on the computer manufacturer so you should be very clear on what you are getting if you purchase a new computer late this summer.

Side-by-side, feature-by-feature comparison of the different editions from Paul Thurrott:
http://www.winsupersite.com/win7/win7_skus_compare.asp

Windows 7 Homepage - http://windows.microsoft.com/en-US/windows7/home

Back to top
Home

6-27-09 - And the Lord spake, saying, "First shalt thou take out the Holy Pin. Then, shalt thou count to three. No more. No less. Three shalt be the number thou shalt count, and the number of the counting shall be three. Four shalt thou not count, neither count thou two, excepting that thou then proceed to three. Five is right out. Once at the number three, being the third number be reached, then, lobbest thou thy Holy Hand Grenade of Antioch towards thy foe, who, being naughty in My sight, shall snuff it." -- "Monty Python and the Holy Grail"

1. Various program updates
2. Microsoft Money discontinued
3. Microsoft Morro
4. Windows 7 pricing

1. Various program updates

a. Adobe Reader has an update to 9.1.2. If you have Reader set to update automatically, accept the patch. If not, you can download the update here - http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows

b. Adobe Shockwave has also been updated - http://get.adobe.com/shockwave/

Do not install any extraneous toolbars (Google/Yahoo/etc.)!

c. Java has been updated to JRE 6 Update 14. You can get it here - http://java.sun.com/javase/downloads/index.jsp

d. Firefox has been updated to 3.0.11 - http://www.mozilla.com

e. Thunderbird has been updated to 2.0.0.22 - http://www.mozillamessaging.com/en-US/thunderbird/

Note that there is a bug in this new version that sets the .dll path in the Registry incorrectly. Steps to reproduce:

Right click on file
Select 'Send To'
Select 'Mail Recipent'
Actual Results: Nothing
Expected Results: Should open Thunderbird with attachment

You can fix the bug by downloading this file - https://bugzilla.mozilla.org/attachment.cgi?id=384731

This will give you a file called TB Sendmail.reg. Double-click the file and answer "yes" to merge it into the Registry. Or you can just wait until there is a new update to Thunderbird.

2. If any of you are still using Microsoft Money, it is being discontinued and activation servers will be shut down on 1/31/2011. Per Microsoft:

Microsoft Money Pus will not be available for purchase after June 30, 2009. All purchased Money Plus products must be activated prior to Jan. 31, 2011.

http://www.microsoft.com/money/default.mspx
http://www.microsoft.com/money/faq.mspx

Of course activation isn't applicable if you are already using the program, but reinstallation in the future would be an issue and there won't be any updates after 1/31/11. It's time to transition to another consumer-level accounting program like Quicken. Intuit says that Quicken can transfer transactions from Microsoft Money.

http://quicken.intuit.com/transfer-from-microsoft-money.jsp

3. Microsoft's free antivirus/antimalware solution - called "Morro" - is in beta now. Their Live OneCare product was a commercial flop which was no loss since it wasn't very good. We'll see how Morro measures up. I installed it on my testbed machine running Windows 7 and it looks good. However, with antivirus programs it is wisest to wait until a product has proved itself before taking a risk on a new one. As of now, I still recommend Eset's NOD32 Antivirus (commercial) and Avast (free). Most emphatically not recommended are Norton and McAfee products which continue to be bloated and invasive.

Even though the technology inside of Morro is not really as raw as a "normal" beta because it came from other previous Microsoft security offerings, I strongly urge you not to install a beta antivirus program on your computer unless it is a testbed machine that you are willing to completely wipe. Beta software is buggy and you don't want to leave an important computer vulnerable because you installed an uncooked antivirus.

I will be keeping an eye on Morro since it may turn out to be an excellent alternative to the free Avast Antivirus. I still prefer NOD32 for a commercial product.

4. Microsoft has announced Windows 7 pricing:

Retail:

Windows 7 Home Premium (Upgrade): $119.99
Windows 7 Professional (Upgrade): $199.99
Windows 7 Ultimate (Upgrade): $219.99

Windows 7 Home Premium (Full): $199.99
Windows 7 Professional (Full): $299.99
Windows 7 Ultimate (Full): $319.99

Purchase a new computer running Vista from 6/26/09 to 1/31/10 and upgrade to Win7 for little or nothing from participating PC mftrs.:

http://www.microsoft.com/windows/buy/offers/upgrade.aspx

It is up to the particular computer mftr./retail store to decide what deal they want to offer so do your research first.

Back to top
Home

8-4-09 - “I would offer congratulations were it not for this tentacle gripping my leg.” - Jack Vance, "The Dying Earth"

1. Firefox, Adobe, and Java updates
2. Windows 7 upgrading
3. Seagate's Replica backup

1a. Firefox 3.5.2 is available from http://www.mozilla.com

Release notes - http://www.mozilla.com/en-US/firefox/3.5.2/releasenotes/

1b. Adobe Reader patch 9.1.3 is out. You must have the 9.1.2 patch installed first. The easiest way to update is from within the program. Start Adobe Reader and check for updates. For the rest of us who don't like automatic updates, the direct download page is here:

http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows

1c. Last week Sun released Java JRE 6 Update 15 and then pulled it after a few days. It is expected to be released sometime later this week so you might want to keep an eye out for it.

http://java.sun.com/javase/downloads/index.jsp

2. Windows 7 has gone gold (Released To Manufacturing). It will be available to MSDN/TechNet subscribers on August 6, to the OEMs on September 6, and new computers will have it preinstalled starting October 22. It will also be available from retail stores on October 22.

There's an interesting article about whether to move to Win7 in Mark Minasi's latest newsletter. Skip down past the "ads" for his seminars to the "Tech Section". He lays out the pros and cons very well. Mark Minasi is a tech writer who has authored many books; while those books are aimed at IT professionals, his prose is eminently readable. This is a two-part article.

http://www.minasi.com/newsletters/nws0907.htm

Note: Mark mentions "XP Mode" at the end of this article. It is important to understand that XP Mode is XP running in a virtual machine using a special version of MS Virtual PC and that the native XP Mode in Win7 will not run on every machine. The actual hardware must support it and not every machine will. You can still install virtualization software like Virtual PC or VMware Workstation and purchase a legal copy of XP to run in a virtual machine, but that's a different story.

Here is Part Two:

http://www.minasi.com/newsletters/nws0908.htm

I basically agree with Mark. If you hated Vista, you won't like Win7. If you have important software/hardware that didn't run on Vista, it probably won't run on Win7. As far as I'm concerned Win7 is better than Vista, but it is really Vista 1.3 and not a whole new thing. If your computer is running Vista well, I see no reason to change unless you just want the novelty.

If you do decide to upgrade, then here's an important issue that has just come up. If you are running a third-party firewall (ZoneAlarm, Comodo, etc.) and/or a third-party security solution such as ESET Smart Security, Norton security suites then you must UNINSTALL those products before upgrading to Windows 7. Do the upgrade and then you can reinstall the programs. Apparently plain vanilla antivirus programs aren't affected. Here's a Technical Alert from ESET about this.

http://www.eset.com/joomla/index.php?option=com_content&task=view&id=6331&Itemid=2

However, I think it would be a very good idea to uninstall any antivirus programs before doing an upgrade to Windows 7. In the case of any Norton or McAfee (>shudder<) products being installed, I suggest also running their removal tools.

Since upgrades from Windows XP are not supported (you must do a clean install), this only affects upgrading directly from Vista SP1 and SP2.

3. I have been looking at Seagate's Replica "backup solution" as something similar to Apple's Time Machine for Windows users. Last week I called their sales department to learn a bit more about Replica. It turns out that Replica is running a special version of Acronis True Image, an excellent imaging program that also does incremental backups. You can always buy True Image and an external hard drive, but the beauty of Replica is that everything is in one package and the backup imaging is done for you automatically on a schedule. I'm not rich enough to buy a Replica drive to test it out, but maybe one of you is!

Back to top
Home

8-12-09 - "What are your fees?" inquired Guyal cautiously. "I respond to three questions," stated the augur. "For twenty terces I phrase the answer in clear and actionable language; for ten I use the language of cant, which occasionally admits of ambiguity; for five, I speak a parable which you must interpret as you will; and for one terce, I babble in an unknown tongue." — Jack Vance, "Guyal of Sfere", The Dying Earth.

1. Mac OS X updates and Safari update
2. Java update
3. Rogue security product
4. Antivirus programs on Mac OS X

1. The Mac OS X 10.5.8 update is available either through Software Update on your Mac or direct download from Apple.

http://www.apple.com/downloads/macosx/apple/

I had no issues installing this update on my two Macs, but as always you should make sure you have backups made first with Time Machine or a program like SuperDuper. It's always good to Be Prepared.

And immediately on the heels of that update there is a patch to speed up the AirPort client (wireless) that has plagued some users after updating to 10.5.8. Run Software Update from Preferences to catch this one and the Safari update. Here's the link directly to the Safari update if you'd prefer to download it directly - or you're running Windows.

http://support.apple.com/downloads/Safari_4_0_3

2. *Another* Java update already! Get JRE 6 Update 16 here:

http://java.sun.com/javase/downloads/index.jsp

3. The Register had a good summary of a study about rogue security products (Personal Antivirus, WinAntivirus, etc.) last week. The study was done by Panda Security. For those of you still wondering why "those bastards" want to infect your computer, according to the Panda study fraudsters are making approximately $34 million a month - yes, a month! - off their victims. Here's a link to The Register article:

http://www.theregister.co.uk/2009/08/07/scareware_market/

4. I have a lot of clients moving to Macs. There are plenty of good reasons to do this but former Windows users should not think this makes their new systems invulnerable to malware. While OS X isn't plagued with all the viruses/malware that Windows operating systems are, it can still get infected. You must continue to practice "Safe Hex"!

(See Item 4. under Section E here for links and articles):
http://www.elephantboycomputers.com/page2.html#Removing_Malware

New trojan that hijacks your Mac's DNS spotted in the wild:
http://arstechnica.com/apple/news/2009/08/new-trojan-that-hijacks-your-macs-dns-spotted-in-the-wild.ars

This trojan is installed when the websites involved tell the surfer that they need a "QuickTime Player update" to view the content. These particular websites are hosting pr0n. This is exactly what happens to Windows users who go looking for free thrills and are told to install a "Player" or "codecs" to see the exciting movie. Obviously - at least I *hope* this is obvious - in none of those cases are the offered programs really a QuickTime Player update, a Player of any kind, or codecs.

I still don't believe in installing an antivirus on OS X. If you are smart and don't install dodgy programs, you'll be fine. If you don't trust yourself to just say "no", then here are a few solutions:

a. Avast has a Mac Edition and a Mac+PC Edition. The latter is for when you run a Windows operating system on your Mac and will let you share the license. A 1-year subscription to the Avast Mac Edition is $39.95; the Mac+PC Edition is $49.95. Of course, you could save yourself the $10 and run the free version of Avast on your Windows install.

b. Sophos is a business solution and is not aimed at home users although there is nothing preventing a home user from doing so. Their Antivirus Small Business Edition will run on Windows and OS X and you have to purchase it from a reseller. Prices are calculated by how many users and for how long a subscription is ordered and start at around $45.

c. Another free solution is the venerable Clam AntiVirus mostly used in Unix and Linux operating systems. ClamAV is pretty much do-it-yourself and requires a fairly high level of geekery to set up and use.

Under no circumstances should you buy/install anything from Norton (Symantec) or McAfee. Their Mac offerings are just as crappy as their Windows programs.

In summary, I don't think it's necessary to install an antivirus in OS X unless you are a high-risk computer user. If you are, then buy one of Avast's Mac antivirus programs.

Back to top
Home

9-10-09 - My Time Machine Finally Finished. I’m off to warn them about the bomb. If there’s a city where Chicago used to be, it worked! -- Time Travel Tweets by Christopher Moore

1. Updated Firefox and iTunes
2. Outlook troubleshooting
3. Snow Leopard
4. Guides to Snow Leopard and Windows 7
5. Reminder about Microsoft's Patch Tuesday
6. International Talk Like A Pirate Day (and other fun Days)

1a. Firefox has been updated to 3.5.3 - http://www.mozilla.com/en-US/
Release notes - http://www.mozilla.com/en-US/firefox/3.5.3/releasenotes/

1b. iTunes 9.0 is out now - http://www.apple.com/itunes/download/
What's new in iTunes 9.0 - http://www.apple.com/itunes/whats-new/

2. For those of you who use Outlook, there's a very good and concise troubleshooting guide at Lifehacker.com.

http://lifehacker.com/5344262/complete-guide-to-making-outlook-faster-than-molasses

It has suggestions (and links) that even non-geeks can do, so if your Outlook is indeed slower than molasses you might want to try some of the tips there. I find that the first thing I do when a client's Outlook is slow is to disable Add-ins.

3. Apple's next iteration of OS X, Snow Leopard (10.6) is out now. Snow Leopard is a nice upgrade from Leopard (although not crucial) and very reasonably priced. Of course, you should do some preparation before installing Snow Leopard. I've already discussed the importance of having a full backup of your system (if this is important to you) by using Time Machine or a third-party program like Super Duper. At the very least, back up your data. If you are going to do a clean install (boot with the install DVD, use Disk Utility to Erase your hard drive), make a list of all the programs you'll want to put on later. Also do your research about application compatibility first.

http://www.theregister.co.uk/2009/08/27/snow_leopard_incompatibilities/

And here's another list of incompatible programs from Apple itself:

http://support.apple.com/kb/HT3258

For instance, my Books.app library cataloging program isn't compatible so I had to replace it with Bookpedia. You don't want to find out a major application on which you rely doesn't work with Snow Leopard *after* the fact. If a program on which you depend won't work in Snow Leopard, you might need to give Snow Leopard a miss.

Don't forget to consider your printers. Here's a list of supported printer and scanner software:

http://support.apple.com/kb/HT3669

If you don't see your printer listed, you may be able to use a substitute driver. For instance, my Dell Laser 1720dn isn't listed but it uses the Lexmark E250dn drivers which are on the list. I found this by Googling "Dell 1720dn drivers OS X", so doing a bit of research is A Good Thing.

Snow Leopard installation choices:

Here's a good blow-by-blow description:
http://www.macfixit.com/article.php?story=20090827094401824

And from my favorite DIY site Lifehacker:

http://lifehacker.com/5345690/prep-your-mac-for-snow-leopard?skyline=true&s=x
http://lifehacker.com/5348150/how-to-upgrade-from-leopard-to-snow-leopard

I did a clean install on both my Macs because there was a lot of cruft on them. The operating system installation was very quick. Getting my data and various programs installed and set up took a few hours, but because I had great backups everything was fine. I find both machines to be a bit faster (they weren't slow to begin with), startup/shutdown is quicker (not slow to begin with either), and there are some nice features. Snow Leopard has a few wobbles in stability but nothing big.

4. I found these great "Complete Guides" to Snow Leopard and Windows 7 here:

http://gizmodo.com/5150298/windows-7-the-complete-guide
http://gizmodo.com/5352889/mac-os-x-snow-leopard-the-complete-guide

5. Just a reminder that Tuesday was Patch Day for Microsoft operating systems. There are some important security updates in this batch, so don't ignore your Windows Update notification.

http://www.microsoft.com/technet/security/bulletin/ms09-sep.mspx

6. Saturday, September 19th is International Talk Like A Pirate Day. Don't forget to throw a few arrrgh, matey's around! Here are some other fun geeky dates:

Winter-een-mas - January 25 (Week-long celebration of videogaming - see online comic Ctrl+Alt+Del
Darwin Day (Charles Darwin's birthday) - February 12
Pi Day - March 14
Albert Einstein's Birthday - March 14
Ada Lovelace Day - March 24
Tolkien Reading Day - March 25
Velociraptor Awareness Day (see online comic XKCD) - April 18
420 Day (Stoner Day) - April 20
Opposite Day (SpongeBob SquarePants) - April 25 (also on May 6th. Or not.)
Jedi Day - May 4 (May The Fourth Be With You)
Whacking Day - ("The Simpsons" - snakes are driven to the center of town and beaten to death)
Free Comic Book Day - First Saturday in May
Towel Day - May 25 (tribute to "Hitchhiker's Guide to the Galaxy")
X-Day (Church of the SubGenius) - July 5 (the scheduled end of the world every year)
International Talk Like A Pirate Day - September 19
Hobbit Day - September 22 (Bilbo and Frodo Baggins' birthdays)
Ask A Stupid Question Day - Last school day of September
Day of the Ninja - December 5
Grav-mass (Sir Isaac Newton's birthday) - December 25
Unbirthday - whenever it isn't your birthday

Back to top
Home

9-25-09 - Talked the Vikings into changing out the wiener dog heads on the front of their ships with dragons. We’ll see. -- Time Travel Tweets by Christopher Moore

1. Program updates - iTunes and Picasa
2. New phishing worm spreads across Twitter
3. Casual game sites
4. Cuteness

1. iTunes 9.01 is available for Mac and PC. Don't forget to get the 64-bit version if you have Vista 64-bit.

http://www.apple.com/itunes/download/
http://support.apple.com/kb/DL925 (64-bit)

Picasa has been updated to 3.5 and apparently has all sorts of interesting additions such as face recognition. There have been a few reports on the Mac side of 3.5 not been fully "cooked", so if you are a Picasa power user you might want to wait until 3.5.1 or check on the Picasa user forums to see what other people have experienced before you take the plunge.

http://picasa.google.com/index.html
http://www.google.com/support/forum/p/Picasa?hl=en (forums)

2. A new phishing worm spreads across Twitter - http://www.theregister.co.uk/2009/09/24/twitter_phishing_worm/

Once again, malware is being spread on social networking sites by people clicking on links in messages.

For those of you reading this who don't know what social networking sites are or don't use them - your kids do. Time and time again I've had parents tell me that their kids were computer savvy - as I've just finished fixing their severely infected computer. The computer that got infected because the kids weren't really "computer savvy" and clicked on everything - links in IMs, links on Facebook or MySpace, used P2P file sharing, etc.

If you use social networking sites, exercise extreme caution. If you don't use them and you have tweens/teenagers, educate yourself and your kids. I've had "Safe Hex" links on my website for ages. Here are some of the links again for your convenience:

http://www.getsafeonline.org/
https://www.mysecurecyberspace.com/ (Carnegie Mellon University resource)
http://www.getnetwise.org/
http://www.microsoft.com/protect/default.aspx (Microsoft Online Safety)

3. Speaking of clicking on links and installing stuff from social networking sites - I just had a machine in the shop which was so infected that I had to do a clean install of Vista. The owner had installed some applications from Facebook. Not good! Don't install any apps from Facebook unless you like to Live On The Edge. And if you do, have your precious data backed up first. The client asked me if it was safe to download games from Facebook and I had to say "no". But there are plenty of safe and free sites for casual gamers. Along with the usual Yahoo! Games and MSN Games, here are some sites that have good casual games:

http://www.armorgames.com
http://www.newgrounds.com
http://www.kongregate.com/

Orisinal is a beautiful little game site that has been around for years. It's still lovely and the games are original and fun.

http://www.ferryhalim.com/orisinal/

I'd be cautious about casual gaming by subscription but only because one of my clients had a really hard time unsubscribing from Comcast's Chill service. I don't know if she ever got clear of it.

4. I don't usually pass on links to sites that don't have a technical slant here in the EBC Report, but it is the end of September and still Blazing Hot here in Fresno and that's Depressing. So here is a dose of Cuteness if you need it. If you don't or you hate Cuteness, just ignore this section!

The original Cute trove - http://cuteoverload.com/
The original edgier Cute trove - http://icanhascheezburger.com/

For people who could care less about cute animals but need something Cute, there's Cute Food! (Actually, a lot of the entries are just gorgeous but not necessarily cute by my definition of "cute".) - http://epicute.com/

And when Life has been particularly Gross, you need a Unicorn Chaser* to wash the ugliness away - http://unicornchaser.com/

*Term originated by the always-interesting (but not necessarily Safe For Work) BoingBoing website.

Back to top
Home

10-13-09 - Freaked Ben Franklin out with my iPhone. Couldn’t get a signal in 18th century Phlly, though. ATT sux -- Time Travel Tweets by Christopher Moore

1. Security Updates for Adobe Reader and Acrobat
2. Patch Tuesday - Massive amounts of security updates for Windows
3. Serious bug in Snow Leopard resulting in data loss
4. Useful program - Fences
5. Possibly not so useful program - MS Office 2010

1. Security Updates Available for Adobe Reader and Acrobat - http://www.adobe.com/support/security/bulletins/apsb09-15.html

This is an important security update so if you use those products (and almost all of you have Adobe Reader; Acrobat is the full-featured and quite expensive .pdf creation program) you should install the appropriate update.

2. There are also important security updates in today's Windows/Microsoft Update offerings:

Microsoft Security Updates - October 2009 - http://www.microsoft.com/technet/security/bulletin/ms09-oct.mspx

ISC Patch Tuesday overview - http://isc.sans.org/diary.html?storyid=7345

Huge Patch Tuesday Update - October 2009 - http://blogs.zdnet.com/security/?p=4585

"Microsoft today released its largest ever batch of Patch Tuesday updates to fix a whopping 34 security holes in a wide range of widely deployed software products.

"The latest patch batch covers critical vulnerabilities in software products that are bundled with Microsoft’s dominant Windows operating system (Internet Explorer and Windows Media Player) — and several known security problems (SMB v2 and FTP in IIS) for which functioning exploit code has already been publicly released.

"The SMB v2 issue, which has been in the news over the last month, has been addressed with MS09-050, a critical bulletin that actually addresses three separate documented vulnerabilities."

Make sure you restart the computer after installing updates. In particular the security update for the GDI+ will not be in effect until a restart and the computer will still be in a vulnerable state.

3. Serious bug in Snow Leopard - Some users have experienced data loss after logging into the Guest account. The exact cause of the glitch is unknown but it is believed it may happen if Guest was enabled and then the system was upgraded from Leopard to Snow Leopard. It seems that not a lot of people are affected, but no one wants to be the person whose data disappears. Even if you have backups - and all of you do, right? - it will be an unpleasant shock.

Details here:

http://www.tuaw.com/2009/10/12/bug-tracker-snow-leopard-guest-account-deleting-files/

http://news.bbc.co.uk/2/hi/technology/8304229.stm

In any case, you should not have the Guest account enabled on any operating system. The Guest account is a special system account, not one meant for when you are feeling hospitable. It is disabled by default in Windows XP, Vista, Linux, Unix, and OS X for a reason.

From Microsoft TechNet:

"The Guest account is intended for users who require temporary access to the system. However, if this account is enabled, a security risk may exist because an unauthorized user could gain anonymous access to the system through this account."

http://technet.microsoft.com/en-us/library/bb418978(TechNet.10).aspx

So if you enabled Guest, disable it now and create a Standard/Limited (OS X, Vista, XP Pro/XP Home) for your visitors. Call the new user account something like "Visitor", "Poor Relations", or "Go Home".

4. A useful program - Many of my clients have a special way they like to organize their Desktop icons. In fact some of you have been irritated about the way Windows decides to move all your shortcut icons around for no particular reason! You might be interested in Stardock's Fences, which is free:

"Fences is a program that helps you organize your desktop, and can hide your icons when they're not in use...."

http://www.stardock.com/products/fences/index.asp

5. And possibly not so useful - Apparently new PCs with Windows 7 preinstalled may ship with an ad-supported version of Microsoft Office 2010. According to BetaNews, instead of shipping with the old Microsoft Works OEMs (HP, Dell, Sony, etc.) will have the option of including a limited form of Office 2010 which will include advertisements. The buyer can then buy a more full-featured version if desired, presumably without the ads.

This is early days and this information is by no means set in stone, but the reason I'm mentioning it is that this probably means the writing is on the wall for Microsoft Works. Works has always been Office's unloved stepchild, and files created in Works have notoriously not been compatible with the rest of the productivity software world. My concern is for the people who have stuck with Works and who may be left with files that nothing will open. I don't want to be an alarmist and there is no reason to panic, but the three of you left who are still using Microsoft Works should consider switching to something else in the near future.

Frankly, I'm not convinced that a limited version of Office 2010 will be all that useful. If you're not going to purchase Office 2010, then there are better alternatives. OpenOffice is a full-featured free office suite which can read/write Microsoft Office formats. In my opinion, OpenOffice is far superior to a limited version of Office 2010. Of course, if you still have a copy of Office 2007 (or even the quite elderly Office 2003), it will install and run just fine in Windows 7.

http://www.betanews.com/article/Microsoft-to-replace-Works-with-adsupported-Office-Starter-2010/1255022321

Back to top
Home

11-4-09 - Just Time traveled to Ancient Macedonia. Gave a pep talk to a kid named Alexander the Mediocre. Hope that worked out. -- Time Travel Tweets by Christopher Moore

1. Program updates, Firefox, Java, iTunes
2. Recommendations for setting up users in Vista and Windows 7

1. Recent updates:

a. Firefox 3.5.4 - http://www.mozilla.com
b. Java - JRE 6 Update 17 - http://java.sun.com/javase/downloads/index.jsp
c. Shockwave - http://get.adobe.com/shockwave/

2. After seeing so many clients setting up their user in Vista insecurely and not optimally for disaster recovery, I thought it would be good to give you my recommendations. Running as a Standard user, with the limitations that provides of not being able to install software or make global system changes, is always best practice. This helps to protect you against malware drive-by installs and from making changes which would damage your operating system. Of course you can still get infected if you don't take precautions and you can still trash Windows by rash tinkering, but every little bit of safety helps.

Unfortunately, under Windows XP this wasn't practical in the Real World(tm). Too many programs needed to write to areas of the operating system reserved for administrators. With Vista and Windows 7, this has changed. Any program written to be compatible with Vista and/or Windows 7 is designed to run under a Standard user account. So why do so many people run as administrator?

a. Because they are used to doing so from XP;
b. And because when they buy a computer with Vista or Windows 7 preinstalled, they use the first user account they are logged into after turning on the computer.

When you run as a Standard user in Vista and Windows 7, you will need to provide a password for the administrative user in order to install software and make global system changes. If security isn't an issue, you don't need to set a password for that administrative account.

Recommended Setup

You absolutely do not want to have only one user account. Like XP and all other modern operating systems, Vista and Windows 7 are multi-user operating systems with built-in system accounts such as Administrator, Default, All Users, and Guest. These accounts should be left alone as they are part of the operating system structure.

You particularly don't want only one user account with administrative privileges on Vista and Windows 7 because the built-in Administrator account (normally only used in emergencies) is disabled by default. If you're running as an administrator for your daily work and that account gets corrupted, things will be Difficult. It isn't impossible to activate the built-in Administrator to rescue things, but it will require third-party tools and working outside the operating system.

The user account that is for your daily work should be a Standard user, with the extra administrative user (call it something like "CompAdmin" or "Tech" or the like) only there for elevation purposes. After you create "CompAdmin", log into it and change your regular user account to Standard. Then log back into your regular account.

If you want to go directly to the Desktop and skip the Welcome Screen with the icons of user accounts, you can do this:

Start Orb>Search box>type: netplwiz [enter]
Click on Continue (or supply an administrator's password) when prompted by UAC

Uncheck the option "Users must enter a user name and password to use this computer". Select a user account to automatically log on by clicking on the desired account to highlight it and then hit OK. Enter the correct password for that user account (if there is one) when prompted. Leave it blank if there is no password (null).

Back to top
Home

11-30-09 - Zaxa rode a small pacing wole, and carried his fabulous sword Zil, while the others of the party rode steeds of other descriptions. -- Jack Vance, "The Green Pearl"

1. Holiday computer safety reminder
2. Buying a computer for Christmas

1. Just a reminder as we get into the Holiday season that it's common to get emails purporting to be from FedEx and other courier services with a subject along the lines of "Arrival of Special Consignment". These emails are malicious and will have an attachment or want you to click on a link. Do not do either of these things! Just delete the email(s) unread.

There will also be plenty of Christmas-related malware - screensavers, themes, special offers if you "click here". Already there has been a report of the Koobface malware campaign offering a Christmas theme. Needless to say you will not get dancing Santas - you will get the Koobface worm which is extremely difficult to remove. Be particularly cautious at popular social networking sites like MySpace and Facebook.

I've given you safe Christmas-y sites in past years. Here are links to those posts:

http://www.elephantboycomputers.com/page3.html#12-16-07
http://www.elephantboycomputers.com/page3.html#11-27-08

You can still get great holiday wallpapers at the sites I mentioned in those Reports. I see that VladStudio has a new Christmas wallpaper up now, too.

http://www.vladstudio.com/wallpaper/?where_xmas_gifts_are_born

The point is to stay away from screensavers.com and freeze.com and all those sites that offer you "free" stuff that come with ad-supported toolbars.

2. I've had several calls from clients who are thinking about buying their child a computer for Christmas. Netbooks are particularly attractive for a child's gift because they are small (10") and relatively inexpensive. The nicer version of the Dell Mini 10 is $349 for instance. I see that the Dell Mini comes with either Ubuntu (Linux) or Windows XP. I think most of my clients will be happiest with Windows XP. My concern is that other companies such as HP and Acer are offering netbooks with Windows 7 Starter Edition at very good prices and I wanted to warn you away from those.

Windows 7 is a really nice operating system but no one in his/her right mind will want Windows 7 Starter Edition. It is a severely limited version of Windows 7; you can't even change the Desktop wallpaper with it. There are other limitations as well. I'll be blunt (and when am I not?!), as far as I'm concerned Windows 7 Starter Edition owes its existence to nothing more than Microsoft greed - because you will be so unhappy with it that you'll spend the money to upgrade to Windows 7 Home Premium.

With laptops, I always recommend buying a 2-3 year warranty plus accidental coverage. This can add $265+ to the base price and you should take that into consideration when pricing laptops. Bluntness again - if you don't spend the money up front to get good warranty coverage, you will be sorry. This is the only time (outside of when you are purchasing office computers) that I think it's worth buying an extended warranty.

Netbooks are my exception to the "buy a laptop-buy a warranty" rule. I just priced adding a 2-year warranty plus accidental coverage to the Dell Mini 10 and that bumps the price up to over $500. At that point you could almost buy a new Mini for the cost of the warranty. So I didn't bother with an extra warranty when I bought my own Mini.

Back to top
Home

12-14-09 - Make the world better. ~ Lucy Stone

1. Staying computer-safe during the Holidays
2. Holiday music
3. Seasonal amusements

1. Holidays bring joy, cheer, and computer malware. Scammers often target their slimeware towards big occasions.

The Complete Guide to Avoiding Online Scams
http://gizmodo.com/5420356/the-complete-guide-to-avoiding-online-scams-for-your-less-savvy-friends-and-relatives

Accepting friend requests from people you don't know is a recipe for ID theft
http://lifehacker.com/5421597/accepting-friend-requests-from-people-you-dont-know-is-a-recipe-for-id-theft

Koobface worm dons tinsel to snag seasonally-affected marks - http://www.theregister.co.uk/2009/12/08/xmas_koobface/
http://blog.trendmicro.com/christmas-themed-koobface-campaign-seen/

2. There is lots of legitimate free music for the holidays available - http://lifehacker.com/5420786/bolster-your-holiday-playlist-with-40%252B-free-mp3s

Free Christmas download from Cigar Box Nation - http://www.cigarboxnation.com/

Chanukkah music provided by the Idelsohn Society - http://idelsohnsociety.com/home.html

Free Christmas songs from Apple's iTunes Store - http://itunes.apple.com/us/album/itunes-holiday-sampler/id344104720

And from Amazon MP3 Downloads, "25 Days of Free" - http://tinyurl.com/ydl6nf3

3. Go to Google and leave the Search box blank. Now click on the "I'm Feeling Lucky" button. You'll see a live countdown of the number of seconds left in 2009.

And a brief history of Christmas lights from Gizmodo - http://gizmodo.com/5425395/christmas-lights-the-brief-and-strangely-interesting-history-of

Back to top
Home

2-7-10 - Gettysburg, I’m like,”Abe, just say eighty seven years ago. It’s like you wrote this on the train here. Jeeze.” -- Time Travel Tweets by Christoper Moore

1. Make sure you are current with Windows Updates to cover the pre-Internet Explorer 8 vulnerability
2. Current versions of Java, Adobe Reader, Firefox, and a new Avast Antivirus
3. Reminder about rogue security programs
4. Facebook as a vector for infection - even more ways for the Bad Guys to get your computer

Hello All - It's been a while since I sent out an EBC Report. Sorry for the delay but I've been busy making the world safe, one computer at a time. Let's catch up.

1. About a month ago there was a very serious vulnerability in Internet Explorer 6 and 7. The rather technical details are here:

http://www.theregister.co.uk/2010/01/15/ie_zero_day_exploit_goes_wild/
http://www.howtogeek.com/howto/10340/protect-yourself-from-the-latest-internet-explorer-security-hole/

The bottom line is that you need to update to IE8. Personally, I prefer Firefox anyway but there is no point in having a vulnerable program like IE6 on your system. For those of you still running operating systems older than Windows XP like Windows 2000, you won't be able to upgrade to IE8 so use the latest version of Firefox instead. As for older operating system like Windows 98/ME, they should not be on the Internet at all. End of that story.

You can download IE8 from here - http://www.microsoft.com/windows/internet-explorer/default.aspx
IE8 System Requirements - http://www.microsoft.com/windows/internet-explorer/support/system-requirements.aspx

Per my colleague MVP Robear Dyer - I would strongly recommend disabling your anti-virus application and any anti-spyware applications (other than Defender) before installing (or uninstalling) an IE upgrade. If you're running a third-party firewall, I would recommend disabling it and then enabling the Windows Firewall before installing (or uninstalling) an IE upgrade.

2. It's important to keep programs that tend to be targets for malware writers updated. Current versions of important programs (not counting IE):

Java - JRE 6 Update 18 - http://java.sun.com/javase/downloads/index.jsp
Adobe Reader 9.3 - http://www.adobe.com/
Also from Adobe - Flash Player and Shockwave Players
Firefox 3.6 - http://www.mozilla.com
Avast Antivirus 5.0 is out, replacing 4.8 in both free and professional versions - http://www.avast.com/index

3. Here's another reminder not to be tricked into installing rogue security programs - In particular, I'm seeing quite a few computers coming into the shop infected with Internet Security 2010. Right now it's running about 50/50 as to the percentage of these machines which need to have Windows reinstalled. It really depends on whether the victim actually installed this rogue and whether the machine is infected with other trojans or not. A lot of these rogues look very real, so don't be fooled.

http://www.bleepingcomputer.com/virus-removal/remove-internet-security-2010

4. Facebook in itself is an excellent way to keep up with friends and family. The problem with it is that it is a target for The Bad Guys. I know I've warned you about not installing Facebook Apps and not clicking on links, but it's a new(ish) year and so here's your reminder for 2010.

Websense Security Labs discovered several spam messages on Facebook that trick the user into visiting BINSSERVICESONLINE, a malicious website. When the link in the message is clicked, the website redirects the user to an online scam site similar to the Google Scam Kits they wrote about in mid-December 2009. The use of Facebook to distribute links that lead to Google scam kits is fairly new, and is sure to fool some users into buying the kits.

A lot of users have apparently received this message, as it quickly became a popular search string on Google. Websense Security reports that there are criminal groups monitoring the popular search terms on Google and other search engines to start their own malicious attacks, so it didn't take long before they started seeing Google search results for BINSSERVICESONLINE leading to rogue AV products. According to Websense Security, the two attacks are done by separate groups of criminals. One group started the spam attacks on Facebook and another started manipulating Google results.

The Websense Security Labs blog is interesting, albeit a bit technical.
http://securitylabs.websense.com/content/blogs.aspx

There is an interesting blog article about the (non)safety of Facebook apps by CSO Online reporting from the ShmooCon security conference.
http://www.csoonline.com/article/533113/ShmooCon_Inside_FarmVille_s_Sinister_Underbelly

Be careful out there, people!

Back to top
Home

2-12-10 - You are disoriented. Blackness swims toward you like a school of eels who have just seen something that eels like a lot. -- Douglas Adams, "The Hitchhiker's Guide To The Galaxy" text adventure game

1. Beware this Facebook phish
2. New "Genuine Windows Activation" patch
3. Adobe updates

1. Another Facebook-related phish is making the rounds. It comes in an email like this:

From: Facebook Login [mailto:help@facebook.com]
Sent: 09 February 2010 07:23
To: [the victim's email address]
Subject: Facebook Password Reset Confirmation! Customer Message.

Dear user of facebook,

Because of the measures taken to provide safety to our clients, your password has been changed.
You can find your new password in attached document.

Thanks,
Your Facebook.

The attachment is a zip file filled to its brim with the Bredolab Downloader Trojan. If the victim is foolish enough to fall for the phish and double-clicks the attachment, Bredolab will infect their computer and then download all kinds of little friends.

2. A new "Genuine Windows Activation" patch is going to try to insinuate itself on Windows 7 computers starting by the end of this month. If you have your Windows Updates set to install automatically, you'll get this whether you want it or not. So if you would prefer not to install something which shows what a pirate Microsoft thinks you probably are, set Windows Update to download updates and inform you when they're ready. And look at what you're being offered first so you can make an intelligent choice. Me, I'm passing on this one. I don't care how Microsoft wants to spin this, in the immortal words of Carl Rose's famous cartoon, "I say it's spinach, and I say the hell with it".* And my Windows 7 is completely legal, thank you very much.

http://www.theregister.co.uk/2010/02/12/windows_7_genuine_patch/

*http://en.wikipedia.org/wiki/Carl_Rose

3. Adobe has updated its Flash Player to address some potentially serious security flaws. There are separate Flash Players for IE and for plugin-based browsers like Firefox so if you use an alternate browser along with IE, download and install both Players.

Adobe has also announced that there will be a security patch for Adobe Acrobat and Adobe Reader to close some vulnerabilities. The patch will be available next Tuesday, February 16th so put it on your updates calendar.

http://www.adobe.com

Back to top
Home

3-10-10 - He reached out and pressed an invitingly large red button on a nearby panel. The panel lit up with the words 'Please do not press this button again'. -- Douglas Adams, "The Hitchhiker's Guide to the Galaxy"

1. IE 6 is dead
2. Switching from Windows to Mac OS X
3. Microsoft Help File Exploit
4. Windows 7 "Genuine Windows Activation"
5. Adobe Reader is the application most targeted for malware attacks
6. Another way social networking sites are being used for rogue security program scams

1. IE 6 is officially dead. Come on, people! No one should be using IE 6 any more! - http://lifehacker.com/5478418/youtube-drops-ie6-support-on-march-13th

2. Switch 101: On Windows, I used to... Very useful article about switching to OS X from Windows. Thanks, Apple! - http://support.apple.com/kb/HT2514

3. Microsoft has issued a warning not to press the F1 key (Help) when prompted by a website or email message. A new exploit is currently being patched. Malicious attacks using the F1 (Help PF key) could be developed to compromise PC security.

http://www.computerworld.com/s/article/9164038/Microsoft_Don_t_press_F1_key_in_Windows_XP

QUOTE: Microsoft told Windows XP users today not to press the F1 key when prompted by a Web site, as part of its reaction to an unpatched vulnerability that hackers could exploit to hijack PCs running Internet Explorer (IE).

"The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer," read the advisory. "If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user."

According to Microsoft Windows 2000, Windows XP and Windows Server 2003 are impacted by the bug and any supported versions of Internet Explorer (IE) on those operating systems -- including IE6 on Windows XP -- could be leveraged by attackers. Windows Vista, Windows Server 2008, Windows 7 or Windows Server 2008 R2 are not affected.

4. Tech guru Ed Bott has written an interesting article about the Windows 7 updated KB971033, the update to Windows Activation Technologies (WAT). I mentioned in the last EBC Report that this "update" was being rolled out.

Windows Activation Technologies: an unauthorized inside look by Ed Bott - http://blogs.zdnet.com/Bott/?p=1803&tag=col1;post-1803

5. Adobe Reader is the application most targeted in malware campaigns - http://www.theregister.co.uk/2010/03/09/adobe_reader_attacks/

I've completely switched from using Adobe Reader on all my Windows machines. I use Preview on the Macs. If you'd like to switch, here are some free replacement programs:

Foxit Reader - http://www.foxitsoftware.com/pdf/reader/reader3.php
PDF-XChange Viewer - http://www.docu-track.com/product/downloads
Sumatra PDF - http://blog.kowalczyk.info/software/sumatrapdf/index.html
Nuance PDF Reader (registration required but it is free) - http://www.nuance.com/imaging/products/pdf-reader.asp

With free readers like Foxit, make sure you don't install any toolbars that come along with them. Of course you need to keep these programs updated, too.

6. Per The Register, here's another way that social networking sites (Facebook, MySpace, etc.) are being used for rogue security program scams.

http://www.theregister.co.uk/2010/02/15/smut_social_networking_spam_scam/

"More than nine out of ten (92 per cent) of such adult phishing scams recorded in January took place on social networking sites such as Facebook and Bebo, according to the latest monthly security report from Symantec. Once fraudsters have snaffled personal credentials, surfers are often redirected to sites punting scareware scams rather than smut.

"Scareware scams more commonly rely on manipulating search engine results for search terms in the news, such as the death of an athlete practising for the luge event at the winter Olympics. These results are poisoned so that surfers looking for videos of this tragedy (as explained by Sophos here) are instead redirected to anti-virus scan scam portals, which warn of non-existent malware risks in a bid to trick users into buying worthless scamware."

So continue to be careful out there!

Back to top
Home

3-21-10 - It is a mistake to think you can solve any major problems just with potatoes. -- Douglas Adams, "Life, the Universe, and Everything"

1. Facebook password reset scam
2. Microsoft removes hardware barrier to XP Mode in Windows 7
3. Mozilla news - Firefox vulnerability patch, Thunderbird update

1. Password reset scams are common. There is an aggressive phish email going out recently from Facebook. I received two of them the other day - and I don't have a Facebook account! This one is so bad that Facebook is warning users about it, an unusual step for them. An interesting tidbit from The Register article - this scam is apparently the sixth most prevalent piece of malware targeting users out there. For today, at least.

http://www.theregister.co.uk/2010/03/18/facebook_password_reset/

So remember that legitimate websites and companies (banks, Internet Service Providers, email providers) never will ask you to reset your password in an email. No matter how legitimate it looks, an email telling you to confirm your username/password by clicking on a link is a phish.

2. One of the nice features of Windows 7 Professional and Ultimate versions is the ability to run XP Mode. XP Mode allows you to run XP for free in a virtual machine. This feature is aimed at businesses who rely on older software that won't run on Windows 7. Obviously Microsoft wants those customers to upgrade to Windows 7 and XP Mode can help with that.

One of the stopping points of XP Mode was that this feature required hardware virtualization technology on the computer processor/motherboard. Only some newer processors have this ability. Microsoft has now removed the requirement to have hardware virtualization in order to run XP Mode which should greatly increase the number of customers with older but still capable computers upgrading to Windows 7 and using XP Mode to run older business software.

Note that Windows 7 Starter/Home Basic/Home Premium do not support XP Mode.

http://blogs.zdnet.com/microsoft/?p=5607
http://www.microsoft.com/windows/virtual-pc/download.aspx

3. Mozilla has confirmed that they will be releasing a patch to close a security flaw in Firefox on March 30th. So on that day, go get Firefox 3.6.2. The Thunderbird email client has also been updated so those of you using it can get 3.0.3 at the link below.

http://www.mozilla.com
http://www.mozillamessaging.com/en-US/thunderbird/all.html

Back to top
Home

3-29-10 - "Scissors cuts paper, paper covers rock, rock crushes lizard, lizard poisons Spock, Spock smashes scissors, scissors decapitates lizard, lizard eats paper, paper disproves Spock, Spock vaporizes rock, and as it always has, rock crushes scissors." -- Dr. Sheldon Cooper, "The Big Bang Theory"

1. End of support for XP with Service Pack 2 (and earlier); end of support for Vista with no Service Packs
2. Firefox 3.6.2 available now
3. St. Anthony's School recycling
4. Out-of-band security update for Internet Explorer Tuesday, March 30th

1. From Microsoft:

When a product reaches the end of support, it no longer receives security updates which can help protect it from malicious software as well as other software updates which can help improve the reliability of Windows.

When support ends varies by product:

• Support for Windows Vista without any service packs will end on April 13, 2010.
• Support for Windows XP with Service Pack 2 (SP2) will end on July 13, 2010.

If you are unsure of the version of operating system and service pack installed on your system, please visit:
http://windows.microsoft.com/en-us/windows7/help/which-version-of-the-windows-operating-system-am-i-running

Both Windows Vista and Windows XP have newer service packs available for free that are still supported. For complete information about the end of support for various Windows versions, please visit: http://www.microsoft.com/eos.

2. The latest update to Firefox came out earlier than expected to address some rather serious vulnerabilities. Go to http://www.mozilla.com and download Firefox 3.6.2 and install it.

3. For those of you EBC Reports Mailing Listers who live in the Fresno area, St. Anthony's School is hosting a week-long recycling center April 25th-May 2nd, 10:00 AM - 3:30 PM. This is a great way to get rid of your old computers, monitors, TVs, and other electronic devices. St. Anthony's School is located at 5680 N. Maroa Ave. and you should drop off your items next to the trash bins near the southeast corner of the parking lot. If you want to print out a reminder, you can download the official flyer in .pdf form here: http://www.elephantboycomputers.com/sas-recycling.pdf.

4. Microsoft Security Bulletin Advance Notification for March 2010:

http://www.microsoft.com/technet/security/bulletin/ms10-mar.mspx

"This is an advance notification of an out-of-band security bulletin that Microsoft is intending to release on March 30, 2010. The bulletin is being released to address attacks against customers of Internet Explorer 6 and Internet Explorer 7. Users of Internet Explorer 8 and Windows 7 are not vulnerable to these attacks. The vulnerability used in these attacks, along with workarounds, is described in Microsoft Security Advisory 981374. The out-of-band security bulletin is a cumulative security update for Internet Explorer and will also contain fixes for privately reported vulnerabilities rated Critical on all versions of Internet Explorer that are not related to this attack."

I've said it before and I'm saying it again - no one should be running Internet Explorer 6 or 7 at this point. If you're going to use IE, you need to update to IE8. If you must use IE7 (and I do have some clients with proprietary website software that won't work with IE8), make sure it is updated with this security patch and start pressuring your vendors to update their website software to work with IE8 and/or Firefox.

For those of you who celebrate Easter, have a nice one. The rest of us will be microwaving Peeps. ;-)
http://blog.makezine.com/archive/2009/04/fun_things_to_do_with_peeps_besides.html

Back to top
Home

4-1-10 - "What type of Computer do you have? And please don't say a white one." -- Dr. Sheldon Cooper, "The Big Bang Theory"

1. Apple updates OS X Leopard and Snow Leopard
2. Bogus Windows Live Messenger invitations
3. Large percentage of Windows 7 vulnerabilities mitigated by running as Standard user
4. Program updates - iTunes/QuickTime and Java
5. Annual ThinkGeek April 1st foolery

1. On March 29th Apple issued a huge update for Mac OS X 10.5 (Leopard) and Mac OS X 10.6 (Snow Leopard), patching 92 vulnerabilities, a third of them critical. With such a large update, I prefer to download the update directly from Apple rather than go through the OS X automatic Software Update.

The Combo Update rolls all updates into one package and upgrades any version of OS X to the current version. So if you have been keeping your Mac updated, you can download the (slightly) smaller patch. If you're unsure, download the Combo Update instead. Click on the Apple at the far left of your Menu Bar and then on "About this Mac" to see what version of OS X you're running.

http://support.apple.com/downloads/

Always take proper precautions before installing a system update. Make sure you have a current backup, preferably with Time Machine, Time Capsule, or Super Duper. As my friends and clients know, I'm a fanatic about backups so I use Time Machine AND will do a Super Duper backup before a big update like this. I don't mind their kidding; if something goes wrong I can get back to working Macs in very little time with no loss of data and that's what is important to me.

And just in case things go bad, here's a good article about managing a hung 10.6.3 update installation:

http://reviews.cnet.com/8301-13727_7-10471669-263.html?part=rss&tag=feed&subj=MacFixIt

2. Bogus Windows Live Messenger invitations - On my security issues mailing list, quite a few members report that they are getting bombarded with fake Messenger invitations from spammers. Here is a Windows Live blog article about the problem and how to identify one of these fake invitations:

http://windowsteamblog.com/blogs/windowslive/archive/2010/03/29/just-say-no-to-bogus-messenger-invitations.aspx

I found this "10 tips for safe instant messaging" article on the Microsoft Online Safety site:

http://www.microsoft.com/protect/fraud/spam/imsafety.aspx

If you IM, then you should read that article.

As an aside, someone on that same security mailing list mentioned that you can get the same sort of thing from Skype. So while you should certainly use and enjoy IMing and Skyping if you want to, you have to be careful. You wouldn't allow a total stranger into your home without being sure it was safe; exercise the same caution when using instant messaging and video messaging.

Here's the main Microsoft Online Safety site, which is a very good resource:

http://www.microsoft.com/protect/default.aspx

It has links to articles, downloads like MS Security Essentials, and how-to videos.

3. Why I have you set up as Standard users with a CompAdmin administrator account in Vista and Windows 7:

http://arstechnica.com/microsoft/news/2010/03/half-of-windows-flaws-mitigated-by-removing-admin-rights.ars

If you don't know what I'm talking about and/or are not my client so I haven't set up Vista/Win7 for you, see the recommended Vista/Win7 user setup in Item #2 of this previous EBC Report:

http://www.elephantboycomputers.com/page3.html#11-4-09

4. A new version of iTunes (9.1) is available: http://www.apple.com/itunes/download/

If you are running Vista or Windows 7 64-bit, the correct download is here: http://support.apple.com/kb/DL925

Java 6 Update 19 - You want the JRE. If you have a 64-bit system, get both the 32 and 64-bit versions. You need to install both programs.

http://java.sun.com/javase/downloads/widget/jdk6.jsp

5. ThinkGeek.com, the online store beloved of techies everywhere, has historically offered some very funny "prank" items on April 1st. Some of them are so popular and geeks want them so badly that the items become a reality, like the Tauntaun Sleeping Bag. So for a little amusement and some ideas for gifts (real ones) for the geeks in your life, take a look at what ThinkGeek has to offer. I want the Dharma Initiative alarm clock! (No, I don't get a kickback from them for this. I wish!)

http://www.thinkgeek.com/

And don't forget to check out Google's front page. They always do something amusing on April 1st.

Back to top
Home

4-14-10 - Brady's First Law of Problem Solving: When confronted by a difficult problem, you can solve it more easily by reducing it to the question, "How would the Lone Ranger have handled this?"

1. Firefox update
2. Adobe Reader/Acrobat updates
3. Patch Tuesday
4. Facebook Farm Town malvertising
5. McAfee lawsuit
6. Koobface trojan

1. If you haven't already done this, update Firefox to 3.6.3. The update closes a vulnerability found during the recent Pwn2Own security contest.

http://www.mozilla.com

2. It is extremely important to keep Adobe Reader and Acrobat patched. These programs are targets for malware writers. Adobe has come out with updates for its free Reader and its commercial Adobe Acrobat. Apply update 9.3.2 to Adobe Reader or Acrobat 9.3/9.3.1.

http://www.adobe.com or check for updates from within the program.

3. Yesterday was Patch Tuesday for Microsoft. The patches include coverage for vulnerabilities in MS Office products, too. There was a time when you could automatically check for, download, and install Office updates directly from the Office website. Microsoft has changed that behavior and the only way to automatically update Office is by using Microsoft Update instead of the Windows Update website. If you have Vista or Windows 7, you already use Microsoft Update. To make sure your Office programs are included in the Update check, go to Control Panel>Windows Update and make sure you've checked the box to get recommended updates and updates for additional Microsoft software. Look at what you are being offered first and don't install hardware drivers.

Those using XP and Windows Updates can change over to Microsoft Update at any time if they wish. Otherwise you will need to download Office updates manually. And we all know that won't get done. ;-)

http://www.microsoft.com/windows/downloads/windowsupdate/faq.mspx

4. I'm seeing quite a few posts in the MS Answers forums from people who got infected with rogue antivirus software while using Farm Town, a Facebook game. Some of these people may have installed Facebook apps (a terrible idea and a great way to get infected) but now it has come to light that the Farm Town game was serving malvertisements. A malvertisement is a an ad which has been coded to serve up malware. Read about it here:

http://www.theregister.co.uk/2010/04/12/farm_town_malicious_ads/
http://www.sophos.com/blogs/gc/g/2010/04/12/farm-town-virus-warning

The Farm Town game has more than 9 million users, so you can imagine how happy the malware providers are. Unfortunately, the Facebook admins were not responsive to users' pleas for help and worse, when contacted by a highly respected malware fighter, they blocked her posts on their forum! Sandi Hardmeier, an MS MVP who has been a driving force in the malware-fighting community, has the story on her blog here:

http://msmvps.com/blogs/spywaresucks/default.aspx

Way to go, Facebook admins. Great head-in-the-sand attitude. If you play games which serve up ads on websites which do not protect their users, then you are taking a big chance. Quoting Graham Cluley from the Sophos blog linked above, ""Until the makers of Farm Town resolve the problem of malicious adverts, my advice to its fans would be to stop playing the game and ensure that their computer is properly defended with up-to-date security software."

As I've mentioned before, there is a saying in the security field that if an end user has to chose between a safe, clean computer and a flying pigs screensaver, the flying pigs will win every time. Do you really need those flying pigs?

5. McAfee, makers of possibly the worst antivirus/security programs on the planet, are being sued for promoting third-party services during the installation of the McAfee program. Since I will not install McAfee for clients I haven't seen this, but apparently the installer was popping up ads that looked like part of McAfee but really signed the end user up for monthly services with an affiliate. Truly repellent behavior. So if you have recently purchased McAfee on line, take a look at your credit card statements.

http://www.theregister.co.uk/2010/04/14/mcafee_pop_up_lawsuit/
http://news.techworld.com/security/3220130/mcafee-sued-over-pop-ups

6. One of the nastiest trojans you can get is koobface. Koobface infections are very hard to remove, especially if the user has also installed multiple Facebook apps, and the infected computer usually requires a clean install of Windows. Here's a good explanation of it from ESET's Randy Abrams:

http://www.eset.com/blog/2010/04/07/what-is-koobface

If you have an interest in learning about computer security, the ESET ThreatBlog is a useful resource - http://www.eset.com/blog/

Back to top
Home

4-24-10 - There is a moment in every dawn when light floats, there is the possibility of magic. Creation holds its breath. The moment passed as it regularly did on Squornshellous Zeta, without incident." -- Douglas Adams, "Life, the Universe, and Everything"

1. Updates - Apple OS X, Java JRE 6u20
2. Identity theft article
3. Privacy and staying safe on Facebook
4. Warning about phish aimed at QuickBooks users
5. Some general malware information

1. Last week Apple patched a critical Mac OS X vulnerability used by a security researcher three weeks ago to win $10,000 for hacking Safari at the Pwn2Own contest. Mac OS X owners cannot be complacent about computer security. It is vital to keep OS X patched. Go to System Preferences and click on Software Update and then click the "Check now" button.

There is a new update for Java. You want JRE 6u20. At this point you should have only one Java installed on your computer, hopefully the last-but-one (Update 19). If you have multiple instances of Java, uninstall them all and then download/install Update 20.

http://java.com/en/download/manual.jsp

Pay attention when you are installing Java and don't inadvertently install the Yahoo or Bing toolbars. Third-party toolbars are, in general, not good to have on your computer.

2. Following a link from the ESET ThreatBlog, I found this excellent website about identity theft by George Jenkins:

http://ivebeenmugged.typepad.com/

Do not read blogs like this if you are a paranoid person! If you're looking for well-reasoned and well-written information to enable you to become informed, then this is a good resource.

3. There's a particularly useful article by R. Michelle Green called "Facebook Newbie? Read This First" that should be required reading for anyone using Facebook.

http://ivebeenmugged.typepad.com/my_weblog/2010/04/facebook-newbie.html

And in the wake of Facebook's latest privacy rollback, here's an article about "How to Restore Your Privacy on Facebook:

http://lifehacker.com/5522433/how-to-restore-your-privacy-on-facebook

4. Warning about phishing attempt aimed at QuickBooks users - One of the members of a security mailing list to which I subscribe passed on this request from Alison Ball, Sr. Program Manager at Intuit:

"I am hoping you can warn your readers/friends/colleagues, etc about this phishing email that went to one of our customers today, and ask your peeps to report them to security@intuit.com if they get one? Also – please warn people NOT TO CLICK THE LINKS!! Instead, they should just forward it to security@intuit.com and then delete it without clicking anything."

The text of the phishing email is below between the asterisks. As Ms. Ball said, if you get this email DO NOT CLICK ON ANY OF THE LINKS IN IT!!!! I've munged the supposed From address just to be safe, too. If you get an email like this please take a moment to forward it to security@intuit.com and then delete it. If you want to do this and don't know how to forward an email (I know, I know, I don't want to insult anyone's abilities but just in case....) call me.

*****[BEGIN FAKE EMAIL]
From: Intuit Company [mailto:update@intuit.cXXXom]
Sent: Monday, April 19, 2010 11:55 AM
Subject: Intuit Update

Dear customer,

NOTE: Read this letter up to the end. You will mislay access to your account on Intuit website without actions described below,

Because of the increasing number of attemptsto hack the accounts of clients we are doing everything to perfect the technology of our security system. Thats why you need to do these actions to perfect the security of your Laptop.

Please do all the actions of this instruction:

1. Change your password on your private cabinet at least once a month.
2. Install and update your antivirus regularly.

Do not pass login and password from our service to others.

3. Do not install expansion to your browser from the unknown vendors.
4. Download and install Intuit Secure Software, which guards your browser from viruses done to steal information (usernames, passwords, etc.). Also it will provide additional security when working with a private cabinet and your financial information. NOTE: Beginning with 24 of April 2010 you wont have an admittance to the services of our company without an installed Intuit Secure Software.

System requirements :
Mozilla FireFox 2.0 and above
Windows XP, Vista, 2000, 2003, Seven
Internet Explorer 6.x, 7.x, 8.x

ATTENTION: You will not be able to use our service without update from 24 of April 2010

Download :
· Intuit Secure Software for Quickbooks Users
· Intuit Secure Software for Intuit Merchant holders
· Intuit Secure Software for PayCycle customers
· Intuit Secure Software for Quicken users

If you are not Microsoft Windows user you can use our services as usual
*****[END FAKE EMAIL]

5. Top 10 signs your compuer may be part of a Botnet - great article by the ESET team on their ThreatBlog:

http://www.eset.com/blog/

These symptoms can also be produced by malware that isn't making your computer a zombie, too. If you have these symptoms, it's definitely Scanning Time.

http://www.elephantboycomputers.com/page2.html#Removing_Malware

Further down on the same blog page are excellent entries about fake IRS emails/scams, a followup (with video!) of how Koobface works, and a good answer to the question I'm sometimes asked, "Why should I care if my computer is infected? There's nothing important on it."

Back to top
Home

5-5-10 - "On my planet we don’t marry people we don't love unless they're critically ill billionaires." -- John Crichton ("Farscape")

1. Learning Windows
2. Fast-spreading worm
3. Facebook and privacy
4. Two scams

1. I have quite a few clients buying new computers with Windows 7 now. In my normal Googling around, I found this very useful site from Microsoft filled with "How Do I" videos. Don't forget that Microsoft is a great resource for learning about their products.

http://technet.microsoft.com/en-us/windows/dd314385.aspx

2. The Palevo.DP worm is fast-spreading and targets USB drives. The worm is being spread by users of P2P programs (file sharing) like Limewire, eMule, etc.

http://news.techworld.com/security/3222479/fast-spreading-p2p-worm-targets-usb-drives/

"The worm lures victims using a link embedded in a spam IM message, which leads to what appears to be an image file but is actually the malicious payload. From that point on, the malware burrows into the host by installing a number of files that compromise the Windows XP firewall."

"Two elements make Palevo.DP interesting. First, it copies itself to network shares from the infected PC as well as USB sticks or other external drives. Any unprotected system with the Windows autorun feature turned on – basically almost every PC - will find itself infected as those drives are moved from PC to PC."

"The second feature is its targeting of P2P services by adding code to shared program files. The combination of removable media and P2P gives the worm a two-pronged attack-and-spread strategy which allows it to target home systems which are then used to launch attacks on better-defended business PCs from inside the network perimeter."

3. Facebook and privacy - one of these things is not like the other.

Consumer Reports survey - 52% of adult users of social networks (Facebook, MySpace, etc.) have posted risky personal information online; 23% of Facebook users either didn't know that the site offered privacy controls or chose not to use them.

http://blogs.consumerreports.org/electronics/2010/05/social-networks-facebook-risks-privacy-risky-behavior-consumer-reports-survey-findings-online-threats-state-of-the-net-report.html

Facebook changed its privacy settings layout, apparently making it very difficult to opt out completely. The Electronic Frontier Foundation (a most excellent organization) created a tutorial to help:

"How to Opt Out of Facebook's Instant Personalization" - http://www.eff.org/deeplinks/2010/04/how-opt-out-facebook-s-instant-personalization

Also see "Six Things You Need to Know About Facebook Connections" - http://www.eff.org/deeplinks/2010/05/things-you-need-know-about-facebook

The ever-useful ESET Threat Blog has been covering this and points to a Facebook Privacy & Security Guide from Social Media Security. This site has a wealth of information about, as they say, "exposing the insecurities of social media" and how to protect yourself.

The downloadable Facebook Privacy & Security Guide v2.1 is here (.pdf format) - http://socialmediasecurity.com/security-guides/facebook/

A Gizmodo editor goes even further with "Top Ten Reasons You Should Quit Facebook". - http://gizmodo.com/5530178/top-ten-reasons-you-should-quit-facebook

I doubt that most Facebook users are going to do this, but it's an interesting read.

And as a related reminder, I just clean-installed Windows on another computer where the owners clicked on links from Facebook. If you don't want this to happen to you, don't install applications or click on links in messages and ads on social networking websites. You Have Been Warned. ;-)

4. The Eset Threat Blog also has an interesting entry about "The Juror Scam". Apparently there is a nation-wide telephone scam going on where the evildoers identify themselves as court officials, "claiming that you have ignored a summons to jury duty". The bad guy caller will then try to get your Social Security number and other personal identifiers. Hopefully you are too smart to fall for this, but the important information to come away with is:

"Unless you have initiated the call....never give out your personal information over the telephone." - http://www.eset.com/blog/2010/05/03/the-juror-scam

New Craigslist scam which targets your cellphone - http://consumerist.com/2010/05/new-craigslist-scam-harvests-your-cellphone-crams-995month.html

Back to top
Home

5-16-10 - "Is there some kind of stupid alien quotation book you guys use?" -- John Crichton ("Farscape")

1. New version of Adobe Shockwave Player
2. More on Facebook privacy (or lack thereof)
3. Microsoft Office 2010

1. There is a new version of Adobe's Shockwave Player which patches various vulnerabilities. Get the latest version from http://www.adobe.com and install it.

2. There is a wonderful blog post by Danah Boyd (MS Research New England) about Facebook and "radical transparency". If you and/or your children are Facebook users, it may give you a jolt about what information you are inadvertently sharing with strangers.

http://www.zephoria.org/thoughts/archives/2010/05/14/facebook-and-radical-transparency-a-rant.html

Here are two paragraphs from the article which I think may pique your interest:

"A while back, I was talking with a teenage girl about her privacy settings and noticed that she had made lots of content available to friends-of-friends. I asked her if she made her content available to her mother. She responded with, “of course not!” I had noticed that she had listed her aunt as a friend of hers and so I surfed with her to her aunt’s page and pointed out that her mother was a friend of her aunt, thus a friend-of-a-friend. She was horrified. It had never dawned on her that her mother might be included in that grouping.

"Over and over again, I find that people’s mental model of who can see what doesn’t match up with reality. People think “everyone” includes everyone who searches for them on Facebook. They never imagine that “everyone” includes every third party sucking up data for goddess only knows what purpose. They think that if they lock down everything in the settings that they see, that they’re completely locked down. They don’t get that their friends lists, interests, likes, primary photo, affiliations, and other content is publicly accessible."

3. For those of you who might care, Microsoft has finished its latest version of Office. Office 2010 will be available for purchase sometime in June. Office 2010 will be offered in the usual dizzying array of varieties (see link) but only as a full version. Microsoft didn't create any less expensive upgrade versions and frankly, I think that's A Good Thing from the aspect of not having to keep track of your old Office discs for qualifying media when you need to reinstall.

Here's the link to Mr. Bott's article, "Office 2010: a deeper dive" - http://www.zdnet.com/blog/bott/office-2010-a-deeper-dive/2042

To summarize his article, if you currently have Office 2007 and are happy with it, don't bother upgrading. If you currently have Office 2003, it would be worth upgrading to Office 2010 - unless you're perfectly happy with the older version. If you only use a few of Office's vast number of features, then why spend the money? Office 2003 users will find there is a steepish learning curve to using Office 2007 and subsequently Office 2010 although I've been told by real Office users that it is worth the trouble. Obviously if you do want to upgrade from Office 2003, get the current 2010 version next month. Buy the 32-bit version, even if you have a Vista or Windows 7 64-bit operating system. The only reason to get Office 2010 64-bit is if you need to open Excel spreadsheets or Access databases bigger than 2GB. Most specialized add-ins won't work in the 64-bit version because they were written for Office 32-bit.

A. The home editions:

1. Microsoft Office Home and Student 2010 - The full retail version can be installed on up to three PCs in a single home. It includes the four core apps only, and the license agreement specifically prohibits its use “in any commercial, nonprofit or revenue-generating activities, or by any government organization.”

2. Microsoft Office Home and Business 2010 - Targeted at small businesses and power users, it adds Outlook to the core apps.

3. Microsoft Office Professional Academic 2010 - Adds Outlook, Publisher, and Access. Available to anyone with an @__.edu address, it is sold only through authorized academic resellers.

B. The business editions:

1. Microsoft Office Standard 2010 - Adds Outlook and Publisher to the core apps. Available via volume licensing only.

2. Microsoft Office Professional 2010 - Adds Outlook, Publisher, and Access. Sold through Retail channels only.

3. Microsoft Office Professional Plus 2010 - Includes Outlook, Publisher, Access, SharePoint Workspace (formerly Groove), Communicate, and InfoPath. Available via volume licensing only.

Office 2010 licensing and features matrix - http://technet.microsoft.com/en-us/library/ee523662.aspx

System requirements for Office 2010 - http://technet.microsoft.com/en-us/library/ee624351.aspx

Note that if you have XP it must have Service Pack 3 installed. Vista (which is currently at Service Pack 2) systems require that Service Pack 1 be installed.

Back to top
Home

5-26-10 - "Bill Gates can’t guarantee Windows, how can you guarantee my safety?" -- John Crichton ("Farscape")

1. Apple iTunes phish
2. New Facebook privacy settings
3. Google Chrome out of beta for Mac OS X and Linux
4. Apple's Back to School program

1. Here's a pretty good phish - I got an email this morning supposedly from "consultants@itunes.com" thanking me for buying a $50 gift certificate. It said to just open the attachment (which turned out to be a Windows executable file) to verify my account and then enjoy my gift certificate. It momentarily fooled me because it did come to the email address I use for my iTunes account, an email address I use for almost nothing else. Looking at the full headers on the message showed me that it really came from dairymaidsq97@boyweb.com - certainly not an official Apple domain!

From a discussion on the security mailing list to which I subscribe, I'm not the only one who got this. The detection on the attached executable is that it is a trojan downloader. So if you get something like this, delete it with the attachment unopened. I'm sure most of you know that Apple will not send out an email with a Windows executable attachment, but I thought I'd mention it.

2. New Facebook privacy controls arrived today. So take a look at them and be proactive in protecting yourself. Here are some links to articles about the new settings:

http://www.zdnet.com/blog/igeneration/facebook-privacy-settings-better-doesnt-undo-the-damage-already-done/5119
http://www.foxnews.com/scitech/2010/05/26/facebook-vastly-simplifies-privacy-settings/

And from Facebook's Mark Zukerberg himself: - http://blog.facebook.com/blog.php?post=391922327130

3. For those of you who might be interested, Google Chrome is now out of beta on Mac OS X and Linux. I know lots of Windows users who really like Chrome, but I found it too unstable on my Macs. I still love my Firefox but it's always good to have another browser installed (I don't count Safari as useful since I hate it) so I'll give Chrome a try now that it is out of beta.

http://www.google.com/chrome?platform=mac

Here's a link to Lifehacker's guide to useful Google Chrome extensions - http://lifehacker.com/5547211/fix-the-webs-biggest-annoyances-with-google-chrome

4. Apple has launched its annual Back to School program - a free 8GB iPod touch after a $199 online rebate if you buy a new Mac.

http://store.apple.com/us/browse/campaigns/back_to_school?mco=MTc5NzIzMjU

Apple's requirements for the program - http://storeimages.apple.com/1697/store.apple.com/Catalog/US/Images/backtoschool/bts-qualify-popup.html

Back to top
Home

6-2-10 - "You can't make a half sandwich. If it's not half of a whole sandwich, it's just a small sandwich." -- Dr. Sheldon Cooper, "The Big Bang Theory"

1. Malware on OS X
2. No one should still be using Internet Explorer 6 (or even 7)
3. Malware attacks on Facebook
4. Greeting card spam/malware - again!
5. Security update for Adobe Photoshop CS4 - Windows and Mac
6. On a lighter note...

1. While malware is still far less prevalent on OS X than it is on Windows, Mac users should not become complacent. People looking for free screensavers (a common source of infection in the Windows world) and a video converter recently picked up some nasty spyware. Read the article the article by Elinor Mills here:

http://news.cnet.com/8301-27080_3-20006502-245.html

Also see this entry about OS X malware from the ESET Threat Blog:
http://www.eset.com/blog/2010/06/02/mac-malware-osxopinionspy

2. Are any of you still using IE6? It is important for your computer's security to get rid of it. IE7 isn't much better. Upgrade to IE8 or use a current version of an alterate browser like Firefox or Google Chrome.

I've seen several customers who have been unable to update to IE8 because they must access business-related websites or they use proprietary software which requires IE6. Anyone in that position should be pressuring the website/software creators to update their requirements. If your corporate network is infected because of being forced to use vulnerable software, it can cost you thousands of dollars to recover.

IE 6 Remains Attack Magnet
http://www.informationweek.com/news/security/client/showArticle.jhtml?articleID=225200720

3. A viral clickjacking worm hit Facebook users over this past holiday weekend. While I'm sure all of my readers are far too smart to click on links in Facebook messages, these articles by Graham Cluley and Richard Cohen describe the attack and the fix.

http://www.sophos.com/blogs/gc/g/2010/05/31/viral-clickjacking-like-worm-hits-facebook-users/
http://www.sophos.com/blogs/sophoslabs/?p=9783

In the same vein, a "Naughty Camera Prank" virus hit Facebook this past Saturday. According to Graham Cluley, this is the third Saturday in a row that Facebook has been attacked with this.

http://www.sophos.com/blogs/gc/g/2010/05/29/naughty-camera-prank-virus-hits-facebook-users/

4. Also from Mr. Cluley's blog, I see that greeting card spam is once again on the rise. I can't believe that anyone in this day and age - and certainly not any of you, my Gentle Readers - would open an email attachment purporting to be a greeting card, but in case you have less computer-savvy friends/relations here's the article:

http://www.sophos.com/blogs/gc/g/2010/06/01/bad-tidings-greetingcardzip-spam-spreads-malware/

5. There is an important security update available for Adobe Photoshop CS4. Per the Adobe security bulletin, there is a critical vulnerability in Photoshop CS4 11.0.1 for both Windows and OS X which could allow an attacker to take control of the system. Users of Adobe Photoshop CS4 should update immediately to version 11.0.2 per the instructions at the link below:

http://www.adobe.com/support/security/bulletins/apsb10-13.html

6. To counteract all the foregoing doom and gloom, there is an interesting article about a collaboration between IBM and Jim Henson in the late 1960s. IBM contracted with Mr. Henson to produce a series of short films starring the Muppets for training purposes. The "Coffee Break Machine" skit is priceless. It works perfectly for IT people thinking about users and users thinking about computers. ;-)

http://technologizer.com/2010/05/31/ibm-muppets/

Back to top
Home

6-10-10 - "No power in the 'verse can stop me." -- River Tam ("War Stories", Firefly)

1. Securing Facebook
2. Program updates - Safari, Adobe Flash Player
3. Microsoft force-installs an add-on into Firefox without asking
4. Microsoft Office Web Apps

1. I can hardly stand thinking about Facebook any more, but here is a slide-show and an in-depth article about securing your profile.

http://threatpost.com/en_us/slideshow/Securing-Your-Facebook
http://msmvps.com/blogs/harrywaldron/archive/2010/06/09/facebook-some-practical-safety-and-privacy-tips.aspx

2. Program updates

Safari 5.0 is now available. If you use Safari on either Windows or OS X, please update. The new version plugs at least 48 different security vulnerabilities. If you have the older Mac OS X 10.4 (Leopard) operating system, update to Safari 4.1.

http://www.apple.com/safari/

Adobe Flash Player 10.1 is now available for download for Windows, Mac, and Linux. This version plugs the critical security holes recently found in Flash Player. Adobe will be issuing a security update for Adobe Reader and Adobe Acrobat so be on the lookout for that around June 29th.

http://www.adobe.com/support/security/
http://get.adobe.com/flashplayer/

There is an installer for Internet Explorer and a different installer for plug-in based browsers like Firefox. If you use browsers other than IE in Windows (and hopefully you do!) install both.

3. Microsoft adds the Search Helper Extension to Firefox without permission:

http://arstechnica.com/microsoft/news/2010/06/microsoft-slips-ie-firefox-add-on-into-toolbar-update.ars

Apparently as part of its regular Patch Tuesday, Microsoft released an update for various toolbars. That's fine if they want to do that for their own toolbars like Windows Live Toolbar and the Bing toolbar. Frankly, it's not fine that they also automatically installed this Search Helper Extension in Firefox with no user interaction. There is no documentation about this Extension and no uninstall button. This type of behavior is exactly why Microsoft is so disliked. It is beyond me why the company doesn't understand that doing this sort of thing should be Right Out.

To see if you have this Search Helper Extension installed in Firefox, go to Tools>Manage Add-ons. If it is there and bothers you, close Firefox and navigate to C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper and delete the "firefoxextension" folder you see there. If you have Vista/Windows 7, you'll need to supply the password/OK to the UAC prompt. The SEPsearchhelperie.dll file is the Internet Explorer add-on if you want to delete that one, too. Close Internet Explorer first if it is running.

4. Microsoft has rolled out its free Office Web Apps 2010. Office Web Apps are a free, basic office suite designed to compete directly with Google Apps. Lifehacker did an interesting comparison:

http://lifehacker.com/5560352/how-does-office-web-apps-compare-to-google-docs

Since I don't use an online office suite and since I eschew all things Windows Live, I can't comment on how useful Office Web Apps would be to someone else. if you're interested in this aspect of "cloud computing", here are the links:

http://office.microsoft.com/en-us/web-apps/
http://www.google.com/apps/

Back to top
Home

6-29-10 - "Greetings traveller. I'm Garth Marenghi, horror writer. Most of you will probably know me already from my extensive canon of chillers, including Afterbirth, in which a mutated placenta attacks Bristol. Back in the 1980s, I wrote, directed and starred in Garth Marenghi's Darkplace, a television program so radical, so risky, so dangerous, so goddamn crazy, that the so-called powers that be became too scared to show it, and gypped me. Much in the same way women have done ever since they sniffed out my money." -- Garth Marenghi, "Darkplace"

Various program updates:

Apple has a security update for Snow Leopard, bringing the current version up to 10.6.4.

http://support.apple.com/kb/DL1048

iTunes 9.2 for both OS X and Windows. Don't forget to get the 64-bit installer if you have Vista/Windows 7 64-bit.

http://www.apple.com/itunes/download/
http://support.apple.com/kb/DL1047 (64-bit installer)
http://www.apple.com/quicktime/download/

Firefox update to 3.6.6 - http://www.mozilla.com

Adobe Reader and Acrobat security updates released - http://blogs.adobe.com/psirt/

Get the latest update from http://www.adobe.com.

New Microsoft Security Essentials version, if anyone is using this - http://www.microsoft.com/security_essentials/

Back to top
Home

7-10-10 - She was like a candle in the wind... unreliable." -- Dean Learner, "Darkplace"

1. Free wifi at Starbucks
2. Java update - JRE 6 Update 21
3. OpenDNS FamilyShield
4. Windows 2000

1. Starbucks is now offering free Wi-Fi to all its customers at every location. But here's a cautionary note - never surf anywhere important like your online bank while using a public wireless network (not just at Starbucks). If you have Windows Vista or Windows 7, you'll be asked what type of network this is before you connect. Always choose "Public" which will protect your files from being viewed by others. People using Windows XP or Mac OS X with file sharing turned on need to take a moment to turn that OFF while using a public network.

Lifehacker has a good article detailing how to do this - http://lifehacker.com/5576927/how-to-stay-safe-on-public-wi+fi-networks

2. There's an update to Java. If you have a 64-bit system, install both versions of Java. Go here:

http://java.sun.com/javase/downloads/index.jsp

click the "Download JRE" button and then choose your operating system ("Select Platform...).

3. When people ask me how to do web filtering, I always suggest using OpenDNS. It's a free and relatively easy way to control what kind of content is available to surfers using your Internet connection. You can check it out here: http://www.opendns.com.

OpenDNS has just announced FamilyShield, a basic and simplified web filter. From their page:

"What's the difference between FamilyShield and OpenDNS Basic? Choose FamilyShield if you're looking for a quick, no-fuss way to protect your children from adult content online for free. Choose OpenDNS Basic if you'd like a more customizable alternative — you can block or unblock lots of other types of sites, see reports on how your family uses your Internet connection, and more. OpenDNS Basic offers everything FamilyShield does, and it's also free, but it requires a few extra setup and customization steps. "

The problem with most web filtering software is that it tends to block sites you might really want to get to. I have used OpenDNS Basic on my home network and set it up for clients for quite a few years. I like the configurability of it with the ability to whitelist/blacklist domains and it hasn't kept me from getting anywhere I want to on the Internet. However, if you find configuring the basic OpenDNS settings too tricky, FamilyShield might be for you.

http://www.opendns.com/familyshield

If you find using FamilyShield too restrictive, then you can always switch to the more configurable OpenDNS Basic.

4. Support for Windows 2000 ends this coming Tuesday, July 13th. Anyone still running Windows 2000 on computers which have outside world access should take steps to replace those machines with ones which can run Windows 7. There will be no more updates of any kind for Windows 2000 and those machines cannot be run securely. I can tell you with almost 100% certainty that they're not running securely *now*!

In many cases, companies are running proprietary software designed to run on older, now obsolete Windows operating systems. If you are in that situation, contact the software vendor(s) to see what will be required in order for you to run their program on a Windows 7 computer.

If security isn't an issue (i.e., the computers have no Internet/outside access whatsoever) then certainly keep your Windows 2000 machines. Just bear in mind that when they finally die, you will need to replace them with Windows 7 machines (or whatever the current version of Windows happens to be) which might not support any specialized or older software you are running. Better to plan ahead instead of getting caught in a crisis with limited options.

Back to top
Home

8-1-10 - We are stuck with technology when what we really want is just stuff that works." -- Douglas Adams, "The Salmon of Doubt"

1. Rogue security programs
2. Program updates - iTunes, Firefox, Safari
3. Out-of-band critical security update for Windows on Tuesday, August 2nd
4. Using OpenDNS

1. Rogue security programs are a pandemic that shows no sign of flagging. Every week I get at least one computer into the shop which is infected with one of these scourges. Here's an absolutely fascinating article about the level of sophistication that rogue security programs have reached. Nicholas Brulez, Kaspersky Lab Expert writes about his experience with a rogue's online "support" person:

http://www.securelist.com/en/blog/249/Technical_Support_theyre_not_always_the_good_guys

2. Program updates - iTunes 9.2.1, Firefox 3.6.8, Safari 5.0.1

Get iTunes and Safari from http://www.apple.com and Firefox from http://www.mozilla.com.

2. Make sure you install this critical out-of-band security update on all your Windows machines. It should be available from Windows Update starting this coming Tuesday, August 2nd.

Microsoft Security Bulletin Advance Notification for August 2010 - http://www.microsoft.com/technet/security/bulletin/ms10-aug.mspx

" The bulletin addresses a security vulnerability in all supported editions of Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2, that is *currently being exploited in malware attacks.* "

The update addresses the Critical shortcut (.lnk) vulnerability - http://www.microsoft.com/technet/security/advisory/2286198.mspx

Experts Warn of New Windows Shortcut Flaw - http://krebsonsecurity.com/2010/07/experts-warn-of-new-windows-shortcut-flaw/

Again, it is crucial that you install this on all your Windows machines.

3. Using OpenDNS - I've written about using OpenDNS for web filtering before. The basic level of OpenDNS (and the one I use on my own home network) is free and easy to configure. I strongly recommend it for everyone. Even if you don't want to actively filter your web access, using OpenDNS provides some protection against common worms, attacks, and malware. If you only have one computer and are currently connected directly to the cable or DSL modem, it is a good security step to purchase a router. A router helps hide your computer from the outside world and you can then configure OpenDNS on it. You can configure OpenDNS directly on your computer too, but it's best to do it on the router - particularly if you have multiple machines. Of course if you're in our service area, Elephant Boy Computers is happy to set this all up for you. But if you want to DIY, here's a great article about OpenDNS which is written for non-techies.

The Complete Guide to OpenDNS and Why You Need It - http://www.guidingtech.com/3333/opendns-guide/

Back to top
Home

8-17-10 - "You cannot pass! I am servant of the Secret Fire, wielder of the flame of Anor. You cannot pass. The dark fire will not avail you, flame of Udun. Go back to the shadow! You cannot pass!" -- Gandalf ("Lord of the Rings")

1. Drive partitioning
2. Adobe out-of-band patch
3. QuickTime update
4. Another Facebook scam
5. Top Ten Most Dangerous Things You Can Do Online

1. I usually don't get extremely technical in the EBC Reports but I think you need to be aware of how some new laptops are coming partitioned. A simple definition of partitioning is:

"Disk partitioning is the act or practice of dividing the storage space of a hard disk drive into separate data areas known as partitions." Here's the Wikipedia article if you don't have a life and want to read about it:

http://en.wikipedia.org/wiki/Disk_partitioning

A few weeks ago a client brought me her new Dell laptop because she was getting errors about "Low Disk Space". When I examined the laptop, I found that Dell had created a small system partition (C:\, where Windows lives) and a large data partition (D:\). Of course my client had no idea that this was done and had blithely filled up her system partition with all her data, leaving the second partition empty and C:\ in bad shape. I'm frankly disappointed in Dell for doing this. Sony has been guilty of this behavior for years and I was sorry to find it on a Dell. This is a fairly common and desirable partitioning scheme for servers, but I really thought Dell would know better than to partition a consumer-level computer this way. It doesn't make me want to stop recommending Dells because I still like their PCs best, but if you buy a new Dell laptop (I haven't seen this on any of their new Desktop computers) take a moment to open My Computer and look. If you see a small C:\ and a large empty D:\ you have some choices. You can move your My Documents, My Pictures, My Music to the data partition; or you can make new folders on the data partition and do Save As for your files; or you can merge the two partitions into one so you don't have to think about it any more. Windows 7 can merge partitions natively but it is tricksy. If you live in our service area, you might want Elephant Boy Computers to do it for you. :-)

2. Adobe will patch a bug in Reader and Acrobat some time during this week (week of August 16th) in order to close the vulnerability revealed during the last Black Hat conference ("hackers" conference) some time next week.

This is an out-of-band release. Apparently Adobe is now scheduling regular updates quarterly, with the next regular updates scheduled for October 12, 2010.

http://www.adobe.com/support/security/bulletins/apsb10-17.html

As of today (August 17th) it isn't up yet so keep checking. This is important.

3. There is a new version of QuickTime for Windows which patches a stack buffer overflow vulnerability (OS X users are not affected). Windows users should update to QuickTime 7.6.7. which you can get here:

http://www.apple.com/quicktime/download/

4. It's been a while since I wrote about Facebook scams, so it's time to revisit that subject. Apparently a "Dislike" button on Facebook is the latest trap for the unwary. Here's the New York Times article about it:

http://gadgetwise.blogs.nytimes.com/2010/08/17/facebook-dislike-button-is-a-scam/?partner=rss&emc=rss

And here's another article, with pictures:

http://www.sophos.com/blogs/gc/g/2010/08/16/facebook-dislike-button-scam-spreads-virally/

If you fell for this, check your next cell phone bill for unwanted charges and scan your computer for malware.

5. Gizmodo has a list of "The Top Ten Most Dangerous Things You Can Do Online". Nothing new here but it's useful to have a list in one place. Gizmodo got the list from CyberDefender's researchers. I'm not particularly impressed with CyberDefender as a security solution but the list is worth reading.

http://gizmodo.com/5614047/the-top-ten-most-dangerous-things-you-can-do-online

Back to top
Home

8-26-10

Leonard: What am I doing in your spam folder?
Sheldon: I put you there after you forwarded me a picture of a cat playing the piano entitled, "this is funny." ("The Big Bang Theory")

1. Recovery discs and partitions
2. Imaging
3. Various updates

1. Bob Shafer of CO, one of our list members, asked a question about the recovery partition on his computer and I thought covering this subject in an EBC Report might be A Good Thing. On most computers made by Original Equipment Manufacturers ("OEMs") like Dell and HP, there is a small recovery partition. Usually it is labeled as such and if you click on it you'll often get a warning not to touch it. This is because that partition holds an image of the computer as it came from the factory and allows you to do a factory restore. The thing to understand about images is that the OEM doesn't hand-configure every computer they make. For each model, they set one up exactly the way they want it to be when it leaves the factory. This is the master. They then use special software to create an image of the master. That image is applied to all the other computers which are the same model. Rinse And Repeat.

Legally, if a computer is sold with a Windows operating system preinstalled the seller must give the buyer (you!) a way to reinstall Windows. In the Good Old Days this was done by including CDs with either the factory image on them or the Windows operating system itself. In approximately 2001, HP led the way and to save a few pennies stopped sending any CDs with their machines. (The cheap bastards!) Instead, to comply with their contract with Microsoft they created a special partition on the hard drive which holds the factory image.

The factory restore process is normally invoked by pressing a Function key (like F11) at computer startup. There will be a message as to which Function key to press on the screen when you first start your computer. These machines also usually have a utility with which to create physical recovery discs in case the hard drive needs to be replaced or the factory restore image is somehow damaged. The recovery disc creator will have an entry somewhere in your Start Menu. It's important to create these recovery discs because if the hard drive dies you won't have any other way to reinstall Windows. The special partition with its factory image won't exist on a new, bare hard drive. If the day comes when you need to restore Windows and you forgot to create the physical recovery discs and/or damaged the recovery image, you can contact the OEM's tech support to order a recovery disc set. This is normally very inexpensive, around $25-50. Word of warning, however: not all OEMs keep images for older models. For instance, Gateway only holds recovery discs in inventory for three years after manufacture of a particular model. There are after-market sources for recovery discs but no guaranty they'll have your model. So please take the time to create your factory recovery discs or at some sad point you may need to purchase a full retail copy of Windows and that will be much more expensive and, if your version of Windows is obsolete, possibly hard to find.

The special partition holding the factory image should be LEFT ALONE. If you damage it, add stuff to it, scan it, defrag it, or otherwise play with it, the day will come when you have to restore your computer to factory condition and, if you forgot to make recovery discs, There Will Be Tears Before Bedtime. The special partition should also not be monitored by Windows System Restore. It's a waste of space since System Restore can't do anything with this image anyway.

2. "But wait" you say, "if I restore my computer to factory condition it will be back to its state of years ago with none of my carefully chosen programs installed, with all that extra garbage the OEM preinstalled, trial software, an awful/obsolete antivirus, and none of my files!" And you are quite right. As for the "none of my files" bit, I know that all the EBC Reports readers are Brilliant and Wise and are regularly backing up their data to external media like a USB external hard drive, burning to CD/DVD-Rs, and/or using an online backup service such as Mozy. So the data is covered, yes?

http://www.elephantboycomputers.com/page2.html#Backing_Up - Just In Case - ;-)

Well, you too can image your system and instead of using the OEM's recovery image if you need to restore your computer to good working condition you can use your *own* image! With the cost of USB external hard drives so low and consumer-level imaging software so readily available, you can easily create your own recovery images. I like Acronis True Image Home for this because it does incremental backup imaging so your images are fresh. Other examples of imaging software are Norton Ghost, Paragon Backup & Recovery, O&O DiskImage, and FarStone Total Recovery.

If you have Macs then you can have the automatic power of Time Machine (or Time Capsule for multiple Macs). And Time Machine is Awesome. True story. ;-)

http://www.apple.com/macosx/what-is-macosx/time-machine.html
http://www.apple.com/timecapsule/

You may not want to Get Your Geek On quite so much but at least now you know about these things. And we're all about the "Knowledge Is Power" thing, yeah?

3. Various program/OS updates:

Picasa 3.8 - http://picasa.google.com/index.html##

OS X Snow Leopard Nvidia graphics update - http://support.apple.com/kb/HT4286

OS X Snow Leopard Security Update 2010-005 - http://support.apple.com/kb/HT4312

Available from Software Update (under System Preferences if you want to invoke it manually) or downloadable from:
http://support.apple.com/kb/DL1094

VMware Fusion to 3.1.1 - http://www.vmware.com/products/fusion/

Adobe Reader 9.3.4 now available - http://www.adobe.com

Many thanks again to Bob Shafer for his excellent question. Remember, if you have questions you'd like me to address in an EBC Report just drop me an email and I'll see what I can do.

Back to top
Home

9-6-10 - "I have always wished for my computer to be as easy to use as my telephone; my wish has come true because I can no longer figure out
how to use my telephone." -- Bjarne Stroustrup, designer and implementor of the C++ programming language

1. iTunes update
2. New rogue security technique
3. Controlling your domain name
4. Reminder: International Talk Like A Pirate Day

1. iTunes 10 is now available - http://www.apple.com/itunes/download/

Don't forget that if you're running a 64-bit system you need the 64-bit installer - http://support.apple.com/kb/DL1047

2. The new rogue MSIL/Zeven looks like a warning from your browser, mimicking the look of Microsoft Security Essentials. Both Internet Explorer and Firefox will warn you when a webpage you're visiting is dangerous. The Zeven malware tries to take advantage of this. This MS TechNet blog article gives the details, with pictures:

http://blogs.technet.com/b/mmpc/archive/2010/09/01/rogue-msil-zeven-wants-a-piece-of-the-microsoft-security-essentials-pie.aspx

Legitimate browser warnings do NOT offer any "solutions" for you to download; Firefox for instance just gives you the choice of continuing or "Get me out of here!". The Zeven malware offers you a rogue security program called "Win7 AV". Rogues have become one of the most prevalent types of malware infections I see here in the shop. Continue your vigilance and stay safe!

For further general reading, here's a brief overview of the rogue/scareware malware scene by Kurt Baumgartner from Kaspersky Labs:

http://www.securelist.com/en/blog/2275/Understanding_Current_Trends_in_the_Fake_Anti_Virus_Scareware_Ecosystem

3. After running into the third client who didn't realize that someone they hired to create and set up their company's website has control over their domain, I think it's time to revisit the topic of domain names and why you should be the one in control.

I wrote a brief explanation of domain names here - http://www.elephantboycomputers.com/archive.html#03-18-03

So if you need a refresher on what domain names are, then please go read that and then come back. I'll wait. ;-)

OK, so now we come to what happens when you let someone who doesn't work directly for you (your outside tech firm or your outside web designer) set up your domain name and web hosting and retain control over it. There are two issues in particular:

A. What happens when you no longer want to work with this outside person/company? Your domain name (let's call it YourBusiness.com) is in *their* name, not yours. This means that any time you want to make a change - add/remove email addresses, change website management authorization, renew your domain name, even switch your web hosting company, etc. - you have to go through them. They can hold you up for more money than it would cost you to manage these things yourself. Or maybe the person/company with whom you did this business years ago is no longer around.

In many situations, the outside party will be hosting YourBusiness.com themselves or be using a web hosting company which doesn't offer the best prices, benefits, or security. Or when the time comes up to renew, you'll have to pay this outside party instead of renewing with the domain registrar/web hosting company directly. One of my clients found this out the hard way by going to their company website to discover that it didn't exist any more. The outside party - a tech support company they hadn't used in many years - had allowed the domain name registration to lapse, purposely not setting it up for automatic renewal so my client would be forced to pay them. This company charged my client far more than the few dollars a domain name renewal really costs. There are ways to take back ownership of your domain and laws against domain name hijacking, but it takes time and in some cases attorney's fees. Best not to be in that situation in the first place.

B. How do you ensure that your website is hosted on a well-maintained server? Running a web hosting company requires very specialized skills and constant vigilance on the part of its IT staff to make sure their webservers stay safe. I had a call from a client who has a home business the other day. Every time he went to his business website, his browser would give him a warning and the site would try to download something. (This was a legitimate warning, not a rogue as described in Item 1 of this EBC Report.) He thought it was his computer and since it had just been in my shop, naturally he called me. I checked it out for him and had the same experience using Firefox on my Mac. The download was a trojan and it was clear that his website had been compromised. My client had the website set up by an outside web designer who was hosting the site himself, who obviously wasn't keeping his webserver secured, and my client could do nothing about this until his web designer fixed the server - something that was apparently taking a very long time to do. In the meantime, all the people who were visiting his website to purchase his goods were exposed to infection.

The bottom line is that you must own your domain name, know where it is registered and where your website is being hosted (sometimes not the same place), and have control over your account(s). It's fine to have someone else set up the domain name and web hosting for you, but make sure that they are acting only as your agent, that you pay for the domain name registration and hosting with your own credit card, and that all paperwork, files, etc. are in your name and in your possession. You can't just do the hand-wave and let someone else have control because "you don't know about this stuff". This is your business, after all.

4. Here we are in September already! On a lighter note, remember that September 19th is International Talk Like a Pirate Day. Don't forget to enjoy some piratey stuff then, Matey!

http://www.talklikeapirate.com/

Back to top
Home

9-20-10 - "The plural of anecdote is not fact." -- Cory Doctorow

1. Mac 101
2. Program updates
3. Free Staying Safe Online book from Microsoft
4. More about OpenDNS

1. For those of you who have just switched to a Mac or are considering the switch, here's a handy index of the Mac 101 "All Work and Play" articles:

http://www.apple.com/support/mac101/work/

The articles are short, easy to follow, and a good place to start.

2. Program updates:

a. Firefox 3.6.10 - http://www.mozilla.com

b. Security update for Adobe Flash Player to plug a critical vulnerability - http://www.adobe.com/support/security/bulletins/apsb10-22.html

Remember that there are two versions of Flash Player: one for Internet Explorer and one for everyone else (plug-in based browsers like Firefox).

Also look for an update to Adobe Reader to come out the week of 9/27. This is designed to close another nasty vulnerability so make sure to update Reader then.

http://www.adobe.com

To help protect your computer against Adobe Reader-targeted exploits (and there are many), it is wise to disable Javascript in it. Go to Edit>Preferences and uncheck "Enable Javascript".

c. Security Update 2010-006 for Mac OS X. Get it by running Software Update or directly from Apple downloads.

About the update: http://support.apple.com/kb/HT4361
Download: http://support.apple.com/kb/DL1105

3. Free digital book from Microsoft, "Own Your Space - Keep Yourself and Your Stuff Safe Online"

The webpage says the book is "for Teens" but probably any less-than-Internet savvy grownup could benefit from it, too.

Download the whole thing or just the bits you want:
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=87583728-ef14-4703-a649-0fd34bd19d13&displayLang=en

4. OpenDNS news - You know how strongly I recommend using OpenDNS to keep your network safe. Here's an article by David Pogue which explains the service:

http://www.nytimes.com/2010/08/19/technology/personaltech/19pogue.html?_r=1

(I recommend anything written by Mr. Pogue - he's one of those rare writers who is technologically adept and at the same time writes for non-techies.)

OpenDNS also has a free phishing research site, The PhishTank. If you have a suspect site, you can look it up. You can also look in the Phish Archive. If you want to submit a phishing website, you have to create a free account but that's no biggie.

You don't need to use the OpenDNS service to use PhishTank but using OpenDNS is a smart and easy way to make your network safer. Setting up OpenDNS is simple but if you're too busy or don't want to be bothered, remember that Elephant Boy Computers is happy to come out and do it for you.

http://www.opendns.com/
http://www.phishtank.com/

I hope everyone remembered to Talk Like A Pirate yesterday. If you forgot, here's some piratey music for you so you can hoist a tankard of grog and celebrate belatedly:

http://www.talklikeapirate.com/songs1.html

Avast, me hearties!

Back to top
Home

10-8-10 - “Anything that gets invented after you’re thirty is against the natural order of things and the beginning of the end of civilisation as we know it until it’s been around for about ten years when it gradually turns out to be alright really.” -- Douglas Adams, "How to stop worrying and love the Internet"

1. A collection of useful articles about backing up, Internet safety, wireless network range, and password management
2. Adobe Reader update
3. Microsoft Office for Mac 2011

1. Here are some articles I found which might be useful to you:

a. Excellent simple article about backing up your Windows PC:

http://www.howtogeek.com/howto/30173/what-files-should-you-backup-on-your-windows-pc/

For Macs, everyone should be using Time Machine (or Time Capsule if you have multiple Macs). In addition to Time Machine, because I'm careful That Way I also back up using Super Duper to a different external hard drive. That's your local backup. If you don't want to burn DVDs for the remote backup, then Mozy.com or Carbonite are good choices.

http://www.shirt-pocket.com/superduper/superduperdescription.html - $27.95
http://www.mozy.com
http://www.carbonite.com

b. A short but useful article about "5 Steps to a Family-Safe Internet". Hint: OpenDNS is a big part of it.

http://www.wired.com/geekdad/2010/09/one-geekdads-internet-filtering/

The GeekDad blog is a interesting resource for GeekMoms, too! - http://www.wired.com/geekdad/

c. Good article about wireless coverage in your house - http://lifehacker.com/5657613/why-is-wi+fi-coverage-so-bad-in-my-house-and-how-can-i-fix-it

d. Really good short article about password management:

http://www.howtogeek.com/howto/31259/ask-how-to-geek-what%E2%80%99s-wrong-with-writing-down-your-password/

Bottom line: At work - don't do it! At home - good idea. And that way when I (or another tech) comes to your house we won't spend our time and your money hunting for your passwords in order to fix something.

2. Adobe has updated Acrobat and Reader to 9.4. Per security writer Brian Krebs, "A new security update from Adobe plugs at least 23 security holes in its PDF Reader and Acrobat software, including two vulnerabilities that attackers are actively exploiting to break into computers."

http://krebsonsecurity.com/2010/10/reader-acrobat-patches-plug-23-security-holes/

All Windows, Mac and Unix users of Adobe Reader/Acrobat should now update to version 9.4.

http://www.adobe.com

Make sure you only get these updates from the official site. Beware of emails pretending to be from an Adobe update service because they are from scammers. The article gives the details:

http://hijack-this.co.uk/2010/09/adobe-reader-update-scam/

3. Microsoft Office for Mac 2011 releases October 26. I didn't like Office for Mac so only used it for a short while and then uninstalled it, but if it's important to you to have MS Office on your Mac and you haven't bought it yet - wait a few weeks if you can for the latest version. (And then wait another month for MS to fix the inevitable bugs which will surface!)

The suite will be the first Mac OS X version that offers Outlook rather than Entourage, and it will come in a few different flavors. Home and Student 2011 will be available for the suggested retail price of $119 (or $149 for a three-copy family pack), and it will come with Word, PowerPoint, Excel, and Messenger. Home and Business 2011 adds Outlook to the suite and will sell for $199 (or $279 for a two-install pack).

Back to top
Home

10-28-10

Mal: We're still flying.
Simon: That's not much.
Mal: It's enough. ("Serenity", Firefly)

1. Program updates
2. Facebook privacy kerfuffle
3. LimeWire loses its court case
4. Koobface worm ported to OS X

1. Program updates

a. Java 6 Update 22 - http://java.com/en/download/manual.jsp
b. Firefox 3.6.12 - http://www.mozilla.com

2. Facebook - Another fine mess you've gotten us into.

From the Wall Street Journal online:

"Many of the most popular applications, or "apps," on the social-networking site Facebook Inc. have been transmitting identifying information—in effect, providing access to people's names and, in some cases, their friends' names—to dozens of advertising and Internet tracking companies, a Wall Street Journal investigation has found."

Read all about it here:

http://online.wsj.com/article/SB10001424052702304772804575558484075236968.html?mod=WSJ_hpp_LEADNewsCollection
http://www.boingboing.net/2010/10/17/new-facebook-privacy.html

3. LimeWire loses its court case and will probably go the way of Napster (i.e., disappear into irrelevance). This will not stop P2P file sharing except by the very clueless.

http://www.theregister.co.uk/2010/10/26/limewire_is_gone/

4. Koobface worm ported to Mac OS X:

http://www.theregister.co.uk/2010/10/27/koobface_for_mac/
http://www.securemac.com/boonana-bulletin.php
http://macviruscom.wordpress.com/
http://blog.intego.com/

Right now the threat is low because OS X warns the user that a suspicious applet is requesting access to the computer. Of course, if the user clicks "Allow" anyway so s/he can see the "treat" the computer will become severely infected and probably need to be wiped. For anyone who thinks that OS X is invulnerable to infection, this should serve as a wakeup call.

At this point, I still don't recommend installing an antivirus on OS X, but the time may be coming. And you know yourself best - if you routinely indulge in high-risk computing on your Mac, it would probably be a good idea to install some protection. And/or change your habits.

http://blog.eset.com/2010/10/27/your-computer-won%E2%80%99t-protect-you

Here's a key quote from David Harley's MacVirus blog:

"While this threat can be mitigated by turning off Java in your browser (SecureMac give instructions for turning it off in Safari), even better protection is afforded by staying alert for blatant social engineering."

I don't have any data on what antivirus/antimalware products are *good* for OS X, but I see that my favorite source for Windows security products (ESET NOD32 Antivirus and Smart Security) is working on a Mac solution. Here are some resources:

http://www.eset.com/mac
http://www.intego.com/
http://macscan.securemac.com/
http://www.clamxav.com/

While both Norton and McAfee have products for the Mac, since I don't recommend either company on Windows I can't bring myself to consider them for OS X.

Back to top
Home

11-14-10 - Our users will know fear and cower before our software! Ship it! Ship it and let them flee like the dogs they are! -- Klingon Programmer

1. Program updates
2. Mac antivirus
3. Holiday scams

1. Program updates:

A. Adobe - security advisory for Adobe Flash Player, Adobe Reader, and Acrobat:

http://www.adobe.com/support/security/advisories/apsa10-05.html

Security update available for Adobe Flash Player:
http://www.adobe.com/support/security/bulletins/apsb10-26.html

A new version of Flash Player is available from Adobe now. Remember you need two Flash installers - one for IE and one for plugin-based browsers like Firefox. Adobe has stated they will have an out-of-band patch for Reader this coming Tuesday, November 16 to close serious vulnerabilities in their software. Make sure you update these programs.

Reminder Warning: Only go to Adobe's website for these updates. As I mentioned in the 10/8 EBC Report, there have been scam "update notice" emails leading to evil websites.

http://www.elephantboycomputers.com/page3.html#10-8-10

I usually turn off automatic updating in Adobe Reader because I think it is invasive to have this process running all the time when the updates only normally happen once a quarter; I prefer to manually update Reader instead. You can make that decision for yourself; go to Edit>Preferences>Updater to make your changes.

B. Mac OS X Update - 10.6.5 - Start Software Update from System Preferences or get it here:

http://support.apple.com/kb/DL1324

2. Sophos (a well-regarded security firm used primarily in the enterprise sector) is now offering a free antivirus for Mac OS X aimed at home users. The company has a commercial product for the Mac also. I am still not planning on installing an antivirus on my own Macs or clients' machines, but if you want that extra protection and/or you know you indulge in high-risk computing (P2P, visiting questionable sites, etc.) you might want to check this out.

Here's a good article about it:

http://www.theregister.co.uk/2010/11/02/sophos_mac_anti_virus/

and here's the link to the program:

http://www.sophos.com/products/free-tools/free-mac-anti-virus/

3. I have had two inquiries in as many days about the validity of emails purporting to be from shipping companies (UPS/FedEx/DHL, etc.) stating that there is a problem with a delivery and you should open the included attachment to read about the details. These are *not* legitimate emails and the attachment is a trojan. This scam has been around for a long time and naturally tends to come in droves around the holidays when a lot of us *are* sending/receiving packages. Don't be fooled - just delete the emails and certainly don't open the attachments. As an aside, Snopes is not a particularly good source for knowledge about scams. They have been known to use dodgy ads on their website. Here are some good sites to use instead:

http://www.antiphishing.org/
http://www.hoax-slayer.com/
http://fraud.org/welcome.htm
http://www.quatloos.com/
http://www.symantec.com/business/security_response/threatexplorer/risks/hoaxes.jsp
http://www.nsrc.org/helpdesk/virushoax.html
New E-Scams & Warnings - http://www.fbi.gov/cyberinvest/escams.htm
Don't Spread That Hoax! - http://www.nonprofit.net/hoax/
Don't Forward Hoaxes - http://email.about.com/od/netiquettetips/qt/et030801.htm

Those of you who are prone to sending mass emails about hoaxes should also please take a look at the last two websites to see Why You Shouldn't. And if you feel you must send out emails to a lot of people at once, please make use of the BCC: (from the old "Blind Carbon Copy") function of your email program. Put your own email address in the To: field and all the other addresses in the BCC: field. This will hide all those email addresses from the other recipients, many of whom might not be pleased to have their own email address exposed to strangers.

Back to top
Home

11-29-10 - I will take the ring, though I do not know the way." -- Frodo ("Lord of the Rings")

1. Adobe updates
2. Caution when using wireless networks while traveling
3. Giving to charity without getting ripped off

1. After updating their Reader to 9.4.1, Adobe then came out with Adobe Reader X. This Reader has a sandbox feature which creates a protected mode in order to mitigate attacks.

http://blogs.adobe.com/asset/2010/07/introducing-adobe-reader-protected-mode.html

http://blogs.adobe.com/asset/2010/11/adobe-reader-x-is-here.html

You can download Adobe Reader X from the usual place:

http://www.adobe.com/reader

Since Adobe Reader is one of the most attacked applications in the Windows world, it would be wise for everyone using Adobe Reader to update to Reader X. The sandboxing protection is turned on by default which is A Good Thing, but I see they still have Javascript enabled. I strongly urge you to disable Javascript (File>Options, uncheck "Enable Javascript"). If it turns out that some website you use needs it (as many proprietary business portals do), you can always turn it on again.

2. There has been a great deal of talk about Firesheep which is a free Firefox browser extension that lets the person using it steal identities for various social networking sites (like Facebook) from people using the same wireless network. As Glenn Fleishman explains in the BoingBoing article linked below:

"Walk into any busy coffeeshop, fire up the 'sheep, and a list of potential identities to assume at any of two dozen popular sites appears. Double-click, and you snarf their identifying token, and log in to the site in question as that person."

http://boingboing.net/2010/10/27/sheep.html

Mr. Fleishman's article explains Firesheep in more details and gives some suggestions for protecting yourself. It may be a bit technical for some, so here is a quick solution: install the free Firefox extension HTTPS Everywhere from the Electronic Frontier Foundation. From the EFF's website:

"HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites."

https://www.eff.org/https-everywhere
http://lifehacker.com/5672313/sniff-out-user-credentials-at-wi+fi-hotspots-with-firesheep

Firesheep is only designed to steal logon credentials for specific websites. There are other dangers when using "foreign" wireless networks or even wired networks such as at a hotel. Remember that when you are on a network, if you have File/Printer Sharing enabled on your laptop (Windows or Mac, it doesn't matter) then your computer is open to everyone else on that network. Of course this is the way you want it when you're home and sharing files between multiple computers. Remember to disable File/Printer Sharing on your laptop before you take it on the road to Grandmother's house!

http://www.cmu.edu/computing/doc/network/fileshare/windows.html
http://www.udel.edu/topics/virus/security/mac/macsecure.html

And never do important stuff like online banking on someone else's network. There is always the telephone if you absolutely must move your millions around when out of town. ;-)

3. It's that time of the year when we think about giving to charity because we are Good People. Unfortunately, the Bad Guys know this and there are a lot of charity scams. So be smart in your giving. CharityNavigator.org evaluates charities.

http://www.charitynavigator.org/

You can do a search on their site for a charity to which you're considering donating:

http://www.charitynavigator.org/index.cfm?bay=topten.detail&listid=113

Here are some links which cover charity scams (not just Christmas-related):

http://www.scambusters.org/charity.html
http://www.ftc.gov/charityfraud/
http://politics.usnews.com/news/articles/2010/10/20/how-to-avoid-charity-scams.html

I don't normally plug anything in the EBC Reports, but I'm going to plug the Child's Play charity here. Child's Play was started by the Penny Arcade website (an online comic famous among gamers and techies) in 2003 and has donated over 7 million dollars of toys, games, etc. to sick children in hospitals across North America and the world. You don't have to be a gamer (I'm certainly not) to be happy in the knowledge that your gift will make a hospital stay a little less dreadful for some kids. Hospitals create a wish list, you choose the hospital you want, and you can buy whatever you want on the wish list from Amazon.com. The presents are shipped directly to the hospital and you know that the movie or game you bought will go right to the kids.

http://childsplaycharity.org/index.php

Back to top
Home

12-17-10 - "Bother," said Pooh, "Eeyore, ready two photon torpedoes and lock phasers on the Heffalump. Piglet, meet me in Transporter Room Three. Christopher Robin, you have the bridge." -- Anonymous

1. Holiday safety tips
2. Program updates
3. Spam
4. Cyberbullying

1. Here are some last-minute holiday safety tips:

Holiday eSafety Tips from the ESET Threat Blog - http://blog.eset.com/2010/12/02/holiday-esafety-tips

From the same blog: "Stealing from Santa (Scammers' Holiday Season)" - http://blog.eset.com/2010/12/02/stealing-from-santa-scammers-holiday-season

"Shopping Online? Know Thy Seller" by Brian Krebs - http://krebsonsecurity.com/2010/11/shopping-online-know-thy-seller/

(Note: Google has fixed the issue Krebs refers to in the second paragraph but the rest of the information is good and timely.)

Be careful about clicking on Twitter Trends links. Denis, a Kaspersky lab expert, illustrates why:
http://www.securelist.com/en/blog/208188039/Malicious_Twitter_trends#readmore

Good article from the always-reliable Lifehacker.com - http://lifehacker.com/5714296/how-to-stay-secure-online

2. Program updates:

Firefox 3.6.13 and Thunderbird 3.1.7 - http://www.mozilla.com

iTunes 10.1.1 - http://www.apple.com/itunes/download
Don't forget that if you are running Vista/Windows 7 64-bit you need the 64-bit installer. - http://support.apple.com/kb/DL1047

There have been problems reported by Mac OS X users who installed the update through Software Updates. The fix is to download the entire file from Apple's website and install from there instead.

Microsoft Security Essentials 2.0.657 - http://www.microsoft.com/security_essentials/?mkt=en-us
MSSE has gotten very good reviews. I don't particularly care for it because of the way it updates and still prefer Avast for a free solution, but MSSE is a good free antivirus if you want something from Microsoft.

3. Lifehacker on spam:

http://lifehacker.com/5713914/how-to-wipe-out-spam-email-in-your-inbox
http://lifehacker.com/5714394/help-us-de+spam-your-email-inbox

4. The New York Times website has a very good article on cyberbullying with excellent online safety resources. Cyberbullying has been in the news over the last few years - with good reason - and yet many parents are still unaware of what goes on in their children's digital lives.

http://www.nytimes.com/2010/12/05/us/05bully.html?pagewanted=1&hpw

Back to top
Home

1-29-11 - "You could try 3 frogs' hearts and the blood of a virgin, mix and smear on computer while chanting 'work, you bastard'. Or try posting the error message." -- someone doing online tech support

1. Current versions of popular programs
2. The Mac App Store
3. Cold call scammers target Mac users, too
4. OpenOffice/LibreOffice
5. New Year's Resolution: Backing up

1. Current versions of popular programs:

A. Firefox: 3.6.13 - http://www.mozilla.com/en-US/firefox/ - Firefox 4.0 is expected to leave beta testing and be available at the end of February. It does look very promising so keep an eye out for it. My policy on installing beta software is not to so I don't suggest you install the beta (especially with the final coming so soon), but you might want to take a look at some of the new features here - http://www.mozilla.com/en-US/firefox/beta/features/ .

B. Adobe Reader, Flash, and Shockwave - http://www.adobe.com/ - Look in the middle of the page on the right and you will see links to Adobe Reader, etc. Everyone should be running Adobe Reader X at this point. I don't think there is any reason at all to:

i. Install Adobe AIR;
ii. Disable your antivirus when downloading/installing these programs as suggested on Adobe's download webpage;
iii. Install/use the Adobe Downloader. Just download/install using your browser.

Remember that you need two versions of Adobe Flash Player - one for Internet Explorer and another for plug-in based browsers like Firefox and Opera. The easiest way to get these is to visit Adobe.com with IE and then again with Firefox. When you click on the download for Adobe Flash Player, you'll get the correct one for your browser.

C. Java 6u23 - http://java.com/en/download/manual.jsp - I prefer to download the Offline version and install manually rather than installing online. If you are running a 64-bit system, you need to download and install both the 32 and 64-bit versions of Java. To find out whether your operating system is 32 or 64-bit, go to Control Panel>System. It is extremely unlikely that you are running the 64-bit version of Windows XP; if you are you would know it. Check to see 32 or 64-bit if you are running Vista or Windows 7.

2. The most recent update to Mac OS X is 10.6.6. After you install it and reboot, there will be a new icon in your Dock next to the Finder. If you don't want to keep the Mac App Store icon in the Dock, you can get to the App Store through a link on the Apple menu.*

*For new Mac users, you can remove an item in the Dock by simply dragging it off the Dock. When you let go of the mouse, the icon will disappear in a puff of smoke. You get to the Apple menu by clicking on the little apple icon at the top left of your monitor, on the menubar.

You can use Software Update to get 10.6.6 or download it from here - http://support.apple.com/kb/DL1349 .

The Mac App Store is supposed to be a simple way to get and install apps for OS X, similar to the Apps for iPhone/iPad/iPod. Licensing for paid apps is very appealing since you can buy an app and then install it on every Mac you own and even download it again. Using the Mac App Store is also supposed to help you keep everything up to date.

http://www.apple.com/mac/app-store/

There are pros and cons to using the Mac App Store; it doesn't suit my needs but you might find it quite useful. Here are some links about that, but of course you will want to take a look for yourself.

http://www.zdnet.com/blog/btl/the-mac-app-store-evaluating-the-pros-and-cons/43845
http://www.macworld.com/article/156980/2011/01/installed_apps_appstore.html
http://lifehacker.com/5726764/why-the-mac-app-store-sucks
http://lifehacker.com/5726393/why-you-might-really-like-the-mac-app-store-in-the-long-run

3. Last year we saw a rash of cold call scammers tricking Windows users into paying for fake tech support, giving up their passwords, and downloading trojans. The Register is reporting that the scammers have widened their net to include Mac users.

http://www.theregister.co.uk/2011/01/28/cold_call_scareware_scam_targets_mac_fanbois/

Here is an excellent Sophos article about this scam and how to deal with it (just say no!):

http://nakedsecurity.sophos.com/2010/11/04/sick-of-call-centres/

4. OpenOffice is the excellent free and open source substitute for Microsoft Office. I've recommended it and installed it for clients for many years. OpenOffice was "owned" and supported by Sun, which was purchased by Oracle in 2009. At that time the OpenOffice developers had a wait-and-see attitude towards this acquisition, which eventually turned into a realization that OpenOffice was not a good fit with Oracle. The OpenOffice developers have left Oracle and created OpenOffice's replacement, LibreOffice. While you certainly can continue to use OpenOffice (it won't stop working!), it would be better to upgrade to LibreOffice 3.3 since OpenOffice will not be updated any more. Here are links to information about LibreOffice and its download. I would uninstall OpenOffice before installing LibreOffice.

http://www.documentfoundation.org/faq/
http://www.libreoffice.org/

The only thing I find slightly annoying about the LibreOffice download is that, like a lot of other open source programs (GIMP for instance), the Help files are a separate download/installation. Not a big deal, but it could confuse some people. Download both LibO_3.3.0_Win_x86_install_multi.exe and LibO_3.3.0_Win_x86_helppack_en-US.exe. Install the program first and then the help pack.

While LibreOffice is available for Mac OS X just like OpenOffice was, I prefer to use NeoOffice instead. NeoOffice is a port of OpenOffice created specifically for OS X and I won't be switching to LibreOffice on my Macs. I do highly recommend LibreOffice for Windows.

You can read why NeoOffice is separate from OpenOffice here: http://www.neooffice.org/neojava/en/faq.php

http://www.neooffice.org/neojava/en/index.php
http://www.neooffice.org/neojava/en/maindownload.php

5. If you only make - and keep - one New Year's resolution it should be to make sure your computer data is backed up properly. Remember, your backup strategy should be twofold: have a local backup and have a remote backup. A local backup usually means copying data to an extra internal or external hard drive. A remote backup means not having copies of that data sitting next to your computer. After all, if you have a disaster such as a fire or burglary if you don't have your data somewhere else it will be gone along with everything else. Remote backups can be accomplished by burning the data to CD/DVD and putting the discs somewhere else safe, by copying the data to an external hard drive which is then taken somewhere else safe, or by using an online backup service. Since you really want backups to be automatic (because let's face it, most people won't do manual backups), the online backup service is the best solution for your remote backup.

Local Backup - For Windows machines, I like to use a program which automatically copies selected files to either another hard drive inside your computer or to an external hard drive. For the latter, I prefer Western Digital My Books. You don't need anything but the basic version, My Book Elements. I recommend the backup program SecondCopy ($29.95 from http://www.centered.com/). If you really must have a free backup program, GFI Backup is good (http://www.gfi.com/backup-hm). GFI also has a commercial business edition but I haven't used it.

Remote Backup - My favorite online backup service is Mozy (http://www.mozy.com). Mozy is reasonably priced, their desktop client is excellent and user-friendly, and they have good tech support. Mozy supports both Windows and Mac OS X.

If you need to back up more than ~40GB for your business, then the $0.50/GB that Mozy charges will be too costly. JungleDisk is less expensive per gigabyte (https://www.jungledisk.com/) but their desktop client is cumbersome and pretty geeky to use. However, I see that the next version of their software is supposed to be nicer (at least that's what their marketing people say!) so it is worth a look.

http://blog.jungledisk.com/2011/01/26/the-road-ahead-2/

Carbonite is another online backup service for Windows and Mac. I haven't used it but the company has been around for a long time.

http://www.carbonite.com/

Of course if you have a Mac running Leopard/Snow Leopard, you have Time Machine. With the cost of external hard drives so low today, there is simply no excuse for not using Time Machine. Or you can purchase the Apple Time Capsule which is a combination router and hard drive. Time Capsule lets you back up multiple Macs using Time Machine.

http://www.tuaw.com/2011/01/07/time-machine-holds-a-place-in-my-heart-and-it-should-in-yours-t/

Back to top
Home

2-9-11 - I hate it when someone phones me up for help with some problem and I ask them, "What's on your screen?" and they say, "Blood". -- Brian Briggs.

1. Google Art Project
2. More on backing up online for home users
3. Facebook love/hate
4. Adobe program updates

1. Google always comes up with the most interesting things. The latest is the Google Art Project. The Art Project is:

"A unique collaboration with some of the world’s most acclaimed art museums to enable people to discover and view more than a thousand artworks online in extraordinary detail."

You can explore a lot of the world's great museums using Google Street View technology, look at individual works of art close up, and create your own "collection" to save specific views of various artworks. This last feature could be useful if you were doing research or just for pleasure.

http://www.googleartproject.com/c/faq
http://www.guardian.co.uk/technology/2011/feb/01/google-art-project-classic-works

2. Mozy announced a price jump for their service (Mozy Home only):

http://lifehacker.com/5748305/mozy-drops-unlimited-backups-introduces-new-pricing

Lifehacker has a good article about alternatives.

http://lifehacker.com/5749845/the-best-alternatives-to-mozy-for-big-or-unlimited-backups

While I still like the Mozy interface very much (and Mozy is still my first choice for business clients with not that much data), I took a look at some alternatives (home versions only). For comparison, here's Mozy's pricing:

For the home user, Mozy now gives you 50GB for $5.99/month (1 computer - $2 more for each additional computer) and 125GB for $9.99/month with the ability to add 20GB increments. Like most of the other home plans, Mozy Home doesn't allow you to back up network drives (USB connected drives are OK).

http://mozy.com/products

Carbonite looks good from an ease-of-use and cost perspective but it will only back up files which reside on local hard drives. This means that you can't back up external USB or network drives. Still, unlimited backup for $54.95/year is great if you only need to back up your own home computer.

http://www.carbonite.com

BackBlaze will back up USB external drives but not network drives. I can't tell from its website if BackBlaze gives you fine-grained control over what gets backed up or not since there aren't any screenshots showing that. For many people, that's fine. It's $5/month per computer which is certainly inexpensive.

http://www.backblaze.com

Jungle Disk is still too complex and I hate their website. It took me forever to find out what operating systems they support. However, the price is low if you have a lot of data to back up and they offer storage on either Rackmount or Amazon S3 servers, which is a Good Thing. Under "Jungle Disk Personal" there are two choices: Simply Backup and Desktop Edition. The first is $2/month plus storage fees; the second is $3/month plus storage fees. Amazon S3 storage fees are a tiny bit less than Rackmount's storage fees but Amazon charges data transfer fees and Rackmount doesn't.

http://www.jungledisk.com

CrashPlan/CrashPlan+ looks decent, but I'm not that comfortable with where it stores the backups if you use CrashPlan+. CrashPlan/CrashPlan+ have gotten good reviews, however. CrashPlan has a unique feature of being able to do local *and* remote backups. I've looked all over their site and can't find a definitive statement about whether it will back up network drives. Since it won't back up mapped drives in Windows (user-mounted), I'm going to guess that it won't. CrashPlan doesn't allow for online backup to their servers; you can back up to a friend's computer, an external drive, or to another one of your own computers. It is free. If you want to back up to CrashPlan's servers instead, you need CrashPlan+ which is $24.99/year for 10GB (1 computer) and $49.99 for unlimited space (1 computer). Between CrashPlan+ and Carbonite, I'd pick Carbonite. They've been around for longer and I want to know that my backups are hosted somewhere that's going to stick around.

http://b3.crashplan.com/

For my own remote backup, I need more professional options because I have files stored on a network drive. I'm using Haystack Software's Arq backup service for my main iMac. It is $29 for the program (one-time charge) with an additional monthly charge for storage on Amazon's S3 servers (you create your own Amazon Web Services account). You can back up non-internal drives with Arq, including network drives, as long as they are mounted at login or startup. You can limit the amount of data stored in your Amazon S3 account by giving Arq a monthly "budget". My budget is $10/month and this means I can store an average of approximately 100GB of data. Amazon's pricing is complicated because of their data transfer costs, but Arq will automatically "trim" the saved data to stay within my monthly budget. I think that Arq might require a bit more knowledge to set up if your backup needs are more complex like mine are but so far I like it. I would need to go to the more expensive business or pro options to get the network drive backup feature from the other programs I researched.

http://www.haystacksoftware.com/arq/

Dropbox is another alternative if you want to store files as a backup and also be able to sync those files between multiple computers. You can also use Dropbox to collaborate with others. If you have less than 2GB of stuff to save, then Dropbox is free which is great. However, it starts getting pricey at $9.99/month for 50GB and $19.99/month for 100GB.

http://www.dropbox.com

3. Let's give Facebook some love: the site has announced that it is finally supporting HTTPS, which provides an SSL-encrypted connection. You definitely should be using this. Here's a Lifehacker article which shows you how, complete with a little video:

http://lifehacker.com/5748697/how-to-keep-your-facebook-secure-by-enabling-https

In other Facebook news, many people were hit by a scam that claimed to show users who was "stalking" them and looking at their profiles. The important information in all this is to remember: do NOT click on links in Facebook; do NOT install Facebook plugins or apps. Here's an article about this scam by Graham Cluely:

http://nakedsecurity.sophos.com/2011/02/06/facebook-stalkers-and-profile-creeps-rogue-apps-spread-virally/

There's a video showing how to clean up your profile if you fell for this scam and also a very useful link to the Sophos Facebook page where you can keep track of security news.

4. Security updates are available for Adobe products Reader, Shockwave Player, and Flash Player.

Reader - the update requires that 10.0 (Adobe X) be installed. Download the incremental patch:

http://www.adobe.com/support/downloads/thankyou.jsp?ftpID=4943&fileID=4617

Or update from within the Adobe Reader program itself.

Flash 10.2.152.26 - Download both versions of Flash (for IE and for plugin-based browsers like Firefox). You must have a distribution agreement with Adobe to download both versions from one place. Since most consumers will not have this, the easiest way to get Flash is to go to the following link in each browser (IE and Firefox, etc.). You will then get the correct version of Flash installed.

http://get.adobe.com/flashplayer/

Shockwave 11.5.9.620 - http://get.adobe.com/shockwave/

Since these Adobe programs are commonly targeted by malware writers, it is important to install the updates.

Back to top
Home

2-15-11 - "[The Guide] says that the best drink in existence is the Pan Galactic Gargle Blaster. It says that the effect of a Pan Galactic Gargle Blaster is like having your brains smashed out by a slice of lemon wrapped round a large gold brick." -- Douglas Adams, "The Hitchhiker's Guide to the Galaxy"

1. Service Pack 1 for Windows 7/Server 2008 R2
2. Google Stuff
3. Java Update
4. Death and Taxes

1. Service Pack 1 for Windows 7 and Server 2008 R2 has been released to manufacturing. Most of you reading this will only care about Windows 7 SP1, which will be available to TechNet/MSDN/Software Assurance customers on February 22; the rest of us will start getting it through Windows Update (or from the full download) on February 26.

Windows 7 SP1 isn't expected to provide any new features, just some "enhancements" and bug fixes. Here's the official announcement:

http://windowsteamblog.com/windows/b/bloggingwindows/archive/2011/02/09/announcing-availability-of-windows-7-and-windows-server-2008-r2-sp1.aspx

As always, for Service Pack installations I recommend:

a. Wait a bit (at least a week or more) to see if Anything Horrible happens. In other words, let other people be the guinea pigs! If there is a big disaster with installing SP1 news of it will show up online very quickly. Take a look before you leap.

b. I always prefer to download the full Service Pack from Microsoft and install that way rather than allow Windows Update to handle things. That way it doesn't matter if your Internet connection goes out or is slow.

c. Make sure your data is completely backed up to another hard drive - external or internal - burned to CD/DVD-R, and/or stored online before you start. Another precaution you might want to take is to image the entire drive first. Windows 7 has a built-in imaging function or you can use Acronis True Image Home.

d. Make sure your computer is completely malware/virus-free. Run a thorough scan with your antivirus - and of course it should be a current version antivirus with updated definitions - and then do a quick scan with MalwareBytes' Anti-Malware ("MBAM"). Find the entry for MBAM in your Start Menu, right-click it and choose "Run as administrator". Respond to the UAC prompt with the administrative password or click "Yes" if there is no password. MBAM will open. Go to the Update tab and update MBAM's definitions. Now close MBAM. Then reopen it but don't run it as administrator and do your scan. If you have more than one user on the system, scan with MBAM in each user's account. If any of the users indulge in risky computing behavior (P2P file sharing like with Limewire, Frostwire, etc., looking at "adult content" websites, then you will want to do a complete scan with MBAM in those user accounts.

2. Google now offers 2-step verification to help secure your Google account. Here's their blog post explaining it:

http://gmailblog.blogspot.com/2011/02/advanced-sign-in-security-for-your.html

Here's Lifehacker's How-To which walks you through the whole process:

http://lifehacker.com/#!5756977/set-up-googles-two+step-verification-now-for-seriously-enhanced-security-for-your-google-account

And now for something completely different but also from our overlords at Google:

"Simplify wedding planning - Explore how Google's free tools can help you save time, stay organized and have fun while planning your big day."

http://www.google.com/weddings/index.html

Aside from weddings, I learned about a Google tool I had never heard of: Picnik. Here is what Google has to say about Picnik:

"Picnik is photo editing online, in your browser. It gives real people photo editing superpowers. It's fast, easy, and offers tons of powerful tools, artistic effects, stickers,[.....]."

From a quick perusal of the site, it looks like Picnik is how you can work with photos stored on Yahoo, Picasa Web Albums, Flickr, Facebook, and other locations. I'm not sure why Picnik is better than Picasa (also free from Google) or other image editing programs installed on your computer. Maybe it's the Next Step where the computer s just a gateway to things stored in The Cloud. But you can explore its possibilities yourselves.

http://www.picnik.com/

3. Java 6 Update 24

http://java.com/en/download/manual.jsp (for 32-bit)
http://java.com/en/download/faq/java_win64bit.xml

If you have Windows Vista or Windows 7 64-bit, then download/install both. If you have a 32-bit operating system (XP/Vista/Win7), you only need the 32-bit program.

Control Panel>System will tell you which flavor Vista or Windows 7 you have.

4. In "honor" of April 15th, you can view the Death & Taxes: 2011 poster created by Jess Bachman. Per Mr. Bachman:

[begin quote] "Death and Taxes" is a large representational graph and poster of the federal budget. It contains over 500 programs and departments and almost every program that receives over 200 million dollars annually. [end quote]

Click on the graphic and then you'll be able to click on the +/- at its top left to zoom in. Use your mouse to drag the image around so you can focus on whatever part of the image you want. Or just go have a stiff drink instead. ;-)

http://www.deathandtaxesposter.com/

Back to top
Home

3-11-11 - It is pitch black. You are likely to be eaten by a grue. -- Zork

1. Program updates
2. Pi Day
3. PDF Reader issues
4. New Google goodness
5. Disaster scammers

1. Program updates:

a. Firefox 3.6.15 - http://www.mozilla.com - Firefox 4.0 should be coming out soon.

b. iTunes 10.2.1
32-bit - http://www.apple.com/itunes/download/
64-bit - http://support.apple.com/kb/DL1047

c. Internet Explorer 9 - Will be available for download this coming Monday, March 14th. As always with a new IE, you might want to wait a bit to see if there are any widely-reported implosions. Also, if you use a proprietary web application/portal for your business, you definitely are going to need to check with the makers of same for IE9 support. Do this before you install it! If you downloaded/installed one of the IE9 betas (one can only hope not but there may be Wild And Crazy Guys among you), it is my understanding that you do not need to uninstall the beta first and can just install the final version over it. I'm not a big fan of IE but if you are going to use it, you will want to upgrade to 9. It is far more secure and better built than IE8. We're not even talking about IE7 or older any more. The exception to this is XP: IE9 is only supported in Vista and Windows 7. XP users will need to stay with IE8 and should be considering an alternate browser like Firefox or Google Chrome.

2. On the lighter side, Monday, March 14th is Pi day. We like to make - or at least eat! - pie to celebrate.

http://en.wikipedia.org/wiki/Pi_Day

3. I had a client call me the other day with a printing problem. After updating Adobe Reader, all .pdf files would only print the first page correctly; all the other pages were gibberish. A quick stroll around Google showed me that this issue has been around for years and is caused by some of Adobe Reader's coding conflicting with a particular HP printer's drivers (the printer models varied over the years). There are two workarounds:

a. When you choose Print, click the Advanced button and select "Print as image". Now all the pages will print correctly, but it will be slower.
b. Use an alternate PDF reader. This is the option that worked best for my client since now the .pdf file opened AND printed very quickly.

Adobe created the Portable Document Format but they are not the only game in town when it comes to PDF creators and readers. One of the best free readers is Foxit Software's Reader. It is fast and light on system resources. The only caveat about Foxit is that you MUST pay attention when you are installing it or you will wind up also installing the Ask Toolbar, which is garbage. (You can uninstall the toolbar afterwards if it slips past you.)

http://www.foxitsoftware.com/pdf/reader/

Foxit also makes commercial PDF solutions, all of which are excellent and cost far less than Adobe's offerings.

4. The Internet is an invaluable resource for finding out things, but knowing HOW to search is the key. It does take practice learning how to craft your search terms so as to get exactly the results you want, but the Fabulous Google has many methods about which you might not know. Take a look at these advanced searching techniques:

http://www.google.com/intl/en/help/features.html

And now Google has added a tool to block individual websites from your search results. You must have a Google account to do this and be signed in, but that's no big deal - most people have one. Read about how the new blocking works here:

http://googleblog.blogspot.com/2011/03/hide-sites-to-find-more-of-what-you.html

I can't wait to take advantage of this so I never have to see links to EHow or ExpertsExchange again. Google says this feature is "rolling out" which indicates to me that it may take a while before everyone sees the new blocking option. It isn't showing up for me yet but I live in hope.

In addition to Google's web search, here's another page listing products you might not know about:

http://www.google.com/intl/en/options/

5. Every time our world experiences a disaster there are horrible scammers who ooze out of their dank holes and try to fool you into parting with money - money you want to give to help those in real need. Just like with Haiti, there will be scams relating to the terrible earthquake/tsunami in Japan. Always be on your guard against these creeps. Give to legitimate organizations like the Red Cross and Save The Children, etc. Do your homework so you don't get ripped off and the people who are hurting get the relief they need.

http://money.cnn.com/2011/03/11/pf/japan_earthquake_relief/
http://www.pcworld.com/article/221948/help_japan_earthquake_and_tsunami_victims_without_getting_scammed.html
http://www.huffingtonpost.com/2011/03/11/how-to-help-japan-earthquake-relief_n_834484.html

Back to top
Home

3-15-11 - "Reality is frequently inaccurate." -- Douglas Adams, "The Restaurant At The End Of The Universe"

1. Internet Explorer 9 RTW (Release To Web)
2. Scammers and the disaster in Japan
3. Adobe emergency out-of-band patch

1. Internet Explorer 9 final is out now. You can get it from Windows Update or download it directly from Microsoft. If you download it directly, you will want to download the correct version for your operating system; i.e., if you have Vista 32-bit you will download the corresponding version of IE. Even if you have Vista/Windows 7 64-bit you will be surfing with IE 9 32-bit but you have to download/install the 64-bit IE to start with.

http://www.zdnet.com/blog/networking/installing-32-bit-ie-9-on-64-bit-windows/802
http://windows.microsoft.com/en-US/internet-explorer/downloads/ie-9/worldwide-languages

As I've said before, you may want to wait until more bugs surface before installing IE9. For instance, Toshiba has reported that IE9 will hang when started on many of its laptops. We don't want similar unpleasant surprises, eh?

http://www.csd.toshiba.com/cgi-bin/tais/support/jsp/bulletin.jsp?soid=2967610

IE9 is only available for Vista and Windows 7. XP users should continue to surf with Firefox or Google Chrome. Here are some links explaining the new features of IE9. I see that the usually excellent HowToGeek has a link to download IE9 from someplace called "beautyoftheweb" at the end of its article. I would ONLY download IE9 from Microsoft. Or just wait for it to show up in Windows Update.

http://www.winsupersite.com/article/windows-7/Internet-Explorer-9.aspx
http://lifehacker.com/#!5638885/internet-explorer-screenshot-tour-the-best-new-features-in-ie9
http://www.howtogeek.com/56012/internet-explorer-9-released-heres-what-you-need-to-know/
http://www.zdnet.com/blog/bott/internet-explorer-9-is-released-should-you-switch/3058?tag=content;feature-roto

2. In the last EBC Report I warned you about scammers connected with the ongoing disaster in Japan. Apparently these disgusting people have jumped on this at record speed. Again, be very wary of anything you receive or see online for donations to Japan. In particular, the rogue security malware groups poison search engines. The Internet Storm Center's article below explains how this works.

http://isc.sans.edu/diary/Tsunami+in+Japan+and+self+modifying+RogueAV+code/10543

http://www.macworld.co.uk/digitallifestyle/news/index.cfm?newsid=3265109&olo=rss
http://www.ic3.gov/media/2011/110311.aspx
http://nakedsecurity.sophos.com/2011/03/12/japanese-tsunami-launches-whale-into-building-its-a-facebook-clickjack-scam/
http://nakedsecurity.sophos.com/2011/03/14/fukushima-radiation-scare-hoax-text-message-spreads-in-philippines/
http://lifehacker.com/#!5782019/how-to-give-to-japanese-recovery-efforts-without-getting-scammed

3. Adobe will release emergency out-of-band patches for Flash Player and Reader during the week of March 21st.

http://www.theregister.co.uk/2011/03/14/adobe_flash_reader_emergency_patch/

http://www.adobe.com/support/security/advisories/apsa11-01.html
http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html

Back to top
Home

3-25-11 - By Grabthar's Hammer, by the sons of Wartham, you shall be avenged! -- "Galaxy Quest"

1. Various program updates

a. Adobe has released an update for Flash Player to address multiple vulnerabilities. These vulnerabilities affect Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.106.16 and earlier versions for Android. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service attack or execute arbitrary code.

US-CERT encourages users and administrators to review Adobe Security Advisory APSB11-02 and apply any necessary updates to help mitigate the risks.

http://www.adobe.com/support/security/bulletins/apsb11-02.html

Adobe has also issued security updates for Reader and Acrobat.

http://www.adobe.com/support/security/bulletins/apsb11-06.html

According to the link above, Adobe Reader X on Windows is still at 10.0.1 and because the Protected Mode would prevent this particular exploit from executing, the program will not update to 10.0.2 until June 14th, 2011. Unless you have a pressing need to use Reader 9.x (such as proprietary third-party software relying on a particular version of Reader), you should be using Adobe Reader X (10.0.1) and not an older 9.x version.

b. Firefox 4 is finally out - http://www.mozilla.com

What's new, how to take advantage of Firefox 4's capabilities:

http://support.mozilla.com/en-US/kb/getting-started-firefox

http://lifehacker.com/#!5784255/whats-new-and-awesome-in-firefox-4

After you install Firefox 4, go to the following link to check your plugins. This is an easy way to make sure your Shockwave, Java, Flash, Silverlight, etc. plugins are current. If they aren't, the page provides a convenient link to the current version for installation.

http://www.mozilla.com/en-US/plugincheck/

And unlike IE9, Firefox 4 runs on Windows XP which needs all the protection it can get.

c. Big Mac OS X update which patches various serious vulnerabilities. As always, make sure you've backed up before updating your system. Even though I always have Time Machine running, I like to do a SuperDuper image before installing operating system updates. This update brings OS X to version 10.6.7.

http://support.apple.com/kb/HT4472

Back to top
Home

4-13-11 - "I say we take off and nuke the entire site from orbit. It's the only way to be sure." --Ripley in "Aliens"

1. New critical vulnerability in Adobe Flash Player
2. New Facebook scams
3. Email attachment (malware)
4. Microsoft updates for Tuesday, 4/12/11

1. From the Adobe bulletin: "This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment."

http://krebsonsecurity.com/2011/04/new-adobe-flash-zero-day-being-exploited/
http://blogs.adobe.com/psirt/2011/04/security-advisory-for-adobe-flash-player-adobe-reader-and-acrobat-apsa11-02.html
http://www.adobe.com/support/security/advisories/apsa11-02.html
http://www.theregister.co.uk/2011/04/12/attacks_exploit_adobe_flash/

I find it hard to imagine why anyone would think it is a good idea to embed Flash content in an MS Word or Excel file and strongly suggest that if you receive an attachment like this you don't open it since Microsoft doesn't give users a clear and easy way to disable Flash content in Office documents. Adobe doesn't give a date for the upcoming patches to close this vulnerability but hopefully it will be soon.

2. In other security news, there is a new survey scam on Facebook targeted at the young people who love the "Twilight" series. You all know to stay away from Facebook surveys, right? If not:

http://nakedsecurity.sophos.com/2011/04/04/millions-facebook-users-invited-scam-events-spammers-exploit-social-network/
http://nakedsecurity.sophos.com/2011/04/05/openmouthed-facebook-users-gawp-at-new-incarnation-of-survey-scam/
http://www.facecrooks.com/safety-center/scam-watch/item/1058-how-to-spot-a-facebook-survey-scam

And here's the photo-tagging scam from yesterday:

http://www.theregister.co.uk/2011/04/12/photo_lure_survey_scam/
http://nakedsecurity.sophos.com/2011/04/11/the-twilight-breaking-dawn-facebook-scam/

A Facebook chain letter scam:

http://nakedsecurity.sophos.com/2011/04/13/heads-up-fb-friends-new-chain-letter-spreads-on-facebook/

3. I know that all you brilliant readers of the EBC Report have long known not to open email attachments, but just as a reminder:

http://nakedsecurity.sophos.com/2011/04/13/my-naked-picture-is-attached-malware-spammed-out/

Of course the attachment isn't really a lovely nude photo; it's a rogue antivirus attack.

After the Epsilon security break, some good tips on avoiding phishing scams and malware from Brian Krebs:

http://krebsonsecurity.com/2011/04/after-epsilon-avoiding-phishing-scams-malware/

4. Microsoft addressed 64 vulnerabilities in yesterday's Patch Tuesday updates. Initial reports suggest that you might want to apply the .Net 3.5 patch separately as it can take quite a long time to finish. Remember, it's important to keep your operating system and major programs (like MS Office) current.

http://nakedsecurity.sophos.com/2011/04/12/april-2011-ms-patch-tuesday-17-patches-64-vulnerabilities/
http://blogs.technet.com/b/msrc/archive/2011/04/12/april-2011-security-bulletin-release.aspx

Back to top
Home

5-2-11 - Take my love, take my land / Take me where I cannot stand / I don't care, I'm still free / You can't take the sky from me / Take me out to the black / Tell 'em I ain't comin' back / Burn the land and boil the sea / You can't take the sky from me / There's no place I can be / Since I found serenity / But you can't take the sky from me. (opening song, "Firefly")

1. Program updates
2. Sony Playstation Network debacle
3. Reminder about event-based malware (Osama Bin Laden's death)

1. Program updates:

a. Security update for Adobe Flash Player. Remember that you need two versions of Adobe Flash Player - one for Internet Explorer and another for plug-in based browsers like Firefox and Opera. The easiest way to get these is to visit Adobe.com with IE and then again with Firefox. When you click on the download for Adobe Flash Player, you'll get the correct one for your browser.

http://www.adobe.com/

Reminder - Adobe is expected to update Reader X to 10.0.2 on or about June 14, 2011.

b. iTunes 10.2.2:

32-bit - http://www.apple.com/itunes/download/
64-bit - http://support.apple.com/kb/DL1047

c. Firefox 4.0.1 - http://www.mozilla.com

d. Thunderbird 3.1.10 - http://www.mozillamessaging.com/en-US/thunderbird/

e. Java 6 Update 25 (install both the 32 and 64-bit versions if you have a 64-bit OS) - http://java.com/en/download/manual.jsp

2. Presumably news about the Sony Playstation Network debacle has filtered down even to the general media. In case you haven't heard about it, go to Google News and user the search term "Sony Playstation network".

http://news.google.com/news/search?aq=f&pz=1&cf=all&ned=us&hl=en&q=Sony+Playstation+network

Even if you didn't get an email from Sony, if you own a Playstation and ever purchased content from the PSN or were a member it would be wise to keep a close watch on your credit card. I'm not saying you should panic*; a visit to your credit card statement online takes only a few minutes. Athough it has been several years since we bought anything from the PSN, I'm checking my credit card activity daily for a while. It's a good thing to check your credit cards and bank accounts regularly anyway.

*Sony says the credit card information *was* encrypted, but better safe than sorry (as my imaginary Aunt Edna always said).

http://nakedsecurity.sophos.com/2011/04/26/playstation-network-hacked-personal-information-of-up-to-70-million-people-stolen/
http://nakedsecurity.sophos.com/2011/04/28/sony-says-credit-card-details-were-encrypted-but-questions-still-remain/

And on a related note - Regarding keeping track of passwords, here's a short but informative article:

http://www.howtogeek.com/61297/what-you-said-how-you-keep-track-of-your-passwords/

Personally, I'm old-school and keep a spreadsheet with my passwords and important information such as software product keys and serial numbers.

http://lifehacker.com/#!5796816/why-multiword-phrases-make-more-secure-passwords-than-incomprehensible-gibberish

3. I'm sure all the EBC Reports readers are wise to this, but always remember that big news events are rapidly followed by scummy people trying to infect your computer with malware. Naturally there are already "tricks" based on Osama Bin Laden's death appearing. Don't click on links in Facebook, emails, etc. Use legitimate news websites instead. This article from Sophos has good information about how to protect yourself.

http://nakedsecurity.sophos.com/2011/05/02/osama-bin-laden-dead-so-watch-for-the-spams-and-scams/

Back to top
Home

5-7-11 - "As stupid as you must think them, the Scarrans have managed to build one of the most extensive empires in the Galaxy in part - and I shall repeat this because it does not seem to sink in - by not advertising the location of their secret bases." -- Sikozu ("Farscape")

1. Hoaxes - Please don't spread them
2. Rogue security programs targeted at Mac OS X (and one for Windows)
3. Skype vulnerability on Mac OS X

1. Here is an excellent article about how to identify and avoid spreading hoaxes on the Internet with links to great resources. I get a lot fewer of those wildly excited "OMG forward this to everyone you know" emails than I used to. I don't know if my correspondents are becoming more savvy or if they now know better than to send that sort of cr*p to me, but either way I'm happy about it. If you're not that lucky, consider sending this link to the offenders.

http://lifehacker.com/#!5798308/how-to-identify-and-avoid-spreading-misinformation-myths-and-urban-legends-on-the-internet

2. Rogue security software for Mac OS X. Don't install MACDefender!

http://blog.intego.com/2011/05/02/intego-security-memo-macdefender-fake-antivirus/
http://nakedsecurity.sophos.com/2011/05/02/mac-users-hit-with-fake-av-when-using-google-image-search/
http://osxdaily.com/2011/05/02/macdefender-malware-mac-protect-and-remove/

More rogues aimed at Macs:

http://nakedsecurity.sophos.com/2011/05/07/mothers-day-search-terms-lead-to-mac-rogue-security-software/
http://nakedsecurity.sophos.com/2011/05/06/mac-fake-anti-virus-attack-dirty/
http://nakedsecurity.sophos.com/2011/05/06/mac-fake-anti-virus-attack-adopts-new-disguise/

I still don't think you need an antivirus on OS X but if you want one here are some good choices:

Intego VirusBarrier - http://www.intego.com/
Sophos - http://www.sophos.com/en-us/products/endpoint/endpoint-security-and-data-protection/components/anti-virus-protection/mac.aspx
Avast - http://www.avast.com/mac-edition

And of course the rogues for Windows are still going strong:
http://nakedsecurity.sophos.com/2011/05/05/fbi-says-youve-been-visiting-illegal-websites-its-a-malware-attack/

3. There was a serious problem with Skype on Mac OS X machines only (Windows and Linux versions of Skype were not affected) whereby an attacker could send a message with which they could gain remote control of the victim's machine. Apparently this would have had to be a targeted attack so it was not prevalent in the wild. However, Skype issued an update to close the vulnerability. If you get a notice from your Skype program to update, you should do so. Here is the relevant information:

http://blogs.skype.com/security/2011/05/security_vulnerability_in_mac.html
http://www.tuaw.com/2011/05/07/skype-security-flaw-already-patched-but-you-have-to-download-ma/

Back to top
Home

5-28-11 - Microsoft Cooperation is actually a secret Ferengi-Klingon alliance designed to cripple the Federation. The Ferengi are doing the marketing and the Klingons are writing the code. -- The Klingon Programmer

1. Antivirus on Mac OS X
2. Update to Adobe Flash 10.3
3. New Amazon.com Mac Store
4. Mozy Online Backup update
5. Recycling

1. With all the news about malware rogue "security" programs targeting Mac OS X and after I actually got flashed by one of those programs (from a Google search link), I thought I'd install an antivirus on my Macs and see how it goes. I chose Sophos Anti-Virus for Mac because 1) Sophos is a well-known, well-regarded security company which usually targets business clients; 2) their Mac Home Edition protection is free. If I were going to purchase an antivirus I would buy protection from ESET because I know and like it best on Windows (NOD32). Here's a "non-alarmist" article about security on Mac OS X:

http://gizmodo.com/5800729/the-non+alarmists-guide-to-mac-malware-protection

So onward to get the Sophos program:

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

In addition to helping users with the free Mac antivirus program, Sophos has also set up a MacTalk forum to provide support.

http://openforum.sophos.com/t5/MacTalk/ct-p/FTT_MAC

After the download is finished, double-click the .dmg file. Then double-click the Sophos Anti-Virus Home Edition.mpkg. Don't bother with the "Before You Install.html" because it doesn't tell you anything useful. Go through the easy installation wizard. Another nice feature of this program is that it comes with its own uninstaller should you decide you don't want it any more. You will need to know an administrative password for the installation. Now you will see a black shield in your menu bar at the top of your screen. You can control-click or right-click on it to set preferences, open the program, run scans, etc. The default preferences look fine and you shouldn't need to change anything.

Update: I see that The Bad Guys have now created a rogue which doesn't require a password to install on OS X. This blog post details the rapid development of rogues for Mac OS X:

http://nakedsecurity.sophos.com/2011/05/26/apple-malware-evolved-no-password-required/

At the end of the blog post is a link for the free Sophos antivirus. Go ahead and download/install it as a precautionary measure. I installed Sophos Anti-Virus Home on my three Macs which are of varying ages and power and have noticed no impact to performance at all in the few weeks since I did the installations. Sophos did pop up and complain about a Windows password cracking program I had on a USB thumb drive so I know it works. I'm now officially recommending installing an antivirus on Macs, especially since there are free ones available.

http://lifehacker.com/5805609/how-to-protect-your-computer-from-mac-defender-and-macguard

2. Adobe has updated its Flash Player to 10.3. Since Flash is a point of attack, you should update it. You can now manage your cookies for privacy issues in Flash 10.3. Both Windows and Mac OS X have a new Control Panel/System Preferences applet which allow you to fine-tune your Flash Player settings.

http://www.theregister.co.uk/2011/05/13/adobe_flash_10_point_3/

Remember to get both versions of Flash if you run Windows, the one for Internet Explorer and the one for plugin-based browsers like Firefox.

http://www.adobe.com

3. Amazon.com has opened an online store for Mac which is in direct competition with Apple's Mac App Store. As we all know, competition is beneficial to consumers so this is A Good Thing. The Amazon Store already offers software unavailable for download from the Apple Apps Store: Microsoft Office 2011 for Mac. I'll definitely be taking a look at Amazon's offerings for my Macs since I don't care for the Apple App Store at all. The Amazon Mac Store downloads require OS X 10.5 and higher.

http://lifehacker.com/5805964/amazon-launches-its-own-mac-app-store-and-gives-you-5-to-try-it
http://www.theregister.co.uk/2011/05/27/amazon_mac_download_store/
http://www.amazon.com/gp/feature.html/?&docId=1000691231

4. Update on Mozy Online Backup - When setting up online backup for a client yesterday, I noticed that Mozy is now offering 125GB of storage covering 3 computers for $9.99/month for the Home program. This is in addition to their regular Mozy Home 50GB for a single computer at $5.99/month. This makes Mozy Home a lot more attractive in my opinion and proves that (as I wrote in #3 above) competition is good for consumers.

http://www.mozy.com

5. Usually when I'm opening my bills I just grab the bill and return envelope and toss the rest of the inserts/ads. However in this month's utility bill there was a flyer from Electronic Recyclers International for a "RecycleAthon". According to the flyer they will take "Unlimited quantities" of computers, monitors, TVs, printers, copiers, and other electronic devices at no charge on June 25, September 10, and November 12, 2011. Their phone number is 559-442-3960, address is 2860 S. East Ave. (off Jensen & 99), and their website is www.electronicrecyclers.com. I haven't ever used this company since I usually do all my recycling at St. Anthony's School, but I thought it might be of interest to my local area readers.

Back to top
Home

6-4-11 - The void in his mind athrob for the soothing pressure of knowledge. -- Jack Vance, "The Dying Earth"

1. How did you pick up that rogue security program?
2. Online surveys
3. HP's exploding laptop battery recall
4. Apple security update

1. Over the last few years the most prevalent malware infections I've seen on Windows machines are by the many variants of rogue security programs. (We call them "rogue" because these programs pretend to be the good guys but are really the bad guys.) After I've cleaned these computers, their owners invariably ask me, "How did I get infected?". I usually say something along the lines of "You clicked on something" or "You went to a poisoned webpage and you hadn't updated your software and so you were vulnerable". Fellow tech Kerry Brown posted an excellent summary of "How It Happened" on a mailing list to which I belong and I liked what he said so much I asked him if I could quote him. Because he's a super guy he said "sure" and so here it is:

"It is done with very sophisticated social engineering and people not keeping Windows, Java, Flash, Adobe, etc. up to date. If you happen to visit an infected web site a very well-crafted screen pops up saying you are infected, please click here to fix it. The screen looks very legitimate. Even so most people realise it is not legitimate. They click on the Close button, or a button that says Scan Later. Of course that button does something else entirely like download a Trojan. If everything is not up to date just visiting the infected site will get you infected. They don't need you to click on anything. This is a very big business, millions of dollars per month. They run very sophisticated black hat seo to poison Google searches. Whenever a natural disaster happens within hours searching for the disaster will likely take you to infected sites. They run their own sites and they hack into legitimate sites. They run ads on legitimate sites. It has nothing to do with ignorance and stupidity. It is more to do with just happening to be in the wrong place at the wrong time. The only defence is to keep every program on your computer up to date. Few if any AV programs will stop the screen from popping up.

"If you happen upon an infected site do not click anywhere on any window of any open program. The best thing to do at that time is to press and release the power button and let windows shut down. If Windows won't shut down press and hold the power button until it does. Immediately start in safe mode and run an AV scan. You may even want to consider restoring to a restore point before the infection before booting to normal mode. Vista and Win 7 running as a standard user with UAC on gives you some protection. Usually the infection will be limited to the user profile. You can log in as an administrative user and clean that profile. XP does not give you any protection because it's not really possible to run as a standard user. If you're running XP and happen upon an infected site there is a good chance you will be infected no matter what you do. At the very least there will be a Java Trojan in your cache just waiting for an opportunity to run."

2. I had a client bring in an infected XP box and she mentioned that she was making money doing online surveys. I did a little research about this while cleaning up her machine and came up with some links which may be useful to some of you.

http://www.scambusters.org/onlinesurveys.html
http://www.scambusters.org/onlinesurveys2.html
http://www.surveypolice.com/
http://www.complaintsboard.com/?search=online+surveys&everything=Everything

A lot of the links I got by Googling "online survey scams" brought up sites purporting to give the reader information to protect them but which really are a doorway to "How to make money with online surveys, The Real Deal!" and which are probably scams themselves. Frankly, I would stay away completely from the online survey, work-from-home stuff. (And I did have to reinstall Windows for that client.)

3. HP's yearly exploding laptop battery recall - http://www.theregister.co.uk/2011/05/31/hp_laptop_battery_recall/

If your model is on the list, get a new battery from HP - http://bpr.hpordercenter.com/hbpr/

4. Apple has released Security Update 2011-003 for OS X 10.6.7, which protects against the MacDefender malware. Of course you should install this update, but I still suggest further protection with the free Mac Anti-Virus Home from Sophos. Note that this update is only for Mac OS X 10.6.7. (Snow Leopard); earlier versions aren't supported. If you don't know what version of OS X you have, click on the little apple at the far left corner of your screen and then click on "About This Mac".

http://blog.intego.com/2011/06/01/apple-issues-macdefender-security-update/
http://support.apple.com/kb/HT4657

Either use Software Update to get the patch or you can download it from here - http://support.apple.com/kb/DL1387

Update: Of course the malware writers circumvented Apple's patch less than 8 hours after it came out. Best to stick with a combination of common sense and an antivirus.

Back to top
Home

6-9-11 - "Ten percent of this plan is lunacy, fifty percent of these riches is not enough, one hundred percent of dead is dead." -- Rygel the 16th, Dominar of Hyneria ("Farscape")

1. Program updates
2. Apple news from the Worldwide Developers' Conference on 6/6
3. General malware links of interest

1. Program updates

a. Update to Adobe Flash Player to fix a cross-site scripting bug - http://krebsonsecurity.com/2011/06/flash-player-patch-fixes-zero-day-flaw/

The update brings Flash for Internet Explorer to version 10.3.181.23, for Firefox and other plugin-based browsers on Windows and OS X to 10.181.22.
http://www.adobe.com/software/flash/about/

Browse to the Adobe Download Center with the browsers you have installed to get the right version(s) - http://get.adobe.com/flashplayer/

b. iTunes 10.3.1 - http://www.apple.com/itunes/download/

For Windows 7/Vista 64-b9t - http://support.apple.com/kb/DL1047

c. Java 6 Update 26

http://www.theregister.co.uk/2011/06/08/java_security_update/
http://java.com/en/download/manual.jsp

Get both the 32 and 64-bit versions if you have Vista/Windows 7 64-bit.

2. News from Apple's Worldwide Developers' Conference in San Francisco 6/6:

a. A single purchase of the new version of Mac OS X - Lion - costing only $29.99 will install on all of your Macs. Lion will be on sale in July via the Mac App Store only. It is a 4GB download and will require no rebooting. You can only upgrade to Lion from the latest version of Snow Leopard. Apple has also announced that anyone purchasing a new Mac between 6/6 and the July release of Lion will be eligible to receive Lion free. Most certainly I don't recommend upgrading on day one! Best to wait and see what everyone else says and then decide if this upgrade is right for you.

http://www.apple.com/macosx/
http://www.apple.com/macosx/whats-new/features.html
http://www.tuaw.com/2011/06/06/if-lion-is-your-future-make-sure-snow-leopard-is-your-present/
http://www.tuaw.com/2011/06/06/lion-requirements-64-bit-cpu-2-gb-of-ram/

Another interesting development is that Mac OS X Lion Server will be available for $49.99 (as opposed to the many hundreds - sometimes thousands - of dollars a Windows server costs).

http://www.apple.com/macosx/server/

b. iCloud - the replacement for MobileMe. It appears that Apple's idea is to have everything you store - documents, apps, pictures, mail, etc. - available from any device you happen to be using at the time.

http://www.apple.com/icloud/what-is.html
http://www.tuaw.com/2011/06/06/icloud-named-as-successor-to-mobileme-will-be-free-service/
http://www.tuaw.com/2011/06/06/mobileme-stays-live-through-june-30-2012/

Another (negative) take on iCloud - http://www.theregister.co.uk/2011/06/09/public_cloud_lock_in/

As an aside, I found this article on ArsTechnica about how to sync devices without Apple:
http://arstechnica.com/gadgets/2011/06/icloud-without-apple-your-platform-agnostic-alternativesicloud-without-apple-your-platform-agnostic-alternatives.ars

c. Some good roundups of the WWDC's announcements:

http://www.tuaw.com/2011/06/06/what-mac-owners-need-to-know-after-todays-wwdc-announcements/
http://arstechnica.com/apple/

3. General malware articles of interest:

a. UPS and DSL fake notices spreading rogue anti-virus:
http://nakedsecurity.sophos.com/2011/06/09/united-parcel-service-malware-attack-spreads-fake-anti-virus/

b. Fake anti-virus rogue prenteds to be from Microsoft Update:
http://nakedsecurity.sophos.com/2011/06/09/fake-anti-virus-cloaks-itself-to-appear-to-be-microsoft-update/

c. Still with the malicious greeting card emails!
http://nakedsecurity.sophos.com/2011/06/08/ive-just-received-a-malicious-christmas-card-in-june/

d. Tips for avoiding Mac malware:
http://nakedsecurity.sophos.com/2011/06/07/more-mac-malware-top-tips-for-avoiding-infection/

Back to top
Home

6-21-11 - Dismount and kneel before me, that I may strike off your head with fullest ease. You shall die in this tragic golden light of sunset. — Torqual ("The Green Pearl" by Jack Vance)

1. Program updates
2. Managing Facebook privacy
3. Should you change your passwords?

1. Program updates

a. Adobe Reader, Adobe Flash Player (yes, another one), Adobe Shockwave Player

http://www.adobe.com

http://www.adobe.com/support/security/bulletins/apsb11-16.html
http://www.adobe.com/support/security/bulletins/apsb11-18.html
http://www.adobe.com/support/security/bulletins/apsb11-17.html

Reminder: You need two versions of Flash: one for Internet Explorer and one for plugin-based browsers like Firefox.

b. Firefox 5.0 for Windows and OS X - http://www.mozilla.com

2. It has been a while since I've made a post about Facebook. So many scams and scumminess, so little time! Anyway, the excellent Lifehacker.com has a new guide about managing your Facebook privacy here:

http://lifehacker.com/5813990/the-always-up+to+date-guide-to-managing-your-facebook-privacy

3. Here's a rather good article from Sophos about whether you should change your passwords in light of the recent hacking fests:

http://nakedsecurity.sophos.com/2011/06/21/lulzsec-anonymous-should-i-change-my-password/

It gives a link to a site where you can check to see if any of your email addresses were compromised, but you can go there directly from here if you like:

https://shouldichangemypassword.com/

The NakedSecurity blog from Sophos is a good source of easy-to-understand security news. I also like them because they aren't too self-serving and keep it current.

http://nakedsecurity.sophos.com/

Back to top
Home

7-3-11 - “Those who desire to give up freedom in order to gain security will not have, nor do they deserve, either one.” -- Benjamin Franklin

1. Mac OS X Updates
2. Thunderbird update
3. Microsoft Office 2010 Service Pack 1
4. Fake security software article
5. Tumblr targeted by malware
6. Fourth of July links

1. Mac OS X 10.6.8 Update - Prepares your Snow Leopard machine for the Mac OS X Lion update and includes other bug and security fixes. Use Software Update to get it or download it here - http://support.apple.com/kb/DL1400

Apple has also released a security update for Leopard (10.5.8) for those of you still using that older Mac operating system - http://support.apple.com/kb/DL1404

2. Thunderbird 5.0 - https://www.mozilla.org/en-US/thunderbird/

3. Microsoft Office 2010 Service Pack 1 is now available from the Download center. If you have installed all Office Automatic Updates, you will also see SP1 available as a manual download from Microsoft Update. After a 90 day grace period, SP1 will be offered as an automatic update through Microsoft Update. Customers using the Office Click-to-Run technology will have SP1 streamed to them beginning in July.

Office 2010 and SharePoint 2010 Service Pack 1 Availability - Office Sustained Engineering - Site Home - TechNet Blogs:
http://blogs.technet.com/b/office_sustained_engineering/archive/2011/06/28/announcing-office-2010-and-sharepoint-2010-service-pack-1-availability.aspx

32-bit version - http://www.microsoft.com/download/en/details.aspx?id=26622
64-bit version for the 3 of you who installed this version by mistake ;-) - http://www.microsoft.com/download/en/details.aspx?id=26617

4. Here is one of the best general informational articles I've read about fake security software. It lays the situation out clearly so anyone can understand it. This article also answers the question I most frequently get from owners of infected machines: "Why didn't my antivirus catch this?". I've previously covered how to protect yourself but I thought this article was so good at explaining the situation that it was worth passing onto EBC Reports readers.

http://www.technologyreview.com/computing/37718/?p1=A2

5. As the social networking site Tumblr becomes more popular it also becomes a venue for malware. As detailed in this article from The Register, "Smut lure powers Tumblr phish scam":

"It seems that an attack that began with a low-level attack designed to trick users into handing over their login credentials in order to take a test and join the "Tumblr IQ Society" last Thursday has morphed into a more potent and widespread attack using a more salacious lure."

http://www.theregister.co.uk/2011/06/29/tumblr_phish_scam/
http://blog.eset.com/2011/06/28/do-you-use-tumblr-beware

The Register's article includes a link to a blog post by Eset's Randy Abrams with good practices to help avoid phishing scams like the Tumblr one. Direct link:

http://blog.eset.com/2011/06/01/gmail-accounts-under-attack

6. Some Fourth of July links:

Food! Yum!

http://www.seriouseats.com/2011/06/july-4th-bbq-barbecue-recipes-tarts-steak-salads.html
http://www.seriouseats.com/2011/06/recipes-for-fourth-4th-of-july-menu-grilling-sides-salads-dips.html
http://www.seriouseats.com/2010/07/fourth-of-july-menu-planner-recipes-grilling-salads-burgers-desserts.html
http://www.seriouseats.com/2010/07/grilling-how-to-get-perfect-grill-marks.html

A compendium from our Government which includes links to the history, the Declaration of Independence (naturally!), music, recipes, fireworks and other safety tips, etc.:

http://www.usa.gov/Topics/Independence_Day.shtml

Looking for fireworks shows? Just go to Google and use the search term, "4th of July fireworks shows [city, state]".

Let's not forget http://www.fireworksafety.com/ either.

Have a great holiday everyone!

Back to top
Home

8-8-11 - "You can get much further with a kind word and a gun than you can with a kind word alone." - Al Capone

1. Various program updates
2. Mac OS X Lion
3. Google Takeout
4. Apple iCloud

1. Various program updates:

a. Thunderbird 5.0 - http://www.mozilla.org/en-US/thunderbird/

b. Firefox 5.0.1 - http://www.mozilla.com/en-US/firefox/new/

c. Java SE 7 - http://www.oracle.com/technetwork/java/javase/downloads/java-se-jre-7-download-432155.html
(If you have Windows 32-bit you want x86; download the x64 version for your 64-bit operating system.)

d. iTunes 10.4 - http://www.apple.com/itunes/download/ (32-bit); http://support.apple.com/kb/DL1427 (64-bit)

e. Microsoft Office 2010 Service Pack 1

32-bit version:
http://www.microsoft.com/download/en/details.aspx?id=26622

64-bit version for the 3 of you who installed this version by mistake:
http://www.microsoft.com/download/en/details.aspx?id=26617

2. For the Mac users among us - Mac OS X 10.7 Lion came out in July. Here are some useful links about it:

http://www.apple.com/macosx/
http://www.tuaw.com/2011/08/08/mac-101-should-i-upgrade-my-mac-or-buy-a-new-one/
http://www.tuaw.com/2011/07/20/links-to-all-our-lion-tips-in-one-convenient-place/
http://www.cultofmac.com/category/how-to
http://arstechnica.com/apple/reviews/2011/07/mac-os-x-10-7.ars

3. Google has launched Google Takeout, a way for you to download your data from several Google products. After all, if you are putting your life online you should still insure that it is backed up somewhere besides just on Google's servers.

http://lifehacker.com/5816363/google-takeout-liberates-your-google-data-in-one-click
https://www.google.com/takeout/

4. Apple announced pricing for their online storage iCloud, which replaces MobileMe sometime this fall. It seems pretty pricey to me when compared to DropBox and other backup solutions. Apple says that your *purchased* music, apps, books, and TV shows don't count but how much of your music and photos *weren't* purchased from Apple? If you *only* buy from Apple (and obviously that's what Apple wants) I suppose iCloud could be OK. It is nice that it syncs your data to all your various devices but...

http://osxdaily.com/2011/08/01/icloud-pricing-plans/
http://www.apple.com/icloud/

Back to top
Home

9-22-11 - "The future is here. It's just not evenly distributed yet." -- William Gibson

1. Various product/operating system updates
2. Backing up - a cautionary tale

1. Updates

a. Adobe product security updates - http://blogs.adobe.com/psirt/

Adobe has updated their Reader to 10.1.1 and yesterday issued updates to Flash to fix a critical security vulnerability that is already being exploited in the wild. So go to http://www.adobe.com and update your Flash Players (one for Internet Explorer and one for plugin-based browsers like Firefox and Chrome).

b. Firefox 6.0.2 and Thunderbird 6.0.2

http://www.mozilla.org/en-US/firefox/new/
http://www.mozilla.org/en-US/thunderbird

c. iTunes 10.4.1

http://www.apple.com/itunes/download/
Windows 64-bit - http://support.apple.com/kb/DL1427

d. Mac OS X Lion 10.7.1 - bug fixes

http://support.apple.com/kb/DL1437
http://support.apple.com/kb/DL1439 (MacBook Air & Mac Mini 2011)

2. Another cautionary tale about backing up:

Here's a clear illustration for you about why taking control of your own backups is so important: I had a client bring me a heavily infected laptop running Vista the other day. I quickly determined that cleaning wasn't feasible so I backed up all her data - or so I thought - prior to starting over for her.

Later she called me saying that while everything was working beautifully, she couldn't find a few spreadsheets. During our conversation it came out that she had kept these files in a folder in the Contacts directory. Although I'm very thorough in looking for data to back up, I would never have thought to look for files there since she wasn't using Windows Mail. There are literally hundreds - if not thousands - of folders in a Windows operating system. If you decide to squirrel files away somewhere odd, then it's vital that you understand that a tech will not know where your Seekret Stash is unless you tell him/her. Luckily for my client (and to my great relief), she had burned discs to back up these files.

I still think an automatic backup system is best and I still think Mozy is the best solution for home users if your data isn't more than 125 Gigabytes in size and doesn't reside on network drives. If you need help setting up a backup program and you're one of my clients, I'm happy to advise. However you choose to protect your precious data, make sure you do it! :-)

Back to top
Home

9-28-11 - "Don't believe anything you read on the net. Except this. Well, including this, I suppose." -- Douglas Adams

1. Invalid security certificates
2. Facebook changes
3. Mac OS X trojans
4. Firefox update

1. While surfing, you may get a popup from your browser that says something like this:

    [Somename].com uses an invalid security certificate. The certificate is only valid for the following names: [list of several different domain names].
    (Error code: ssl_error_bad_cert_domain)

    This could be a problem with the server's configuration or it could be someone trying to impersonate the server. If you have connected to this server successfully in the past
    the error may be temporary and you can try again later.

The popup means that the website you are trying to go to has an invalid security certificate so you might not want to go there. The certificate that [Somename].com is offering your browser to show it's legitimate really belongs to [Some-other-name].com.

While [Somename].com might not be serving up malware, I certainly wouldn't want to continue onto whatever website you were aiming for. If the website where you were trying to go is one you use a lot (like Hotmail or another big legitimate site), then you can just wait a few minutes and see whether things get straightened out. If the error persists, you can contact their webmaster and tell them there is a problem with their site.

Here is a quote from Microsoft explaining what a security certificate is:

"A website's certificate provides identification of the web server. If the certificate has an error, it might indicate that your connection has been intercepted or that the web server is misrepresenting its identity."

And here are a few links explaining certificate errors more thoroughly (user-friendly, don't worry!):

http://www.verisign.com/ssl/ssl-information-center/how-ssl-security-works/
http://ask-leo.com/what_does_there_is_a_problem_with_this_websites_security_certificate_mean_and_what_should_i_do.html

In view of the recent hacking of DigiNotar, a Dutch certificate authority, I would take any messages about invalid security certificates quite seriously.

http://www.bbc.co.uk/news/technology-14819257
http://www.f-secure.com/weblog/archives/00002228.html

2. Since I'm not a Facebook user I haven't been following the "new Facebook" details. But for those of you who are, here's a good article:

"Everything You Need to Know About the New Facebook" - http://gizmodo.com/5842921/facebook-timeline-this-is-how-we-share-now

3. A new example of an OS X trojan has been discovered by F-Secure. The malware poses as a .pdf file. Here's the write-up from Sophos:

http://nakedsecurity.sophos.com/2011/09/23/mac-os-x-trojan-hides-behind-malicious-pdf-disguise/

From the article: "As our friends at F-Secure point out, we have seen plenty of Windows malware in the past which has pretended to be a PDF rather than an EXE - sometimes using techniques such as the double-extension trick (for instance, filename.PDF.EXE)."*

*(And this is why I always set Windows to show the file extensions. Control Panel>Folder Options>View tab>uncheck "Hide Extensions for Known File Types".)

You can configure OS X to show file extensions by clicking on Finder in your menubar then Preferences>Advanced>check "Show all file extensions".

And here's another Mac trojan posing as an Adobe Flash update:

http://nakedsecurity.sophos.com/2011/09/28/flashbackmac-backdoor-trojan/

Ah, the perils of being a popular operating system! I wouldn't panic over any of this, but Mac users need to be aware of what they're doing more than ever. As I've said before, I've taken to installing the free Sophos Anti-Virus for Mac Home Edition on my Macs and those belonging to clients.

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

4. Firefox 7.0 - http://www.mozilla.org/en-US/firefox/fx/

BTW, when I Googled for "Firefox 7" (DON'T DO THAT!), a fake site came up. Now I see that the Sophos blog has a write-up on it.

http://nakedsecurity.sophos.com/2011/09/28/not-the-real-firefox-7-website-be-wary-of-googles-search-results/

Remember, only get popular programs like Firefox from their official websites.

Back to top
Home

10-19-11 - "It's not the end of the world, but you can see it from here." -- Eliza, Deus Ex: HR

1. Cloud storage comparisons
2. iCloud
3. Program updates

1. Here's a good comparison of various cloud storage solutions - http://gizmodo.com/5828035/the-best-way-to-store-stuff-in-the-cloud

Note that although Mozy is included in the roundup, this article isn't about backup strategies; it's about storing data "in the cloud" so you can access it from various locations and devices.

2. Apple's iCloud is now available. To use it, you need to update your hand-held devices to iOS 5. For computers, you need Lion 10.7.2.

Lion 10.7.2 - updates Safari, includes support for iCloud, and has general OS fixes for stability and security - http://support.apple.com/kb/DL1459
Apple also has released a Lion Recovery Update - http://support.apple.com/kb/DL1464

http://www.apple.com/ios/
http://www.apple.com/icloud/
http://www.apple.com/icloud/setup/

Here are various articles about iCloud from my favorite DIY site, Lifehacker.com:

http://lifehacker.com/5850516/should-i-switch-to-icloud-from-google
http://lifehacker.com/5850859/how-to-migrate-all-your-data-to-icloud-from-google-with-minimal-fuss
http://lifehacker.com/5850167/configure-icloud-for-multiple-apple-ids
http://lifehacker.com/5846377/how-to-set-up-icloud-in-ios-5

3. Some other program updates:

Firefox 7.0.1 - http://www.mozilla.org/en-US/firefox/new/
Flash 11 - http://get.adobe.com/flashplayer/

iTunes 10.5 (no longer includes QuickTime so get it separately if you need it):

http://www.apple.com/itunes/download/
http://support.apple.com/kb/DL1427 (64-bit installer)
http://www.apple.com/quicktime/download/

For those of you on Java 7, we now have JRE 7 Update 1. Those of you still on Java 6, download JRE 6 Update 29:
http://www.oracle.com/technetwork/java/javase/downloads/index.html

Note that you still need to install Java x86 and Java x64 if you have a 64-bit system.

Back to top
Home

11-9-11 - "My hovercraft is full of eels." -- Monty Python, from the "Dirty Hungarian" sketch

1. Examples of why I tell people not to click on links on social networking sites (Facebook, Twitter)
2. Microsoft Office 2007 Service Pack 3
3. Website tracking
4. Quick check for email compromise
5. Firefox 8
6. Another online legal music website

1. Examples of why I tell people not to click on links on social networking sites (Facebook, Twitter):

a. Shop for free gift card scams - here's one for the British store Tesco but as the article shows, the scams can reference Pizza Hut, Starbucks, and other well-known U.S. shops too - http://nakedsecurity.sophos.com/2011/10/23/shop-for-free-at-tesco-beware-its-another-facebook-gift-card-scam/

b. "Found a funny picture of you!" Twitter phishing attack - http://nakedsecurity.sophos.com/2011/10/23/found-a-funny-picture-of-you-twitter-phishing-attack/

c. Photos of dead people in the news (here it's Gaddafi) and/or celebrities - http://nakedsecurity.sophos.com/2011/10/21/malware-attack-poses-as-bloody-photos-of-gaddafis-death/

d. Facebook lottery email scams - http://nakedsecurity.sophos.com/2011/10/24/beware-facebook-lottery-email-scams/

e. http://nakedsecurity.sophos.com/2011/11/01/halloween-suicide-scam-facebook/

And just to top things off, http://documentary.net/what-facebook-knows-about-you/

2. Microsoft has released Service Pack 3 for Office 2007. If you are using Microsoft Update (as opposed to Windows Update), this should have shown up with the regular updates this past (Patch) Tuesday. From Microsoft:

"On October 25, Microsoft released Microsoft Office 2007 Service Pack 3. KB Article 2591039 (http://support.microsoft.com/kb/2591039) contains technical details about SP3, while 2526086 (http://support.microsoft.com/kb/2526086) contains general information. Because Office service packs are cumulative, you do not have to install Service Pack 1 or Service Pack 2 before you install Service Pack 3. Service Pack 3 includes all fixes which were included in Service Pack 1and Service Pack 2."

http://support.microsoft.com/kb/2526086

Service Pack 3 for the Office Compatibility Pack (used to give Office 2003 and earlier the ability to open files created in Office 2007 and later) is also available.
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=27836

3. For those concerned about website tracking, here's an interesting article from The Register, "How websites use your browser to sell you for cash": http://www.theregister.co.uk/2011/11/01/how_to_stay_anonymous/

4. Here's a new website where you can plug in your email address or username to see if it has been compromised - https://pwnedlist.com/
Their About/FAQ is worth reading, too - https://pwnedlist.com/learn

5. Firefox 8 is out now - http://www.mozilla.com

6. Largeheatedboy.com is "a music blog featuring daily free and legal music downloads as well as news grom the worlds of music, literature, and pop culture".
http://blog.largeheartedboy.com/

Don't forget to check out his links to online sources for free and legal music downloads, too - http://www.largeheartedboy.com/blog/archive/2011/10/100_online_sour.html

Back to top
Home

12-11-11 - "Sometimes people are like cats. You point something out to them and they look at your finger." -- Christopher Moore

1. iTunes Match, Google Music
2. Adobe & Picasa updates
3. Google Chrome
4. Download.com mess

1. Apple has released their music-in-the-cloud service, iTunes Match. Here's a good explanation of what iTunes Match is and whether you will want to subscribe:

http://lifehacker.com/5859343/what-is-itunes-match-and-should-i-subscribe

Continuing with the topic of music, Google has opened its Music Store. Here is a good comparison of the Big Three services (Google, Amazon, and Apple iTunes) and information about setting up Google Music:

http://gizmodo.com/5860885/google-music-vs-amazon-mp3-vs-itunes-which-online-music-store-is-the-best-for-you
http://lifehacker.com/5860789/best-practices-for-setting-up-google-music

2a. Adobe updates

If you haven't updated Flash lately, Adobe released a critical update to close some nasty security holes. Flash now comes in 64-bit along with the older 32-bit version, so owners of 64-bit systems will need to download/install both of these. In addition, you still need different Flash players for plugin-based browsers like Firefox. So updating Flash thoroughly means downloading and installing 4 separate applications. The easiest way to do this is simply to go to Adobe's site and let the site choose for you. Unfortunately, the repellent Adobe Download Manager may try and shove other unwanted software on you so I do think it's worth just getting the updates yourself.

http://www.adobe.com/special/products/flashplayer/fp_distribution3.html

Also there is a new exploit of a critical vulnerability in Adobe Reader X (10.1.1) and earlier versions. According to Adobe, the attacks are targeted against Adobe Reader 9.x now. If any of you use this older Reader, it is definitely time to update to Adobe Reader X or switch to an alternate .pdf reader such as Foxit (see below). I have several clients who use business applications built on the older Adobe Reader and so they can't change. Those folks and any of you in the same boat need to put some pressure on the makers of these proprietary apps to update their code so their users are safe.

Adobe expects to post an update to the older Readers next week. They say that because Adobe Reader X and Acrobat X have Protected Modes built-in that these would prevent the exploit from executing. Updates to these newer Adobe products are expected on January 10th as part of the regularly scheduled quarterly update.

http://blogs.adobe.com/psirt/

Using an alternate .pdf reader like Foxit might be a good idea, too. I like Foxit and use it on my Windows machines. There is a free Reader as well as enterprise-level products. On my Macs I use the built-in Preview program which I find far better than Adobe or Foxit Reader. Here's where you can check out Foxit:

http://www.foxitsoftware.com

2b. Picasa, the excellent and free image management program from Google, has updated to version 3.9. They've added a lot of new features.

http://picasa.google.com/
http://support.google.com/picasa/bin/answer.py?hl=en&answer=93773
http://support.google.com/picasa/bin/picasa.google.com/support/bin/static.py?hl=en&page=release_notes.cs

3. There was an eye-opening (to me) article in The Register this week showing that Google Chrome is the safest browser now. As a long-time Firefox user, this definitely took me by surprise. I've switched over to Chrome on my machines and I'm quite happy with it. While not as configurable as Firefox, Chrome is definitely faster and I've gotten used to it. And most of you won't care about tinkering with your browser anyway. ;-) While Internet Explorer 9 is safer than previous versions, I've never been able to cope with its user interface. I find Firefox (and now Chrome) much easier to use in Windows. Because of the way malware snakes itself onto Windows machines (and Mac users aren't invulnerable either), I believe it's worth switching to Chrome or Internet Explorer 9 (whichever you like better). If you are still running Windows XP, you can't install IE9 and in that case Chrome should be your first choice.

http://www.theregister.co.uk/2011/12/09/chrome_ie_firefox_security_bakeoff/
https://www.google.com/chrome

4. We in the tech industry have known for a few months that the popular software download site Download.com (owned by CNET/CBS) had started to bundle toolbars and other software with its downloads. This is obnoxious but not dangerous. Now it has come out that Download.com is actually bundling malware, even with open source programs whose makers expressly forbid doing this. So stay away from Download.com! Filehippo.com is a good download site if you're looking for one but always be careful when you install a program - you never want to install toolbars anyway.

http://krebsonsecurity.com/2011/12/download-com-bundling-toolbars-trojans/
https://www.eff.org/deeplinks/2011/12/downloadcom-debacle-what-cnet-needs-do-make-it-right

Here are some related articles about the dangers of installing "free" software and how people get fooled into installing malware:

http://www.7tutorials.com/risks-watch-when-downloading-installing-free-software
http://www.zdnet.com/blog/bott/why-do-people-fall-for-trojans/3715
http://www.zdnet.com/blog/bott/stay-safe-online-5-secrets-every-pc-and-mac-owner-should-know/3542

Everyone here at Elephant Boy Computers (me and my vast number of minions*) wishes all of you the very nicest of Holiday Seasons and a Happy New Year. And to some of you (you know who you are): Merry Frelling Christmas!

*Yes, the truth is that the minions consist of two cats. I just like to pretend I command armies sometimes, OK? Don't judge me, man.

Cheers to all.

Back to top
Home

EBC Reports by Subject:

Apple	1-22-07; 5-29-07; 1-17-08; 12-17-08; 2-22-09; 3-5-09; 3-23-09; 3-28-09; 4-11-09; 6-6-09; 8-12-09; 9-10-09; 10-13-09; 3-10-10; 4-1-10; 4-24-10; 5-26-10; 6-2-10; 6-10-10; 6-29-10; 8-1-10; 8-17-10; 8-26-10; 9-6-10; 9-20-10; 10-8-10; 10-28-10; 11-14-10; 1-29-11; 3-11-11; 3-25-11; 5-2-11; 5-7-11; 5-28-11; 6-4-11; 6-9-11; 7-3-11; 8-8-11; 9-22-11; 9-28-11; 10-19-11; 12-11-11;
Attachments	12-22-02; 2-27-05; 6-2-05; 7-10-05; 1-2-06; 10-12-07; 10-24-07; 1-17-08; 10-16-08; 11-12-08; 5-26-10; 6-2-10; 11-14-10; 4-13-11;
Amusements, Web, Free Stuff	12-22-02; 2-23-03; 9-19-04; 3-20-05; 8-12-05; 9-11-05; 2-1-06; 3-27-06; 9-16-06; 11-3-06; 12-11-06; 1-3-07; 5-8-07; 7-11-07; 9-13-07; 12-16-07; 3-11-08; 11-27-08; 12-17-08; 4-29-09; 9-10-09; 9-25-09; 10-13-09; 11-30-09; 12-14-09; 4-1-10; 6-2-10; 9-6-10; 9-20-10; 2-15-11; 3-11-11; 7-3-11; 11-9-11;
Backing Up	2-12-03; 4-21-03; 4-28-05; 11-2-05; 12-8-05; 3-27-06; 4-28-06; 6-13-06; 7-11-07; 7-21-07; 4-29-09; 8-4-09; 8-26-10; 10-8-10; 1-29-11; 2-9-11; 5-28-11; 9-22-11;
Browsers Other Than IE	10-16-02; 5-29-04; 6-26-04; 2-10-05; 2-27-05; 4-28-05; 5-14-05; 7-10-05; 7-13-05; 9-11-05; 9-20-05; 11-30-05; 12-2-05; 1-26-06; 3-27-06; 11-1-06; 3-22-07; 9-13-07; 6-19-08; 10-16-08; 3-5-09; 3-28-09; 9-10-09; 3-21-10; 3-29-10; 4-14-10; 5-26-10; 6-2-10; 6-10-10; 6-29-10; 8-1-10; 10-28-10; 11-29-10; 1-29-11; 3-25-11; 6-21-11; 11-9-11; 12-11-11;
Computer Cleanliness	1-20-03; 1-01-05; 6-2-05; 7-10-05; 8-12-05; 9-11-05; 9-20-05; 10-12-05; 12-8-05; 1-2-06; 2-1-06; 4-28-06; 5-27-06; 7-12-06; 4-24-07; 10-12-07; 10-24-07; 11-3-07; 1-9-08; 1-17-08; 8-23-08; 11-12-08;
Domain Names	3-18-03; 9-6-10;
DRM Issues	11-30-05; 3-27-06; 4-23-08;
Email Clients, Alternate & Etc.	10-25-02; 12-2-05; 12-8-05; 1-26-06; 10-12-06; 4-24-07; 5-8-07; 9-13-07; 4-23-08; 1-24-09; 6-27-09; 3-21-10; 5-2-11;
Google	10-16-03; 10-12-05; 8-9-06; 4-1-10; 5-26-10; 2-9-11; 2-15-11; 3-11-11; 8-8-11; 12-11-11;
IM Issues	5-2-05; 10-12-05; 5-27-06; 1-30-08; 4-1-10;
Internet Explorer Security	10-16-02; 10-6-03; 6-26-04; 7-10-05; 9-20-05; 12-2-05; 1-2-06; 2-1-06; 3-27-06; 6-13-06; 6-15-06; 7-12-06; 4-3-07; 1-9-08; 10-16-08; 12-17-08; 2-7-10; 3-10-10; 3-29-10; 6-2-10;
IE7	10-12-06; 11-1-06; 2-7-10; 3-29-10; 6-2-10;
IE8	3-23-09; 4-11-09; 4-29-09; 2-7-10; 3-29-10; 6-2-10;
IE9	3-11-11; 3-15-11; 12-11-11;
Internet Safety	5-19-03; 5-2-05; 5-14-05; 7-10-05; 2-1-06; 12-11-06; 4-24-07; 5-29-07; 10-24-07; 11-3-07; 1-9-08; 1-17-08; 1-30-08; 3-11-08; 4-8-08; 6-19-08; 8-23-08; 10-16-08; 11-12-08; 11-27-08; 12-17-08; 2-9-09; 2-22-09; 3-5-09; 3-23-09; 3-28-09; 6-27-09; 9-25-09; 11-30-09; 12-14-09; 2-7-10; 2-12-10; 3-10-10; 3-21-10; 3-29-10; 4-1-10; 4-14-10; 4-24-10; 5-5-10; 5-16-10; 5-26-10; 6-2-10; 6-10-10; 7-10-10; 8-1-10; 8-17-10; 9-6-10; 9-20-10; 10-8-10; 10-28-10; 11-14-10; 11-29-10; 12-17-10; 1-29-11; 2-9-11; 3-11-11; 3-15-11; 3-25-11; 4-13-11; 5-2-11; 5-7-11; 5-28-11; 6-4-11; 6-9-11; 6-21-11; 7-3-11; 9-28-11; 11-9-11; 12-11-11;
Misc. Info	1-24-05; 2-27-05; 3-20-05; 4-28-05; 5-2-05; 7-13-05; 8-12-05; 9-11-05; 9-20-05; 10-12-05; 11-2-05; 11-30-05; 12-8-05; 1-26-06; 1-30-06; 2-1-06; 3-27-06; 4-28-06; 5-27-06; 6-13-06; 6-15-06; 7-12-06; 8-9-06; 9-16-06; 11-1-06; 11-3-06; 12-11-06; 1-2-07; 1-3-07; 1-22-07; 2-15-07; 4-24-07; 5-8-07; 7-11-07; 7-21-07; 9-13-07; 10-12-07; 11-3-07; 12-16-07; 1-9-08; 1-30-08; 3-11-08; 4-23-08; 6-19-08; 8-23-08; 10-16-08; 11-12-08; 11-27-08; 12-17-08; 1-24-09; 2-9-09; 2-22-09; 3-5-09; 3-23-09; 3-28-09; 4-29-09; 6-6-09; 6-27-09; 8-4-09; 9-10-09; 9-25-09; 10-13-09; 11-4-09; 11-30-09; 12-14-09; 3-10-10; 3-29-10; 4-1-10; 4-14-10; 5-5-10; 5-16-10; 6-2-10; 6-10-10; 6-29-10; 7-10-10; 8-17-10; 8-26-10; 9-6-10; 9-20-10; 10-8-10; 10-28-10; 11-29-10; 12-17-10; 1-29-11; 2-15-11; 3-11-11; 5-28-11; 6-4-11; 7-3-11; 8-8-11; 10-19-11; 11-9-11; 12-11-11;
Networking	9-16-06;
Online Music Sites	3-30-03; 10-16-03; 5-01-04; 5-14-05; 2-1-06; 11-3-06; 1-9-08; 4-23-08; 10-16-08; 12-14-09; 11-9-11; 12-11-11;
Patches & Upgrades	2-23-03; 5-14-04; 08-01-04; 08-07-04; 9-14-04; 9-19-04; 9-25-04; 1-16-05; 2-10-05; 2-27-05; 3-20-05; 4-28-05; 5-14-05; 6-2-05; 7-10-05; 7-13-05; 8-12-05; 9-11-05; 9-20-05; 10-12-05; 11-2-05; 11-30-05; 12-2-05; 1-2-06; 1-26-06; 1-30-06; 3-27-06; 4-28-06; 6-13-06; 6-15-06; 7-12-06; 8-9-06; 9-16-06; 10-12-06; 11-1-06; 11-3-06; 12-11-06; 1-2-07; 1-3-07; 1-22-07; 2-15-07; 3-22-07; 4-3-07; 4-24-07; 5-29-07; 7-11-07; 10-24-07; 2-22-08; 4-8-08; 4-23-08; 10-16-08; 11-12-08; 12-17-08; 1-24-09; 2-9-09; 2-22-09; 3-5-09; 3-23-09; 3-28-09; 4-11-09; 4-29-09; 5-9-09; 6-6-09; 6-27-09; 8-4-09; 8-12-09; 9-10-09; 9-25-09; 10-13-09; 11-4-09; 2-7-10; 2-12-10; 3-10-10; 3-21-10; 3-29-10; 4-1-10; 4-14-10; 4-24-10; 5-16-10; 6-2-10; 6-10-10; 6-29-10; 7-10-10; 8-1-10; 8-17-10; 8-26-10; 9-6-10; 9-20-10; 10-8-10; 10-28-10; 11-14-10; 11-29-10; 12-17-10; 1-29-11; 2-9-11; 2-15-11; 3-11-11; 3-15-11; 3-25-11; 4-13-11; 5-2-11; 5-7-11; 5-28-11; 6-4-11; 6-9-11; 6-21-11; 7-3-11; 8-8-11; 9-22-11; 9-28-11; 10-19-11; 11-9-11; 12-11-11;
Phishing	11-18-03; 12-12-03; 2-2-04; 2-10-05; 3-20-05; 11-30-05; 2-1-06; 8-9-06; 10-12-06; 12-11-06; 7-21-07; 10-24-07; 1-17-08; 1-30-08; 4-8-08; 6-19-08; 10-16-08; 11-12-08; 2-9-09; 3-5-09; 9-25-09; 12-14-09; 2-12-10; 3-21-10; 4-24-10; 5-5-10; 5-26-10; 9-20-10; 11-14-10; 4-13-11; 7-3-11; 11-9-11;
Scam Warning	7-9-03, 2-26-04; 2-27-05; 9-11-05; 9-20-05; 11-30-05; 7-12-06; 10-12-06; 12-11-06; 4-24-07; 5-29-07; 7-21-07; 10-12-07; 11-3-07; 1-9-08; 1-17-08; 1-30-08; 3-11-08; 4-8-08; 6-19-08; 10-16-08; 11-12-08; 2-9-09; 3-5-09; 4-11-09; 11-30-09; 12-14-09; 2-7-10; 2-12-10; 3-10-10; 3-21-10; 4-1-10; 4-14-10; 4-24-10; 5-5-10; 6-2-10; 8-17-10; 11-14-10; 11-29-10; 1-29-11; 2-9-11; 3-11-11; 3-15-11; 5-2-11; 6-4-11; 6-9-11; 11-9-11; 12-11-11;
Security - Gen'l.	3-11-08; 4-8-08; 6-19-08; 8-23-08; 10-16-08; 11-12-08; 11-27-08; 12-17-08; 1-24-09; 2-9-09; 2-22-09; 3-23-09; 3-28-09; 4-11-09; 4-29-09; 6-6-09; 6-27-09; 9-25-09; 10-13-09; 11-30-09; 12-14-09; 2-7-10; 2-12-10; 3-10-10; 3-21-10; 3-29-10; 4-1-10; 4-14-10; 4-24-10; 5-5-10; 5-16-10; 5-26-10; 6-2-10; 6-10-10; 7-10-10; 8-1-10; 8-17-10; 9-6-10; 9-20-10; 10-8-10; 10-28-10; 11-14-10; 11-29-10; 12-17-10; 1-29-11; 2-9-11; 2-15-11; 3-15-11; 4-13-11; 5-2-11; 5-7-11; 5-28-11; 6-4-11; 6-9-11; 6-21-11; 7-3-11; 9-28-11; 11-9-11; 12-11-11;
Social Networking	9-25-09; 11-30-09; 12-14-09; 2-7-10; 2-12-10; 3-10-10; 3-21-10; 4-1-10; 4-14-10; 4-24-10; 5-5-10; 5-16-10; 5-26-10; 6-2-10; 6-10-10; 8-17-10; 10-28-10; 11-29-10; 2-9-11; 4-13-11; 6-21-11; 9-28-11; 11-9-11;
Spam	2-12-03; 3-30-03; 1-2-06; 2-1-06; 3-11-08; 11-12-08; 4-1-10; 12-17-10; 4-13-11;
Spyware	5-29-04; 10-31-04; 1-16-05; 2-27-05; 5-14-05; 6-2-05; 7-10-05; 7-13-05; 8-12-05; 9-11-05; 9-20-05; 10-12-05; 12-8-05; 1-2-06; 1-26-06; 3-27-06; 7-12-06; 5-8-07; 7-21-07; 10-12-07; 10-24-07; 11-3-07; 1-9-08; 1-17-08; 1-30-08; 4-8-08; 6-19-08; 8-23-08; 10-16-08; 11-12-08; 1-24-09; 3-28-09; 4-11-09; 8-12-09; 11-30-09; 12-14-09; 2-7-10; 2-12-10; 3-10-10; 4-14-10; 4-24-10; 5-5-10; 6-2-10; 8-1-10; 8-17-10; 9-6-10; 10-28-10; 11-14-10; 4-13-11; 5-7-11; 5-28-11; 6-4-11; 6-9-11; 7-3-11; 11-9-11; 12-11-11;
Upgrading	1-26-06; 6-13-06; 6-15-06; 7-12-06; 10-12-06; 11-1-06; 11-3-06; 1-2-07; 1-3-07; 1-22-07; 2-15-07; 3-22-07; 4-24-07; 4-8-08; 4-23-08; 2-9-09; 2-22-09; 3-5-09; 3-23-09; 3-28-09; 4-11-09; 4-29-09; 5-9-09; 6-6-09; 6-27-09; 8-4-09; 8-12-09; 9-10-09; 10-13-09; 11-4-09; 2-7-10; 2-12-10; 3-21-10; 3-29-10; 4-1-10; 4-14-10; 4-24-10; 5-16-10; 6-2-10; 6-10-10; 6-29-10; 7-10-10; 8-17-10; 8-26-10; 9-6-10; 9-20-10; 10-8-10; 10-28-10; 11-14-10; 11-29-10; 12-17-10; 1-29-11; 2-9-11; 2-15-11; 3-11-11; 3-15-11; 3-25-11; 5-2-11; 5-28-11; 6-4-11; 6-21-11; 7-3-11; 8-8-11; 9-22-11; 9-28-11; 10-19-11; 11-9-11; 12-11-11;
Viruses and Hoaxes	9-4-02; 9-23-02; 10-3-02; 11-7-02; 1-16-03; 3-18-03; 5-19-03; 5-22-03; 11-18-03; 1-13-04; 1-28-04; 3-23-04; 5-01-04; 5-07-04; 5-14-04; 2-27-05; 3-20-05; 5-2-05; 6-2-05; 7-10-05; 8-12-05; 9-20-05; 11-30-05; 12-2-05; 1-2-06; 1-30-06; 5-27-06; 6-13-06; 10-12-06; 12-11-06; 1-3-07; 2-15-07; 4-24-07; 5-8-07; 5-29-07; 7-21-07; 10-12-07; 10-24-07; 11-3-07; 1-9-08; 1-17-08; 1-30-08; 3-11-08; 8-23-08; 10-16-08; 11-12-08; 12-17-08; 1-24-09; 2-7-10; 2-12-10; 3-10-10; 3-21-10; 5-5-10; 5-26-10; 6-2-10; 8-17-10; 11-14-10; 5-7-11; 9-28-11;
Windows Security Issues	8-27-02; 9-9-02; 10-3-02; 10-16-02; 12-14-02; 12-22-02; 9-10-03; 10-6-03; 10-16-03; 10-30-03; 2-2-04; 5-1-04; 5-29-04; 6-26-04; 9-19-04; 9-25-04; 1-01-05; 1-16-05; 2-10-05; 2-27-05; 7-10-05; 7-13-05; 8-12-05; 9-11-05; 9-20-05; 10-12-05; 12-2-05; 12-8-05; 1-2-06; 1-26-06; 3-27-06; 4-28-06; 5-27-06; 6-13-06; 6-15-06; 7-12-06; 8-9-06; 10-12-06; 12-11-06; 1-3-07; 4-3-07; 5-29-07; 7-11-07; 7-21-07; 10/12/07; 10-24-07; 11-3-07; 4-8-08; 8-23-08; 10-16-08; 11-12-08; 11-27-08; 12-17-08; 1-24-09; 2-9-09; 3-23-09; 3-28-09; 4-11-09; 6-6-09; 9-10-09; 9-25-09; 10-13-09; 11-30-09; 12-14-09; 2-7-10; 2-12-10; 3-10-10; 3-21-10; 3-29-10; 4-14-10; 4-24-10; 5-5-10; 6-2-10; 8-1-10; 8-17-10; 11-29-10; 12-17-10; 1-29-11; 4-13-11; 5-2-11; 5-7-11; 7-3-11;
Windows Support Life Cycle	12-22-02; 1-13-04; 1-16-05; 1-24-05; 1-26-06; 6-15-06; 7-12-06; 4-24-07; 3-29-10; 7-10-10;
Windows Update	8-27-02; 10-25-02; 1-2-03; 2-12-03; 4-21-03; 7-9-03; 11-18-03; 2-2-04; 9-19-04; 9-25-04; 4-28-05; 7-10-05; 7-13-05; 9-11-05; 10-12-05; 1-26-06; 4-28-06; 6-15-06; 7-12-06; 8-9-06; 12-11-06; 2-15-07; 4-3-07; 4-8-08; 4-23-08; 2-9-09; 3-23-09; 6-6-09; 9-10-09; 3-29-10; 4-14-10; 8-1-10; 4-13-11;
Windows 7	5-9-09; 6-6-09; 6-27-09; 8-4-09; 11-4-09; 11-30-09; 2-12-10; 3-10-10; 5-5-10;
Windows 7 Service Pack 1	2-15-11;
Windows Vista	6-13-06; 10-12-06; 11-3-06; 1-2-07; 1-22-07; 2-15-07; 3-22-07; 4-24-07; 4-8-08; 11-4-09; 3-29-10;
Windows Vista Service Pack 2	5-9-09;
Windows XP Service Pack 3	2-22-08; 4-23-08;

Home Links