Wednesday, April 29, 2009

Federal indictment issued in spam scheme targeting colleges; so far, employees of spammers are not named, but it raises a question

A federal grand jury in the Show-Me state (Missouri) indicted four people on an email spamming scheme aimed at over 2000 colleges and universities across the U.S. The people allegedly had developed an e-mail extracting program to harvest over eight million student email addresses. The story is by Grant Gross from the IDG News Service, “Four Indicted in Giant College Spam Operation”, Pcworld link here.

Employees that the people hired were not named in the indictment. Nevertheless, the incident raises a question for freelancers and contractors, whether they could some day be held responsible for the illegal activities of their employers, particularly if they can reasonably suspect illegal behavior like spamming or criminal copyright infringement. I wonder if people have a perspective on this.

Wednesday, April 15, 2009

Oprah hosts Canadian cop to give Internet safety tips

Today, April 15, Oprah Winfrey hosted a show on Internet safety for kids (to put it mildly), and she has a link “4 Online Safety Tips for Parents”, here, from Rob Nickel from the Ontario provincial police.

She stresses that (1) it can happen to anyone, particularly “good kids” who are trusting (2) know the grooming process (3) don’t put pictures of your kids on public areas of the Internet (without privacy settings), and don’t let them do it, until they are “really” old enough and their “fame” is “legitimate” (yes, being in a school play or on a football team is probably legitimate) and (4) install safety software.

Nickel’s choices for filtering and blocking are Razzui and NetNanny, and for monitoring they are McGruff and Spector Pro.

Oprah also interviewed Adam Walsh, from America’s most wanted.

The show opened with a parent recounting a tragedy, a teen’s suicide after involvement with a predator. The parent said she had actually suspended computer privileges at home for five months, and that the computer had always been in a public place. It is difficult for many families to use the Internet with the “freedom” (and sometimes productivity) of single adults.

Saturday, April 11, 2009

Conficker shows more symptoms, including a spambot

Microsoft has provided a writeup of Conficker, and seems to reassure computer users with up-to-date antivirus software. Microsoft warns users about corruption of the Autoplay feature with a “publisher not specified” entry. The link is here.

CNN reports that the worm has, since Friday, been trying to offer fake anti-virus software, a common ruse of hackers (a supposed “sacreware” product).

Varient E was reported today another secondary worm Waledac, a spam bot.

Wikipedia has a thorough an ongoing writeup, also.

Thursday, April 09, 2009

McAfee: some strange behaviors (System Guards disabled, subscription verification expected); Conficker wakes up thru P2P

Well, McAfee is behaving a bit more strangely these days. Occasionally, on cold boot, the Dell Inspiron laptop (XP Professional). McAfee warns that “part of your protection is not working”, specifically, “System Guards”. That is the facility that sends an orange pop box when a new program tries to access and update the registry keys. It always is fixable from the link given. The warning does not mean that the active virus protection is not running. This event is more likely to happen if I haven’t booted up the laptop in two days or more.

Here is a report on tek-tips about the problem.

There have been some comments that this could happen because part of an older version of the Security Center still running.

Then on the 8300 desktop (XP Home), McAfee keeps requiring subscription verification after each DAT file update.

One other misbehavior: on the XP Pro laptop, the scheduled virus scan closes the report panel and goes back to the request panel, without giving me the chance to see the report. I would have to go in to Restore and Files to find out what might have been quarantined in the past run. And sometimes McAfee "slips back" into Basic mode, where the virus scan starts automatically from the Scan menu, instead of allowing the user to set it up first (as it does in Advanced).

I don't think this has anything to do with Conficker, but I wonder if other McAfee users have experienced these "symptoms" recently.

Update on Conficker:

CNN reports a story from CNET by Elinor Mills, "Conficker wakes up, updates via P2P, drops payload", here. The replication is said to stop May 3.

It seems odd, to me anyway, that a worm originally set up to target corporate or organizational servers with many users would spread primarily by P2P, when most employers would not permit P2P to be used at work (outside of specialized companies like entertainment).

Wednesday, April 01, 2009

My own problems with AOL's aim; "am I alone"?

I’ve noticed another anomaly. Recently, a few times, on a five-year old Dell 8300 with XP Home and pretty loaded, that the boot process stalls loading the desktop. The registry blanks (particularly when McAfee connects) and then the AOL Instant Messenger tries to connect from the broadband connection. I always turn AIM off if I’m not using it. But lately I found that for the first few minutes the computer would be slow, with the CPU close to 100%, even with AIM turned off.

So I uninstalled AOL AIM. The boot failures with the startup menu went away, and the computer slowdown early in the session largely went away. If I need it, I’ll install it, use it, and uninstall it.

Have other users noted problems with older implementations of AOL AIM?

Also, media outlets report that Conficker has been "quiet" so far this April Fool's Day.