Thursday, January 27, 2011

Webroot gives apparently false alarm with Red Hand, goes away on Restart

Here’s a good problem. In Windows 7, Webroot Internet Security Complete, when I boot up, gives me the “Red Palm” on PC Security after I read the notifications (which are always the same). I click “Fix it now” and nothing happens.  The only thing I see is “Scan now” but I scanned 5 days ago. This time it runs an incremental scan of about 400000 items in about 6 minutes, including memory.  I also deleted everything from quarantine (only spy cookies).  Was I supposed to do this?  I still get the Red Hand. When I reboot (warm), the Red Hand goes away, and everything is green. 

I presume it will want to run a complete scan on Saturday morning.

Many of the items marked as potential spy cookies are harmless, at least in my environment (like DoubleClick).  

Update: Jan. 28

Friday morning, I noticed that my laptop was automatically bringing up my Verizon MIFI Internet connection rather than my home Netgear router. Maybe Webroot detected that my connection had changed and thinks this is a problem. Actually, the MIFI may be more secure in this case, if a little slower. 

Monday, January 24, 2011

Beware of emails with "illegal" HTML-embedded images

Today, going through AOL email hastily, I clicked on a “Dearest …” one that had escaped the spam filter (a similar one a few moments before had been trapped) and saw language that certainly hinted at “illegality”. Fortunately, my email is configured not to show HTML images without consent, which might have been illegal had they appeared.

In the past, I’ve heard some lawyers say that possession is an “absolute liability” offense with even one deleted image.  More recently (since about 2006), most Internet discussions have suggested that malware provides a defense if the computer user didn’t knowingly acquire the image, but they could cause tremendous expense and practical risk in self-defense.   I suppose someone could have images on his computer that he did not know about until he took the computer in for repair, and repair technicians would be required by law to call it in.

It may be a good idea not to accept any email HTML images without at first seeing the text and knowing that the email is legitimate. 

Friday, January 21, 2011

AV labs evaluate top 13 home PC computer security suites; McAfee and Webroot don't fare well, Norton does

Robert Vamosi and Christopher Null have an article in the Feb. 2011 PC World, “Top Security Suites for 2011”, link here.  The online version evaluates 13.  The top rating this time went to Symantec Norton, despite the complicated install. Kaspersky (a favorite of BestBuy) is #2, but has some annoying timewasters in its install (particularly of the “update”).  Many of the packages were too slow or had false positives.

Online, McAfee was #12, and Webroot was #13.  (I am reminded of the movie title, “I am Number 4”.)  The tester AV-test  (link)  , the Independent IT Security Institute.

The article discusses new threats like animalware (fake anti-virus) and bank-related malware, activated only at sign-on. The new products also look over your shoulder when in Facebook and other special environments.

The article is not specific about deficiencies in products. It did give Webroot and McAfee bad writeups (the reader can check this at the link).

Many anti-virus companies offer multiple computer home licenses for only slightly more than one license. But there may be an advantage to using more than one product on different machines. If one product consistently finds more problems than the others, it may be right for your own computer usage habits (which vary a lot from person to person).  My own experience is that Webroot/Sophos/Spysweeper finds problems that McAfee and Kaspersky miss, including obscure ad-associated viruses on complete scans. It also identifies some sites as unsafe when McAfee Site Advisor and MyWOT have greenlighted them.

Geek Squad has told me that the "best" package keeps changing all the time, every few months, and that users have to keep up. 

Friday, January 14, 2011

Webroot says a.v. protection is on when Windows 7 says anti-virus is not on; just a restart, or account registration issue?

Here’s a  little glitch. Windows 7 this morning told me that my Webroot antivirus protection was turned off. When I went into Webroot, it was OK.  Windows 7 wanted to run a Webroot program from the “tray” and gave the typical permissions screen, but nothing would happen.

The only warning from Webroot  was the Sync and Sharing. I went ahead and purchased extra backup space, up to 25 G.  It offered me a product key for the backup space, and said that the same product key would download an enhanced version of security. 

I left the product alone for now, but went ahead and created a new Webroot account, then set up files to back up within 25 G.  I restarted.  After restart, the Windows 7 "Red" warning of no anti-virus protection went away.  But that has nothing to do with backup space, so I don’t quite understand what happened.

I still get double billing on my old Vista account, so I know I’ll have to spend time with the company on the phone to straighten out the billing, and multiple copies and licenses of their products.
It seems as though going from Vista to Windows 7 (and keeping everything working, including security) is not so simple.  However W7 does seem to boot up and run much faster. 

When people freelance alone solo, their time is valuable. But maybe testing and blogging about Internet security products and all the multiple (and sometimes redundant) features is a full time job. 

I do have the Webroot firewall on top of the Windows 7, so that supposed to be safer for outgoing stuff. 

Thursday, January 13, 2011

Could the US military "draft" cyber security experts?

Michael Kassner has a daring blog posting on Tech Republic, “Should the U.S. draft cybersecurity experts?” ,  link here

The military Initial Operating Capaciy (IOC) was supposed to be operational by October 2010, but there is a shortage of skilled personnel – “good” hackers. 

There’s also talk of a “National Cyber Corps”.    Estonia created a Cyber Defense League, which can come under military control. The US could do the same thing with an NCC, and place contingent ability to place it under direct control of the military, as with the Coast Guard (and National Guard).

Another good reason to have “don’t ask don’t tell” gone!  Actually, while the debate and battle over DADT went on in the 1990s, the Clinton Administration resisted attempts to do away with a Selective Service system because of a fear then of a shortage of medical personnel in the military. The same may hold here. Connect the dots!

Tuesday, January 11, 2011

Application called Firesheep could endanger WiFi users, enable attackers to impersonate them online later on social networking sites

Samara Martin Ewing has an important posting about WiFi security at television station WUSA9 (Washington DC’s CBS station), “Protecting Your Facebook, Twitter Accounts”, link here.  The story concerns a Firefox spyware application called Firesheep. A user with it and within range of an unsecured WiFi hotspot can find all userids and logon passwords for Facebook, Twitter, and perhaps some other popular programs for which people are logged on, and could later impersonate the people, possibly framing them for crimes, ranging from scams to even c.p. It’s not clear how legal defenses in such cases could play out (I had taken up this problem on this blog particularly on Feb. 3, 2007).

This sort of thing could be a problem for hotel WiFi, and even for home users with home networks (particularly in apartments where the units are closer together), since cable companies have been pushing their use (rather than using multiple landed cable modems).

Webroot gave the link to the WUSA story on its Twitter feed today.

A good question would be whether all these (popular) sites should use much wider use of https ("everywhere"), as advocated by EFF, and how effective protection that would be.

Verizon tells me that its new Card-based WiFi is secure. (It replaces connecting the Blackberry to use Verizon Access Manager). I also noticed at a Verizon store today that the store used Sophos anti-virus, and Sophos is the anti-virus provider for Webroot. It seems other companies are gaining on McAfee and Norton, big time, even for corporate network protection.

Monday, January 10, 2011

With Windows 7 upgrade, I got Webroot Internet Security Essentials

Today, I got back my XPS retrofitted with Windows 7 (see my IT Market Blog), a bit of a misadventure, but now I have Webroot Security Essentials.

The “PC Security” component includes a Firewall (on top of Windows) as well as Virus Scanning (Sweep) and Quarantine. There is a “Sync & Sharing”, a “System Cleaner”, and “Identity & Privacy” and like all major vendors, it tells you with a green check when “you are protected”. (Some earlier versions of Webroot Spysweeper did not include the Firewall, leaving the user dependent on Windows.

The “Identity & Privacy” includes browser protection against known “blacklist” sites, as well as anti-spam and anti-phishing.

Haven’t done a full sweep yet, or had experience with how the data definition file update works. I’ll keep visitors posted.

Thursday, January 06, 2011

Increase in broadband coverage at home increases DDOS attacks

The rapid increase in home PC’s with broadband cable connections or efficient wireless (on top of cable) is making it easier for “cybergangs” that infect and control home “botnet” computers to stage distributed denial of service attacks, either out of “political” protests (as related to the recent Wikileaks incidents) or, more often, extortion. 

That’s the gist of a USA Today technology  story by Byron Acohido Thursday Jan. 6 in USA Today
In fact, the availability of broadband as a basic utility, desired by the Obama administration, could make the DDOS problem much harder to control. No company is immune from a very determined “enemy” (determined to inflict “brand damage”), although the story indicates that most dDos attacks still get blocked quickly. DDos attacks were well known even before 9/11, and in fact had started getting reported even by small ISP’s by 1999. (The link for the story, "Attacks on company websites intensify; Protesters make use of PCs with fast Net access" is here.)

The increase use of broadband may well argue for the "Internet driver's licence" concept, or the possibility that ISP's will pull the plug on consumers who "allow" their computers to get infected by bots. 

Monday, January 03, 2011

Best Buy prompts mandatory advertising app on new W7 notebook

This evening, while I was working on my new Toshiba Notebook in Windows 7 from BestBuy, I got a prompt from the BestBuy icon (a blue and yellow spoked wheel) for a “mandatory download” of the Best Buy Software Installer. Kaspersky 2011 did not object. The application seemed only to advertise Best Buy deals. Not objectionable on its face, but it shouldn’t be “mandatory”. And would have defaulted to appearing every time Windows 7 starts if I did not uncheck it.

Not the healthiest thing. It was a load right from the hard drive, a few days after starting use of the computer; it seemed to be calendar driven.

I also attached by Blackberry and the Verizon Access Manager VZW downloaded and installed but it doesn’t appear in the list of startable programs.