Tuesday, June 25, 2013

InstallCore seems to generate some controversy, at least on Twitter

Why are we seeing some security packages describe InstallCore as a kind of malware, delivering unwanted targeting advertising in Windows environments.  For example, F-secure has a page on it here  element created in March 2012.
Webroot has been describing a fake InstallCore being promoted on Firefox, leading to “potentially unwanted applications”, link here.  

Here's a detailed posting on "Spyware" on how to remove it by Ugnius Kigoulis, link
But InstallCore describes itself as a commercial application distribution program, here

So what’s going on with this?  It sounds like it is normally legitimate for some businesses to use it, maybe not for home users.  

(Note: blog post url spelling starts with "t" instead of "i:: because of initial typo;  the keys on my wireless keyboard are wearing out!)

Friday, June 21, 2013

Watch out for Adobe flash player spoof; info-stealing android trojan, and bitcoin mining

Webroot is reporting today that ads that play sounds or music may be coming from malware that can be planted by a spoof of an Adobe Flash Player update.

We all know that Adobe has taken up the corporate bad habit of overloading its products with unnecessary features which leave holes for malware.
But this seems to be a spoof, not at all from Adobe.  The Webroot threat blog explains how it works here.  It seems designed by its writer to generate invalid ad revenue.
But a few weeks ago, sometimes unwanted music would play from certain ads on the Weather Channel and a few other sites.  This would happen only in Windows 8 but sound suspiciously like a possible Trojan, difficult to catch.  But I don’t recall seeing an Adobe spoof that behaved as described in this blog post.

 Scans come up clean.

Webroot or other modern firewalls should stop this prompt.
The blog post describes how to remove this Trojan by deleting items from the registry.

There is a similar sounding cell phone Trojan called Android.RoidSec” which can steal loads of information, and Webroot is also reporting malware distributed by bitcoin mining.  

Tuesday, June 18, 2013

NSA-proofing their communications is not practical for ordinary people as a "safety" measure

Timothy B. Lee has a large amount of information  on the practicality  (or lack thereof) of ordinary  home users’ circumventing possible government spying through encryption (almost a small book) in the Business Section of The Washington Post, Sunday, June 18, 2013.  Online, the heart of the matter starts with this link.
The technology to “spy proof” ordinary communications has existed since the early 1990s, but the economic practicability of ordinary people doing so has not.  There have been some back-and-forth iterations, politically speaking, with this capability for years, but a lot of it happened during the Clinton years, before 9/11.
One of the most basic concerns is ease of use.  People need to get to their stuff quickly, both at work and at home.   They cannot afford to be put in the position of losing everything if a password gets lost.  But that’s would happen if, for example, Google or Facebook or any similar site did not have “internally secured” access to your stuff,  even with https.  That “weakness” allows the possibility of a government’s getting some information about non-public communications, and apparently with the NSA the volume of information expected from major providers (without citizens’ knowing) has been substantial.  But without that access, how could service providers control spam, mediate complaints or enforce TOS, or run any of the services that they do? 
It would seem that the best point of regulation is to control more precisely when the federal government or police can access “pen register” data at these critical infrastructure points. 

The practical effect is probably more serious overseas.
Lee also lists “5 Way to Prevent NSA Spying”, which are probably unnecessary for most people in the U.S.  (But see my postings June 16 and 17 on the “BillBoushka” blog about the “political” danger.)  I don’t need to use Tor, and I don’t think I need to remove my cellphone battery.  But what if I was a gay man in Russia, given the recent political climate there?  In fact, given my online reputation, what if I visit Russia the next time I go tor Europe?  
The bottom line is that, to an extent, a government has to be somewhat trustworthy, and that the people, among themselves, need to thinking about their social contracts with one another, beyond the narrow ideas of personal responsibility that have evolved with hyperindividualism.  But that’s for other blogs, or for a book.
I met Tim Lee in 1998 through the Libertarian Party of Minnesota shortly after I had moved to Minneapolis in 1997.  I gave a speech at Hamline in February 1998 arranged by another student there, but Tim was a freshman at the University of Minnesota at the time.  I would give a similar talk at “The U” in Minneapolis (on the “East Bank”) in 1999. 

Monday, June 17, 2013

Should users get "Adblock plus" and use other "do not track" features because of the NSA-PRISM scandal? If they do, what happens to the web?

Micah Lee of Electronic Frontier Foundation has an article today, “How dozens of companies know your reading about those NSA leaks”, link here.

Now, I don’t have a problem if they do know – or if the government knows.  Not in practice.  But I can see that some people do. 

Lee refers to another article making four suggestions: (1) Get Adblock plus  (2) Change cookie settings (3) turn off the referral of personal information to websites (4) Use https everywhere.

Now if everyone blocked all the ads they could see, there would be no free content as we know it, and companies would not find it profitable to offer do-it-yourself self publishing any more.  The whole character of debate would change.

Or would it?  This “do not track” debate has gone on for some time now.  

Friday, June 14, 2013

Most users have lax smart phone security, but what if you don't do anything "essential" on your phone?

Webroot is warning users to read a Yahoo! Finance story on web security, with the story here

I didn’t know that when a phone is “off” it isn’t quite off – it could still be hacked unless the battery or Sim card is out – and my Droid doesn’t allow this to be done easily.

And people don’t secure personal information on phones like they do on PC’s – especially for banking,  And people often don’t have remote GPS locates or password locks. 
However, I don’t do any banking or major transactions on my own phone.  I use social media very little.  I usually wait until I get home, or a hotel room.  When driving on trips, I usually have a laptop with me and can connect and use it in most restaurants.  I don’t really need to do all this on a mobile device. 

But yet I can see some people do.  What if forced to work or travel to more remote areas?
I rarely talk on mobile phones in public places where the phone could be lifted by a thief.  But I do surf, as for severe weather. 

I do think that 2-step verification can be undermined when the cell phone is used for the application you sign on to.  


Tuesday, June 11, 2013

Apple will enable consumers to lock stolen iPhones; ants from South America can eat consumer electronics components

There are two unrelated developments yesterday that can affect mobile and home Internet “robustness”.

One is that Apple will make it easier to permanently disable a stolen iPhone quickly.  But this subject has already been approached before, especially by Washington DC Police Chied Kathy Lanier.  If consumers make it harder for thieves to get any value for what they steal, could this backfire and embolden them into even more brazen acts?

Apple says that the "kill switch" will be part of IOS 7 phones (CNN  weblink for story).  This feature would make the phone totally imoperable forever, not just wipe the memory clean.   

One problem is that two-step verification is of course jeopardized after a phone is stolen, assuming that consumers leave their phones signed on to Google, Twitter, and the like.  I presume that the banks will come up with two-step verification soon.

The other issue is physical.  In Texas, Louisiana, Mississippi, amd Florida, “crazy tawny” red ants, from South America, with no natural predators, are invading homes and destroying electronics, eating wires and possibly creating home fire hazards.  Apparently they can eat some of the raw materials inside a computer.  Let’s hope they don’t move north.  (CNN is source.)  

Thursday, June 06, 2013

FBI-NSA "PRISM" system snoops on ordinary Internet communications (on top of Verizon snoop); the multiple facets of "see something, say somethikng"

In addition to revelations today about the court-supervised collection of cellphone call data from Verizon and probably other telecommunications companies, the Washington Post, UK Guardian, and various broadcast companies have reported today that the government has a system called PROSM, to track American Internet activities both at home and overseas.  (The Verizon matter was covered earlier today on my "Network Neutrality" blog.) 

ABC affiliate WJLA in Arlington VA has a pretty typical story here

There were questions in Congress as to whether information about ordinary Americans could turn up “wittingly.”  The general answer was, possibly but not likely—the “highly unlikely” phrase of my own father.
PRISM came about after 9/11 and the Patriot Act as a result of a need for more information sharing.
The government claims that PRISM has helped stop one or more domestic terrorist attacks.

The government seems particularly concerned about connections between or among parties, as it is with cell phone tracking.  Communications offshore or overseas probably attract more attention.

But some content sniffing of social media, blogs, and various personal sites might be possible, particularly ones that deal with details as to how certain attacks could be carried out.

There could be some justification for this activity in that some persons may have received enigmatic emails warning about 9/11 during Labor Day weekend in 2001, and thought they were sent by a computer worm and were not opened or ignored. 

The significance for Internet safety could be that determined terrorists or criminals might be conducting similar kinds of surveillance.   Some virus and worm activity or spam attacks could give clues as to real terrorist threats. 

It’s not a bad idea to follow your own antivirus and computer security provider on Twitter to keep up with this.    

Wednesday, June 05, 2013

New ransonware virus locks up boot process with ransom demand

Media reports on a new shakedown or “ransomware” virus which, on boo-tup, greets the laptop PC ownr with an “FBI warning” demanding a payment to a particular company for copyrighted material found on the computer.  The trackpad and keyboard of the computer become disabled.  The warning shows an image of the person in her home, shot by the laptop computer’s webcam.

Curiously the MPAA wants to have the capability to do juts this!

The FBI never contacts people this way. 
Geek squad and similar professionals are able to remove this virus.  Data on the computers has not been lost.

Sunday, June 02, 2013

Weather,com, YouTube display "Safe Monitor" ads, claim "2 people are spying on you"

On both Weather.com and YouTube tonight, I saw popups (in Chrome) from a site called “Safe Monitor”, which claims “2 people are following you”, and then offered a monitoring sit, which invited me to download an app.  Of course, I did  not.  This happened on a Windows 8 machine.

On an older Windows 7 machine, I looked it up I Google.  McAfee and MyWOT did not have ratings on the Sife.  But Webroot Secure Anywhere blocked it, saying it is thought to hoist malicious content.

On the W8 machine, a Secure Anywhere Scan did not show any harm for merely clicking on the YouTube or Weather.com ad. 

Also, on my older Dell Windows 7 machine today, I tried to make a comment on a WJLA (local television station) crime story, to another bigoted comment above it.  It started Disqus software which connected to Facebook which hung the machine.  I got it to “beep” out, and the comment took,. But Facebook kept going non-responsive.  Later, the entire machine hung again.  But this was during a heavy thunderstorm, when Internet had almost stopped, although there were no power hits (I have UPS anyway), and no apparent surges -- although I suppose they could happen without being noticed.   I hard rebooted it, past the Windows Safe Mode warning, and everything worked normally.  

Picture (mine): What it would feel like to wake up in "The Core".