Tuesday, July 29, 2008

An article on registry cleaning and spyware

This morning, CNN gave a link to an ARA Lifestyle Article “How to Keep Your PC Clean and Quick,” link here.

The article discussed three major topics. The first (for Windows machines) was to run a Registry cleaner. Over time, it says online games, application crashes and upgrades cause registry errors which slow down the machine. The article recommends Sammsoft, but when I went to the link it gave, McAfee Site Advisor flagged Sammsoft as a red site.

She also discusses spyware and viruses as separate problems, which they are, but modern anti-virus companies will offer bundled protection against both. 61% of PC’s have spyware on them, and 92% of these users don’t know they have it. Potentially, spyware could endanger bank and financial accounts, or even passwords for other Internet activity, even leading to framing for other people’s activities, even if statistically the occurrence of compromise of these seems quite low. There was a disturbing story about this possibility on this blog Feb. 3, 2007.

Friday, July 25, 2008

Other fake anti-virus products may overlay websites with foreign TLD's appearing in search results

I discovered another stealth problem this afternoon, where someone is trying to sell a “fake” anti-virus program. Trying to find the stock symbol for an electric utility, I got back a website so far unchecked by McAfee (a gray circle with a “?” in it) and clicked, and the system opened an application purporting to check for viruses, but giving me the option to Cancel. The TLD was “.hu” for Hungary. It was not xpantivirus but another one, but something similar. I closed everything, restarted and ran virus scan and found no problems (including the process and registry key scan). McCafee Security Center showed no changes to the registry keys on the log. Ctl-alt-del did not show any unfamiliar programs (tasks or processes) running.

The word to the wise is that, even with legitimate searches, don’t click on an unverified site in a search engine with a foreign TLD if it is not reasonable that a foreign domain would have had legitimate information about the search you entered. There seems to be some activity overseas to create sites that purport to offer services from legitimate American companies and then load spyware or offer fake services.

Update: Aug. 6

The following CNN/AP story relates a flaw deep in the Internet's DNS server infrastructure that could be related to this problem (of fake sites, above). Major companies, including Cisco, say they have quickly installed patches. Link.

Friday, July 18, 2008

Justin Berry's story calls into question the use of webcams at home

Yesterday (July 18) Oprah Winfrey ran a report on Justin Berry, who had been seduced into the dark world of the Internet as a tween. The story was a repeat and I believe it had been aired in early 2006. Since it’s older, I think it is more appropriate here because it does bear on an Internet safety issue for parents. New York Times reporter Kurt Eichenwald appeared with Justin on the show and summed it up: parents should not allow their kids to have webcams for their computers. They have no legitimate use in the home. The link to the New York Times story by that reporter from Dec 19, 2005 still works and is here. According to the show, Kurt and Justin indulged in some "gonzo journalism" by going to a Manhattan electronics store, pretending to be customers, and asking what webcams are used for.

Now one could disagree with this. You see webcams in soap operas (even “Days of our Lives,” particularly with the now comatose character Jan). You plug it in to a USB port, and the visitor can see you as you talk. It is a bit like a picture phone. I suppose that employers or headhunters could ask you to use them for telephone screenings, except that this could run into discrimination issues.

I won’t repeat the sordid details of Justin’s story here. Now he is 21, and a public speaker on child safety on the Internet, and is also a federal witness. The Wikipedia story is here and it covers some of the detailed history. The article cites my doaskdotell website as a reference. On the Oprah broadcast, Justin maintains that at 13 he had no idea what would happen when he presented himself this way on the web.

The link for the Oprah broadcast recap, which includes a video clip, is here.

Thursday, July 17, 2008

Court TV weighs in on home computer safety

An episode on the Fox Network’s “Judge Hatchett” yesterday (July 16) reiterated a particular computer safety tip often made: to place the “family computer” in a public area of the house where kids cannot use it secretly. But the same would seem to be true for a television with cable access, particularly to adult-oriented “pay for view.”

The case on her “court TV” program involved a dispute between two sisters, where the family received a bill for pay-per-view pornographic films, and one sister sued the other, who denied the use. The Judge held a closed “family” session her chambers, very “sotto voce.”

But Internet and even cable can have legitimate use for school work for students who are old or mature enough. For such families, it hardly seems practical to expect homework to be done in a “public area.” And some kids (Cameron Johnson, Aaron Greenspan, discussed on the books blogs) have started legitimate businesses on bedroom or home computers.

Wednesday, July 16, 2008

Another checklist of ten tips

This morning, Tech Republic issued its “internet safety tips” with a blog entry by Debra Littlejohn Sinder (with Jody Gilbert, Senior Editor” called “10 Technologies that cybercriminals love to exploit.” The link is here. The title of the piece somehow reminds me of the 2001 indie movie “13 Conversations about One Thing.”

She makes a number of good points. For one thing, consider Broadband connectivity. It’s become practically required because that’s the only way a “serious” home hobbyist, blogger or small business owner can get the massive security updates and anti-virus updates that companies send automatically. (That’s an irritation, isn’t it: How often does mcAfee replace it’s whole security center infrastructure. Too often.) She mentions the risk of “drive-by uploads.” Maintenance of a firewall from a major security vendor, or proper use of the Microsoft firewall is essential.

She gives some specific tips on safer W-Fi computing, especially making sure you have access to newer encryption tools. She recommends special care if you have both a conventional WAN and use wireless.

She talks about UC, of unified communications, which can create security exposures even for ordinary phone service. She distinguishes this concept from universal connectivity, that incorporates household appliances.

E-banking could actually be safer than conventional banking if you check your accounts regularly. She recommends not savings credit card numbers with cookies for e-commerce sites. Of course, you shouldn’t respond to requests for personal information from such sites, as these requests are usually spoofed and represent phishing attempts, which can even mimic ISPs.

She recommends that only the most sophisticated and serious professionals use P2P, because many home uses of it (illegal downloading) are illegitimate and might even expose someone to framed charges for someone else’s activity. We know that from the Grokster case that the courts tend to view P2P as based on an illegitimate business model (infringement), but in principle there is no reason why P2P could not become a desirable way for new artists to distribute their work legally.

Tuesday, July 08, 2008

"Contact US" forms can be abused -- particularly a problem for small business sites

There’s a new kind of spam threat being reported by security people. It has to do with “mail header injection”. An unscrupulous person can insert multiple recipients into the POST variable of a PHP script. There more email contact forms at companies should do extra input validation. This is explained in a February 2006 entry at a website called “jelly and custard” with code examples here.

Think Computer offers a white paper (by Aaron Greenspan) with a humorous title, and a story as to how a “contact us” form can be abused if not properly verified. The prankster prompted a series of “contacts” from around the world in which the browser was bypassed. Part of the paradigm is to bypass browsing because browsers normally don’t allow multiple “commands” in one line. The validation of the URL did not come from the website but from some other outside source. The white paper (Feb. 2006) is here. One interesting fact in Greenspan's narrative is that when he reported it to CERT, the well known watchdog agency at Carnegie Mellon had not yet encountered it.

The motive for such an event might occur at a larger organization where the spammer wants to reach a large number of people (particularly subscribers or customers of a large ISP), but it is probably more work for a small organization to protect its contact forms from this sort of activity.

Another helpful resource for coding around this problem appears on this “ALT PHP FAQ” discussion board .

I'm not sure if java, C#, etc. forms would have the same vulnerability. I would think that Microsoft would have precluded this risk in the new Expression Web, but other visitors may know.

Saturday, July 05, 2008

Concern that teens on social networking sites lag in social development, are exposed to unusual risks

The British newspaper “Telegraph” has a telling story by Rebecca Smith, Medical Editor. It is titled “Facebook and Myspace generation ‘cannot form relationships’”. The link is here.

The concern is that teenagers who use social networking sites run the risk of being unable to form “realistic” social relationships that depend on body language and subtle emotion. They are more likely to take on a utilitarian view of people. In some cases, this can lead to abusive situations that lead to the Megan Meyer incident, already discussed on this blog (although that incident was promulgated by an adult).

There is a concern that teenagers who spend more time on line and less time with other family members will not develop the social and emotion-dealing skills that are necessary for adult family life. But this could be a chicken and egg problem. It could be that introverted people are attracted to life online, and that economic development has favored these individuals more than in the past. There are still plenty of teens who excel at “real world” activities: sports, music, drama, chess, school work, community service, and so on.