Saturday, December 26, 2009

Geek Squad: Now Kaspersky is the industry anit-virus leader; also, is 6 years better than average for hard drive life?


Well, my 2003 Dell 8300 got slower and slower, and today would not boot, giving a “corrupt system config file” message.

A year ago Best Buy was recommending Webroot Spysweeper as the best anti-virus; now it’s Kaspersky, with major link here. They also tell me that the “best” also changes quickly, from year to year; you have to keep up with it. I don’t know why they’re so down on McAfee and think that Norton is merely adequate. Professional review sites (Nov. 21) still like these industry leaders.

Kaspersky will also provide its own firewall, which would mainly be significant for wireless situations, as discussed before.

The Geek Squad help also told me that it is common for customer’s computers to be infected, even though customers swear that their machines passed a virus sweep. However, my set of symptoms is thought to be a sign of a failing hard drive. After all, it is six years old. Four years of life with heavy use is considered the norm.

But it seems that home and small business users ought to keep up with the scuttlebutt on the best packages.

Monday, December 14, 2009

Social networking sites are targets for "pseudo-viruses": hacks that take over accounts to send spam


Brad Stone has an important front page story in The New York Times today, Dec. 14, “Viruses that Leave Victims Red in the Facebook”, link here. The HTML title online for the story is “For viral crooks, social networks are a prime target”. The problem seems to be that an account holder with an easily guessable password clicks on a link sent by a “friend”. People tend to trust messages sent by “friends”. Then hackers play with their accounts and crack their passwords. Then their accounts are “seized” and used to send spam-like messages to others. People could find their accounts closed for TOS violations for activity of hackers.

This activity, since it takes place within the social networking site, is not really a virus or worm, so it would not be caught by anti-virus protection the way an infected email attachment would.

Likewise, social networking site users would need to be conscious of security problems, especially wireless security, already discussed here, when managing their passwords on social networking sites.

Sunday, December 13, 2009

NY Times reports on Russian/US security talks; implications for home users


The New York Times is reporting, on Sunday Dec. 13, improved communication between the US and Russia in talking about cybersecurity. The paper copy front page title is “In reversal, U.S. talks to Russia on Web Security; Rise of Cyberweapons; Goal is to strengthen network defenses against attacks”, link here. It's true that a lot of the substance of the talk comes from the hacker attacks on US government facilities last summer, with shocking effectiveness. Will bad guys focus on large, obvious targets (like governments and banks) or possibly try to undermine confidence at the grass roots level (which worms already do as they make machines into zombies)?

Nevertheless, the importance of the story to the typical home or small business user is in its elaboration of the three main threats: (1) logic bombs (2) botnet attacks, recruiting home machines as zombies, and (3) microwave EMP weapons.

“Logic bombs” were a security issue well known in the “mainframe era”, particularly in financial systems, and are prevented by properly using source and elevation management software (to ensure that load modules and source code match). The same concept should be used with any systems on a small business where programs are compiled or linked into executables (we could get into the security questions around java byte code if we took the time).

The Botnet issue, sometimes associated with DOS attacks, raise the question of how much legal responsibility we should expect of the home and small business user to properly protect his computers from viruses and worms. The proper use of firewalls in a wireless environment has now complicated the issue and the answers (how to use different companies in combination with what Microsoft provides) are a bit murky; I hope Windows 7 is going to help settle this.

The EMP issue is known in conservative talk circuits as a doomsday terror scenario, but the microwave would be a smaller scale version of this (explored in the movie “Oceans 11”). There is little that the home user could do besides make offsite backups and optical device (CD) rather than magnetic backups. It’s possible that innovation will lead to commercial development (by security companies) and home use Faraday cages to protect personal installations. The article may have been motivated by a generally obscure Washington Times story last spring about an Aberdeen Proving Grounds engineer who back in 2001 showed how a truck-mounted microwave could be designed to be driven through an areas and disable it. Our own government constantly plays with deadly scenarios.

Tuesday, December 01, 2009

New York Daily News has Internet safety tips for families -- a bit simplistic?


The New York Daily News, on a page (Tuesday Dec. 1, 2009, page 5) dealing primarily with booting s.o.’s off of Myspace and Facebook, has a brief summary “tips to safer surfin’ on the unfriendly Web”, by Heidi Evans.

Rather than a resource that can help kids get a leg up with their academics, the computer is seen as more likely a source of danger for families. What’s interesting is the viewpoint on the desire of many kids – and adults, as we know from news stories – go get into the limelight. The article tends to view Internet fame as a no-no – for kids and parents both – until one can “compete” in already socially approved ways. That’s interesting, because it seems to me that a 15 year old who has figured out how to reverse engineer an iPhone is entitled to some “fame”.

The Daily News doesn’t seem to have the story online yet.

Saturday, November 21, 2009

Security packages can interfere with one another; the best package keeps changing: Bank of America offers free McAfee, what if you use Webroot already


Well, Bank of America offers its deposit customers six months of McAfee. I tried starting it, and found that I needed to use a different email address. After that, I found that it would not proceed with the download and install without removing Webroot (Spysweeper) anti-virus which was installed when I bought this laptop from BestBuy.

I found a page that reviews all the major security company products, including Norton, McAfee, ZoneAlarm, and Webroot, here. This review said that Webroot does not detect new viruses quickly enough sometimes, and was critical of the ask.com toolbar.

Apparently, as I noted before, wireless users need additional Firewall protection to what Windows offers, to check installed products for what they send out. Webroot appear to offer this as “Identity Theft Protection” as part of its Internet Security Essentials. But if you go to your Webroot home and try to look for updates, it tells you (using Google Chrome) to call an 888 number at Best Buy.

Geek Squad says that the best security protection changes all the time, as the relative strengths and weaknesses of the companies’ products can shift around quickly. You have to keep up with it.

Tuesday, November 17, 2009

More on how to check websites for history of delivering malware


The world’s largest search engine (Bing still isn’t that close as far as I know) offers a “safebroswing” diagnostic check, which will tell you if the site is suspicious, if it has served as an intermediary for infection. The “tutor” link from Google is here, and the following is an example from one of my own sites. (link). The result may tell the visitor that the site has not been checked in 90 days, although cached links from the site can be found much more recently than that.

The visitor can enter the name of Blogger (or Wordpress or other) blogs, and sometimes get more information about the blog.

This can be a major tool for checking sites about which a user has discomfort. Other tools that we have discussed here include McAfee Site Advisor and Web of Trust. Those tools, when implemented, list a site's "rating" (as with a color code in the case of McAfee, with green being the safest) beside search engine results.

Picture: unrelated: A Norwegian ship in Baltimore harbor; the CVS processing truncated the last image, but it’s what I have!

Thursday, November 12, 2009

Social networking "friends" can launch "I need money" scams


Wednesday, NBC-Washington’s Liz Crenshaw warned social networking users of new scams where hackers impersonate account holders and ask “friends” for money.

View more news videos at: http://www.nbcwashington.com/video.



The danger seems greatest with Facebook or Myspace users who allow many people to sign up as “friends” and then who announce plans, especially travel (or medical hospitalization) plans, that could invite hackers to attempt scams when they think that the account holders will not be able to check.

About.com has an article by Landa Roeder on the “I need money” link here

Also, check out this MSNBC story "Facebook message frees NYC robbery suspect: Accused updated status on his Facebook page one minute before robbery", where the IP address from which a Facebook posting was made was used to provide an alibi (link here). This may be a legal first.

Wednesday, November 11, 2009

AP says it is conducting study on hackers placing child porn or other illegal content on zombie computers, leading to false prosecutions


AP technology writer Jordan Robertson has a very disturbing AP story, dated Nov. 9, 2009, about claims that some people have been “framed” for possession of child pornography that may have been planted by a computer virus. The link for the story (apparently originating from a Florida paper called TCPalm) is here. It's interesting that yesterday my Windows Vista Dell XPS PC broadcast this MSNBC headline on my desktop as I booted up, as part of the Dell "news gadget" available from Vista (underneath the Vista "Clock"); curiously I could not find the story on MSNBC but I did track down the AP original.

The circumstances discussed in the story vary widely. In several cases people have been accused after others found the illegal material on their workplace computers. In Massachusetts, a man spent $250000 defending himself before prosecutors finally agreed that the images came from an infection planted by someone else. However, in many workplaces employers warn associates that they are absolutely responsible for the security of their own workstations, even when they are not at work (which usually means changing passwords frequently and not leaving the work station signed on.)

In a case reporter here (in Feb. 2007), a teenager was arrested at home in Arizona in December 2006 when police claimed he had downloaded illegal material from Yahoo!. Subsequent Internet stories on the truth of the matter are very mixed, to say the least.

The article claims that the Associated Press is conducting an “investigation” and knows of other cases where people have been bankrupted proving their innocence. Prosecutors tend to turn a deaf ear on the idea that this can happen, until the evidence that it really can becomes overwhelming enough. At any time, about 20 million of one billion computers connected to the Internet (about 2%) have infections that could give hackers control of their computers. And some individuals might hack so that they could watch c.p. on a “zombie” computer, unbeknownst to the unsuspecting computer owner.

A story at ABC affiliate KOAT-TV in Albuquerque NM refers to this story here and quotes an FBI sources as claiming that nearly always the original criminal (hacker) can be detected with proper forensics; The FBI believes that such wrongful prosecutions, while possible, are rare. Will WJLA in DC pick up on the story?

It would sound as if there could be a separate issue for a workplace vs. a home computer. As I noted, an employer might hold an associate responsible for the security of the workplace computer. At home, there used to be an idea of “strict liability”; the home user was presumed responsible for any community risk from his asymmetric computer use (that would presume that a parent was responsible for his or her minor children’s behavior on the computers, as well as any guests; the Phoenix parent, in the case mentioned above, was quoted as saying “computers just aren’t safe”.) But in recent years, practically all journalistic sources maintain that infection placed by a hacker is an affirmative defense – but there might be a “guilty until proven innocent” problem, causing enormous expense to the defendant.

When a computer user connects to the Internet, who should be legally responsible for knowing that the computer is properly protected from security threats which can spread to the community? The individual user? The anti-virus software company? The provider of the operating system (Microsoft, Apple, or Linux)? If a computer stops working and the owner takes it to a repair shop and the shop finds both an infection and undetected c.p., what are the legal consequences? When should there be “downstream liability”? There is no such thing as perfect protection, and this sounds like the kind of debate we have in public health areas. Should we have an “Internet driver’s license?”

In a few cases, police have barged in at home when the person was online, as when detected by the National Center for Missing and Exploited Children [link; this could presumably happen with someone who did not know his computer is infected.

Picture: US Courthouse in Philadelphia, site of the 2006 COPA trial.

Update: June 13, 2012

CNET has a story "A child-porn planting virus: Threat or bad defense?" by Larry Magid, Nov. 10, 2009, link here. The practical risk is low, the article says; one way if could happen is when visiting an adult porn site and getting illegal content cached.  The legal standard, in 2009, seemed to be that prosecutors have to prove that the person intentionally downloaded, received, or distributed the illegal material, and that should not be as difficult as it sounds.  CBS had an AP story in Nov. 2009 that also included a story of a man convicted in Wyoming; c.p. was found in a file-sharing folder intended to be used for adult porn.   This could become an issue for cloud computing, the article says.

The legal case of Ned Solon, from Wyoming, is important; the Supreme Court recently turned down an   appeal, story here (story by Tom Morton in Wyoming Tribune). There is a more disturbing account on a site called "Framed for child porn", here. It appears that use of P2P (like LimeWire) might increase the risk on an incident like this. The site criticizes a mentality of absolute liability, "If it's on your computer, then you must be guilty", but that seems not to hold now in general.  (If you can't find it yourself, do you "possess" it in the eyes of the law?  It sounds like "possession" of a football outside the end zone.) 

Tuesday, November 10, 2009

AARP warns subscribers about fake anti-virus software


The AARP Bulletin, for Novemb er 2009, on p. 26, contains an article by Sid Kirchheimer warning seniors about fake anti-virus software. The article is called a “scam alert”. It warns about popups or emails that attempt to get the computer owner to download “antivirus software” and also warns about telephone telemarketing calls selling computer anti-virus products, a practice that I have never encountered.

I could not find a specific link online to this story, but I did find a link at AARP for a book by him, “Scam-Proof your Life,” here.

Two years ago, there was a time period where fake anti-virus software was often offered in spam comments to blogs and discussion boards.

Saturday, November 07, 2009

Is high-tech a home fire hazard?; Learn to use malicious software removal tool


Here’s a good story by J Raphael from PC World "Technology Fails: 8 Extreme Electronic Disasters"), about the “dangers” of “depending on” modern technology, appearing on Dell MSN Saturday morning, reprinted from PC World.

The "exploding laptops" story (“combustible computers”) is familiar from 2006, mostly due to defective batteries. So are the iPhones. They make home electonic hobbying, even for music composing, for example, look dangerous to others.

The most alarming part of the story concerns viruses being found in sealed hard drivers, iPods, USB flash drives, and Eee Box computers.

If this weren’t enough, here’s a story by Robert Vamosi from PC World, “Is Your PC Bot-Infested? Here's How to Tell: Botnets are big, bad, and widespread -- but if your system is infected, you can take several simple steps to clean it and stay safe.”,link here. The article warns that even good and well-known anti-virus programs don’t catch everything, and it recommends learning to use Microsoft’s Malicious Software Removal tool, which gets updated frequently by Microsoft automatic updates.

Wednesday, November 04, 2009

Old Word 2002 glitch can make a document's links appear to be corrupted


Occasionally, I have run into a situation where an HTML document with many hyperlinks and derived from a Microsoft Word document and then converted to HTML develops corruption in the links.

A symptom is that after adding a new link, suddenly the file (when the cursor is run over the link or the link is visited) shows links either above or below the link that is intended. And sometimes whole passages of text seemed to be included in a link.

Microsoft Word 2000 was the first to offer automatic conversion to HTML. But it seems that Word 2002 had a bug in the way it generated XSL meta-code, which could cause this to happen.

In the past, I corrected it by editing the document in Notepad and deleting manually the excess XSL code that generated spurious “a” links. This could be a tedious process. But today I encountered it again with a document that had been converted in Word 2002, then edited in Front Page. Because of changes, I was editing it in Word 2007 and ran into the problem again. This time I restored the old copy of the file and created a new file to give new movie review links (on my doaskdotell.com website, the cable movies file).

A visitor to a file with corrupted links might believe that it is infected by a virus. But in this case it is not; the corruption is due to a past software bug, not malware. It sounds conceivable that website advisor services like McAfee Site Advisor or Web of Trust might flag the sites with warnings, but so far I haven’t run into this.

Microsoft stopped supporting Word 2002 sometime around 2004 or so.

Note: In 1997, as I was completing my book in Word 95, I had one large file with many footnotes go bad with some of it changing to jibberish. I restored it from a floppy and never had the problem again. Another large file turned to jibberish when printing at Kinko's, but printed OK at home. One wonders.

Tuesday, November 03, 2009

Malware could corrupt your Internet connectivity; could external router corruption do the same?


Today, on all three browsers (IE, Firefox, Google Chrome), I had intermittent connectivity problems on Comcast for about 20 minutes with Vista giving a diagnosis of a bad TP/ICP setting. CNN and Yahoo would display incomplete pages, Blogger could not complete requests, and so on. Suddenly, everything started working properly again.

I found a page about this kind of problem with XP on “Who Is Madur” here (from April 2009) I don’t think any malware had corrupted the connection, as it repaired itself; but it makes me wonder if hackers could get to the corporate routers outside of my home and business and steal information. I had never seen this kind of error before at home, on either XP or Vista, that I can recall.

I found a posting on Yahoo! about a virus W32.virut that could cause these problems here.

Microsoft’s page for this sort of problem seems to be this.

Anyone who has seen this, or experienced problems like this on the East Coast Tuesday morning with Comcast (not with wireless), feel free to comment.

Monday, November 02, 2009

Is Windows Firewall by itself on a modern machine providing sufficient protection from hackers?


An article in Switched on Wireless Security, one that I linked here on Oct. 29, says that you need a second package if you use Wireless, at least without secure connections (https) or if you use free coffeeshop services. Is it really OK to rely on Windows Firewall?

I found another article back in 2005 that explains how Windows Firewall works with McAfee, Norton, and particularly ZoneAlarm, that the user can check out here. The PC Today article is titled “Does Windows Firewall Measure Up?: We Review The Competition So You Can Decide For Yourself”.

Can you use different anti-virus packages together? On another machine, that has gone slow, I found that Spysweeper Anti-spyware and McAfee scans were locking either other out, but only because the machine has other problems (it is a 2003 Dell) which I am about to take to Best Buy/Geek Squad soon for diagnostics and repair. I suspect that they should run together OK, as they had before the machine turned too slow.

On Vista, the Windows Security Center explains the Windows Firewall, and discusses “network location” concepts: Private Network, Home Office, and Public. Some of the Microsoft documentation suggests that Home or Private network locations need additional firewall protection when connected to wireless (encryption), because the Windows settings already allow network discovery, which could apparently allow a drive-by hacker to pick up outgoing communications. I am not sure that this is the proper understanding of how it works in 2009. The only network location available on this laptop as purchased from Best Buy seems to be “private network”.

In practice, a home computer that is stand-alone that does business only through https and uses Windows Firewall and at least one major anti-virus (and that does not intentionally indulge in known risky behavior) is probably properly protected. (Note that Gmail uses https).

Friday, October 30, 2009

Vipre Enterprises publishes Malware Countermeasures Guide


Sunbelt Software and VIPRE Enterprise has sent users links to a white paper “Modern Malware: Threats and Countermeasures”, by Greg Shields. The company site is (URL) here and the link to the 15-page white paper download (from the WebBuyers Guide) is at a dynamic link sent to AOL members (email address was included in the link, so I can't give it here.) Some of the malware types are porn dialers, backdoors, exploits, keyloggers (which may be legitimate in a workplace environment to monitor employees), remote control devices, rootkits, Trojans and Trojan downloaders, worms and viruses.

This is a pretty good overview, particularly for the small business owner as well as high-end home user, mostly of Windows based systems.

Thursday, October 29, 2009

Wireless at home or in hotels can be very loose; Blackberries can turn into spy microphones


The first topic I’ve covered before here. Wireless. If you use a free wireless service in a hotel, for example, it’s easy for a “spy” to record all of your web visits and key strokes on a laptop nearby. An NBC producer went to a home in Houston TX to show the homeowner the sites he had just surfed. Presumably subscription services (Verizon, etc) are more secure, as are sites that require a password (and https protocol). You can make your personal computer more secure by giving it an administrator’s password (and requiring passwords for all users, in XP, Vista or 7) even if you are normally the only one with access to it, too.

Some observers write that a laptop or PC equipped with wireless can be compromised even when Internet access is through cable, unless the wireless card is disabled.

NBC has also reported a story by Washington Post security writer Brian Krebs, about Department of Homeland Security (DHS) warning about a PhoneSnoop application that can be placed onto a Blackberry (not the president’s) to turn it into a microphone, as if the unsuspecting victim were wearing a wire (with no tape or stickers). A jealous spouse, for example, could use it to spy. The Post article is titled “DHS: PhoneSnoop app bugs BlackBerrys” with link here and refers to this CERT warning (link).


Update: Nov. 2, 2009

Switched has a story by Terrence O'Brien "Just How Risky Are Public Wi-Fi Hotspots?". The story was offered to AOL users today.

Tuesday, October 27, 2009

Phishing attacks impersonate US Attorney General


Arlington County VA today sent out a cyber alert from the Internet Crime Intelligence Center (or “Intelligence Note”), that spammers were impersonating US Attorney General Eric Holder in attempts to garner personal information with phishing attacks. The link for the alert is here.

Government agencies do not send out unsolicited emails. The FBI has a tip line on its website and does have procedures for taking and returning phone calls for tips that appear to be important or credible. Visitors might enjoy reading about the FBI Citizens’ Academies, web URL link here.

Saturday, October 17, 2009

Watch for random power surges; replace surge protectors periodically


Last night, as I was working on my laptop, plugged in (fortunately, through a surge protector), I heard a loud pop and the lights went out. About half the lights came back on in about two minutes. It was weird, because two of the circuit breakers wouldn’t reset. I called an electrician’s hot line. But this morning, I found that they would reset; except that one master switch for the computer room causes the breaker to flip if used. If I turn on the various switches manually, I can come back up.

I didn’t hear any lightning in this 40 degree Noreaster (threatening October snow), but I suspect there was lightning around anyway – there was is if moist air is lifting, even in snow. The computers and cable TV all work; just one electrical switch does not. I suppose I can wait until Monday so as not to pay emergency rates to an electrician.

I have found cautionary tales on the Web, about replacing surge protectors, which is a bit like replacing smoke detectors. Here's a good domestic canterbury tale, even mentioning a wife. In rare cases, old surge protectors have caused house or apartment fires. Here’s one tale about how a computer went toast to a random residential power spike despite a power strip.

It seems that all power companies have spikes, because there are too many points of potential failure. Newer areas with more work underground may be less susceptible. In downtown Minneapolis, I had almost no power problems. In Arlington VA, in a residential area, there are frequent very short outages. Older cities and older systems have more problem, especially in forested areas with above ground utilities. Utilities are under the same pressure as everybody else to trim costs, and I sometimes wonder about their p.m.

Friday, October 16, 2009

Webroot Spysweeper gives warnings about i.nuseek on blogs, apparently for some non-working gadgets


Yesterday, on my movies blog, I got a warning from Webroot Spysweeper about “i.nuseek.com”. It happened only in Google Chrome, not in Firefox or Internet Explorer. I did notice that one of the gadgets at the bottom of the blog had an expired domain, so I replaced the gadget (“5 top boxoffice hits” or something to that effect) with another gadget. I haven’t seen the warning from Spysweeper since.

I checked this on a machine with McAfee site advisor, and see that nuseek.com is rated green. I find “rumors” about taking over expired domains, so maybe the circumstantial evidence makes sense. For example, bloggers should watch their “3rd party” gadgets and make sure they continue working properly. Again, Spysweeper seems to be much more proactive in warning users about potential problems with an embedded site or script that McAfee.

A typical discussion of i.nuseek appears here.

Interested visitors should look up the WHOIS for nuseek.com on domaintools.com.

Wednesday, October 07, 2009

Phishing attack compromises passwords; all users should consider whether to change theirs today


Ben Parr has an “alert” story in Mashable (The Social Media Guide) “20,000+ Gmail, Yahoo, AOL Accounts Compromised”. Apparently over 20000 passwords from a number of these services were stolen with a phishing scam and then posted. Anyone who has answered a phishing email should consider changing all of his or her passwords promptly, and used strong passwords, and apparently different pw’s for each account. The link is here. The story surfaced on CNN this afternoon (Oct. 7).

A strong password uses both upper and lower case letters, numbers, and special characters, and does not make sense to a random person, and has no obvious connection to the person’s life.

Corporate servers commonly force employees to change pw’s at least once a month, and to use strong pw’s. Users who answered phishing emails at work might jeopardize their employers' security,

Thursday, October 01, 2009

Sensitive touchpad can bring up unwanted or dangerous websites


I’ve noticed a tendency on my 2009 Dell XPS laptop (running Windows Vista Home) for the touchpad to launch a URL without being actually pressed once in a while. I don’t see anything obvious on the Control Panel to suppress this. It seems to be a hardware engineering issue regarding sensitivity to touch, pressure, electric contact, and time.

It may happen if the touchpad lies right over a link too long (accidentally) even though the pad is not pressed.

I did not have this issue on a 2006 Dell Inspiron with Windows XP Pro, and I have never encountered the problem with a mouse.

Harmful results might occur. For example, the visitor might see an unwanted ad, or even accidentally link to pornography or to some content which it is illegal to possess.

Another possibility is that in Vista, on some machines with some configurations, once in a while complicated advertising programs could cause an ad to be displayed as if clicked when was not; this would be a security flaw. I'll watch to see if other problems like this are reported in security bulletins and lists of fixes.

Touchpad sensitivity might be related to biological factors, such as skin conductance, salinity, and the like: factors measured on a polygraph or even by electrocardiographic leads.

If others have noticed this with some laptop models and has suggestions, please comment.

Sunday, September 27, 2009

Fake Facebook profile draws defamation lawsuit


It seems that people can have Internet safety problems without even going online. In Chicago, a woman is suing four other minors for creating a fake Facebook profile of her son, with defamatory material, as well as invasion of privacy. The case bears some resemblance to the notorious Myspace case in 2006 in Missouri. The story is in “Chicago Breaking News”, here.

A photo copy of the actual complaint is here at "Chicago Bar-Tender".

This case will surely draw more attention from the major media outlets.

Monday, September 21, 2009

What happens if a computer virus is responsible for user's possession of illegal content?


I’ve written before about prosecutions of people accused of possessing digital (or camera-associated) images thought to be “child pornography”. On Feb. 3, 2007 I discussed here such a case in Arizona with a teenager (and later Internet stories did give some credence to law enforcement claims that the suspect knew what he was doing). There was a similar case in Britain in 2003, and there have been a couple high-profiles cases in the workplace, one in Massachusetts, and another with a substitute teacher (not very computer literate) in Connecticut in 2004. The media has reported a few other such incidents, such as in Canada, as I recall.

I checked the Federal statute, USC 2252, on the Cornell Law School database of US Code, and find the adverb “knowingly” used throughout. Furthermore the law offers an affirmative defense when fewer than three illegal images are possessed if the owner destroys them immediately. It sounds as if it is the computer user’s legal duty to destroy any such images if he or she finds them (as if a parent finds they were put there by a kid or guest in the home, or if any computer user, at home or at work, believes they could have been placed there by a virus or worm). The link for the text of the law is here.

Virginia’s state law is similar, if less specific, here. The "knowingly" adverb appears, and that seems reassuring.

The law doesn’t seem to be specific as to the home user’s need for due diligence in using firewalls and anti-virus products, or as to any liability when they don’t protect a user from an incident like this.

Yet, in the past, various articles have been written about possession (as in the Arizona case) as a "strict liability offense", maybe in some states. If that's true, a user would be responsible even if a virus was the cause and even if the user had installed anti-virus software, unless affirmative defenses were offered,

This problem has a “bricks and mortar” instantiation. In numerous cases, families have been accused of making and possessing c.p. when overzealous and untrained employees in photo processing labs call police about innocent “family pictures.” Another major example recenlty has been with cell phone "sexting" by minors, who are in a sense logistically "guilty" even if they don't understand the legal implications of what they are doing.

The ABC link for the story of a family whose children were taken away for a month after Wal-Mart employees called police on family photos is here, by Dan Przygoda, "Couple Sues Wal-Mart for Calling Cops Over Bath Time Photos: Children Were Taken Into Protective Custody Over Pictures Taken at Bath Time," here.

Sunday, September 20, 2009

Odds and Ends: Webroot and Vista backups: lightning strikes twice today


My new Dell XPS laptop with Vista ran into a couple more little security-related items today.

This morning, Webroot Spysweeper told me I had never run backup when I had a few days ago. I tried to log in to the backup center and got server errors. But it also warned me about a missed scheduled backup, since I turn the laptop off after bedtime. Once I ran the sweep manually (it takes 30 minutes and usually finds some spy cookies) it showed the backup account again.

(Note: later experience shows that Webroot shows "backup never un" until you sign on, after restarting a system.)

Later Microsoft tried to run the automatic backup, which failed on not enough disk space on the D drive. Why does Dell make this drive so small? The only item left for deletion from D is the Recycle bin. What sense does this make?

(Note: Best Buy/Geek Squad tells me that the problem is with Vista; the manufacturer fixes the Recovery Disk size, and Vista should accomodate it. They say ignore the warnings and use an external backup like Mozy or Webroot for your data.)

Tuesday, September 15, 2009

Internet Explorer is much stricter about data excecution prevention


A recent change in Internet Explorer often closes IE for “data exexecution prevention” on many websites. The IE message says that it encountered malicious code, but I’m sure that in most cases it wasn’t, and I suspect there will be a fix pretty soon. One problem occurs when trying to open another window in Blogger to load Picasa album pictures. Picasa always works when tried a second or third time (if the user manually saves the post first).

The Microsoft help page for DEP is here.

Perhaps the code in IE is trying to look for problems similar to that encountered by the New York Times recently.

Monday, September 14, 2009

New York Times ("Gray Lady") website hit by mal-advertising


Media outlets report that the New York Times was hit by “maladvertising” this past weekend by hackers who apparently got into the “banner feed”, resulting in the display of fake anti-virus software ads, which were common about a year or so ago in other places. Personal finance has a story by Aimee Picchi, here. The “Gray Lady” does not want this sort of thing associated with its brand.

Peter Kafka has a story “Home Delivery: The New York Times serves up some malware,” here. The Times has a curt “Note to Readers” dated Sept. 13 here.

I believe that I got one ad that did not want to go away until I closed the browser (but I think this happened once with the Washington Post, too). But I don’t think it was the “sex in the city” mentioned in the story (and it’s interesting that the ad also appeared on Mac OS machines). Webroot Spysweeper nearly always finds some sky cookies when it runs a full sweep. It sounds very unlikely that these ads have harmed anyone’s computer unless they actually tried to purchase something from the bogus ads.

Tuesday, September 08, 2009

Arlington and VA govt give out general home computer security tips


Arlington County VA, apparently in a partnership effort with Virginia state government, sent out a "Citizen's Information Security Advisory" to all home computer users on its homeland security email list today, advising consumers how to install automated security updates on all of these platforms:

(1) Microsoft XP and Vista (and other Windows) systems, the most common

(2) Apple MacIntosh, and homeland security views the Mac as vulnerable (as in the previous posting)

(3) Apple iPhone (apparently no updates for Blackberry?)

(4) Adobe Reader and Flash software, which might apply to both platforms above

(5) Firefox, even though Firefox is typically thought to be safer than Internet Explorer; Microsoft bundles IE updates with its regular automated security updates.

As noted on my IT blog, Microsoft recently had to back out and reissue an update to Vista (KB 973879); the reissued update seems to work properly (and not cause blue screens when devices are disconnected).

The link supplied by Arlington County is here.

How vulnerable are Mac users compared to PC users? Some blunt words.


Do Mac users really need to be diligent and install and maintain antivirus software? Mary Landesman, of About.com, says, bluntly, well, do you connect to the Internet? Her article and FAQ page is here.

Many of the vulnerabilities are more subtle than just compromise of your machine; they have to do with “social engineering” in one form or another, including phishing.

She provides some particular discussion of man-in-the-middle attacks, the “carrier” problem (as in the real world of infectious diseases) where a less-affected user can pass along infection to others. Her link for MITM and redirection attacks is here

One of the most dangerous potential threats here would be “domain name spoofing”, which created a huge alarm among security experts, including international meetings and sudden patches by Microsoft (and maybe Apple) in the middle of 2008. These could, just by their very logic, affect Mac users as much as PC users.

Monday, September 07, 2009

Media raises concerns about ordinary user password security


The Washington Post has an alarming, “un-gentle” story (front page, Labor Day, Monday Sept. 7) by Tom Jackman here, and Evan Haning has a similarly probing story on WTOP here about Internet password security. The visitor can search for the entities discussed in the stories and draw his or her own conclusions. I won’t make any accusations here.

Yes, people who have jealous ex “lovers” can become marks on the Web, and this sounds like a new dimension of danger, but it’s probably not new. Attorney John W. Dozier covered some of this material on his recent book on reputation that I reviewed on the books blog Aug. 27. I could say, leave some of this to a screenwriter’s imagination (especially for a Sony “Screen Gems” kind of movie), but it would be possible to set someone up and frame them on the Web just as in real life in 50s Hitchcock movies.

The basic rules of password security have remained the same. As far back as 2000, companies were checking employee’s passwords for “strength” (and were warning employees that they were responsible for misuse of their logons); and most sites today enforce strong pw’s and require more novel security questions with more unique answers. Change your pw’s frequently, especially if your computer is shared by others or if you have to travel a lot. If you are in a position to check your financial accounts frequently online, do so (accounts that are frequently visited are much less often compromised; if you cannot visit them frequently, pw security is even more critical). Most of all, be wary of the old phishing tricks. Reputable companies do not invite you to submit personal information by email (except when going to “reputable” third party sites for credit card payment). Be wary of “bad sites” (refer to a site advisory service like McAfee Site Advisor or Web of Trust). Use common sense. I guess one could say, don’t make enemies, or be aware if you think you have. Another tipoff for possible problems: if you repeatedly get calls (not just spammy emails, but actual calls) for “job offers” that sound inappropriate for your background, or that seem motivated by some kind of agenda. Also, practice wireless safety; it’s safer to pay and subscribe to a more secure national service (Verizon) than use free motel or restaurant wireless.

As for computer security, I don’t know if the jury is in that the Mac is necessarily “safer” than a properly protected modern Vista or Windows 7 (soon) PC. But it seems, in my experience, that Spysweeper provides more warnings than does McAfee about possible hazards. It’s a good idea to scan for spyware and sky cookies as well as conventional viruses.

MSN has some password tips (by Michael Scalisi from PC World) here.

Sunday, September 06, 2009

Senate makes Cybersecurity Act even more vague and more "dangerous", inviting eventual presidential shutdown


The "conservative" Washington DC Examiner has an important editorial Sept 1“Don’t let a president turn off the Internet”, link here. It refers to Jay Rockefeller’s Cybersecurity Act of 2009, S 773, Govtrack reference here. Electronic Frontier Foundation currently (Sept. 6) features the link on its strike page. However Rockefeller has reportedly revised the language to make it even more vague.

The editorial says that Obama wants to be the digital age’s “Harry Truman” and goes on to describe Truman’s seizure of steel mills in 1952, because of the Korean War. A national cybersecurity emergency, perhaps like the recent DOS attack on some government agencies (somewhat a matter of incompetence), could easily result in shutting down the “people’s” voices like social networking sites and blogging platforms. The concerns articulated by attorney John Dozier, in the book I reviewed Aug. 27, might eventually be perceived as serious enough to trigger presidential intervention.

Tuesday, September 01, 2009

Koobface goes after social networking site users


Andrew Brandt has written a major account of how he “tested” Koobface malware on Twitter, Myspace, and Facebook, and gives some details as to how each service tries to deal with malware. With Myspace he had some particular annoyance in having to repeatedly change passwords.

The account in the Webroot-sypsweeper blog is here. The blog entry points out that Koobface propogates itself by sending apparently malicious links.

Brian Krebs of the Washington Post has a (“Security Fix”) blog entry “Getting Friended by Koobface” here. The worm has allegedly created fake domains based on names of people, a potential “online reputation” problem touched on by John W. Dozier in the book that I just reviewed last week on my book reviews blog.

There had occurred a much more sinister domain name fraud potential problem documented on another of my blogs (the "id theft" blog) in Aug 2008, the great "Internet Scare", entry here.

I noticed that I could not log on to my Myspace account, which I use very little; but the blog is still there (one entry).

I note today that I to suspend temporarily automatic Vista updates because of the faulty KB973879 update, explained here on another blog.

Friday, August 28, 2009

McAfee offers "Security Insights" to parents


This morning, as my automatic Friday morning McAfee scan started, I also got a pseudo-popup offering Internet safety tips for parents. It started Internet Explorer, and gave the typical advice of monitoring your child’s online activity, the way you would monitor a teen’s learning to drive a car.

Curiously, the scan stalled in the “rootkits” area while this IE link displayed, and then scan took off normally.

I couldn’t find that exact link to give visitors, but here is a similar link, “the Security Insights” newsletter ("Moms fight cybercrime with education"), here. The statistic on the report are interesting: 63% of teens hide what they do, over 50% give out personal information, and about 20% have engaged in some bullying.

Wednesday, August 26, 2009

Be careful when surfing "celebrity sites"


CNN has a story “Most dangerous celebs to search online”. They include Jessica Biel and George Brad Pitt. Even relatively new young celebrities have a lot of such sites.

A lot of celebrities have unauthorized fan sites that may spawn malware, according to analysts at McAfee, a major anti-virus company. If you’re a less popular or flashy celebrity, you probably won’t encounter these sorts of unauthorized imitations. I don’t have any (pun!).

Much safer is to go to sites developed my major media outlets, like CWTV.

However, I haven’t gotten any unusual warnings from Spysweeper from any celebrity sites, authorized or not.

The CNN story is here.

Tuesday, August 18, 2009

Microsoft makes many security fixes; ActiveX is still seen as a "liability"


Brian Krebs, in his Security Fix blog for the Washington Post, discussed a big Microsoft patch on Tuesday, Aug. 11, in this entry.

Krebs provides a lucid explanation of why ActiveX has been a consistent Achilles Heel for Microsoft Internet Explorer, any version. It gives “access” to other parts of the Windows operating system, for hackers to control your machine (possible for DOS zombie purposes) and Microsoft tends to share some “templates” with other vendors.

On my Windows Vista update history I see ten updates since Aug. 11, including two that greeted me today when I started following up on Krebs’s blog. But the 19 updates in his story may apply to XP also.

It appears that the new Windows 7 is somehow steering clear of these problems.

Krebs notes that ActiveX vulnerabilities may be avoided by using other browsers, like Mozilla, Chrome and Opera.
_

Sunday, August 16, 2009

Twitter, IM's and texts are tools for neighborhood watch groups


Blogs and especially Tweets are becoming important tools for neighborhood watch groups, according an AP story by Meghan Barr, printed on p 13 of the Sunday Aug. 16 DC Examiner.

The lists have to be kept private, however; otherwise they might cause homeowners to become targets.

Tweets have described atypical behavior for a neighborhood, and some people are likely to say that the tweets would tend to be motivated by stereotypes or profiles. But Tweets could provide some corroborative evidence for law enforcement, and one wonders if they could be admissible in court.

The MSNBC link for its copy of the story is here.

Friday, August 14, 2009

Man impersonates white supremacist on Facebook, gets prosecuted


On Thursday Aug. 13, CNN provided a story about an African-American man who created a fake Facebook account to impersonate a white supremacist, and then transmit threats. Dyron L Hart, of Poplarville, MS, plead guilty to communicating threats by interstate commerce. He could get a $250000 fine and five years in prison. The story is here.

Prosecutions of this nature have gradually increased since the late 1990s, when people would recklessly transmit threats in emails, IM’s or on message boards, without awareness of the grave legal consequences.

Thursday, August 06, 2009

Twitter, and perhaps Facebook, are disrupted by DOS attack today


Multiple media sources report a denial of service attack on Twitter and possibly Facebook during the morning of Thursday Aug. 5.

Even Ashton Kutcher couldn't keep up his usual pace of tweets.

Twitter is reported back up with some slowness, and Facebook is investigating.

At 5:20 PM EDT today I could not get Twitter.com to respond. Curiously, Internet Explorer 8 on my Vista machine hung and had to be restarted. Facebook responded, although a bit slowly.

The AP story on MSNBC is here.

Later, even Live Journal was reported to have been disrupted.

A story today (8/7) on CNN reported "Pro-Georgia blogger 'George' target of Twitter attack", as if the entire DOS attack were motivated by a desire to target one blogger overseas relative to the Russian-Georgian conflict that started in 2008. The link is here. It's hard to believe that such an attack would be motivated this way.

Last month, the South Korean government and several US government agencies had outages due to a DOS attack. This new incident suggests that governments (or their "agents") might target companies that host dissent; the obvious question is whether Iran might do this in view of the controversy over its recent "election" and all the protests. Likewise, one wonders about Myanmar (or Burma).

Denial of service attacks were widely discussed in major media in early 2001, well before 9/11.

Tuesday, August 04, 2009

Smart Internet energy grid, spurred by green initiatives, could pose grave security risks to utilities and consumers


Thomas Friedman, author of “The World Is Flat”, has proposed a “smart energy grid” using the Internet to adjust electricity loads and reward consumers for smart, green behavior in pricing. Oprah and others have supported him quite publicly.
But the idea of connecting the utility system, however carefully, to the public Internet could run into serious security concerns, as the stakes from any conceivable hack get greater, even as robust security layers are added by utilities and developed by vendors like Microsoft, IBM, EDS, and others.

Brian Krebs has an important article in the July 28 Washington Post on the issue, “’Smart Grid’ Raises Security Concerns”, link here.

I recall, when still living in Minneapolis, back in 2002, various doomsday articles on how easily hackers could attack utilities, but by and large they were unfounded, as the utility grid has been almost closed off from public access. However, the federal government found out that some of its systems were not so immune with the DOS attacks last month. Similar comments were made after the August 2003 Northeast power failure, but that was related to internal software and hardware problems in the grid (as a wrong direction loop in Ohio), not to malfeasance. But in the future we could become much more vulnerable.

Thursday, July 30, 2009

Web of Trust announces alliance with Panda Security


The Web of Trust is a website advisory facility, fed by inputs from users, that this blog has covered before. It is driven by site reputation with users. WOT has joined forces with Panda Security, and there is a recently provided weblink that explains this alliance:

WOT sent out a press dated July 30, from Helsinki.

I tried the Firefox download on Vista and Firefox would not allow me to pursue it. I will have to look in to this. With a different box it gave me an unknown file type. I’ll have to check into this also.

I have quite a bit of experience with McAfee site advisor, which sometimes causes “false positives.”

I haven’t noticed a specific website rating facility being offered by Webroot yet. However Webroot Spysweeper does flag sites it knows to be associated with distributing malware when the sites are visited or linked in emails.

Wednesday, July 29, 2009

Microsoft offices "sandbox" to make Office applications more secure, for the time being


Gregg Keizer has a column today in PC World on Microsoft Office file formats and their supposed vulnerability that hackers find by “fuzzing” Office file formats, the dropping of random streams into applications to cause lockups and breakdowns. It seems that some people like to break things for the fun of it! Microsoft will offer a “sandbox”, a read-only environment for companies to isolate Office documents in a read-only environment where they can’t be surreptitiously updated.
The PC World story July 26 is here.

Microsoft has a company blog to discuss its security enhancements for Office products here.

Back in 1997, I had trouble with some large, heavily footnoted Word documents for my first book going "bad" and Kinkos claimed that this was a virus; it wasn't, it was just instability.

Tuesday, July 28, 2009

Hand print technology could make computers more secure as well as entire workplaces


A Tampa FL-based technology company, Identica ("undeniable identity"), has developed a biometric scanning device now reading the vein patterns on the backs of peoples’ hands. The technology has become popular for security in Asian banks, but now at least one pre-school in Loudoun County, Lola’s Place, VA uses it.

It seems to be a technically controversial alternative to retinal scanning. But off hand, it would sound more prone to physical changes in a person.

It would also sound like an appealing technology for workstation security in the workplace, or even at home with a PC or laptop, more reliable than webcams and photos. This sounds like a security technology to watch.

The story is in the Metro Section of the July 28 Washington Post, by Emma Brown, p B1"Va. Preschool’s Security Is More than Skin-Deep”, link here.

Monday, July 27, 2009

Do McAfee and Spysweeper conflict? (wrLZMA)


This morning, Monday July 27, on a quick scan by McAfee of an older Dell 8300 from 2003 (XP Home) with Spysweeper anti-spy (but not antivirus) added on, the scan hung on module wrLZMA.dll, twice. I disconnected the Internet and tried again and got the same result. The full scan had run successfully without incident Saturday morning.
In a scheduled run last night, Spysweeper went into a loop and never started, on the same machine.

I have been having trouble with slow performance on this machine, as noted earlier; sometimes it gets better for a while, after running RegCure (which always finds at least two HKLM errors).

I found the report above from 2008 about a possible conflict between Spysweeper and McAfee over a Spysweeper module by this name. But a search shows other modules purported to be Trojans with this name masquerading as this file. However, a Dell search of the local machine showed that the module was last loaded and updated the day that I installed Spysweeper.

I think this is a “false positive” and an artifact of my performance problem, not a cause. In the meantime, I’m moving work over to a new Vista XPS laptop (I explained on another blog why Apple wouldn’t quite work for me). Needless to say, the new laptop runs about ten times as fast.

Out of caution, I disconnected the old machine from the Internet, and changed critical passwords under the firewall protection of the new one. It’s hard to prove with an old slow machine that the anti-virus and firewall actually work.
If someone knows more about wrLZMA, I would appreciate comments – moderated but quickly reviewed and approved. I guess the old machine will find its way to the Best Buy repair desk soon.

Picture: from the DC Metro, and prescient.

Update: Aug. 1, 2009

Now, in a full McAfee scan, it gets stuck on webroot "settings.dat"

Wednesday, July 22, 2009

Paper (from Tech Repubic) surveys malware and rootkits


On Wednesday July 22 Tech Republic offered a download link for a white paper “The Ten Faces of Computer Malware”. I know, Tech Republic likes these variations on the 2001 movie “13 Conversations about One Thing.” The link takes you to a download available to free registrants, and a number of the “faces” are about rootkits, which can operate at the user, kernel or firmware level – the last being essentially impossible to move. The paper makes the astonishing statement that all anti-malware applications (including professional anti-virus programs) are destined to fail or be defeated eventually, and all computer users (that means almost everybody) needs to take more ownership of the risks that others can put them in (sounds like a contradiction).

Tuesday, July 21, 2009

New warnings on infected videos (Erin Andrews; Georgia c.p. case)


Several major media outlets are reporting that hackers have tricked computer users into downloading a video supposedly “showing” ESPN host (illegally) Erin Andrews but actually infected with malware. The malware apparently involves popups with spyware that will later be used to record keystrokes. The WJZ story is here.

The Georgia Bureau of Investigation is reporting an old email phishing scam that involves an unidentified man engaging in child pornography. Theoretically, a user who downloaded the video being offered (as an attachment) could be guilty of possessing c.p., although it’s not clear how knowing the possession would have to be (could depend on the state). The story is here.

Monday, July 20, 2009

Scientific American has article on real world computer security


The May 2009 issue of Scientific American has a “Security” article on p 56, “How to steal secrets without a network: information thieves can now do an end run around encryption, networks and the operating systems,” by W. Wayt Gibbs. The URL link is here.

The article describes old-fashioned “real world” hacking, as from reflections from an eyeball or from the sounds of a dot-matrix printer (yes, like Okidata in the 80s). Each key on a leyboard emits a unique radio frequency that can be tracked (it is said that the CIA could spy on individual home computers before there was a public Internet as a result). A determined hacker could subvert a built in webcam, used by many new laptops to identify users, to track keystrokes. It sounds like the kind of spying of the great James Bond movies of the 60s, those with a hairy Sean Connery. The general impression is that from determine spies, these threats are still serious matters for government or high-value targets, probably much less so for ordinary users, when compared to the more familiar threats of spam, phishing, viruses, Trojans and worms.

This same issue of Scientific American has an article (“airless”) about how planets lose their atmospheres!

Wednesday, July 15, 2009

Vista with Webcam acts like "HAL" in "2001" or "Moon"; does facial recognition help or hinder security?


Well, more “Adventures in a perambulator” (with Windows Vista, that is). I let the laptop go into sleep mode, and it used the webcam to recognize me. It said “not enough detail” and asked me to create a password, which I did. It seems that it has given me the default user name of “owner”. When I went back in, it recognized me (glasses included) and would not give me time to use the password, which I prefer. Microsoft calls this heavily trademarked process "FastAccess".

Yes, I saved the password on a file and printed it out.

I found the facility to create users under the Control Panel, and it is not totally logical. You have to go into “change users” to see all the users, and yet it lets me add an “Administrator” that way, and recommends I make a backup floppy for the administrator to avoid losing encrypted logons. It’s all a bit confusing.

I think people change appearance more than webcams (especially those on “Days of our Lives”) recognize. And some parental safety advocates say no kid should have a webcam on his computer (because of misuse – the Justin Berry case reported in the New York Times). It seems like higher end Vista laptops have them built in.

The laptop is a bit like “HAL” in the movie “Moon.”

Update: July 16

This morning, in daylight, the webcam facial recognition software did not recognize me. I had to use the password.

Tuesday, July 14, 2009

Dell XPS with Vista: Why doesn't Microsoft Security Center track Webroot Spysweeper?


Okay, I’ve broken down and gotten Vista, and a free Windows 7 upgrade, a Dell XPS laptop, all with the nice keyboard lights for night games (or to take with you on a spaceship if you’re abducted).

The Vista security center was on the Control Panel. I had Best Buy install the full Webroot Spysweeper, and the Windows Security Center says it cannot monitor my malware protection. It lists a number of products, including McAfee and Norton and some others, but oddly enough it doesn’t list Webroot. I don’t know why Dell and Microsoft don’t have a partnership with it; maybe someone does.

The Spysweeper does seem to be working properly, and the Windows Firewall works separately. I don’t know if adding McAfee or Norton is necessary, or just complicates things. I find on another machine that Spysweeper identifies and quarantines many “spy cookies” that McAfee lets pass.

Of course, there are other things to get on – if not McAfee Site Advisor, maybe Web of Trust. But this is Day 1 of the new laptop.

Does anyone know what the deal is with Spysweeper and Vista Security Center?

Also, Microsoft seemed to issue its patch tonight for the serious vulnerability reported earlier this month.


Update: July 17

Well, it turns out I had a wrong model. I had intended to get the wider screen XPS 1640, not the 1340. I swapped it out at Best Buy, and on this machine the Windows Vista Security Center does show Webroot Spyweeper as a "legitimate" anti-virus program. But I cannot explain why the other model did not show it as legitimate.

Update: July 18

Well, here we go again. Spysweeper won't start on its own; it warns you with a widget "X" on the task bar, and the Microsoft Security Center beckons you to start it. It still takes about 30 seconds then for Webroot's "12 of 12 recommended sweeps" to start in real time.

Update July 27:

Now even if you leave it alone, Vista starts Spysweeper within a minute of flashing the warning. Spysweeper loves to flash alerts (missed sweeps when computer turned off, missed backups).

Update: August 20

Spysweeper does tend to load very slowly at Vista startup. That may explain some of the symptoms noted in this post.

Also, once a day Spysweeper sends an error report back to its own servers.

Monday, July 13, 2009

Child internet safety group says "'just say no' to chatrooms!"


Rebecca Hagelin has an eye-catching column on p A18, “Culture”, in the Monday July 13 2009 Washington Times, “’Just say no’ to chat rooms”. Sure, she echoes Nancy Reagan (and maybe better times, in the minds of some). She calls chat rooms “the culture challenge of the week”. The link is here.

She refers to Donna Rice Hughes, president of “Enough Is Enough”, as recommending that parents ban all online chat rooms as too difficult to monitor. The website is here. The group offers an Internet Safety DVD at this link. Hagelin is willing to accept the idea that large companies like Facebook may offer acceptable safety if parents insist that their kids mark their profiles as private.

The Times story and EIE website do talk about the ease with which predators can impersonate kids, with all the security problems, some of which were documented in NBC Dateline’s “To Catch a Predator” with Chris Hansen. A summary episode from that series was rerun last night on MSNBC.

I guess for safety, some advice is "go outside into the real world. Climb a mountain." The picture comes from the W-WVa border on an obscure mountain trail.

Saturday, July 11, 2009

Internet safety requires leadership, but also competition


The Washington Post today (July 11) has an editorial “Securing the Internet: Recent cyber-attacks highlight the need for administrative action”. It starts with “where is our cyber-czar?” and ends well with “All the more reason to make someone accountable for striking the right balance between liberty, security and openness.” The URL for the link is here.

The scale of the denial of service attacks, and the lack of any coherent plan in the administration to protect all agencies against them, does deserve such a comment.

But the public focus on the style and substance of government leadership misses a major point. The vulnerability of the Internet – both private (sometimes very and micro-private) and public (government) components, is a function of three major factors: (1) a lack of sufficient competition among service providers, particularly of operating systems (2) asymmetry, which means that a bad actor with no commitment to “social contract” and do enormous damage, (3), a combination of the first two: sustainability, which means that the sorts of grudges that can lead to these attacks somehow get addressed.

When we speak of competition, we have precedents. IBM came to control the mainframe market in the 1970s and 1980s, and in some critical areas, Microsoft still dominates the PC market too much. Despite all the advances with the MacIntosh and Linux machines, there are some parties that need what (and all) that Microsoft can do in their I.T. setups. Furthermore, a lot of times, these same parties often tend to attract grudges (all the lines of “social contract”) and mischief. With so much concentration on Microsoft as the dominant player, parties – even whole governments -- make easier targets. Even miniscule vulnerabilities, such as the reported overflow problem in Micorsoft Internet Explorer ActiveX, can suddenly have large global consequences, or can lead to subtle social and political problems by the targeting of specific interest.

There is another factor, too, that so much youthful programming talent seems to go toward bringing things down. A lot of that is explained by economic and social circumstances overseas, in places like Russia and some of eastern Europe, especially during severe recession. All of this seems to make North Korea sound like a sideshow, and perhaps become less likely to be the sole culprit last week.

Update: July 12, 2009

The Washington Times, on p A5 of the Sunday paper, carried a CBN story by Hyung-jin Kim, "North Korea army linked to cyber-attacks", in slightly different text online here. The report points to five specific IP addresses used to distribute the attacks. The atory identifies Kim as an AP writer, but curiously this story did not appear on the AP site, even though other similar stories by him do.

Picture: from Digital Media Conference, Tysons Corner VA, June 25, 2009