Saturday, December 26, 2009

Geek Squad: Now Kaspersky is the industry anit-virus leader; also, is 6 years better than average for hard drive life?

Well, my 2003 Dell 8300 got slower and slower, and today would not boot, giving a “corrupt system config file” message.

A year ago Best Buy was recommending Webroot Spysweeper as the best anti-virus; now it’s Kaspersky, with major link here. They also tell me that the “best” also changes quickly, from year to year; you have to keep up with it. I don’t know why they’re so down on McAfee and think that Norton is merely adequate. Professional review sites (Nov. 21) still like these industry leaders.

Kaspersky will also provide its own firewall, which would mainly be significant for wireless situations, as discussed before.

The Geek Squad help also told me that it is common for customer’s computers to be infected, even though customers swear that their machines passed a virus sweep. However, my set of symptoms is thought to be a sign of a failing hard drive. After all, it is six years old. Four years of life with heavy use is considered the norm.

But it seems that home and small business users ought to keep up with the scuttlebutt on the best packages.

Monday, December 14, 2009

Social networking sites are targets for "pseudo-viruses": hacks that take over accounts to send spam

Brad Stone has an important front page story in The New York Times today, Dec. 14, “Viruses that Leave Victims Red in the Facebook”, link here. The HTML title online for the story is “For viral crooks, social networks are a prime target”. The problem seems to be that an account holder with an easily guessable password clicks on a link sent by a “friend”. People tend to trust messages sent by “friends”. Then hackers play with their accounts and crack their passwords. Then their accounts are “seized” and used to send spam-like messages to others. People could find their accounts closed for TOS violations for activity of hackers.

This activity, since it takes place within the social networking site, is not really a virus or worm, so it would not be caught by anti-virus protection the way an infected email attachment would.

Likewise, social networking site users would need to be conscious of security problems, especially wireless security, already discussed here, when managing their passwords on social networking sites.

Sunday, December 13, 2009

NY Times reports on Russian/US security talks; implications for home users

The New York Times is reporting, on Sunday Dec. 13, improved communication between the US and Russia in talking about cybersecurity. The paper copy front page title is “In reversal, U.S. talks to Russia on Web Security; Rise of Cyberweapons; Goal is to strengthen network defenses against attacks”, link here. It's true that a lot of the substance of the talk comes from the hacker attacks on US government facilities last summer, with shocking effectiveness. Will bad guys focus on large, obvious targets (like governments and banks) or possibly try to undermine confidence at the grass roots level (which worms already do as they make machines into zombies)?

Nevertheless, the importance of the story to the typical home or small business user is in its elaboration of the three main threats: (1) logic bombs (2) botnet attacks, recruiting home machines as zombies, and (3) microwave EMP weapons.

“Logic bombs” were a security issue well known in the “mainframe era”, particularly in financial systems, and are prevented by properly using source and elevation management software (to ensure that load modules and source code match). The same concept should be used with any systems on a small business where programs are compiled or linked into executables (we could get into the security questions around java byte code if we took the time).

The Botnet issue, sometimes associated with DOS attacks, raise the question of how much legal responsibility we should expect of the home and small business user to properly protect his computers from viruses and worms. The proper use of firewalls in a wireless environment has now complicated the issue and the answers (how to use different companies in combination with what Microsoft provides) are a bit murky; I hope Windows 7 is going to help settle this.

The EMP issue is known in conservative talk circuits as a doomsday terror scenario, but the microwave would be a smaller scale version of this (explored in the movie “Oceans 11”). There is little that the home user could do besides make offsite backups and optical device (CD) rather than magnetic backups. It’s possible that innovation will lead to commercial development (by security companies) and home use Faraday cages to protect personal installations. The article may have been motivated by a generally obscure Washington Times story last spring about an Aberdeen Proving Grounds engineer who back in 2001 showed how a truck-mounted microwave could be designed to be driven through an areas and disable it. Our own government constantly plays with deadly scenarios.

Tuesday, December 01, 2009

New York Daily News has Internet safety tips for families -- a bit simplistic?

The New York Daily News, on a page (Tuesday Dec. 1, 2009, page 5) dealing primarily with booting s.o.’s off of Myspace and Facebook, has a brief summary “tips to safer surfin’ on the unfriendly Web”, by Heidi Evans.

Rather than a resource that can help kids get a leg up with their academics, the computer is seen as more likely a source of danger for families. What’s interesting is the viewpoint on the desire of many kids – and adults, as we know from news stories – go get into the limelight. The article tends to view Internet fame as a no-no – for kids and parents both – until one can “compete” in already socially approved ways. That’s interesting, because it seems to me that a 15 year old who has figured out how to reverse engineer an iPhone is entitled to some “fame”.

The Daily News doesn’t seem to have the story online yet.