Sunday, June 28, 2009

EFF offers discussion of https protocol and wireless security

Electronic Frontier Foundation has a very instructive article by Peter Eckersley about the significance of the https protocol. The link for the URL is here.

The article praises Google for encrypting gmail, and notes that you can’t normally do Internet searches through https (it just reverts to http).

EFF points out that https and its certificate verification protocols make “dragnet surveillance” by advertisers and governments (hint: Iran) much more difficult. The article also suggests that secure wireless networks (which normally one has to pay subscription to use) are not as “secure” as thought and that there are some attacks on “wired equivalent privacy.”

I wonder how secure an https sign-on is over a public unsecured network, such as with a laptop in a coffee shop or hotel. I see people using these all the time to conduct personal business, but this is the converse problem.

Friday, June 26, 2009

Beware those last minute automatic updates from Microsoft and McAfee; and run RegCure frequently

Well, I really spoke early that Microsoft’s last push might have fixed the nVidia and possibly spyware problems on my old computer. Last night, after it had been off a whole day for a Digital Media conference, I had to try about four times to get it to work. It would go through everything until McAfee started, and then would come up with the gray box “Your computer is not fully protected.” And then, after maybe opening one site on Google Chrome, the mouse would either freeze, or the computer would stop responding. It wouldn’t even respond to ctl-alt-del.

Finally, I got RegCure going before doing anything else. Even it stalled once. But once it ran – it found about 12 HKEY errors and a number of blank entries – and it took longer than usual – the computer started working normally. It seems that with a Registry Repair program, you have to run it frequently, particularly before shutting it down (or before the next big thunderstorm if you’re in an exposed area).

Then, there was the laptop, a 2006 Inspiron with XP Pro. I took it to the Digital Media conference yesterday in northern VA, and I found that at the last minute Microsoft has the habit of pushing huge updates – this one to the .NET environment – and the cancel didn’t work. So I was half an hour late – missed breakfast. Then at the conference the laptop wouldn’t turn on without being plugged in to a hidden wall outlet – even though the battery says it has 80% less charge. I guess it takes more juice to turn it on than to keep it running. Sometimes it would want to apply the update when turning off, sometimes it wouldn’t. Finally, at home, it did apply the .NET install, which took almost half an hour to load. I wish Microsoft wouldn’t push things just as you walk out the door. Same with McAfee, which loves to replace its entire Security Center frequently.

Wednesday, June 24, 2009

Techie mag issues "10 ways to avoid viruses and spyware"

Once again, Tech Republic has a valuable “10 Things” download, this time “10 ways to avoid viruses and spyware”, by Erik Eckel. The leadoff link is here.

One of the interest points in the PDF report is to consider anti-virus, anti-spyware, and anti-malware protection separately. Large security companies like McAfee and Norton offer all in one package, but some companies are better with specialized problems. Geek Squad has told some customers about SpySweeper, which seems to identify potential spyware that McAfee allows to pass.

Another recommendation is safe surfing, and using a service like McAfee SiteAdvisor or Web of Trust to identify potentially risky websites.

The paper also recommends disabling AutoRun and implementing OpenDNS.

Again, these recommendations may matter particularly for small businesses that have outside contractors working on their computers.

Tuesday, June 23, 2009

Reviewing email security, especially for home based businesses

Bill Detwiler, on Tech Republic, offered video blog entry today offering five major tips for making your office email more secure. The link is here. But it is based on an earlier paper by Chad Perrin, “10 essential email security measures”, for which he gives a secondary link.

What struck me about these two pieces was how they apply to a small or particularly home business owner (even blogger), especially if the owner brings other people onto the property to work and gives them email or Internet access.

They’re all pretty sensible. A Pop service managed by a stable, secure ISP is more secure than web based email, email should be encrypted, and HTML and XHTML email should be used with caution (most email programs say enable links first).

While I think I recognize all phishing scams (although there is always a new one), there is no guarantee that a hire will – perhaps safe computer use should be a topic of an interview.

How things have changed since the early or mid 1990s, when community colleges taught how to use Eudora.

Wednesday, June 17, 2009

Does McAfee sometimes deadly embrace other services in older XP machines? Followup on the "slow machine" problem

Well, maybe I spoke too soon about the “success” of Microsoft’s patches last week (for my 2003 XP Home machine). Today, when I cold booted the same machine, it hung again when McAfee told me that “some of your protection is not working” and I clicked on the McAfee icon, and then clicked on Google Chrome to get it up.

So the next time I got Google Chrome completely up (it had to clear an incomplete shut down, it told me), and only then tried to fix the McAfee problem, which this time “fixed itself.” But then I noticed that it had tried to load a DAT virus file update at the same time the first time I had booted up.

Finally, I brought up Firefox, and this time it loaded more quickly than usual.

It is true that the bootup is faster than it was before the patch.

An article by Bill Detwiler in Tech Republic suggests that old or obsolete drivers could slow down or corrupt a machine. The story is “Find and delete hidden Windows Vista and XP drivers”, here.

If any visitor is experiencing odd behavior from McAfee (verify subscription, lockouts, saying that System Guards is disabled, etc) I'd love to get comments.

Friday, June 12, 2009

Microsoft June 2009 security patch seems to speed up some computers

Trend Labs has a Malware blog, and has a list of Microsoft and Adobe patches, for June 2009 at this link.

I got the updates yesterday (June 11) for Microsoft and I found that the time to restart did improve considerably, halving the time. The boot up time was faster both on cold and warm boots, so I wonder if there were fixes to the nVidia interface or to some problem that causes registry errors. The computer seemed to run faster, too. This is an XP Home Dell 8300 from back in 2003 (old, I know), with automatic updates including SP3.

Friday, June 05, 2009

Microsoft introduces unwelcome vulnerability into Firefox; how to back it out?

Chad Perrin has a story on Tech Republic about a Microsoft .NET Framework 3.5 Service Pack 1 update that surreptitiously installs into Firefox the same vulnerability that has driven users away from Internet Explorer. That is, the ability to let websites install untrusted, unsafe code on your computer. It’s not clear that anti-spyware software (Spysweeper) would remove it, and apparently Microsoft has made the facility difficult to uninstall.

The blog story is here.

The website “Annoyances” gives some rather interesting but convoluted instructions for removing it.

The product is called ClickOnce.

Brad Abrams at Microsoft has an arcane discussion of “user level” and “machine level” features and gives some more instructions for uninstalling the feature here.

Visual Studio .NET is the high end development package that was so touted as the savior of the IT job market back in 2002. I don't know that it's turned out that way.

Tuesday, June 02, 2009

More comments on CERT's security guide for browsers; more comments on spy cookies

As noted here last August, CERT (Computer Emergency Response Team Coordination Center at Carnegie Mellon) offers a paper by Will Dormann and Jason Rafail, “Securing Your Web Browser,” that is an excellent overview of the “real dangers” in ordinary web surfing at home. (Yup, the title of this posting reminds me of a "More Streets and Roads" reading textbook in Third Grade, back around 1952.)

The paper is constructively critical of some features of popular browsers. Microsoft Internet Explorer depends on ActiveX technology to run many applications, but Microsoft has experienced vulnerabilities that have required numerous patches.

When people take beginning java courses, they usually learn that java code is executed by a Java Virtual Machine and that the code lives inside an “applet” provided by a website. Although applets are supposed to run in a “sandbox” (no reference to Joshua Cooper Ramo’s “sandpiles” here), some applets and websites bypass these restrictions, as with “unsafe code”.

Plug-ins can contain unsafe code also, allowing for buffer overflow.

The paper discusses cookies, which identify a visitor to a website. Cookies that remain on user’s computers could allow hackers to gain unauthorized access to the originating sites.

The link for the paper was given in the August 11, 2008 entry (q.v., label below).

Benjamin Edelman has an interesting essay “Cookies Detected by Anti-Spyware Programs: The Current Status,” link here.

He offers a chart on how various vendors (including McAfee, Norton, and Spysweeper) react do different kinds of cookies, and comes to the conclusion that cookie deletion by commercial anti-spyware packages doesn’t always serve the consumer’s interest. Cookies, improperly deployed, could become more dangerous to the web server than the user. Cookies would seem to allow vendors to obtain significant information about visitors (consider, for example, Nielsen Ratings, which will pay selected visitors to be tracked just as with television). There is a small but definite danger that hackers could then get information about the visitors through the site. But the “danger” of spy cookies may be overrated.

Nevertheless, in my own experience, I found that using Spysweeper (as well as Regure and in addition to McAfee) caused my older machine’s performance to improve-- significantly. I wonder what that means.