Saturday, November 21, 2009

Security packages can interfere with one another; the best package keeps changing: Bank of America offers free McAfee, what if you use Webroot already


Well, Bank of America offers its deposit customers six months of McAfee. I tried starting it, and found that I needed to use a different email address. After that, I found that it would not proceed with the download and install without removing Webroot (Spysweeper) anti-virus which was installed when I bought this laptop from BestBuy.

I found a page that reviews all the major security company products, including Norton, McAfee, ZoneAlarm, and Webroot, here. This review said that Webroot does not detect new viruses quickly enough sometimes, and was critical of the ask.com toolbar.

Apparently, as I noted before, wireless users need additional Firewall protection to what Windows offers, to check installed products for what they send out. Webroot appear to offer this as “Identity Theft Protection” as part of its Internet Security Essentials. But if you go to your Webroot home and try to look for updates, it tells you (using Google Chrome) to call an 888 number at Best Buy.

Geek Squad says that the best security protection changes all the time, as the relative strengths and weaknesses of the companies’ products can shift around quickly. You have to keep up with it.

Tuesday, November 17, 2009

More on how to check websites for history of delivering malware


The world’s largest search engine (Bing still isn’t that close as far as I know) offers a “safebroswing” diagnostic check, which will tell you if the site is suspicious, if it has served as an intermediary for infection. The “tutor” link from Google is here, and the following is an example from one of my own sites. (link). The result may tell the visitor that the site has not been checked in 90 days, although cached links from the site can be found much more recently than that.

The visitor can enter the name of Blogger (or Wordpress or other) blogs, and sometimes get more information about the blog.

This can be a major tool for checking sites about which a user has discomfort. Other tools that we have discussed here include McAfee Site Advisor and Web of Trust. Those tools, when implemented, list a site's "rating" (as with a color code in the case of McAfee, with green being the safest) beside search engine results.

Picture: unrelated: A Norwegian ship in Baltimore harbor; the CVS processing truncated the last image, but it’s what I have!

Thursday, November 12, 2009

Social networking "friends" can launch "I need money" scams


Wednesday, NBC-Washington’s Liz Crenshaw warned social networking users of new scams where hackers impersonate account holders and ask “friends” for money.

View more news videos at: http://www.nbcwashington.com/video.



The danger seems greatest with Facebook or Myspace users who allow many people to sign up as “friends” and then who announce plans, especially travel (or medical hospitalization) plans, that could invite hackers to attempt scams when they think that the account holders will not be able to check.

About.com has an article by Landa Roeder on the “I need money” link here

Also, check out this MSNBC story "Facebook message frees NYC robbery suspect: Accused updated status on his Facebook page one minute before robbery", where the IP address from which a Facebook posting was made was used to provide an alibi (link here). This may be a legal first.

Wednesday, November 11, 2009

AP says it is conducting study on hackers placing child porn or other illegal content on zombie computers, leading to false prosecutions


AP technology writer Jordan Robertson has a very disturbing AP story, dated Nov. 9, 2009, about claims that some people have been “framed” for possession of child pornography that may have been planted by a computer virus. The link for the story (apparently originating from a Florida paper called TCPalm) is here. It's interesting that yesterday my Windows Vista Dell XPS PC broadcast this MSNBC headline on my desktop as I booted up, as part of the Dell "news gadget" available from Vista (underneath the Vista "Clock"); curiously I could not find the story on MSNBC but I did track down the AP original.

The circumstances discussed in the story vary widely. In several cases people have been accused after others found the illegal material on their workplace computers. In Massachusetts, a man spent $250000 defending himself before prosecutors finally agreed that the images came from an infection planted by someone else. However, in many workplaces employers warn associates that they are absolutely responsible for the security of their own workstations, even when they are not at work (which usually means changing passwords frequently and not leaving the work station signed on.)

In a case reporter here (in Feb. 2007), a teenager was arrested at home in Arizona in December 2006 when police claimed he had downloaded illegal material from Yahoo!. Subsequent Internet stories on the truth of the matter are very mixed, to say the least.

The article claims that the Associated Press is conducting an “investigation” and knows of other cases where people have been bankrupted proving their innocence. Prosecutors tend to turn a deaf ear on the idea that this can happen, until the evidence that it really can becomes overwhelming enough. At any time, about 20 million of one billion computers connected to the Internet (about 2%) have infections that could give hackers control of their computers. And some individuals might hack so that they could watch c.p. on a “zombie” computer, unbeknownst to the unsuspecting computer owner.

A story at ABC affiliate KOAT-TV in Albuquerque NM refers to this story here and quotes an FBI sources as claiming that nearly always the original criminal (hacker) can be detected with proper forensics; The FBI believes that such wrongful prosecutions, while possible, are rare. Will WJLA in DC pick up on the story?

It would sound as if there could be a separate issue for a workplace vs. a home computer. As I noted, an employer might hold an associate responsible for the security of the workplace computer. At home, there used to be an idea of “strict liability”; the home user was presumed responsible for any community risk from his asymmetric computer use (that would presume that a parent was responsible for his or her minor children’s behavior on the computers, as well as any guests; the Phoenix parent, in the case mentioned above, was quoted as saying “computers just aren’t safe”.) But in recent years, practically all journalistic sources maintain that infection placed by a hacker is an affirmative defense – but there might be a “guilty until proven innocent” problem, causing enormous expense to the defendant.

When a computer user connects to the Internet, who should be legally responsible for knowing that the computer is properly protected from security threats which can spread to the community? The individual user? The anti-virus software company? The provider of the operating system (Microsoft, Apple, or Linux)? If a computer stops working and the owner takes it to a repair shop and the shop finds both an infection and undetected c.p., what are the legal consequences? When should there be “downstream liability”? There is no such thing as perfect protection, and this sounds like the kind of debate we have in public health areas. Should we have an “Internet driver’s license?”

In a few cases, police have barged in at home when the person was online, as when detected by the National Center for Missing and Exploited Children [link; this could presumably happen with someone who did not know his computer is infected.

Picture: US Courthouse in Philadelphia, site of the 2006 COPA trial.

Update: June 13, 2012

CNET has a story "A child-porn planting virus: Threat or bad defense?" by Larry Magid, Nov. 10, 2009, link here. The practical risk is low, the article says; one way if could happen is when visiting an adult porn site and getting illegal content cached.  The legal standard, in 2009, seemed to be that prosecutors have to prove that the person intentionally downloaded, received, or distributed the illegal material, and that should not be as difficult as it sounds.  CBS had an AP story in Nov. 2009 that also included a story of a man convicted in Wyoming; c.p. was found in a file-sharing folder intended to be used for adult porn.   This could become an issue for cloud computing, the article says.

The legal case of Ned Solon, from Wyoming, is important; the Supreme Court recently turned down an   appeal, story here (story by Tom Morton in Wyoming Tribune). There is a more disturbing account on a site called "Framed for child porn", here. It appears that use of P2P (like LimeWire) might increase the risk on an incident like this. The site criticizes a mentality of absolute liability, "If it's on your computer, then you must be guilty", but that seems not to hold now in general.  (If you can't find it yourself, do you "possess" it in the eyes of the law?  It sounds like "possession" of a football outside the end zone.) 

Tuesday, November 10, 2009

AARP warns subscribers about fake anti-virus software


The AARP Bulletin, for Novemb er 2009, on p. 26, contains an article by Sid Kirchheimer warning seniors about fake anti-virus software. The article is called a “scam alert”. It warns about popups or emails that attempt to get the computer owner to download “antivirus software” and also warns about telephone telemarketing calls selling computer anti-virus products, a practice that I have never encountered.

I could not find a specific link online to this story, but I did find a link at AARP for a book by him, “Scam-Proof your Life,” here.

Two years ago, there was a time period where fake anti-virus software was often offered in spam comments to blogs and discussion boards.

Saturday, November 07, 2009

Is high-tech a home fire hazard?; Learn to use malicious software removal tool


Here’s a good story by J Raphael from PC World "Technology Fails: 8 Extreme Electronic Disasters"), about the “dangers” of “depending on” modern technology, appearing on Dell MSN Saturday morning, reprinted from PC World.

The "exploding laptops" story (“combustible computers”) is familiar from 2006, mostly due to defective batteries. So are the iPhones. They make home electonic hobbying, even for music composing, for example, look dangerous to others.

The most alarming part of the story concerns viruses being found in sealed hard drivers, iPods, USB flash drives, and Eee Box computers.

If this weren’t enough, here’s a story by Robert Vamosi from PC World, “Is Your PC Bot-Infested? Here's How to Tell: Botnets are big, bad, and widespread -- but if your system is infected, you can take several simple steps to clean it and stay safe.”,link here. The article warns that even good and well-known anti-virus programs don’t catch everything, and it recommends learning to use Microsoft’s Malicious Software Removal tool, which gets updated frequently by Microsoft automatic updates.

Wednesday, November 04, 2009

Old Word 2002 glitch can make a document's links appear to be corrupted


Occasionally, I have run into a situation where an HTML document with many hyperlinks and derived from a Microsoft Word document and then converted to HTML develops corruption in the links.

A symptom is that after adding a new link, suddenly the file (when the cursor is run over the link or the link is visited) shows links either above or below the link that is intended. And sometimes whole passages of text seemed to be included in a link.

Microsoft Word 2000 was the first to offer automatic conversion to HTML. But it seems that Word 2002 had a bug in the way it generated XSL meta-code, which could cause this to happen.

In the past, I corrected it by editing the document in Notepad and deleting manually the excess XSL code that generated spurious “a” links. This could be a tedious process. But today I encountered it again with a document that had been converted in Word 2002, then edited in Front Page. Because of changes, I was editing it in Word 2007 and ran into the problem again. This time I restored the old copy of the file and created a new file to give new movie review links (on my doaskdotell.com website, the cable movies file).

A visitor to a file with corrupted links might believe that it is infected by a virus. But in this case it is not; the corruption is due to a past software bug, not malware. It sounds conceivable that website advisor services like McAfee Site Advisor or Web of Trust might flag the sites with warnings, but so far I haven’t run into this.

Microsoft stopped supporting Word 2002 sometime around 2004 or so.

Note: In 1997, as I was completing my book in Word 95, I had one large file with many footnotes go bad with some of it changing to jibberish. I restored it from a floppy and never had the problem again. Another large file turned to jibberish when printing at Kinko's, but printed OK at home. One wonders.

Tuesday, November 03, 2009

Malware could corrupt your Internet connectivity; could external router corruption do the same?


Today, on all three browsers (IE, Firefox, Google Chrome), I had intermittent connectivity problems on Comcast for about 20 minutes with Vista giving a diagnosis of a bad TP/ICP setting. CNN and Yahoo would display incomplete pages, Blogger could not complete requests, and so on. Suddenly, everything started working properly again.

I found a page about this kind of problem with XP on “Who Is Madur” here (from April 2009) I don’t think any malware had corrupted the connection, as it repaired itself; but it makes me wonder if hackers could get to the corporate routers outside of my home and business and steal information. I had never seen this kind of error before at home, on either XP or Vista, that I can recall.

I found a posting on Yahoo! about a virus W32.virut that could cause these problems here.

Microsoft’s page for this sort of problem seems to be this.

Anyone who has seen this, or experienced problems like this on the East Coast Tuesday morning with Comcast (not with wireless), feel free to comment.

Monday, November 02, 2009

Is Windows Firewall by itself on a modern machine providing sufficient protection from hackers?


An article in Switched on Wireless Security, one that I linked here on Oct. 29, says that you need a second package if you use Wireless, at least without secure connections (https) or if you use free coffeeshop services. Is it really OK to rely on Windows Firewall?

I found another article back in 2005 that explains how Windows Firewall works with McAfee, Norton, and particularly ZoneAlarm, that the user can check out here. The PC Today article is titled “Does Windows Firewall Measure Up?: We Review The Competition So You Can Decide For Yourself”.

Can you use different anti-virus packages together? On another machine, that has gone slow, I found that Spysweeper Anti-spyware and McAfee scans were locking either other out, but only because the machine has other problems (it is a 2003 Dell) which I am about to take to Best Buy/Geek Squad soon for diagnostics and repair. I suspect that they should run together OK, as they had before the machine turned too slow.

On Vista, the Windows Security Center explains the Windows Firewall, and discusses “network location” concepts: Private Network, Home Office, and Public. Some of the Microsoft documentation suggests that Home or Private network locations need additional firewall protection when connected to wireless (encryption), because the Windows settings already allow network discovery, which could apparently allow a drive-by hacker to pick up outgoing communications. I am not sure that this is the proper understanding of how it works in 2009. The only network location available on this laptop as purchased from Best Buy seems to be “private network”.

In practice, a home computer that is stand-alone that does business only through https and uses Windows Firewall and at least one major anti-virus (and that does not intentionally indulge in known risky behavior) is probably properly protected. (Note that Gmail uses https).