Tuesday, December 28, 2010

Man in Michigan prosecuted for reading wife's email without permission; prosecutor calls it "hacking"

Leon Walker, of Rochester Hills, MI, is being prosecuted for reading his wife’s emails without permission, after he looked up her password in a book on the desk and read her email before divorce litigation (apparently after she had filed for divorce, though).

The Oakland County, MI prosecutor calls this “hacking” and is prosecuting Walker under Michigan’s anti-hacking law.

This gets interesting. If you read another adult family member’s email without permission, is that “hacking”? What if you do it at work. Maybe you should be fired, but should you be prosecuted?

Walker could face five years in prison. He is an IT professional and says he bought and set up the home computer.

I think some people in bad marriages would quote "The Social Network" and say "Let the hacking begin."

Fox Channel 2 in Detroit has the story.

Thursday, December 23, 2010

McAfee Security Scan Plus now offers Site Advisor

Last night, on my Vista laptop which uses Webroot Spysweeper as the main security software, McAfee Security Scan Plus (a free addon) invited me to download and install McAfee Site Advisor. I did so, and now on Internet Explorer and Mozilla the ratings banner shows, as well as on search results from Bing and Google.

Then, when I went to Internet Explorer, Site Advisor encourage me to switch from Bing to Yahoo Secure Search as the default search engine. When I marked OK, IE hung and crashed. When I restarted IE, Bing remained the default search engine, so I left well enough alone.

Except that I now notice a "secure search" box on the upper right, on the IE Toolbar, that goes to Yahoo!

On Mozilla, I see MYWOT (Web of Trust) on the URL line, and McAfee Site Advisor on the lower right. I’ll watch for differing ratings. The "Secure Search" icon (like Sherlock) is also on the lower right.

Also, now I get the "not secured items" display warning box from IE a lot more often (unnecessarily).

Update: Dec. 25

McAfee is now telling me that the encrypted Google page on Firefox has unencrypted content. Don't know if this is an artefact.  And on Mozilla MyWOT is objecting to some advertisers on accuweather.com, even though they are marketers I have seen repeatedly for years. 

Wednesday, December 15, 2010

McAfee Security Scan Plus warns on parked domains mimicking more popular sites

Today, the free McAfee Security Scan Plus add-on to my Vista XPS laptop warned me of “one issue” when it ran its quickspan, a yellow warning on finding a cache of “twiiter.com”, a misspelling of twitter for links. The wording of the warning was dire, so I tried the site on another machine, an older XP laptop with McAfee Site Advisor. It told me that it’s a yellow site, with suspicious behavior. The one suspicious behavior reported was phishing scams; it was linked to green sites otherwise.

Many popular sites have domain name clones on the web, which nearly always consist of parked-domain-style links. McAfee and WOT will flag some, but not all, of these as fake domains. Webroot does not care about them unless it finds specific malware on the sites (but Webroot does have its own internal “reputational screening” within its active shield).

Commercial website owners would be able to litigate against the “fake names” for trademark dilution, especially after the 2006 trademark dilution law strengthening to allow prospective suits.

Monday, December 13, 2010

Gawker commenting account passwords compromised

The Associated Press is reporting today that Gawker has admitted that its user database has been compromised. Users should change “commenting ccount” passwords, and also passwords on other sites that match those used on Gawker. The link is here.

Gawker’s own version of the recommendation is here.
Gawker owns some other sites such as Gizmodo which could be affected.

The incident is different from the recent attacks on MasterCard and Visa, which were denial-of-service attacks. The Gawker attack actually was against user accounts.

Thursday, December 09, 2010

Wikileaks minions may represent an "uncontrollable" security threat to ordinary businesses that make "enemies"

The ease with which Visa, MasterCard, and PayPal were disrupted yesterday after they pulled the plug on Assange and Wikileaks is leading to calls of alarm even if all the sites were back in operation quickly.

The breeches seem to have been distributed denial-of-service attacks, which may be very hard for even sophisticated sites to stop (by measuring the flow of and rebounding packets that try to "attack your machine").

The Washington Post, however, ran an alarming story by Joby Warrick and Rob Pegoraro, “Wikileaks; relisience shows strength of Internet-age lifelines; Supporters go on offensive to keep site afloat amid enemies’ fullisade, link here. We either live in a “transparent world or shut down the Internet” the article ended, said journalism professor Jeff Jarvis, who said that legitimate MasterCard and Visa customers including major newspapers who published the “illegally” leaked all use these major credit card companies.

In the New York Times, John F. Burns and Ravi Somaiya ran a story “Hackers attack those seen as Wikileaks enemies”, link here. Webroot conveyed this story on Twitter.

We understand the latest Wikileaks “victims” are PayPal and Sarah Palin. John Sutter, a tech writer on CNN, discusses this here, as a kind of enlarged pranksterism. It’s possible that small businesses or websites on hosted services that make “enemies” could become DOS targets because presumably they couldn’t afford the overages, unless their ISP’s could detect the DOS quickly, and then there is nuisance issue. That’s why, for the community as a whole, it’s important that home computer users practice good security at home.

Late Thursday, Netherlands police arrested a 16 year old in connection with the DOS attacks on MasterCard and Visa.

Monday, December 06, 2010

Webroot finds Java bytecode virus "Mal/JavaHeL-C" aka "Trojan.ByteVerify"

Today, a sweep of my Vista laptop by Webroot Spysweeper found, in a file toward the end of the sweep (not in the Registry) a new virus “Mal/JavaHeL-C”, for which Sophos Security has a recent entry (webroot url) here.

The virus has two alias names, including “Trojan.ByteVerify”, which Symantec (Norton) has an entry here.

It appears that the virus can change the Internet Explorer home page, or add entries to favorites. It apparently exploits an IE byte code vulnerability. I have not seen any symptoms on my computer. It seems to have no affect on other browsers, including Mozilla.

A techguy forum gives a detailed log of detection, here.

Sunday, December 05, 2010

Big NYTimes story slams enormous problems controlling cyberbullying

Here’s a big front-page story in the New York Times on Sunday, December 5, “As bullies go digital, parents play catch-up”, by Jan Hoffman, link here.

The story gives a horrific account of a teen’s impersonation of someone else on Facebook in order to besmirch his reputation. The parent who tried to get it stopped herself became a target of cyber bullying.

Parents face challenges in not being savvy enough to intercept the threats even if they do monitor their kids online, and schools in many states seem legally challenged to deal with behavior that takes place “off campus.”

The article also depicted kids’ cell phones as “mobile computers” rather than as communications devices for reaching parents when needed.

Many of the incidents in this article are appalling, and some kids have no business on the Web. Many teens are unable to grasp the long term consequences of behavior or have no really understanding of acceptable forms of social competition. As Dr. Phil says “they don’t see around corners.”

Yet, when I was substitute teaching, I heard of few or no instances of cyber bullying myself in northern Virginia schools.

Generally, kids of a certain level of maturity (the kind able to get on “It’s Academic”) understand appropriate Internet use. Even so, there are tragic incidents. The college kid who webcammed Tyler Clementi had been an AP student in high school.

The tone of the long article suggests that adults, for their own communications purposes, have let kids in on a technical infrastructure that they may be incapable of using without unacceptable risk to everyone.

Saturday, December 04, 2010

Watch out for phish offering to "get you back on Facebook"

This morning I got a “getting back onto Facebook” email spammed to me. Since my Facebook was working normally I knew it was spam. Fortunately, AOL had hidden the links so nothing in the email could “execute”. But it appears to be another kind of phishing, an attempt to get personal information or perhaps access to you Facebook account so that it can abuse it.

By the way, I get a phishing attempt regarding Bank of America almost every other day.

Wednesday, December 01, 2010

Facebook scam spams your friends, pretending to show you who viewed your Profile

Here’s another Facebook scam, as described by Amar Toor on Switched. You see a message on your Wall inviting you to use an application that lets you see who viewed your Profile (rather like knowing who bought your book or went to your movie), and it you use the app, it spams all of your “Friends”. I guess that’s a way to lose them. The switched link is here.

Sophos (which works with Webroot) has a version of the story here.