Sunday, July 24, 2011

A note on interpreting MyWOT ratings.

I’ve noticed something about MyWOT  (My Web of Trust) ratings.  Generally, I find I get green (good or excellent) on trustworthiness everywhere, but sometimes yellows on vendor reliability and privacy items on blogs that have ads and particularly those with many third party gadgets around the margins for decoration. MyWOT will provide the description "unsatisfactory" on the "yellow" subcategory even if it shows "good" for the site as a whole. 

Also, if any subcategory is “yellow” or less, the MyWOT report will display a warning from Panda Security that the site could have content of questionable safety and recommend purchase of the security package for browsing. I use Webroot and McAfee and sometimes do get warnings (especially from Webroot) of sites known to be unsafe.  I have MyWOT installed with Firefox. (I'm no longer able to find "Webutation"). 

I don’t sell anything directly on any of my sites or take any information from users.   (I do link to e-commerce, including Amazon and iUniverse for my own products.) Gadgets, however, and of course ads, might themselves encourage visitors to make purchases or supply personal information. Visitors who rate sites, as well as automated rating programs, may react negatively to the presence of some of these items in deciding ratings. 

Some visitors may wonder about the safety of embedded videos, especially those not from well-known services like YouTube and Vimeo, but perhaps those from movie sites.  Some embeds may have adult content when the blog invoking them does not.

My flat sites have “good” on trustworthiness but no ratings at all on reliability, privacy, or child safety. Recently, MyWOT seems to have recalibrated some ratings. And many sites that I visit do not have ratings at all.

Some of my blogs do have “good” on these intermediate subcategories, but some (not all) say they inherit ratings from

This link discusses WOT’s components (look for that string of words). 

By the way, Facebook gets a “low” excellent on all subcategories (meaning it isn’t perfect).   Twitter’s scores are a little higher (but I actually think Facebook is safer personally).  Myspace gets green everywhere, but “barely”.

Thursday, July 21, 2011

Tales of the MacBook and Norton et al; small businesses now at more risk from hackers, with "investigations" at their own expense

I finally got around to putting Norton on my MacBook today, as I prepare to use it more. Pretty simple, but the restart takes a long time for a Mac.  I opted out of the LiveUpdate until I have it on a better connection.  The whole product seemed minimalist.  I still do 95% of my stuff in Windows (on a Toshiba notebook when I travel), but my habits will change.

I noticed something else with iMovie: it won’t find movies to import from a camera unless you connect through USB before starting iMovie.  Instead, it will invite you to film yourself with the webcam.  And if you disconnect, Apple tells you to go into File with Finder and Eject, but sometimes the Eject is grayed out.

Today, the Wall Street Journal had a disturbing story in print, “Hackers Shift Attacks to Small Firms”, with online video here; the story is by Goeffrey A. Fowler and Ben Worthen.  It related a small business, City Newstand, which was forced to spend $22000 for MasterCard for an investigation when hackers stole consumer information and sent it to Russia.  I have never taken credit cards or solicited personal information on my sites; I leave that to Amazon and other e-commerce vendors.

Wednesday, July 20, 2011

Webroot quarantines bizarre-named virus "Af770ecl"

Today, Webroot ran its scheduled can, and took a long time to display only four of the six items it said it had found.  I looked at the quarantine, and at one point recently it had found “Af770ecl” and labeled it as a virus. Spysweeper did not have a record for this virus in its database (so I presume Sophos doesn’t, either).

But I found this report in the middle of the page for    where “dharmadave” writes “Also, every time I boot up, Webroot says that "a serious threat has been Quarantined." There are two it keeps identifying as five-bar threats: af770ecl and Troj/Fake AV-ECB.  The link is at a UK site called “Free Help”, link here
I haven’t noticed the symptoms he mentions.  I have Windows 7 Professional rather than Vista.

Does anyone know anything about this "virus"?

Tuesday, July 19, 2011

Android security has become a big topic

Today some media outlets discussed an Android smartphone security suite from a company called  Lookout, CEO John Herning  (link).

Malware authors have been providing infected applications mimicking those provided by banks and other legitimate companies, resulting in serious threat to loss of personal information and financial passwords for people who bank with smartphones.

AndroidGuys has a story explaining how typical android Trojans, like “GGTracjer”, work, link here

Friday, July 15, 2011

The latest phish: a full AOL mailbox warning

Here’s the latest silliness in the world of phishing. Some sends me an email saying that my AOL mail box is full, with a link.

Of course, if it were full it wouldn’t have shown up. It’s true, AOL stopped deleting recent messages a couple years ago, and I have about 4000 messages.  And AOL is a bit slow, and AOL repeatedly fails to catch spam about its own billing system.

But the “full mailbox” is a new one.


Wednesday, July 13, 2011

Tech Republic has video on home, small business wireless security; consider recent industry initiatives to give owners more downstream responsibilities

Bill Detwiler (same last name as a promising Washington Nationals’ pitcher) gives an informative presentation on home and small business wireless security in this Tech Republic story, link; it'a 5-minute video.

His presentation is based on an earlier piece by Brian Posey of “10 best practices”; the closest original I could find was a Wordpress "Technology to Business" blog entry here

Detwiler  warns small businesses and homeowners against using old or recycled routers, of not resetting admin names and passwords of reused routers, of possible dictionary attacks, and against relying on Mac address filters. He also warns against leaving routers “abandoned” and still on (unused for many days or weeks, as on vacation).

I reported Friday July 8 on my main “BillBoushka” blog about a recent industry initiative that could hole home and small business wireless router owners responsible for copyright infringements done by “wardrivers”, a danger that could also exist with downloading child pornography with someone else’s router (this has happened, at least in Florida and in New York State).  The law may be evolving on potential downstream liability for router owners for inadvertently contributing to a crime or tort. 

Tuesday, July 05, 2011

"Smishing" attacks now mimic Facebook "notifications" from administrators, not just "Friends"

Here’s a new one.  Phishers sent you Facebook a “Facebook notification”.  If you cursor over the link, it is to something else (offshore).  If you copy the web address, it’s not on Facebook. This one is pretty “good”, copying the Facebook trademark and automated email scheme exactly.

This seems to be a variation of “smishing”, where fake emails are sent to “Friends” lists of hacked accounts.  Instead of coming from a “Friend”, it appears to come from a Facebook administrator – until you notice that the actual URL is offshore.   Maybe China really does “want” Facebook after all. 

Friday, July 01, 2011

IMDB official site link leads me to a rogue survey; a DNS spoof?

Today, while I was looking at the Imdb entry for the horror film “Psychosis”, I clicked on the “official site” link and was taken to “” which attempted to lure me into a survey. On Mozilla, I found no entry in MyWOT.  I wonder if this is an instance of some kind of “DNS spoofing” that was considered a security threat in 2008, precipitating a security forum at Microsoft that summer, and written about in my “identity theft” blog in August of 2008.

I did not click on the survey or do anything. Remember, last winter (see Feb. 27 here) there was a fake survey that was launched by misspellings of “Facebook”, resulting in unwanted cell phone spam (which fortunately can be stopped before it causes charges to mount).  A hard reboot and Webroot virus scan found nothing except a couple of unusual spy cookies, which were quarantined.