Thursday, October 27, 2011

Cyclist implicated in hacking scandal, attack on drug-testing company in Europe

Well, apparently cyclist Floyd Landis didn’t stop at shaving his arms and legs for competitive edge, or even at using performance enhancement steroids. He’s accused by French authorities of employing a hacker from Kargus Consultants to plant a Trojan to lift documents from the anti-doping lab.  A story connects Kargus to breaking into Greenpeace and French utility EDF.  The story by Greg Masters is on SC Magazine and was tweeted yesterday by Webroot, link here

Sophos (the anti-virus company for Webroot) has a story here

CIO has a more detailed story by John Dunn explaining how an email transmitted the Trojan, link here

Tuesday, October 18, 2011

Webroot warns on sites no one else objects to; Norton warns on the MacBook on an Apple subsite!

Recently I have noticed that Webroot Security (Spysweeper) also places site warnings on MSN and Google search results in Firefox and IE9 (not Google Chrome).  I have also noticed that once in a while Webroot provides a yellow level warning (that the site exhibits behaviors similar to other sites known to have spyware, malware or viruses) on some sites allowed by McAfee and MyWOT. For whatever reason, Webroot seems to be stricter than some other services.  It could be related to advertising accepted on the site. 

For now, I won’t give a link to a site warned by Webroot; if a reader finds this in one of my postings, he or she can search quickly in Firefox to get the warning and decide for the self.

When in Bing, Webroot will sometimes give me two icons, a green OK one, and a yellow warning in the same, in IE (but in Mozilla I just get the warning icon).

Kaspersky does not warn on these sites.

On the Apple MacBook, Norton had no objection to these sites under Safari browser.  But Norton warns on Apple’s own “Time11” app on the Steve Jobs page.

At more than one Best Buy store, Geek Squad employees have told me that both Webroot and Kaspersky catch many more threats than McAfee and Norton. 

Site rating services could gradually become a problem for "amateur" bloggers and other webmasters, because one's site can get downgraded by linking to other sites that someone has downgraded.

Update: It's not over for today. Now, Chrome and IE are warning on some security certificates from Twitter links, even without https.  Chrome talks about a domain name mismatch (like the 2008 "big problem" that caused a conference at Microsoft).  Maybe everybody is getting stricter. In one case, the Tweeter does everything on MacIntosh (I know the person) and may not even be getting the error.

Second update:  Webroot scan found (and quarantined) an unusually large number of spy cookies, but no viruses.  I have not heard of a lot of the cookies. It may well be that Webroot has tightened its standards for what it considers acceptable cookie behavior.  Probably the spam email in my in-basket will go down. 

Saturday, October 15, 2011

Cyberbullying said to be the main reason school bullying is worse than ever in some communities

Today, AOL and Everyday Health offered a 5-point essay by Allison Takeda, “The Hidden Dangers of Bullying: 5 Reasons Why Bullying Is Worse than Ever”.  In a word, Cyberbullying, because so far it has been so easy to do it anonymously, and 24x7.  I suppose kids could just stay off the computer at home, except for homework, to get away from it.

Again, there are real questions as to what age kids should be able to have social networking accounts, and good questions, that go both ways, about anonymity.  And there are good questions about the authority of schools to police activity that happens off campus, and off hours.

The link is here

Wednesday, October 12, 2011

Webroot security rejects some shortened url's for twitter supplied by well-known sites; they work in tinyurl

A story by televisions station WJLA in Washington on a major incident on the DC Metro Tuesday (here) involving the safety of patrons, came with a short url for tweets that Webroot flagged with orange as associated with spam and identity theft.  When I used tinyurl to generate a shortened URL, Webroot accepted it.  I don’t know why Webroot security package rejected a shortened URL that the WJLA site had itself generated for use in tweets.

As for the story itself – it’s not really an Internet matter – but the DC Metro should consider putting in plexiglass panels to protect the tracks, as is done on some lines in London and Paris.  And why do Metro computers shut down the escalators when the station is crowded, trapping everyone? 

I have to add one other comment. I wasn't there, fortunately. But it could have been me getting trapped in Rosslyn.  I could have wound up with the heart attack or stroke because of someone else's "attempt" to take his own life. The loss would be irreversible. 

Monday, October 10, 2011

USAF drones infected by a computer virus; related to protests? to Assange?

This little story is irresistible.  RedOrbit reports that US Air Force drones, similar to those used by the CIA for hits against terrorists overseas, have been infected by a computer virus.  So far, effectiveness of operations has not been affected, and classified information has not leaked. This sounds like a “proof of concept”. The link is here

The original story was by Noah Shachtman on Wired, here.  Curiously, this story hung in Windows 7 IE 9 with a “long running script”, for me at least (disable scripts before viewing).

Could this drone infiltration be related to Julian Assange’s group, to “Anonymous”, etc?

Or could it relate to the “presence” of CIA drone models at many “Occupy” demonstrations recently, or attempts by activists to break in to the Air and Space Museum Saturday where a drone model was on exhibit?

Webroot ran the tweet on the story today.

Thursday, October 06, 2011

Details Magazine has a guide to "hackproofing your digital life"; also a guide to cloud storage

The October 2011 issue of Details has black page (58), “A User’s Guide to Protecting Your Privacy”, with the online blog report here

There are devices for the cell phone (Lookout Mobile Security), home (Dropcam camera), Laptop (Prey), Car (Viper SmartStart GPS), web browsing (Cocoon), and passwords (Last Pass).  I’m not sure I’d want all my Internet browsing rerouted to someone else’s server, or all my password signons dependent on an outside service either.

The printed version also compares four off-site cloud storages (Apple, Amazon, Google, Windows Live). It doesn’t compare off-site backups (Carbonite, Mozy, Webroot).  Do you need both?  Do you want to depend on your broadband to be up all the time to access your own data?

Monday, October 03, 2011

Firefox security upgrades knock off website rating plug-ins

Once again, Firefox interrupts me to upload a security update. Then it tells me that it has to drop the plug-ins MyWOY (My Web of Trust) and Webutation.  MyWOT came back on its own, but not Webutation.

I’ve noticed that if you accept ads, even if you don’t sell your own products directly – or if you sell through Amazon but not on your own site – some visitors will mark you down on “Vendor Reliability” or “Privacy” in MyWOT even though you don’t collect any personal information or require signon.