Monday, November 26, 2012
Here’s another little oddity I’ve noticed about McAfee Site Advisor.
Some of my blogs show up as untested (gray) on Site Advisor in search engine results and in Firefox, Internet Explorer and Chrome when I go to the sites. If I navigate to the McAfee report, it shows up as green (illustration).
Other blogs of mine (about half) display properly in browsers. In the past, all of them did.
Webutation (on Firefox) also behaves this way. On a couple of blogs, it gives a low score (about 70) in the browser, but shows 90 or 100 if I go to the report. Sometimes, but not always, going to the report results in recalculation for the browser display.
Saturday, November 24, 2012
On Black Friday evening (November 23, 2012) I checked some bank balances online and found that when I went to a UBS account, the main website worked, but when I went to the client login, I got a DNS error. The client logins all occur on subdomains with prefixes to the “ubs”.
I searched through my emails and called the 888 tech support number. I was surprised that they were unaware of the problem until they tried it themselves, and got a blank screen (I think the call center is in Ohio). Explanation, they must have been doing maintenance.
The logon did work late Friday evening and everything was OK. But the moral of the story is this: when banks do maintenance they should inform their customers online as well as their phone support customer service employees. They shouldn’t just let abends or DNS errors or internal server errors happen. Customers have good reason to wonder if sites are being hacked.
It would be a good idea for financial institutions to consider implementing two-step logons similar to that available for Google accounts. One possible problem: the need for the banks to all have their own custom smartphone apps for such purposes.
Thursday, November 22, 2012
Tom Costello, on NBC Nightly News Wednesday Nov. 21, reports on password security, including another incident where hackers broken into her account to send 20000 emails around the world asking for money.
The article says that people can learn enough from your social media accounts to put together password guesses. The more you link accounts, the greater the risk. And use “Argo-fake” answers to security questions that no one can guess and that are not on the Internet.
It is also a good idea not to rely on the cloud completely, but to make backups of data (including creative manuscripts and web pages) and keep them in physically scattered locations (including a safe deposit box in a bank). It’s may be a good idea to have hand copies of passwords and question answers not stored on the web (or even on your computer) anywhere. It is also a good idea to check everything frequently. That can be a problem for people who go out of the country or go to the hospital, for example. For example, hospitals ought to allow patients who are well enough to purchase wireless service the way they pay for phone.
There have been over one billion hack attempts this year, according to the report.
Sunday, November 18, 2012
I've noticed since Google Chrome picked up the McAfee Site Advisor plug in, that once in a while McAfee blocls and embedded YouTube video as dangerous (red rating). I found this to be the case with my review on the Movies blog of "The Dark Knight Rises" on July 12, 2012. The embedded video was the Warner Brothers official trailer and seemed to have been posted by WB. I found that played manually with the "watch" subcommand it did not get the warning, but it did with "embed". I went ahead and chose a different YouTube video, an interview-preview of the movie from ENTV, with no problems.
I don't know why a YouTube video would get marked red, no less one from Warner Brothers, the official studio trailer, unless it has something to do with the "notoriety" of the movie.
I've also noticed that in Windows 7 my user directory had a new folder called ",gstreamer-0.10" with a single bin member "registry-i686.bin". It gets updated whenever I reboot. Gstreamer is related to multi-media. Webroot does not give any warning on a Security Anywhere scan.
Also, about once a month. Windows 7 asks me permission for Webroot Secure Anywhere to make a change to the registry.
Tuesday, November 13, 2012
On Tuesday November 13, 2012 the Washington Post included a “special report”, “Cybersecurity”, as a Section AA. The main news story is “Zero Day: Under Attack: Trojan horses, malware and other tools for the heist just a click away”, by Robert O’Harrow, Jr. The online version is titled “Hacking tool kits, available free online, fuel growing cyperspace arms race”, link here.
The main focus of the article is a site named Metasploit, which brands itself as “Penetration testing software”, and has perfect scores from website safety rating services, link here, and is associated with a security firm called Rapid7 (link).
Companies use this site to stress test their infrastructure from deliberate attacks, but the same “tools” are available free to anyone with an Internet connection.
But the same tools are easily available free to hackers and script kiddies
In another story, Bill McAfee, who founded McAfee, Inc. in 1989 as one of the first major anti-virus companies, is a person of interest for a slaying in Belize and is hiding out from police, whom he fears will slay him, according to media reports such as this story for Business Week by Adam Williams, link
In the mid 1990s, Norton was perhaps the leading company, but I recall a coworker who ran the corporate LAN describing Bill McAfee as dedicating himself to eliminating computer viruses. In the good old days, most computer viruses were spread by floppy disks and email attachments. Remember the Jerusalem virus? The Microsoft Word “concept virus”? By 2001, they had gotten much more serious. I remember the “Magister” virus at work just before 9/11. My machine didn’t get it, but many employees had their Windows 2000 or NT machines re-imaged. “This is the real thing” people said. It wasn’t.
McAfee does not (as of my discussion fiv emonths ago) have a good reputation with the Geek Squad, which has favored Kaspersky, Webroot, and Trend Micro, and even uses some special removal tools like Asquared and Spyware Doctor (see June 15, 2012).
Monday, November 12, 2012
Webroot has made some changes to its Secure Anywhere product. If you invoke the icon, it displays a system console which shows a running total of system events (now almost 300 million), and a note of the most recent automated system scan. I’m not sure what it means by “2 secured sessions”, or by system cleaner. The firewall is monitoring about 27 processes with over 80 internet connections.
Thursday, November 08, 2012
Today, the New York Times has some pretty useful tips in an article by Nicle Perlroth, “How to devise passwords that drive hackers away”, p. B8, Business Day, link here.
Some interesting observations are that a strong 14-character password (using special characters, all cases, letters and numbers randomly) should take 24 hours to crack. Others are to use nonsense answers to “security questions” and to use separate browsers for surfing and for critical business.
Use of password management systems can be double-edged, just as can using the “Cloud” for all your backups. It’s a good idea to have physical copies of your data in more than one location, and to have printed or handwritten copies of your passwords. Think carefully before traveling of how things can go wrong.
There is even a recommendation to create passwords by “encrypted jamming” so that you don’t know it and could not be forced to turn it over to an intruder in case of a physical confrontation (as when carrying a laptop on the street or conceivably a home invasion). That sounds like having a maximum daily withdrawal amount on an ATM debit card (good idea, unless...). Hopefully these kinds of confrontations so far have been very rare in practice. But some executives might need to consider them (at least in the movies).
Wednesday, November 07, 2012
The Webroot Threat blog has a story on bogus Facebook notifications (from
“friends”) serving malware, bt Dancho Danchev, here.
“friends”) serving malware, bt Dancho Danchev, here.
The emails contains links to infected sites with Trojans that enable the attacker to control the subject’s machine, for DOS attacks or for access to normally protected accounts, like banks and Gmail. Possible major hacks could occur this way. The Trojans include “Ransom.win32” and “Generic.KDV”.
You can secure your Facebook account if you think it has been compromised by going to the subdirectory “/hacked” after you log on. You will be asked to supply your password again.
I get bogus notifications all the time, one or two a day at least.