July 2005

Standing Behind Accordion Guy

Moving in Toronto? Need to hire a competent moving company? Do not use Quick Boys.
Well, according to Accordion Guy they are don't do a very good job. Worse, they threatened him. So let's shine a big light on these folks to let them know this kind of crap is unacceptable in OUR Toronto.

Opera 8.01 Download Dialog Spoofing Vulnerability

The good folks at Secunia are reporting a "moderately critical" security alert for Opera.

Successful exploitation may result in users being tricked into executing a malicious file via the download dialog, but requires that the "Arial Unicode MS" font (ARIALUNI.TTF) has been installed on the system.

The solution is to upgrade to Opera 8.02 - it is available here.

Day One of Windows Genuine Advantage Programme

That's right boys and girls Bill is no longer going to update your "non-genuine versions" of Windows XP.
They will continue to update pirated versions as long they are authenticated. This will ensure that those copies out there will not be copied.
Users need to visit the Microsoft Download Centre, Windows Update or Microsoft Update where they will be required to download an ActiveX control. This will check the authenticity of their Windows install and, if validated, allow for future verification.
Visit the Windows Genuine Advantage Programme.

Spyware "calling home" Increasing

The Register reports that the UK firm ScanSafe estimates that around 8% of outbound traffic from PC's is evil Spyware applications attemping to connect to the Internet.
Get thee hence to a firewall, varlet, or thy doom is certain!

Is your printer spying on you?

The Electronic Frontier Foundation (EFF) reports on their further investigation of a story that first appeared online Nov. 22, 2004 by PC World.

". . . several printer companies quietly encode the serial number and the manufacturing code of their color laser printers and color copiers on every document those machines produce. Governments, including the United States, already use the hidden markings to track counterfeiters."

The recent story is here.

New worm poses as iTunes

A new worm, WORM_OPANKI.Y, is spread though AOL IM by using the name iTunes to trick users into running it on their machines. The fact that this is an *.exe file should warn people that it could be dangerous but it appears the clueless still click on and on and on . . .

Firefox Version 1.0.6 Released

Hot on the heals of release 1.0.5 Mozilla has introduced the better, faster, stronger . . . um, actually this release merely patches the previous release which buggered a bunch of extensions. So, if after installing version 1.0.5 all your extensions failed you should upgrade.

Mandatory Greasemonkey Update

Users of Greasemonkey are strongly urged to either install Greasemonkey 0.3.5, or else disable or uninstall Greasemonkey completely. A security flaw allows any website which matches at least one user script (even * scripts) to read any local file on your machine, or to list the contents of local directories.

Thunderbird Version 1.0.5 Released

Release mania! This latest version addresses some problems that would cause extensions (mmmm . . . extensions) to fail.

MS Anti-Spyware Allows Claria Adware?

It appears that Microsoft's Anti-Spyware application now defaults to allowing these well known purveyors of spyware to exist on users computers. For this reason alone we suggest you always run more than one spyware removal application - consider this as the layered defence. Try Spyware Blaster, HijackThis! and Spybot - Search & Destroy.

PHP Apps Vulnerable to XML-RPC Exploits

http://news.netcraft.com/archives/2005/07/04/php_blogging_apps_vulnerable_to_xmlrpc_exploits.html

Scribe Firefox Extension

Adds Word Processor like functionality to web forms, including opening and saving form entries as files.

Excellent. Never again will you lose submitted data into the ether when the form you send craps out. Forgotten form data on topics of interest will be recoverable. Ah, extensions . . .