Better Safe Than Sorry

Phishing Targets Tweeter

The popular mobile service Tweeter has been hit with phishing messages. Nothing new about this. It is a good time to remind folks about the devious nature of these evil doers. Any method will be used to induce the unwary or stupid to visit sites that will attempt to upload all kinds of malware, spyware, trojans, etc. to your PC, smartphone or other device. The vector for this specific attack is the very popular 'TinyURL' online application that turns large, unwieldy URLs such as “http://www.somewhere.orf/really/long/directory/” into something such as “http://tinyurl.com/4d4a2” which can be remembered long enough to key into a browser. The problem is that the TinyURL could lead one to evil sites. Very bad. TinyURL's solution, which folks either don't know about or don't use or understand is to use the Preview TinyURL. In our previous example one should append the TinyURL with preview: “http://preview.tinyurl.com/4d4a2”. This will allow for the best practice of safely viewing a rendering of the intended target before actually visiting it.

WPA Cracked

If you use WiFi to connect to your Internet provider via a wireless router be aware that recently a crack has been found that could allow eavedroppers to detect your passphrase. The simple solution (for now) is to use WPA2 rather than the now vulnerable WPA. If by some chance you missed the memo about the much older WEP protocol you should have stopped using that years ago! If your router does not use WPA2 then ensure it is using AES encryption and not TKIP. Also be damned sure your passphrase is long (12+ characters minimum) and contains a mixture of lower case, upper case, numerals and characters. So, password IS NOT up to scratch. k*uh7%vg4Sk9jNVfdxq)( is just about right ;-)

Critical Microsoft patch available

Microsoft has issued an out-of-band update. This is unusual as Microsoft rarely releases patches ahead of the usual once monthly Patch Tuesday. In this case the severity of the security hole has prompted them to wisely hurry the process along. This update is for XP and Vista although for Vista users it is not deemed critical. What the heck, do it anyway. If you have Windows Update all organized (as you should) you should be safe. If you are unsure if you already have the patch installed then go to Add/Remove Programs in the Control Panel, make sure the check box for show updates is checked:

and, when the list is finally displayed look for:

If it's not installed go back to the Control Panel and click on Security Center. Make sure all the settings for Windows Updates, your firewall and whatever anti-virus you use are all functioning as they should.

DNS Poisoning

DNS servers the world over have been targeted by evil doers. Flaws in these servers could allow creeps to silently redirect your browser sessions to anywhere.

To check to see if your ISP is vulnerable go here.

If the results (above) are less then satisfactory do contact your ISP and complain bitterly.

You could also use DNS servers that are patched. I suggest OpenDNS.com - they even have a handy application that corrects your settings when your ISP's DHCP server changes your IP.

Here is a good synoposis from the blog Security Fix:

At issue is a basic design flaw in the domain name system. DNS is the communications standard that acts as a kind of telephone book for the Internet, translating human-friendly Web site names like example.com into numeric addresses that are easier for networking equipment to handle and route. When people type a Web site name into their Internet browser, the process of routing of that name to Internet address is generally handled through DNS servers managed by Internet service providers and corporations. But according to research released this month, most of those DNS servers are vulnerable to a security flaw that allows miscreants to silently alter the virtual road maps that those systems rely on to route traffic. As a result, a cyber criminal could trivially rewrite those records so that when customers of a vulnerable ISP or network provider try to visit a particular Web site, they are instead taken to a counterfeit site created by the bad guys.

Security begins at home. Never assume your ISP has a clue.

US Bound? Secure Your Electronics!

Famed security guru Bruce Schneier has a very imformative article in the UK's Guardian newspaper online. In it he reminds potential visitors to the United States that border agents can and will search through all of your electronic devices. Laptops, cell phones, PDA's, iPods, etc. are all likely targets. Read the whole article here.

Limewire User Exposes Data

Peer-to-Peer file sharing networks are a haven for Trojans and malware. Letting others into your PC without the proper safeguards (hell, even with the safeguards) is a hole waiting to be filled with evil. If you must use these networks then consider keeping your sharing on your personal machine and not on one used by others.

CSIS spy coins

HAHAHAHAHA

Safari Browser for Windows (Beta)!

This appears to be the platform by which Apple might require you to have if you wish to use the next version of the iPhone. Except the browser compares poorly to others as it appears to not load faster. It has security issues ( don't they all ) and lacks the ability to patch. No extensions / add-ons like Firefox. No Widgets like Opera. Looks like hell. Looks like hell? An Apple product? 'Fraid so. So, let's wait on outcome of this strategy.

Cellphones Disable Nissan Car Keys

If you drive either a 2007 Nissan Altima sedan or a Nissan Infiniti G35 sedan you will want to keep your car keys well away from your cellphone. Reports from Nissan conclude if the keys and cellphone are touching when any incoming or outgoing call is initiated the data on the car keys can be erased. No keys, no entry or ignition! Those of you who don't drive these makes or models would do well to consider the greater significance of two electronic devices colliding. Always be aware of the potential for unexpected results when dealing with the ever present digital geegaws and thingamajigs. NOTE: Contrary to the Heading this is NOT an actual product recall . . . for now.

Google: 1 in 10 Websites Unsafe

Especially if you use Internet Explorer as opposed to Firefox or Opera. The chance of being nailed by a "drive-by download" is almost non-existent when using any browser other than Internet Explorer. Do yourself a favour and try a safer alternative.

MS Vista OS on sale 30 January 2007

At $300.00 for an upgrade from AnyVersion XP to Vista Ultimate this is not inexpensive. Many will need to purchase a newer video adapter to see the Aero 3-D effects at a further cost. Since most stock computers typically contain only 256 or 512 mb. of RAM others will find that they need to add more memory at a further cost. Hmmm. Start doing the math and you will see that buying a new PC, especially with the extras thrown in such as an LCD monitor, webCAM, Internet access, VoIP, etc., at this time is reasonable. Here is the secret (and you heard it here first): The whole roll-out of Vista is predicated on people buying new PC's not to run Vista but to free up the old PC to become the gateway to the Digital Living Room or whatever it comes to be called. Call it Home Entertainment Networking from Bill.

ZoneAlarm Auto-Update Alarms Users

If you use the ever popular software firewall ZoneAlarm you will have recently seen the first appearance of the new Auto-Update dialogue box indicating that ZA has successfully patched itself. One discussion appears here. Screencaps of the glorious moment are here. If you haven`t spotted the dialogue box it is likely you neglected to download and install the last "full" version which must have included the Auto-Update feature. You are bad, very bad. Update your old ZoneAlarm and bask in the glory of a new Auto-Update tomorrow. (cue triumphant music) Now, why did they not inform its user base of this welcome development before the fact? This is the kind of action that generally prompts me to do a full uninstall as I worry about other processes launching behind my back. Arrgh. I look forward to the full explanation of this behaviour as should you.

Firefox 2.0 Released

All the downloads are here: http://www.mozilla.com/en-US/firefox/all.html.

Internet Explorer 7.0 Released

This version is available here: http://www.microsoft.com/ie/. Best Practise? Download and install for a slight increase in security when your Windows XP just has to use IE.

Toronto Wi-Fi Now Available!

Woo hoo!

McAfee Flaw

McAfee's whole slew of consumer products is at risk from a flaw that can expose information stored on Windows PC's. Information is here and here. Perhaps it's time to consider an alternative applications such as AVG Free for virus protection?

D-Link Products DDoS Attacks

Do you use a D-Link router? If you do check these stories and then adjust your routers config to do its NTP check somewhere else. Bad, D-Link, bad dog!

Toronto to get Wi-Fi

Accoording to numerous sources the entire city of Toronto will join other hotspots to provide Wi-Fi. Woo-hoo! Wait? What's that sound I hear? Why, it sounds like Ted Rogers upchucking!

Mac OS X Bluetooth (Proof of Concept) Worm

When it rains it pours for you Macheads. F-secure received a sample virus, Inqtana.A, that spreads via the Bluetooth OBEX Push vulnerability described here: http://www.osvdb.org/displayvuln.php?osvdb_id=16074. The exploit is not in the wild and will expire on February 24, 2006 but to be safe from this threat now and in the future you are advised to install the latest patches for your OS X version 10.4 ASAP.

First Mac OS X Virus

The first virus for Mac OS X has been encountered today. Called OSX/Leap.A. by F-Secure the Malware was posted via a link to MacRumors forum. Supposedly a screenshot for Mac OS X v10.5 Leopard the virus spreads through iChat.

It appears the victim must be running in Admin. mode to be infected. As with any OS you should generally not be swaning around while in Admin. mode because of the risk of compromising your PC at the "root level" where all the important processes live. If these processes are taken over by rogue software you can lose complete control without even knowing it.

Do yourself a favour and make a new user on your Windows box with less than Admin. privileges before you go wandering off into the Interweb.

MS Anti-Spyware Deleting Symantec's Norton Anti-Virus?

A report in the Washington Post claims that Microsoft support has had complaints that its (Beta) Anti-Spyware application is deleting parts of Symantec's Norton Anti-Virus. Oops. The latest virus definitions seem to believe that Norton is the password stealing Trojan called "PWS.Bancos.A" and so corrupt the Norton install.

Remember folks BETA means, "it should work, but don't count on it for mission critical usage".

For now, I suppose run one or the other until they sort this out. Or use AVG instead ;-)

2005 List of (Known!) OS Vulnerabilities

Nothing says 'end of year' like a big honking list of all (known) vulnerabilities in various operating systems.

Read it and be afraid, very afraid: http://www.us-cert.gov/cas/bulletins/SB2005.html.

Happy New Year!

Day One of Windows Genuine Advantage Programme

That's right boys and girls Bill is no longer going to update your "non-genuine versions" of Windows XP.
They will continue to update pirated versions as long they are authenticated. This will ensure that those copies out there will not be copied.
Users need to visit the Microsoft Download Centre, Windows Update or Microsoft Update where they will be required to download an ActiveX control. This will check the authenticity of their Windows install and, if validated, allow for future verification.
Visit the Windows Genuine Advantage Programme.