Better Safe Than Sorry

Patching Mania!

Your Windows machine has many, many third-party software applications: Adobe Reader, Apple Quicktime, Google Picasa, Java, Realplayer, Winamp, etc. Heck, even Microsoft has a pile of applications seperate from its OS: Think Media Player, .NET framework, Siverlight, MS Office, etc.

I have in excess of 175 programs!

So, is there an easy way to ensure you 'puter has all the most current (meaning secure) versions of all these applications? Try Secunia Personal Software Inspector.

The first steps include PSI inspecting your entire system for outdated, insecure applications:

Hopefully the result will look like this:

If it does not, well, you have some patching to do. Secunia PSI offers links to the latest versions so manually starting a download is easy. Once patched Secunia PSI stays in the background to monitor your system. If applications upgrade themselves (many do) it will let you know:

So, I strongly advise those of you who wish to be more secure to download and run this well thought piece of software goodness!

Damn Yer Quiz, Facebook!

I thought Facebook was a means where by one could (virtually) keep in touch with loved ones, friends and colleagues? A place to share pictures and thoughts? Now it appears cluttered with quizzes, games and virus-filled applications. Yeech. Greasemonkey to the rescue!

What? Never used Greasemonkey? Hmmm . . . You do use Firefox, right? Check this previous post.

The Ultimate Greasemonkey Script

Oh baby! Where have you been all my life!

Greasemonkey has always been a killer add-on for Firefox. Little scripts that work within Firefox to address many of the issues folks have with various websites. Simple things like adding easy to print pages to sites that have so many graphic ads that printing was a paper and ink nightmare.

The problem was that one had to go to the giant repository of Greasemonkey scripts at Userscripts.org search for the one that might address your specific problem and install it.

Well, a new script called Greasefire does all this for you. Once installed the Greasemonkey icon appears, in a slightly different form then you are used to, in the Firefox taskbar.

From then on if you browse to a site that any Greademonkey scripts that are related to it the icon turns a lovely shade of red.

If you then right-click on the icon it will further inform you of how many scripts are available. In this case our example shows the enormous number of scripts available at the uber-geek site slashdot.org.

Clicking on the top line (the one indicating how many scripts are available) opens up a window giving descriptions of the scripts. Clicking the giant grey button on the right towards the bottom initiates the usual Greasemonkey install routine.

So, if you have not yet installed Greasemonkey and Greasefire get thee hence to Userscript.org and help yourself to some great Add-ons.

AVG: A .bin file is missing

Seems AVG Free is temporariliy update-free! Boffins are as we blog hard at work replacing what appears to be reported as one floundering file. So if you spotted the icon (below) recently do not panic. Give it a day or less and all will be right in Update Land. Remain calm.



If you're hot to update your AVG manually (and who amongst us isn't I ask?) then do this:

1. Make a new directory on your desktop called AVG.
2. Browse to http://www.grisoft.com/ww.download-update.
3. Download the file named AVI: 270.6.4 to the AVG directory.
4. Download the file named IAVI: / 1616 to the AVG directory.
5. Right-click on the AVG icon in your taskbar, left click Open AVG User Interface.
6. Select Tools, Update from directory...
7. Select the directory called AVG where you put the downloads, click OK.

AVG should update itself and report a success. All done.

Patch your Flash NOW

US Bound? Secure Your Electronics!

Famed security guru Bruce Schneier has a very imformative article in the UK's Guardian newspaper online. In it he reminds potential visitors to the United States that border agents can and will search through all of your electronic devices. Laptops, cell phones, PDA's, iPods, etc. are all likely targets. Read the whole article here.

Microsoft DST Fix

Beginning on March 11, 2007 daylight saving time (DST) will be extended within most areas of the United States and Canada. DST will start three weeks earlier on March 11, 2007 and end one week later on November 4, 2007. This results in a DST period that will last four weeks longer than was previously observed. Depending on your OS it is possible that the time zone settings may be incorrect during the afore mentioned four week period. Microsoft has a page where you can check to see if you need the fix for this change: http://support.microsoft.com/gp/cp_dst

Kaspersky AV Mobile (BETA)

Kaspersky Labs is offering a BETA version of its Anti-Virus for cell phones using the Symbian OS. Sign up and offer feedback to help improve this application and you may receive a free version of the commercial version.

Flexispy.A Symbian 60 Trojan / Keylogger

This nasty litle piece of work is actually a commercial product named Flexispy! It records information about voice calls and text messaging sessions. The information is sent to a company server where it can be viewed on the web. Now, I can imagine many scenarios where this type of application could be used in a positive manner but lets get realistic and assume it will be used for nefarious purposes. F-Secure has all the details.

Online Chiclet Maker

If you need to author a few chiclets then head on over to Brilliant Button Maker located at: http://www.lucazappa.com/brilliantMaker/buttonImage.php. You can even grab the code for your own use . . . nice.

I needed a new RSS chiclet for Better Safe Than Sorry that would incorporate the newly agreed upon icon design. Here are a few designs:

Windows Defender Released

Microsoft has released the second beta version of Windows Defender. Formerly called Windows AntiSpyware, the new version can be downloaded here: http://www.microsoft.com/athome/security/spyware/software/default.mspx

We trust this beta version won't pooch anyones Norton Antivirus . . . a recommended download.

Aardvark

Sony Rootkit Patch

SunnComm Makes Security Update Available To Address Recently Discovered Vulnerability On Its MediaMax Version 5 Content Protection Software, Which Is Included On Certain SONY BMG CDs

The full scoop is here: http://www.eff.org/news/archives/2005_12.php#004234. Sony has finally (it appears) got the message that Rootkits are bad. Check the end of the article to determine if you have any of the affected titles and if so download and apply the patch.

MS to Remove Sony Rootkit via Anti-Spyware & Malicious Software Removal Tool

Microsoft has decided that the Sony Rootkit poses a threat to its operating systems. Future updates to the Microsoft AntiSpyware application and the now commonly updated Malicious Software Removal Tool will contain the signatures required to remove the truly evil Sony Rootkit. Thanks Bill!

Sony Rootkit UNinstaller Almost Worse than Rootkit!

According to Mark Russinovich of Sysinternals.com (the chap who initially discovered the menace) the uninstaller only forces XP to issue the Windows command "net stop" that disables the driver. This inept handling can and has caused XP to crash. The President of Sony BMG's global digital business division Thomas Hesse has explained it all, "Most people, I think, don't even know what a rootkit is, so why should they care about it?" Right. I don't know what Sony stock is either so why should I care if it drops like a rock? Check out the story at The Register here: http://www.theregister.co.uk/2005/11/09/sony_drm_who_cares/ and don't miss the link to the NPR interview with the clueless Sony Prez.

Sony Rootkit Uninstaller Available

Sony is now offering users an uninstaller for the Rootkit that would have secretly installed on their PCs if they had placed a Sony music CD in their CD drive anytime after March 2005. While the Rootkit is (probably) not in itself dangerous it does allow hackers a potential entry point into a users PC and for this reason alone should be removed. Bad Sony, bad dog!

Windows Live Accepts Reality

World Of Warcraft = Spyware

It seems the company the produces the popular game World of Warcraft, Blizzard, has been caught reading the processes on users PC's. Now, even though the EULA states this is happening and users could decline it's still a massive invasion of privacy. Read the story here: http://www.eff.org/deeplinks/archives/004076.php and check out the way to "spy on the spy" here: http://www.rootkit.com/newsread_print.php?newsid=371.

Website Problem Cured With Greasemonkey

A very interesting follow-up post today on Boing-Boing shows the power of the Firefox Greasemonkey extension. Yesterday the comment was bemoaning the ugly look and crappy interface at a US Library of Congress site. In the space of 24 hours a chap threw together a Greasemonkey script that fixed the problems.

Windows Registry Flaw

A recently detected flaw in Windows registry concerns its handling of long string names. A malicious program could hide itself in a registry key by creating a string with a long name which would allow it to remain hidden. Keys added afterwards would also remain obscured so the horror could escalate. The vulnerability affects Windows XP and Windows 2000 even if they are fully patched according to Secunia. A detection tool can be found here: http://isc.sans.org/LVNSearch.exe

MSN Search

Poochy Call Home !

No More Internet for Them

Hackers Tune In to Windows Media Player

Google: We've fixed desktop search tool flaw.

Copyscape - Website Plagiarism Search

Rogue/Suspect Anti-Spyware Products & Web Sites

Google Labs

Spyware Database Search

Google Scholar

Eudora Combats Phishing With ScamWatch

Here is a good idea - trust Eudora to get a grip on those damn Phishing emails. Although anyone that accepts email in anything other than plain text is cruisin' for a bruisin' anyway - and good luck to all you folks, hehehe.