Month: August 2007

We just saw this come out of an IFRAMEDOLLARS install.

The trojan encrypts files with the extensions txt, xls, doc, pps, ppt, docx, xlsx, pptx, rtf, mdb, vsd, vst, csv, mpl, zip, and rar; and drops this text file:

README_ASAP.txt

Dear User,

Thank you for using our service.
We’ve recently inspected your system and found out many critical security holes.
It’s not a joke, and it bring out clearly that we were able to crypt all of your text files, documents, archives and data files.
For your security we did it before than someone else: hacker, virus or just stupid vandal.
In world, hijackers are hunting for your bank account, credit card information, or something valuable.
Now, even if they’ll hack your computer they steal nothing, because all of your important files are now crypted and secured. There is no technology or scientific method to crack this kind of encrypting in near future Unfortunatelly as like other job, our services cost money. Just only 150$ US dollars. It is worth much less than if you loose all your files.
We accept only Western Union, and we garantee that your’ll receive decrypting program with detailed manual in less than hour after we’d received your payment.
If you need your information back, just send an email to:

[redacted]

and we’ll send you further instructions in 5 minutes.
Do not worry, you’ll get all back in hour after we get Western Union Transfer details. ONLY IN ONE HOUR!!!

We are sorry for your inconvenience, but better we and less, than somebody and more.

Q. I didn’t order your service and dont want to pay! I’ll go to police!
A. It’s up to you. If you belive they do it better, then do it.

Q. I am poor studentbankrupthousewife. I dont have money.
A. It’a sad to hear.

Q. I’ve sent an email to you for a discount.
A. Sorry, but we can’t answer to all our correspondents due to high load.

Q. I need my information ASAP!
A. Dont worry! You will get it in one hour after we receive your MTSN. (western union control number)

Q. How i can trust you? Maybe you’ll rip me?
A. We understand if you send money for our work-your info important for you.And we don’t want make your life worse.You’ll certanly get the Decription Program.

Thank you ,
Network Security Audit Plus.

AV coverage is quite light on this one.

Sunbelt Sandbox report here.

Alex Eckelberry

Update: We have a program that we are giving out for free that gets the data back. Click here.

Heck, the deb and equity markets are messy, why not speculate on big storms?

When tropical storms like Dean start churning in the Atlantic, a small cadre of hurricane speculators springs into action.

They’re out to make money by predicting the path, the strength or the damage from the season’s big storms. However, researchers at the University of Miami and University of Iowa hope some of the speculators will do something else: help us understand how people decide where a hurricane is headed.

This is somewhat interesting, especially for those of us down in the South (it does not, however, replace the excellent forecasting from the National Hurricane Center).

You can see the experimental University of Miami/University of Iowa hurricane futures market here.

Alex Eckelberry

FCC says No to Internet over TV airwaves
We’ve got TV over IP, but what about IP over TV? Microsoft, Dell, Google and several other companies teamed up to create a device that would provide an Internet connection over unused television airwaves but the FCC shot it down late last month, saying there was too much potential for interference with TV broadcasts. The battle’s not over, though; despite protests from TV broadcasters, technology companies are still looking for a way to address the problems, saying this could make high speed Internet services available and affordable in rural areas. Read more here.

XP SP3 – it’s alive!
Well, sort of. Although not yet available to the public, Microsoft has released a beta version of the long awaited and much anticipated Service Pack 3 for Windows XP to a limited number of beta testers. There are a few screen shots floating around out there on the web, with links here.

Vista Fix Packs available
Last week, Microsoft released final versions of two “fix packs” containing updates that will probably be part of Vista Service Pack 1. At the time of this writing, they weren’t yet available through automatic updates but you can download them from the Microsoft web site. They’re designed to improve several performance, reliability and compatibility issues, including memory leaks, file corruption issues, problems installing printers, video driver problems (including the “display driver has stopped responding and has recovered” error that was driving me nuts a few weeks ago), problems with Internet Connection Sharing and more. Download the fixes from these sites: Pack 1, Pack 2.

Make Zipped Folders in XP
We got so used to using third party software for zipping folders that many of us just kept on using those programs when Windows XP was released. Surprisingly, some folks don’t even realize that XP supports creating zipped folders without installing any third party zipper. Here’s how you create a zipped folder in XP:

1. Click Start | My Computer
2. Open the drive or folder where you want to create the zipped folder.
3. Click File | New and select Compressed (zipped) Folder.
4. Type a name for the folder.
5. Press Enter.

The folder will have a zipper icon to indicate that it’s zipped. Now you can drag and drop files into the folder and they will automatically be compressed. When you open a zipped folder, you’ll see the selection to Extract All Files in the list of Folder Tasks.

Nine Security Fixes Coming on Patch Tuesday
August 14th is this month’s Patch Tuesday at Microsoft, and they’re expected to release nine security bulletins, with six of them rated as “critical.” One of the critical vulnerabilities is in Microsoft Office and two are related to Internet Explorer. Be sure your systems are updated for best security. Read more about these upcoming fixes here.

Can I create a custom toolbar in XP?
QUESTION: I liked the idea of creating a custom toolbar in Windows Vista that you included in your last letter, I’m wondering if it’s possible to do so in Windows XP. Know of anything? – Jason L.

ANSWER: It’s not quite as easy as in Vista (where you can just drag a folder to the edge of the screen and it becomes a toolbar) but you can do it. First create the folder with the files or program shortcuts you want to put in the toolbar. Then right click the taskbar and select Toolbars and then New Toolbar. In the New Toolbar dialog box, browse to the folder you created and double click it. The new toolbar will appear on the taskbar. Be sure the taskbar is unlocked (right click it and click Unlock Taskbar if it’s not). Then you can grab the new toolbar and drag it to a different edge of the screen.

Why doesn’t Vista show all my RAM?
QUESTION: I have Vista Ultimate 32-bit installed with 4GB RAM, but Vista only reports 2.8GB; this seems to be a common theme among many users. Can you comment on this limitation and why it seems that 4GB is reported as less than 3GB even when the BIOS reports the entire 4GB installed? – Paul N.

ANSWER: I had the same problem when I got my Dell XPS. Here’s why: In the 32 bit environment, Vista’s address space is limited to 4 GB. However, the operating system can’t access memory that’s relocated above the 4 GB boundary. Some of the memory may have been relocated to make room for addresses that the BIOS reserves for hardware.

You can force the system to address memory that’s above the boundary by enabling Physical Address Extension (PAE) mode. To do so, you have to add PAE to the Boot Configuration Database (BCD) file. Here’s how you do that:

1. Navigate to the command prompt executable (cmd.exe) and right click it.
2. Select Run as Administrator.
3. Click Continue or enter administrative credentials at the UAC prompt.
4. Type the following: BCDEDIT /SET PAE ForceEnable
5. You should see a message that the operation completed successfully.

When you restart the system, Windows should report all of your RAM. You may need to refresh the Windows Experience Index (WEI) in the System applet to detect the change. For more info, click here.

Troubleshooting sound problems in Windows XP
It’s a common enough problem: you had sound before, but suddenly your computer has gone silent. Or the sound might play, but it’s distorted. Sometimes the computer will hang up or even reboot unexpectedly when you play a sound. What’s up with that? Sound problems can be frustrating because there are many possible causes, but KB article 307918 will help you pinpoint what’s wrong and get some sound back into your life again.

Some display names are blocked in Windows Messenger
If you try to use a trademarked name (such as “MSN”) as your display name in Windows Messenger, guess what? You’ll get a message telling you that the name is invalid? What? But your name is Michael Scott North and those are your initials? Too bad – you’ll have to pick another name. If you don’t believe me, see KB article 307296.

Until next week,

Deb Shinder

From scan.flashsec.org:

Summary
Due to a design flaw in ActionScript 3 socket handling, compiled Flash movies are able to scan for open TCP ports on any host reachable from the host running the SWF, bypassing the Flash Player Security Sandbox Model and without the need to rebind DNS.

You can see a proof of concept at the site, and it’s quite interesting to watch. This happens inside your firewalled network, just by browsing the internet.

Alex Eckelberry
(Thanks Dre, Eric)

Disaster recovery experts always recommend that businesses keep copies of their important data off-site, in case of a tornado, flood or similar catastrophe that could destroy not just your hard drive but also any backup tapes or discs you have in the same room or building.

It’s not bad advice for home users, either. Many people have precious photographs, irreplaceable email messages and documents that would be difficult or impossible to reconstruct if they were lost.

But how do you go about keeping backups of everything at a remote location? There are several ways. You could burn the files to a CD or DVD or save them to a removable USB hard drive (or, if the amount of data is limited, even put them on a tiny “thumb drive” or flash memory card). Then you can take them to a friend’s home, to the office or even put them in a safe deposit box at the bank. But that requires physically transporting the media.

Perhaps the most convenient way to store off-site backups is to transfer them to a remote computer over the Internet. If you have a friend who needs to do the same thing (and it’s someone you trust with your data), you can each email backup files to each other or set up FTP or SFTP (Secure FTP) sites on your computers and upload your backups to one another. That way, if your home were destroyed, there would be a copy of your data sitting safely on your friend’s hard drive miles away.

But what if you don’t have any friends or relatives to whom you want to entrust your most important and/or sensitive files? In that case, there are numerous online services, some of which are free and some of which charge a monthly or annual fee to store your files on their servers.

Microsoft’s Windows Live SkyDrive is one example of such a service. You can store up to 500 MB free and the folders you create and in which you store data are password protected with your Windows Live ID. You can also share your folders with others if you choose. File transfers are made using SSL encryption for better security. You can sign up here.

Google provides free file storage (almost 3 GB) with your Gmail account and last week they rolled out a new expanded online storage service with annual fees ranging from $20 (for 6 GB) to $500 (for 250 GB). For more information about upgrading your storage, click here.

Mozy has a service for $4.95/month but they also have a 2GB free plan.

Xdrive gives you 5 GB of free storage space. You need an AOL or AIM screen name/email address, but you don’t have to be an AOL subscriber. 

And if you really have a huge amount of data to store online, MediaMax offers 25 GB free or up to 1 TB (1000 GB) for $360/year.

These are just a few examples of the many online file storage services available. There are also commercial services for businesses, and some ISPs include free file storage on their servers with your Internet account. But what are the downsides of using one of these services?

Before you upload anything, read the Terms of Service, which should be accessible through the company’s web page. In most cases (especially with free and low cost services), you’ll find a clause stating that they can discontinue the service at any time, and that they are not responsible for any data loss you might experience. There will probably be a statement that they can modify the system requirements at any time – so you could suddenly find that you have to upgrade your computer or buy a new one to access your data.

The contract will require you to warrant that you aren’t going to use the service for any illegal activity, and some contracts also include weird prohibitions of activities that are legal, such as advertising the sale of firearms, alcohol, tobacco or “adult products.” The ToS will also probably specify that they can allow others to access your data with a court order or in the conduct of a criminal investigation and that they aren’t responsible if a hacker or other unauthorized person accesses your data.

So … should you trust your data to an online storage service? Only up to a point. I wouldn’t rely on it as my only off-site storage method, but it’s definitely convenient and can be a good solution, as long as you have a backup of your backup. You might want to go with the big name companies that aren’t as likely to go out of business, too – although nothing prevents them from just axing the service if they decide to (or start charging you to use it).

Also check out ease of use. Some services make it difficult to upload more than one file at a time – which makes for a tedious process if you’re trying to back up your entire Documents folder. Also be aware that you might have to install ActiveX controls to use the upload features. You can read about my experience with various file services on my blog post titled “Comparing Online Storage Services“.

What about you? Do you have an off-site storage method that you use regularly? Would you prefer to trust your data to a friend or relative, or to an online service where you can be relatively anonymous? How much is too much when it comes to paying for the service? Are Google’s prices too high? If so, what’s a fair price? Have you ever lost data that you stored online? 

Deb Shinder

This just speaks for itself:

A man spotted wearing a T-shirt bearing an “offensive” slogan in a city centre has been warned he risks an £80 fine if he is caught again.

Forklift driver David Pratt was told by street wardens in Peterborough he could cause offence or incite violence.

The slogan on the garment read: “Don’t piss me off! I am running out of places to hide the bodies.”

Apparently the story originally said the fellow had been spotted using a surveillance camera, but the story has been revised. Readers of my blog can only guess at my reaction to that…

Alex Eckelberry

Direct/X vulnerability, of some concern. Secunia has a good overview here.

CERT has this:

By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer (or the program using the WebBrowser control) to crash.

We are currently unaware of a practical solution to this problem. Please consider the following workarounds

Disable the FlashPix ActiveX control in Internet Explorer

The vulnerable ActiveX control can be disabled in Internet Explorer by setting the kill bit for the following CLSID:

{201EA564-A6F6-11D1-811D-00C04FB6BD36}

More information about how to set the kill bit is available in Microsoft Support Document 240797. Alternatively, the following text can be saved as a .REG file and imported to set the kill bit for this control:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerActiveX Compatibility{201EA564-A6F6-11D1-811D-00C04FB6BD36}]
"Compatibility Flags"=dword:00000400

Disable ActiveX
Disabling ActiveX controls in the Internet Zone (or any zone used by an attacker) appears to prevent exploitation of this and other ActiveX vulnerabilities. Instructions for disabling ActiveX in the Internet Zone can be found in the “Securing Your Web Browser” document.

The issue of zero day exploits has become a bit ominous with their use in web attacker frameworks (mpack, etc.). Zero days get rolled into the new versions of the attacker frameworks, giving malware distributors and authors something pretty close to “plug and play” attack frameworks.

We have not observed this exploit in the wild.

Alex Eckelberry
(Hat tip to Jose Nazario)

Clarification: I don’t see this as being a big issue, as it requires the DirectX SDK (not a lot of people running that).

For SunRocket victims (er, customers)
If you’re one of those unfortunate folks who found yourself unexpectedly without telephone service upon SunRocket’s sudden demise, the good news is that other VoIP providers are eager for your business and some are offering discounts or special terms to former SunRocket customers. Teleblend has a discounted rate of $12.95 per month for the duration of your SunRocket contract; Packet8 will give you a month of free service and no startup costs, as will Lingo. Vonage tops that with two months of free service and a waiver of activation and shipping fees. ViaTalk will give you credit for up to three months of your prepaid SunRocket contract, and these are just a few examples. Packet 8, Lingo, Teleblend, Vongage and ViaTalk.

How to make Windows think it’s counterfeit
David H. wrote to us about a sure-fire way to trigger the “counterfeit operating system” warning in Windows XP. He says recently tested a demonstration license of a piece of software to find out whether it expired after 3 months by setting the clock forward on a PC. Then when he restored the normal image (volume licensed XP) using the Acronis imaging tool without fixing the clock, and afterward discovered the problem and set the clock to the correct date, XP flagged the copy as counterfeit. He writes that the situation can be reproduced with the same results, so be careful about changing the clock.

After watching numerous Star Trek episodes, we already knew that bad things can happen when you mess with time.

Free (ad-supported) version of Microsoft Works
Last week Microsoft announced that they will be offering a free version of Microsoft Works (their low end productivity suite that consists of a word processor, spreadsheet program, calendar and contacts applications) that’s supported by advertising. Works normally retails for $39.95, but many OEMs install it on their computers now. Although it’s been completely overshadowed by its “big brother” Microsoft Office, Works is a good alternative for home users who don’t need the sophisticated features and complexity (or the high price) of Office. Read more here.

Validation Process Blues
I wanted to download an add-on for Microsoft Office and of course, Microsoft wanted to validate my copy of Office to make sure it’s genuine. Okay, that’s fine. I’m working on the computer that I’ve been struggling with to fix my video card problem, which included a lot of driver rollbacks, system restores, full PC image restores, etc. So I wasn’t really surprised that IE requested that I install the validation tool all over again. Upon running it, validation failed because I had rolled back to a point before I activated Visio. So I had to go through that process and then run the validation tool all over again. Validation Successful! Hurray – but why in the heck couldn’t the browser than take me back to page for the add-on that I wanted to download? Now I had to go find it all over again. This is a no-brainer, guys; don’t put us through all that and then leave us stranded on a dead-end page.

Search for songs by singing
Here’s an innovative concept: you heard a song you liked but didn’t catch the title or artist. Now you can search for it by singing or humming it into the microphone on your computer. Our friend George Ou says it didn’t work so well for him and offers an alternative idea. I have a feeling it’s going to depend on how well you can carry a tune and how much of the song you remember. Give it a try and tell us whether it works for you, or is it just one of those things that sounds good in theory but doesn’t work in practice.

Vista Metadata keeps your files more organized
Metadata is data about the data (something we often refer to as file properties, such as the author, date of creation, subject, and so forth). Having more of this identifying data can make it easier to sort and find the files you want, and Windows Vista provides more support than ever before for adding metadata to your files.

When you right click a file and select Properties, then click the Details pane, you’ll find all sorts of metadata categories, which vary depending on the file type (for instance, document files include properties such as word and character count, language, and content type, whereas picture files include such properties as the dimension in pixels, camera make/model and photography details). Some of these bits of information are filled in automatically; others you can add yourself by hovering in the Value column to make a text box appear.

All this information is great to have, but you might not want it included when you send the file to someone else. Luckily Vista also makes it easy to remove personal information from a file by clicking a link at the bottom of the Details page and selecting to create a copy with all possible properties removed, or remove just specified properties.

How to create custom toolbars in Vista
It’s easy to create a custom toolbar that you can put on the edge of any of your monitors in Vista. Here’s how:

1. Right click the Desktop, click New and select Folder. Name it whatever you want to call your new toolbar.
2. In the folder, place shortcuts to whatever you want on your toolbar. This can be the executables for your favorite programs, links to your favorite photos, or links to a folder containing other folders.
3. Now drag the folder to any edge of your screen (upper, lower or side). When it “hits” the edge, the folder creates a toolbar of its contents.
4. Right click the name of the folder at the top of the toolbar, and you can choose the size of the icons and whether to display text (file or folder names) with the icons. For applications, you might want to use just icons.

Note: if you’re using multiple monitors with your desktop extended across them, you can only drag to the “hard” edges (that is, you can’t create a folder on the left side of your right monitor). However, you can get around this by going into Display Settings and rearranging your monitors to put the right monitor on the left side. Then you can drag the folder to it and create a toolbar there, then rearrange the monitors in Display Settings again and the toolbar will stay where you put it.

Can I play media files in Vista Explorer?
QUESTION: My biggest problem has been that since Windows 2000, MS took out a preview window for files in the Windows Explorer window. In Windows 2000, when you opened Windows Explorer and went to a file with .avi or .mpg you could play it right there in a small window between the right side with the folder tree and the files side to the left, meaning there were three panes, and the middle one was for previews of those type of files. – Levi M.

ANSWER: You’ll be happy to know that Vista does indeed have this capability. If you have Explorer configured (in Organize | Layout) to show the Preview pane, you can double click an AVI or other media file and it will open and play in the preview pane, which appears on the far right side of the window.

Block IPv6 traffic with XP firewall
The basic Internet Connection Firewall in XP filters IPv4 traffic but does not block IPv6 traffic. You can fix this problem by installing the Advanced Networking Pack for XP. For more info, see KB article 306203.

You get an error message when you run the Malicious Software Removal tool in XP
If you receive an error message after you run the Microsoft Malicious Software Removal tool on your XP computer, you should check the tool’s log file and then match the error code with the table in KB article 891717.

Deb Shinder

Loyal readers will recall the waterspout we spotted a while back off our beach. Today, we had another one, a bit further north. One of our sales reps, Glen, took a quick video, which you can see here.

What’s a waterspout? It’s basically a tornado on the water. No fun if you’re out on the water, but fun to watch from a safe distance.

Alex Eckelberry

Apparently, my last post about hacked university sites generated some confusion.

To explain, these are .edu sites that have been hacked.  Many of these pages are redirecting to porn, or to sites which push malware.

It’s not just porn, however.  Free ringtones, casinos, etc. are all part of this mix of nastiness.

Hope that helps.

Alex Eckelberry

We continue to see university sites spewing porn. We’re getting pretty sick of seeing this stuff out there.

Click on image to expand. (Warning: highly offensive content.)

Alex Eckelberry
(Thanks Francesco)

When it comes to computers, most of us are used to a certain amount of “downtime” and that extends to computer-related services such as our Internet connections. We tolerate things we would never put up with from, for example, our telephone service. And yet some of us are just as dependent on Internet connectivity as we are on our phones – or even more so.

Those of us who, like me, conduct almost all of our business online accept that we’ll have to pay extra to get the kind of reliability we need. So Tom and I shell out almost $600 per month for a T-1 line to run our mail server, web servers, etc. For that kind of money, you’d think we’d have no worries about downtime – but you’d be wrong.

Lately it seems the T-1 has gone down just about every time it rained. And it’s been raining a lot in North Central Texas this summer. Usually it lasts anywhere from a few minutes to a few hours, but this last week we had the mother of all outages: the T-1 died around 22:00 on Wednesday night and finally – after numerous complaints to Speakeasy, our provider, and assurances that they, Covad and the telco were working through the night to fix it – came back up on Friday around 16:00.

Since mail comes in to our Exchange server on the T-1, that meant we missed a day and half of email messages to our primary addresses. Some of those may have been potential business that we lost out on; we’ll never know. Potential customers and others who wanted to visit our web sites during that period were out of luck, too.

Oh, it could have been a lot worse if we had been relying solely on the T-1 for Internet access. Luckily, we also have a FiOS line that we use for web surfing, so I was at least able to use my webmail accounts to notify important contacts of the situation and direct them to use my alternative email addresses if they needed to get in touch.

That didn’t work so well at first, though. After sending a number of messages from my Gmail account, I discovered that some people were writing back to me there but I wasn’t receiving their mail. Some replies I got, some I didn’t. So I had to go through the process all over again, this time telling people to write to me at my Hotmail account. That seemed to work; as far as I could tell I was getting all my mail there. I did have the opportunity to get re- acquainted with Hotmail. I hadn’t used it in years, and I found it’s improved a lot since then. I wrote about that in the August 3 blog post titled “Hotmail: Getting Better But…”

Despite FiOS and webmail, the whole thing caused a big disruption in our business and our lives. Tom was out of town, teaching a class at BlackHat in Las Vegas, so he discovered the problem when he tried to connect back to our Exchange server to check his mail. I was home alone with only the cats to keep me company, and being cut off from the usual constant flow of email made me feel as if I had been abandoned on a desert island.

I’ve been reading recently about folks taking an email hiatus. Well, that’s fine if it’s what you choose to do. My involuntary email hiatus was not a pleasant experience. You’d think I would at least get more work done without the distraction of incoming mail, but it didn’t work out that way. It was sort of like driving a car with an automatic transmission when you’re used to a standard; your left foot keeps reaching for the clutch that’s not there. And I kept checking Outlook every ten minutes to see if the line was back up again. Then I’d have to go through the disappointment and frustration all over again each time I discovered that it wasn’t.

They say every cloud has a silver lining and I guess the good thing about this experience was that I went an entire day and a half without seeing a single spam message. No bogus “ecards from a friend.” No notices that my mortgage application has been approved at some amazing low rate. No attempts to sell me prescription drugs or adult videos or OEM software or weight-loss remedies or body enhancement devices. No huge discounts on fake Rolexes. No lonely guys and girls urging me to watch their web cams. No unreadable messages in foreign languages whose alphabets I don’t even recognize. No unintelligible messages ostensibly in English consisting of “word salad” designed to confuse spam filters.

There were no headhunters who’ve supposedly seen my résumé and have a great job offer for me. No dire warnings about the latest virus that will consume my hard drive in a single gulp. No sappy poems or inspirational stories that I absolutely must forward to ten of my closest friends or risk seven years of bad luck. No final notices that the PayPal account I don’t have is being shut down due to unauthorized logon attempts. No letters from my bank requiring me to verify my passwords on a handy web page whose URL doesn’t match the link and is in the .ru domain.

Nice as it was to not have to deal with spam, I’ll gladly put up with it in order to have my main method of communications back. Since our residential FiOS line (at $44/month for 15Mbps down and 2Mbps up) has been rock solid for the more than a year we’ve had it, I think we’ll soon be dropping the T-1 and switching to business FiOS on which we can run our servers. At $129/month, it’ll save us several hundred dollars and if experience holds, will save us a lot of aggravation, too.

We all depend on our communications technologies these days. At least we’re in a better position than SunRocket’s VoIP customers, whose service was shut down permanently without any notice (and those who prepaid for a full year won’t even get their money back). You can read more about that here.

At least Speakeasy offered us a month of free service in compensation. And in addition to the FiOS line, if all else fails we also have unlimited Internet service on Verizon’s EV-DO service through our Pocket PC phones.

Do you or would you pay extra for better reliability? How much extra? Do you have a second (and third) connection/provider for backup, or are you cut off completely when your ISP goes south?

Deb Shinder

Jonathan Edwards at Yankee Group just did a study on corporate blogs.

Conclusion? This blog has mojo.

(Well, there were a few other things in there, but this is absolutely the most important fact.)

Discussion-Oriented Blogs
The most successful and influential dialogue-focused bloggers in the blogosphere are constantly aware of the happenings in their industry and beyond. Their content resonates in the market because it is timely and topical. They also dedicate significant time not only to writing posts, but also to researching, responding to comments and participating in discussions on other blogs. Furthermore, there are intangible traits that are characteristic of the most successful conversational bloggers that companies will find difficult to identify and enact. For example, Sunbelt Software president and blogger Alex Eckelberry thinks that to be successful in the blogosphere, “You need the mojo to do it.” In a lot of ways, blogging is a popularity contest, and the ability to convey a strong personality will spark interest and drive traffic.

Blogs such as Eckelberry’s and Sun Microsystems CEO Jonathan Schwartz’s blog are prime examples of blogs with strong personality. Blogs of this type are difficult to establish and such status is difficult to maintain, but according to Eckelberry, “Sunbelt was put on the map within 6 months of the blog being out there.” Eckelberry asserts the keys to his blogging success are creating highly personalized conversations and delivering interesting content consistently. The value derived from blogs of this type is primarily brand improvement, personification and evangelization.

Hosting community discussions that target specific audiences will attract those audiences if they deliver the niche desired content—with or without mojo. Think of a box office hit compared with a cult classic film:

• The box office hit blog: A blog with significant mojo such as Eckelberry’s and Schwartz’s blogs will attract readers of all kinds—similar to how a box office hit movie attracts a larger and more diverse audience than a niche genre film. Everyone in the industry reads and knows these types of blogs.

• The cult-classic blog: Corporate blogs such as Intel’s IT@Intel can be thought of as cult classics because the content they deliver and the conversations surrounding that content involves a niche audience. The IT@Intel blog targets IT shops and functions as a platform for IT professionals to discuss best practices and address problems. Like a cult classic, blogs of this type attract a relatively small audience, but one that is passionate about the subject matter that particularly pertains to its interests.

(This study has to be purchased from Yankee Group, so I’m sorry I can’t post the full thing.)

Alex Eckelberry

Greg Kras and I will be holding a webinar on our Ninja Email Security product this Tuesday.

Learn about New Antispam Features in Ninja Email Security
Live Product Demo and Technical Overview. Join Alex Eckelberry, CEO and Greg Kras, VP of Product Management for Sunbelt Software on Tuesday August 7th at 2:00pm EDT for an overview of the new antispam features of Sunbelt’s Ninja Email Security for MS Exchange 2000, 2003 and 2007. When: Tuesday, August 7, 2007 2:00 PM (EDT).

Register here.

Alex Eckelberry

save-me-please(dot)com is a site dedicated to saving a bunny.

We have no idea what this is odd thing is: A joke, a hoax. Or a scam.

There’s this cute picture of the little bunny wabbit:

And some extraordinarily nauseating videos, one of the cute rabbit (replete with a drippy French ballad), and one of skinning a rabbit (enough to make you a vegetarian).

We downloaded the cute wabbit video and uploaded it to YouTube (we’ll pass on showing you the rabbit skinning video).

Mixing cute videos and pictures with website graphics of cooked bunny rabbits and a butcher with a knife is distasteful enogh. But then you’re asked for money to save the rabbit:

Which, not surprisingly, goes through Daopay (900 number billing):

It’s certainly suspicious and a scam. Not only is this site is run by a group that also is associated with exploit sites, info stealers, charity scams, and phishing sites. But, well, just look at it.

I wonder if some people will actually fall for this. Unreal.

Alex Eckelberry
(Credit to Sunbelt researcher Patrick Jordan)

No, not a terrorist attack — just simple stupid hacks to redirect people to porn and other junk. Largely used for search engine optimization.

The city of Dinuba, California and Inyocourt seem to have some problems. They’ve got pages on their servers which redirect to porn.

(This image has been thumbnailed due to graphic and highly offensive content.)

But it’s not only porn. Check out these pages at NASA.

Click one of those links and what you get is this:

Or how about this at a US Bankruptcy court:

Click on one of those links and you get this:

Alex Eckelberry

On the 30th of July, IBM’s ISS group announced the end of BlackICE PC protection:

IBM Internet Security Systems has announced the End of Life for BlackICE PC Protection (formerly known as BlackICE Defender) and BlackICE Server Protection (formerly known as BlackICE Defender for Server). The End of Sale date for these products is September 19, 2007. You will not be able to purchase BlackICE products after this date. We will update and support BlackICE products until September 29, 2008, and have prepared an FAQ for you about this process.

BlackICE was once one of the big names in PC security and it’s a bad sad (although not surprising) to see it go to grave.

So, we decided to give out a free copy of the Sunbelt Personal Firewall (formerly the Kerio Personal Firewall) to BlackICE PC Protection users:

…all registered users of BlackICE PC Protection can get a free one year subscription to the full version of Sunbelt Personal Firewall and includes all of the features, toll-free support, and updates of a standard subscription. To benefit from this special offer, users can visit http://www.saveblackice.com/ and complete a short form or call toll free at 1-800-336-3166. The special offer period begins today and will be available for a limited time.

You can find out more in our press release here.

Alex Eckelberry

The link may still be live:

http://news.xinhuanet.com/english/2007-07/30/content_6450253.htm

Alex Eckelberry
(Hat Tip)

XP SP3 Confirmed
It appears that Microsoft has confirmed that there will be another service pack for Windows XP and that it’s scheduled to be released during the first half of 2008. Nobody’s talking about what it will include. Read more here.

Problems with Vista activation system
We all knew and accepted that we might have to reactivate Vista if we installed certain types of new hardware. But nobody expected that just installing driver software could trigger the reactivation requirement. Well, it seems several people are experiencing this, including my friend Ed Bott.

Give your input: What should the next version of Windows look like?
Vista is still new so who in his/her right mind is thinking about the next version of Windows already? Microsoft programmers, that’s who. Code named Vienna, Vista’s successor is still in the very earliest stages of development, but at least one blogger is soliciting comments and suggestions for features for the next Windows.

What I love about the new Windows Explorer
In the throes of my nVidia-induced problems with my primary computer last week, I ended up doing a lot of my work on the bedroom computer, which runs XP. Going back to XP after working with Vista as my primary OS for well over a year (first in beta), there were a lot of features I missed, including the Sidebar (whose gadgets I consult often) and the Search feature on the Start menu. But I think the thing I actually missed most was the new Windows Explorer layout and interface.

In particular, I absolutely hated not being able to just click Recent Places to get back to a folder I’d had open earlier. Whoever came up with that idea was a genius; I’ve found it to be extremely useful. Another great aspect of Vista’s Explorer that I missed was the ability to click on any level in the path to go there, and I felt as if I were operating blind as I navigated through document files without the preview feature that lets me see the contents of a Word doc without opening it.

The XP computer also runs Office 2003. To find out what I missed about Office 2007, see the July 29 entry in my tech blog, titled What I Missed About Office 2007 When I Went Back to Office 2003.

How to use encryption for Outlook 2007 email
Most people think of email as an unsecure medium, but it doesn’t have to be. You can use encryption to protect the contents of mail, or digital signatures to authenticate the identity of email senders. Most modern mail clients support using Secure MIME (S/MIME) for this, but it’s not always obvious how to do it. Here’s how in Outlook 2007:

1. First, you need to get a digital certificate. You can get one free for non- commercial use from Comodo (www.comodo.com).
2. Compose your message, then click the Office logo button and select Properties.
3. Click the Security tab, and click to encrypt the contents and/or add a digital signature to the message.

You can also use S/MIME email with a Windows Mobile device. Read more about that here.

All about Rootkits
You’ve probably heard about rootkits, and you know they’re bad – some sort of malware, “like a virus or something,” as one writer put it. Originally, the word referred to something used on UNIX based systems to hack the “root” account, which is like the administrator account on Windows. Now there are rootkits for Windows too. Here’s a useful overview of what they are, how they work and how they can be detected.

Can I change the default image editor in XP’s Picture and Fax Viewer?
QUESTION: I was hoping that your article on: (How to change file associations in XP) would show me how to correct a problem I am experiencing. The icon at the bottom of the Windows and Fax viewer for closing that program and opening the image for editing now takes me to Microsoft Paint while I prefer to have it open the image to one of my other editing programs. I realize that I can do this by right clicking the icon and selecting the program but would prefer to have it automatically take me the the program I select as it once did. Any help would be appreciated. – Bob R.

ANSWER: First, I have to say that one of the things I really like about Vista is the new Photo Gallery, which replaces the “picture” part of Windows Picture and Fax Viewer (the “fax” part is replaced by Vista’s Fax and Scan application). Photo Gallery is the picture previewer in Vista, and one of the things I love about it is that you can edit pictures right inside it, instead of opening some other program to do it.

That said, it is indeed possible to change the default image editing program in XP’s Picture and Fax Viewer, but you’ll need to either edit the registry or use a utility called Imgeditor which can be downloaded here (ZIP file):

To edit the registry, first back it up, then do the following:

1. Open your favorite registry editor and navigate to this key: HKEY_CLASSES_ROOT SystemFileAssociations image shell edit command
2. Doubleclick the entry in the right pane.
3. In the data value field, type the path to the program you want to use (for example: “c:Program FilesIrfanViewi_view32.exe” “%1”

You can change the editor for a particular file type this way:

1. Click Start | Run
2. Type CONTROL FOLDERS
3. Click the File Types tab.
4. Select the file type from the list and click the Advanced button.
5. Click New.
6. In the Action box, type Edit
7. In the Application Used To Perform Action box, type the full path to the application you want to use to edit pictures.
8. Click OK twice to close the dialog boxes. This sets the default image editor for the selected file type.

Mapped drives don’t appear to connect or disconnect in Windows Explorer
If you find that mapped network drives aren’t visible in XP, or a mapped network drive stays visible after you’ve disconnected from it, this could be because of a system policy. This issue is fixed by the latest service pack (if you have the same problem in Windows 2000 or Server 2003, you can get a hotfix for it). For more info, see KB article 812933.

No search results over a WAN link with your XP computer
You may not come up with any search results when you try to do the search over a wide area network (WAN) connection. Even though you know the files exist, you still get an error message that says “Search is complete. There are no results to display.” Luckily, there’s a workaround. Read the instructions in KB article 925885.

Vista computer stops responding if USB camera is connected
Does your Vista computer hang up when you connect your USB camera? This only happens with certain cameras, and it’s because of the driver the camera uses. There’s a hotfix available to fix the problem; you’ll need to contact Microsoft Customer Support Services to get it. To find out how, see KB article 939331.

Until next week,

Deb Shinder

Over the weekend, we learned that over 70% of American citizens support the increased use of surveillance cameras.

I know that some may believe cameras are harmless and arguments for and against them have been made by many people. I won’t get into the debate on this blog.

However, I see these survey results as a manifestation of the culture of fear of our society which is driving people to accept the continual degradation of their individual freedoms. More troubling is that we’ve seen this occur historically, to the detriment of society.

Our current culture of fear is largely manufactured. As an example, studies have shown that in some areas, where murder rate might be down, people think the murder rates are actually up. The reason? The media continues to report on the garish, the gruesome, the horrible, while largely ignoring the good. Also, these violent crimes are usually in particular areas, but they may be generalized over a broader area.

Really, how dangerous is your neighborhood? You watch the news and you could become terrified. But you go outside and walk your street, and you see something completely different. What’s the truth? It’s what you personally observe. And you’ll find that it’s generally at odds with what’s reported.

I lived in Los Angeles during the period when there were a number of drive-by shootings. Many people considered Los Angeles an extraordinarily dangerous place to live — as if simply driving was an invitation to get shot. Of course, this was nonsense. The danger from driving in LA is bad drivers. In 20 years of living there, I never saw a gun. Ever. And I drove a lot.

I also work in the security business, where I see gruesome stuff with an almost tiring routine. But I do know things have been getting a lot better for users over the past several years, with better protection in the operating system, government and other legal action against spyware companies, and better security software.

Am I some Pollyanna, believing that all is sweetness and light? Of course not. I’ve seen and been through some pretty rough stuff myself. But in all societies, for the most part, the bad is greatly magnified over the good.

In a way, we’re smarter now, because we have more than Hearst, Luce, and three television networks controlling our access to information. But fear has taken its grip.

In the end, the answer to Bad Things Happening is not reducing individual rights. One of the better essays on one historical aspect of this subject is by Robert Harris, writing about the “Pirates of the Mediterranean”:

“In the autumn of 68 B.C. the world’s only military superpower was dealt a profound psychological blow by a daring terrorist attack on its very heart. Rome’s port at Ostia was set on fire, the consular war fleet destroyed, and two prominent senators, together with their bodyguards and staff, kidnapped.

The incident, dramatic though it was, has not attracted much attention from modern historians. But history is mutable. An event that was merely a footnote five years ago has now, in our post-9/11 world, assumed a fresh and ominous significance. For in the panicky aftermath of the attack, the Roman people made decisions that set them on the path to the destruction of their Constitution, their democracy and their liberty. One cannot help wondering if history is repeating itself.”

I hope that reason and rationality will prevail, and that I won’t have as a legacy to our children a place where they cannot live and think freely, under the constant watchful eye of cameras, wiretaps and other intrusions — all in the name of “safety”.

Alex Eckelberry