Category: Uncategorized

Keep computer users from running Windows Messenger in XP or Vista
Do you have a computer that you share with others (for example, your children) and don’t want them to be able to use Windows Messenger? There are third party programs you can buy to control the running of certain programs, but there’s an easier and cheaper way to disable Messenger in XP or Vista, using Group Policy.

1. Log on as an administrator.
2. Click Start | Run.
3. In the Run box, type gpedit.msc to open the Group Policy editor. In Vista, you will be prompted to continue. Click the Continue button.
4. In the left pane, under Local Computer Policy | Computer Configuration, expand Administrative Templates and then Windows Components.
5. Double click Windows Messenger.
6. In the right pane, double click the policy “Do not allow Windows Messenger to be run.”
7. Click the Enabled option.

Note that Remote Assistance will not be able to use Windows Messenger when you disable it this way.

Security at Home
If you find that most of the computer security information you find on the web seems to be focused on businesses, visit Microsoft’s Security at Home web site for articles and tips aimed at home computer users, including ways to protect children from the dangers of social networking web sites, how to create stronger passwords, and how to use controls built into Vista, Xbox and other products to control kids’ Internet use. Check back often for new information.

What’s going on with my Vista display?
QUESTION: I’ve upgraded to Vista Ultimate and I love it – BUT … sometimes after the computer has been running for a long time, I suddenly start having weird display problems, where parts of the screen go black or become transparent or the toolbar disappears or moves to a different location. Not good! Can you help? – Jon. J.

ANSWER: If it’s any consolation, you’re not the only one who’s had this problem. Logging off and logging back on should stop the bad behavior (for a while, at least), or you can stop and restart Windows Explorer. Here’s how:

1. Press CTRL+ALT+DEL and select Task Manager.
2. Click the Processes tab.
3. Click explorer.exe to select it and click End Process, then confirm.
4. Click the Applications tab.
5. Click New Task and type explorer.exe in the Open box.
6. Click OK to restart Explorer.

This can get old, though. There is an update you can download that should solve the problem.

Deb Shinder

How to edit the Boot.ini file in XP
You can manually edit the boot.ini file which contains information controlling the XP boot menu. This is especially helpful if you have a dual or multi-boot configuration or if you have old operating system versions that you no longer use and want to remove from the boot menu. For instructions on how to do it, see KB article 289022.

IE stops working when you click a web site link on XP SP2 or Vista
If you’ve installed certain security updates on your computer running XP with Service Pack 2, Vista or Server 2003, you may find that subsequently you get a hang up (non-response) when you click links on a web site. Even worse, you might hear a continuous clicking sound. What’s up with that? Well, you can fix it by installing the latest cumulative security update for IE, or with a hot fix that’s available to correct the problem. To learn more, see KB article 928387.

Vista stops responding when you transfer a file
If you try to transfer a file between your Vista machine and a file server that’s running an older version of Windows, Vista might hang up. It happens because the SMB 1.0 protocol is being used and the network connection is temporarily lost. There’s a hotfix available to address this problem. Read about how to get it in KB article 935427.

Deb Shinder

Windows Live Folders: coming soon to a computer near you
At this point, it’s still in private beta testing, but Microsoft’s new Windows Live service, Live Folders, is expected to be available to the public in the next couple of months. A free online file storage service, it allows you to create three types of folders: private, shared and public, on which you can set permissions for others to access them via the web. You get 500 MB of storage free, and it works with all Windows and Mac computers with recent versions of IE and Firefox. Find out more here.

Speaking of Windows Live betas
There are a whole slew of Windows Live services that are available for public beta testing now, including Windows Live services for mobile devices. Some you may not have heard of include Live Q&A, whereby you ask questions and get answers on a wide variety of topics; Live Product Search, which helps you compare products and make buying decisions; Live Academic Search, for accessing academic research; and Live Alerts, which notifies you of news stories, sports scores, stock quotes etc. that you preconfigure. You can try any or all of these, and more, by going here.

Xbox 360 warranty extended
After reports of hardware failures, Microsoft has extended the warranty on the Xbox 360 game console to three years from the purchase date. If you experience an error message accompanied by three flashing red lights, your Xbox will be repaired or replaced free of charge and if you’ve incurred repair costs for this problem before the announcement, Microsoft will reimburse you. Find out more here.

iPhone alternatives on the way?
Last week, in my blog, I told you all the reasons why I won’t be buying an iPhone, at least not until a few important missing features, like over-the-air Exchange support, faster network support and a user-removable battery, make it into a future version. Some research in the meantime has turn up some potential alternatives with some of the iPhone’s design features for those of us who prefer to use Windows Mobile 6. One contender is LG’s KS20, a model that’s been the subject of rumors for several months now. You can see its resemblance to the iPhone here.

Meanwhile, another Windows Mobile phone with an iPhoneish look is the HTC Touch, which you can see here.

What’s your favorite alternative to the iPhone? Let us know.

Tiny TV episodes save time
With today’s DVR technology, some of us are already doing it ourselves – fast forwarding through the commercials and sometimes through the less exciting parts of the program, too, so we can get the gist of the story without spending an entire hour watching. After all, in today’s fast paced world, who has the time? I admit to watching some of my favorite half-hour HGTV shows in 15 minutes or less, speeding through the demolition to see the final results. Now you can see classic programs in an even more abbreviated format on the Minisode Network. Read more here.

New version of Movie Maker on Vista
Vista includes a new version of Windows Movie Maker (v. 6) that has some cool improvements. If you’ve used the XP Movie Maker, one enhancement you’ll appreciate is no longer being limited to a 320×240 preview. Another great new feature in Vista is the ability to publish Movie Maker projects directly to DVD with Windows DVD Maker. And if you’re a Windows Media Center fan, you’ll be glad to know that Movie Maker now supports the DVR-MS format that Media Center uses to record TV programs. You can edit out the commercials and/or save the program in WMV format to make a much smaller file, which is especially handy if you want to, for instance, store the program on an SD card and play it on your Pocket PC (note that you can’t edit programs that use Broadcast Flag, such as HBO and Cinemax programming). For more about Vista Movie Maker and to see a screenshot of the interface, see my blog post titled Making Movies with Vista published July 4^th.

Deb Shinder

Over the last few years, I’ve read a number of news articles detailing how various web services have been or could be used by terrorists in plotting their attacks. The latest example was the claim that the terrorists who recently plotted to blow up the fuel tanks at JFK airport used Google Earth to pinpoint the coordinates and get aerial views of their target. Some security experts have suggested that such services should be shut down or restricted to exclude locations that might be likely attack targets from their databases.

Certainly none of us want to make it easier for terrorists to accomplish their missions – but I can’t help wondering where an all-out effort to do away with everything that might aid the bad guys will lead us. After all, it’s well documented that terrorists also use cell phones and email to further their plotting. Does that mean we should shut down those communications systems, as well?

If you think about it, it’s a slippery slope. Do you take away tools that have valuable legitimate uses by law abiding citizens just because criminals can use them to commit crimes? That’s the premise of gun control laws, but in the U.S., those laws have had dismal success records. Do we really want to extend that philosophy to Internet sites and services?

It’s true that too much information can be a dangerous thing. I admit that sometimes I wish it weren’t quite so easy for others to find information about me on the ‘Net. It makes me uncomfortable that strangers with some Internet research savvy can find out where I live, especially considering the hate mail I sometimes get for expressing my opinions in these editorials and in other forums. On the other hand, I’ve used those very same research tools and techniques to locate long-lost family members and friends, thus enriching my life.

In this country, we’ve always been willing to take some risks in the interest of freedom. For instance, you’ve long been able to find bomb-making instructions in most public libraries, but that hasn’t led to an epidemic of homemade explosions – at least, not in the past. One might argue, though, that we’re up against a different type of threat now, and that it has become necessary to restrict not only access to “dangerous” physical tools but also access to “dangerous” information. It’s not an easy issue.

It all comes down to a question of how far we’re willing to go in pursuit of security. Would you be willing to have the web censored by the government, as it is in China and some other countries, in order to keep terrorists from obtaining information they could use to hurt us? Would you be willing to have all your email monitored by the government in the interest of catching terrorists?

How about giving up paper money in favor of digital dollars and having all your financial transactions tracked and logged, so that the authorities can spot money transfers made by terrorists? What if the police “needed” to listen to all phone calls in order to catch criminals? Would you protest mightily or just grumble a little, or would you go along with it happily, if it’s “for the children?” Would you support having mandatory GPS tracking devices on all cars, so they could always be located if necessary? What about surveillance cameras on all street corners – or even inside private buildings and vehicles? Drastic measures, sure – but it beats being blown up by terrorists. Or does it?

Some people will say the above suggestions are ludicrous and could never happen in a free country. But who would ever have believed, twenty years ago, that one day we would have to take our shoes off before getting on an airplane, or that we’d ever need a passport for a quick jaunt to Mexico or Canada?

The idea of shutting down an Internet service that terrorists are using might seem like the prudent and patriotic thing to do, but how far do we go? Tell us what you think. Should there be restrictions imposed on the information that’s available on the ‘Net if that information could be used illegally? Or is freedom of information worth the risks? 

Deb Shinder

Terry Savage just covered the subject of using check cards in public places here.

With check cards (generally, hybrid ATM and VISA cards) having become a de facto currency these days, it’s important to be careful as to how you use them.

For example, if you’re going to use a check card, always choose the “credit” vs. the “debit” option. The idea of entering a PIN on a public terminal is unnerving enough, but you also don’t get some key protection in case the card is used fraudulently.

But at the end of the day, I strongly believe that these check cards should only be used for ATM withdrawals at bank ATM machines — not for credit transactions in general (even more so for online transactions).

Practically speaking, it’s more of a hassle to reconcile your bank statement at the end of the month with lots of little charges compared to the simplicity and hard copy backup of checks (and you do reconcile your bank statements, right?), but more importantly, the risk of fraud tied to your bank account is too great a risk.

Of course, I recognize that some people can’t get normal credit cards, because of age or credit history, and all they have access to is a check card. In that case, simply use caution and regularly stay on top of the charges as reported from your bank. And don’t choose the “debit” option when making a purchase.

Alex Eckelberry
(Hat tip to Marc)

DriveCleaner is known for its misleading marketing practices. And one example came to me today by an email from Robby, one of my three faithful blog readers:

I’ve attached two screenshots of Drive Cleaner popups happening within the Juno webmail client itself, including what appears to be a hijacked banner advertisement when I click on cancel. This has happened about three times now over the past few days and on different computers.

I don’t have Juno and can’t verify this. But what is likely happening is that Juno has contracted with a third party ad network to sell ads. DriveCleaner is displaying these ads, which are doing some fake animated “scan”.

It’s extraordinarily misleading advertising, and being served on Juno, is even worse, since Juno has a high degree of popularity among seniors, an audience that’s ripe for scams.

Let’s hope the folks at the FTC take notice.

Alex Eckelberry

Looks like some areas on the UMD site have been hacked. Lots of bad stuff there.

Don’t go to these links — they are not safe. Looks like the Gromozon gang… [Update: Actualy, this looks like the CallSolutions group using mpack.]

Alex Eckelberry
(Credit to Sunbelt researcher Francesco)

I have to see this:

[DAY] Trinexx: I saw the most awesome Windows error today: “A malicious program has attempted to shut down Windows. As a precaution, Windows was shut down.”

Alex Eckelberry

Player Codec, a variant of the Trojan DNS changer fake codec. The website is basic-codec(dot)com. Detection rates are poor on this one.

Alex Eckelberry
(Credit to Bharath)

We are in one of the tallest buildings in the area, and it looks over the Memorial Causeway, where the city launches its fireworks.  So, lots of employees come over on the 4^th to watch the fireworks, and of course, many also take pictures.   

John, our IT Manager, has some nice pics on his blog, Nick in spyware research put some up on Flickr and of course, our famous creative director, Robert LaFollette, took some great pictures as well.

Alex Eckelberry

Restore XP after upgrading to Vista
Okay, so you upgraded your XP computer to Vista and you don’t like the new OS. It happens. But you may be able to restore your computer to the previous version of Windows without having to format the hard disk and install XP from scratch – if your XP installation was saved in a Windows.OLD folder. It’s a fairly long process, but not too difficult if you carefully follow the step by step instructions in KB article 933168.

Low performance on high performance video card
If you have a Vista computer with a high end (and high dollar) multiple GPU video card but you’re not getting the kind of performance you have a right to expect from such a card, it might be because the OS isn’t forwarding driver- rend requests to the secondary GPU. Luckily, there’s a hot fix for this, but you have to call Microsoft Customer Support Services to get it. To find out more, see KB article 936710.

Deb Shinder

How to restore XP activation status information after a reformat

1. Double-click My Computer, then double-click on the “C” drive.
2. Navigate to the C:WindowsSystem32 folder.
3. Locate the files named “wpa.dbl” and “wpa.bak” and copy them to a safe location such as a USB key or CD.
4. Reformat your disk and reinstall Windows XP on your reformatted hard drive, click “No” when asked if you want to activate Windows.
5. Reboot your computer into SafeMode (press F8 as Windows is booting up to see the Windows Advanced Options menu and select SAFEBOOT_OPTION=Minimal)
6. Double-click My Computer, then double-click on the “C” drive again.
7. Navigate to the C:WindowsSystem32 folder again.
8. Locate the files named “wpa.dbl” and “wpa.bak” (if it exists) and rename them to “wpadbl.new” and “wpabak.new”
9. Copy your original “wpa.dbl” and “wpa.bak” files from your USB key, CD or DVD or other location into the C:WindowsSystem32 folder
10. Restart your system.

Spam of the Week
A couple of weeks ago, I was being inundated with spam messages claiming I had received a postcard from a family member. This past week, I’ve received literally hundreds of spams from the “United States National Medical Association.” There actually is an organization called the NMA but it’s not an online drug-buying organization, which is what the spam messages claim. Interestingly, my Outlook 2003 junk mail filter was not catching these – until I installed an update for the junk mail filters. Now they all go into my Junk Mail folder (I use a computer running XP/Outlook 2003 to filter my Exchange mail before I access it in Outlook 2007 on my primary Vista computer – but that’s another story for another day). If you’re getting these spams, check out how to get the update here.

Zune DRM

Question:

I recently signed up for the Zune download service and ran into a problem. I have two computers, a desktop and a laptop and installed the Zune service software on my desktop and created an account. I was able to buy songs and download them on my desktop without a problem. I installed the Zune service on my laptop and was able to buy songs, but they would not download! I was charged for the songs but the downloads failed. What can I do? – Tommy T.

ANSWER:

You’re not the first one to have this problem. The good news is that, since your account was charged for these songs, the Zune service has information about the download and the service is aware that the download did not complete (they have a mechanism to confirm whether the download was successful or not).

In order to download your songs, you can try again from the laptop, but I recommend that you go to your desktop first, since you know that downloads are working from there. Open the Zune interface and click the Zune Marketplace menu (it looks like a orange colored person sitting to the right of the Options menu). Click Account Management. On the Account Summary page, look in the Music and Purchases section. Click the Incomplete Transactions button. Click the Check Now button. If there are incomplete downloads, you’ll be able to complete the downloads from here. As for your laptop, you probably need to restart the computer to get your Zune download service to work.

[ed: A friend also dropped in with this comment: “I have had all kinds for problems with the Zune service. I purchased a 3 month service for all music and because I installed it on my laptop then on my home desktop it stop working. I had already uninstalled it on my laptop, but still no dice. I spent over an hour on the phone with Microsoft Zune tech support and it is still not fixed. Cost me $45. Microsoft’s DRM is POS.” ]

Chatty Trojan: This Trojan “tells” you that you’re infected.

Deb Shinder

An easier way to manage Vista’s boot configuration
If you want to make changes to your Vista computer’s boot configuration information without the somewhat technically complicated process of editing the Boot Configuration Data (BCDEdit) file, here’s a program that can help make it easier. It’s especially useful if you need to install a previous operating system, such as Windows XP, on a computer that is already running Vista. Last week, we answered a user’s question about how to fix the boot configuration in such a situation using the standard Microsoft procedure, but this third party product is another alternative that many will find friendlier – and it’s free. Thanks to several readers for this tip.

Readers sound off on desktop search
Last week, I asked which desktop search engine you like best. We got plenty of responses – but no clear consensus. Microsoft’s and Google’s engines got a roughly equal number of votes, with Microsoft gathering a handful more. Several voting for Microsoft express sentiments like those of Jakk: “I’ve never been an MS fan and I really wanted the Google search to be as good or better, that’s why I’ve kept downloading it after a new update to it, but in my experience the MS Search has worked better.”

A surprising number of you like Copernic, which came in a strong third. A few readers also pointed us toward X1 (http://www.x1.com/), which we’ll be trying out in the coming week (note, however, that it’s not free). Then there were a lot of messages like Jason M.’s: “The best search method that I prefer to use is called “organization!” If your files and folders are organized and you place new items where they ‘should’ go everytime, then there is no need to run a desktop search program, which saves the most computer resources.”

Vista Ultimate users are feeling extra deprived
One of the benefits of buying the Ultimate edition of Vista is – or was supposed to be – a steady stream of “extras” – software add-ons just for users of the most feature-laden (and most expensive) edition. So far, though, we haven’t seen very many. The Texas Hold ’em poker game is admittedly cool, as computer card games go, and there have been some enhancements for EFS and BitLocker that are useful, but only used by a small percentage of users.

The potentially coolest extra, the DreamScene add-on that lets you use a video as your computer wallpaper, is still in beta and in my own testing didn’t work all that well, even on my very high powered Dell XPS computer. On my lower powered laptop, well, “fugget about it.” I guess I’m not the only one who’s been wondering when all the neat new extras are going to be here. See this article in last week’s Windows Secrets newsletter.

Worst Windows Features
Many computer users enjoy a love/hate relationship with Windows. Even those who complain about it all the time don’t, for the most part, switch to Linux or Mac. And even those who generally love the OS have to admit that there have been some “features” introduced in various versions of Windows that we found less than user friendly. PC World unveils their own “20 Worst Windows Features” in this slideshow.

See if your favorites (or less than favorites) are included.

Deb Shinder

The term “computer dependency” is often used to describe so-called “Internet addiction,” or the excessive use of personal PCs by individuals who spend a great deal of their time online. However, there’s another kind of computer dependency that we, as a society, all suffer from today. That’s the ever- increasing dependency of all our essential systems, from public utility services to privately operated companies, on computers. Most of these would no longer be able to function at all if their computers went down.

And that’s not just a theoretical statement. Occasionally those computers do go down, and we get to see the world (or at least a little part of it) grind to a halt. A couple of weeks ago, United Airlines’ computer system that handled the dispatching of flights from one airport to another – the main flight operations system – suffered a “glitch” (as described by news stories) that grounded hundreds of flights for a few hours and left passengers stranded or delayed.

The system also provides maintenance information, crew scheduling and flight plans for pilots. You’d think such a mission-critical system would have a backup, and it did – but apparently that system failed as well.

Of course, it’s not the first time something like this has happened. Back in December 2004, some will recall that Conair cancelled 1100 flights on Christmas Day because of a computer problem, disrupting the holiday plans of thousands of people.

And of course it’s not just the airlines that are vulnerable to computer-caused troubles. If you stop and think and about it, almost important area of our lives is now controlled to some degree by technology. The banking system is dependent on computers; as money becomes more and more a matter of bits and bytes rather than pieces of paper backed by gold, a major computer malfunction (or a major hack) carries the possibility of wiping out all evidence of your life’s savings in one fell swoop. Sure, there are still paper records and you’d probably eventually end up getting it back, but there is a very real chance that you might be denied access to your funds for days, weeks or even longer.

A few years ago, a Canadian bank was hit by a software problem that caused withdrawals, deposits and transfers of some customers to be replicated, so that if, for example, you took out $100, it appeared twice on the transaction record, showing a total withdrawal of $200. Although the bank assured everyone that their money was safe and all errors would be corrected, no details were given as to what caused the problem.

Just last month, another “glitch” at a regional bank in the northeastern U.S. delayed the posting of deposits to customers’ accounts, causing problems for some people who needed to make withdrawals immediately.

As scary as it may be to consider the possibility that a computer problem could leave you financially destitute, at least temporarily, there are even more frightening aspects to our dependency on computers. Only a few weeks ago, Russian computers on the International Space Station went down. These include the computers that maintain the station’s position in orbit as well as the ones that provide oxygen and remove carbon dioxide from the air – an essential system if ever there was one.

No one’s life was immediately imperiled, but in the worst case scenario, such a problem could result in the necessity to abandon the station.

Coming back down to earth, there are people whose lives lie in the “hands” of computers every day. The healthcare industry now uses computers for everything from scheduling patient appointments to running life support equipment to performing surgery. In 2005, officials in Calgary, Canada discovered a glitch (there’s that word again) that affected a web site used by doctors to view lab test results. It was reported that around 2000 patients could have received incorrect treatment because of the erroneous information posted to the site.

Surgeons today can operate on patients without even being in the same room (or the same country) through robotic arms controlled over high speed data links. An Italian surgeon has even developed a software program that can use the data collected from prior surgeries to perform operations without any human intervention. It was used to perform unassisted heart surgery for the first time in 2006.

Much more common are artificial pacemakers and implanted cardioverter- defibrillators (ICDs), which contain small computers that monitor heart rhythms and apply an electrical shock when necessary. Thousands of people are walking around with these in their chests. Early models sometimes suffered from software errors and had to be reprogrammed

It’s not just in life threatening situations that hospitals and doctors’ computer problems can cause grief for patients. Only a week ago the L.A. Times reported that a computer error caused a hospital to send a bill for $962,120 for a four day stay to treat minor injuries. The correct billing amount (which is bad enough) was $48,106.

Of course, we encounter less serious, but nonetheless aggravating computer “glitches” all the time. Who hasn’t, at some time over the last two decades, received an incorrect bill for something and called in about it, only to be told it was the computer’s fault? Sometimes I think that’s become an awfully convenient excuse.

After all, according to some later reports, it was “human error” that caused United Airlines’ computer failure – and somehow that doesn’t make me feel a lot better. All of these gigantic computer systems have hundreds or thousands of humans operating them, and that may well be the weak link. People always make mistakes, but when those mistakes are input to a powerful networked computer system, the results can be much more damaging.

So maybe it’s not the computers themselves, but the humans sitting at their keyboards, that we really should be worried about. What do you think? Have we become too dependent on computers? Would a world-wide EMP (electro-magnetic pulse) that wiped out all the computer systems bring our society to its knees – or would it teach us a valuable lesson? Or are computers actually more reliable than people, and will things be better when the computers can handle everything without human intervention? Tell us your opinions at feedback@wxpnews.com

‘Til next week,

Deb Shinder

Of interest to security wonks:

Activation in the iPhone works in a similar manner to windows activation (standard signature handshake).

iTunes gets three things from the phone, the DeviceID, the IMEI, and the ICCID. This is called the token and is unique to every iPhone. This token is then sent to the apple server (alfred.apple.com) via SSL. Apple uses their private key to sign the token and transmits it back to iTunes. iTunes then calls AMDeviceActivate with this signed token. The device gets the token and checks whether or not the signature matches the token. If it does, the device is activated.

{
 "UniqueDeviceID" = "aabbccdd......";
 "InternationalMobileEquipmentIdentity" = "1234....";
 "IntegratedCircuitCardIdentity" = "1234...";
}

Link here.

Alex Eckelberry
(thanks Eric)

Happy 4^th everybody.   For you history buffs, here’s a fellow liveblogging the Continental Congress.

Alex Eckelberry
(Hat tip)

Yesterday, I blogged about one security expert Winn Schwartau’s blog being compromised. Today, he responds:

Laugh, cry…whatever. Welcome to the Internet.

When I heard about this a few days ago I sort of ignored it because I have been using the InfowarCon blog instead and thought we had closed this one down.

Alas, we didn’t for either technical or social reasons. Whatever.

A bit of research shows that these attacks were openly reported in March of this year and it seems folks are getting blasted everywhere.

2 Points. Maybe more.

1. Blogger is an SaaS, a web application. If any of the bloggers get nailed, it’s because (a) the servers and or its code got nailed or (b) the software allows the publishing /installation and perhaps operation of active code.

Either way, an SaaS should provide adequate protection against such obvious types of attacks. Perhaps there is a rooting going on? I don’t know and don’t have the time/inclination to figger it out. That’s there job.

2. Anyone, anywhere, anytime can get hosed. Even we ‘security experts’ screw up. Yup. It’s true. We are human. Should I have noticed earlier? Perhaps, but it wasn’t on my radar screen. Should I freak out? Nope. Not a damn thing I can do about it but bitch, and it seems that blogger is now appropriately blocking it for the good of the preservation of the species.

3. It’s going to happen again. Applications and operating environments need to have security built in from the very beginning, not as a multi-billion dollard post O/S afterthought from poor initial design and specifications.

SaaS, as we move more apps to the Net are going to get hosed, as seems to be happening with the social networking sites of infinite flavor.

Rant almost over…

Thanks for the notice and update. I don’t really mind being a victim here… it teaches me something, keeps us experts humble (I hope) and provides a very clear lesson for non-technical users.

Thanks
Winn

Winn, we all understand and thanks for the clarification.

Alex Eckelberry

Good reference site by Xeno Kovah. Link here (via Bugtraq) 

Alex Eckelberry

I got a note last week from a friend that Winn Schwartau’s blog (http://securityawareness(dot)blogspot.com) had been compromised.  I checked it — and sure enough, it had been taken over by Malware Alarm, a rogue antispyware app.  Basically, you went to the site and got the typical Malware Alarm warning message, which no matter what you do, brings up the fake MalwareAlarm scanner (basically, a web page designed to look like it’s actually scanning your system, designed to scare the bejeezes out the unsuspecting user).

Right now, the page is being blocked by Blogger:

However, you can still find the malware link in Google’s cache. And only the main page is blocked — permalinks will steal spew these fake security popups.

I can only assume that Winn knows what’s going on and is working it out. 

Alex Eckelberry
(Thanks, Doug, for the heads up and the pics)

Update:  Winn responds.

Nice little milestone, we just broke a million threat traces this week in CounterSpy. We’re currently processing one or two gigs or so of the bad stuff daily through our sandbox.

Alex Eckelberry