Category: Uncategorized

With each new operating system and application, Microsoft and other software vendors strive to make computers more user-friendly. More and more, the software does it all for us, and we need to know less and less to use it.

Take Windows Vista, for instance. Its new ways of finding what you need make it a delight to use. Instead of searching through the Programs menu for the application you want to run, you can simply type its name in the Search box. Instead of hunting through the file system in Windows Explorer for a document you want, just type the file name or keywords in the same Search box. When you want to save a document in a particular location, you no longer need to navigate through the whole drive; chances are that Favorite Links box on the left side of the Save As dialog box will take you straight to the folder you want with a couple of clicks.

Going back to XP after using Vista can make these tasks feel clunky and slow. The new way increases our productivity and removes some of the tedium of working on the computer. And that’s a good thing.

Or is it? For those of us coming to Vista from long years of working with operating systems that demand a little more of us, all this convenience is cool but we still know how to get around a file system the old fashioned way if we need to. For kids who grow up using Vista and its sure-to-be-even-friendlier successors, though, I wonder if something will be lost.

Just as those who came of school age after the advent and easy availability of calculators never seemed to develop the same level of basic math skills as those of us who grew up having to do it ourselves, I wonder if future computer users will lack the skills that used to be necessary if you wanted to use a computer.

Once upon a time, you had to be pretty smart to own and maintain and use a personal computer (heck, back in the really olden days, you had to learn BASIC or some other programming language to make the machine do anything useful).

But over the years, as PCs became mainstream items that were standard in every home, new users didn’t want to have to learn all that complicated stuff. They lamented that a computer should be as easy to use as a TV set, that you didn’t need to know all the theories behind how television works or be able to take it apart and put it back together in order to use it. They asked for “no brainer” computing.

Well, we’re not quite there yet, but we’re getting closer all the time. And even though I enjoy Vista’s new features, sometimes I get the feeling that it’s making me a little lazy. I feel a twinge of annoyance now when I use an XP system and have to go clicking through the file hierarchy to find something. I miss the multi-functional Search box. Heaven help me, I even long for my sidebar gadgets.

What do you think? Do operating systems that do everything for us make us dumb and lazy? Or would you prefer not to have to know anything about computers to use them?

Deb Shinder, MVP

If the definition of spam is unwanted email sent in bulk, a lot of my friends and relatives are spammers, although they would be shocked at the suggestion. I’m talking, of course, about all those messages I get every day with CCs to a dozen or more people I don’t know.

Some of them are jokes I’ve heard a hundred times before, some of them are inspirational ditties complete with pictures, animations and fancy fonts, and some are links to cool (or not so cool) web sites. What they all have in common is a paragraph or two at the bottom, urging me to send the message to 5 or 15 or 25 of my own friends, i.e., trying to convince me to become a spammer, too.

Some go beyond urging and border on threatening. I’m sure you’ve gotten such messages that imply that if you don’t forward the message, 1) something dire will happen to you, 2) something dire will happen to someone else, or 3) you’re a selfish person who doesn’t care about the person who sent you the spam.

Just today, I received another of these “please send this to everyone you know” messages. This one was a warning about the dangers of hand sanitizers in bathrooms – it seems there have been a handful of cases of children ingesting these products, which contain a high level of alcohol, and essentially getting drunk. Okay, that’s interesting information, I guess, but then at the bottom there’s the kicker – urging me to distribute it further and implying that if I don’t, I’m somehow responsible for the next kid who falls victim to the evil soap. Grrr. I don’t like it when people try to make me do something by laying a guilt trip on me. I like it even less when it’s someone I’ve never met.

Messages like this, in their previous, paper incarnation, used to be called chain letters. In some jurisdictions, they were illegal. In most segments of society, people who sent them were considered, at best, annoying and naïve.

I love getting email, probably more than most people. I don’t even mind getting email from strangers, if it contains something interesting or genuinely funny or useful. But I don’t want to get email that tries to reproduce itself by insisting that I send it to others I know. If it’s good enough to pass on, I will. If you try to threaten or shame me into sending it on, I most certainly won’t.

How do you feel about such messages? Do you ever follow the directions and dutifully send them to the 10 friends as requested? If not, do you ever feel guilty for “breaking the chain?” Have you ever written back to the friends who send them and asked them not to do so? (I have – not that it does much good). Should emailed chain letters be illegal, even if they aren’t trying to sell anything or soliciting money? Or should we just sigh and hit the delete button and not make a big deal about it? 

Deb Shinder, MVP

We have some pictures from this week’s Microsoft TechEd here.

Here’s me (on the right) looking dangerous with a fellow tradeshow exhibitor.

Scary, eh?

Alex Eckelberry

As you can imagine, I’m very pleased at the outcome of Julie Amero’s sentencing today. However, there’s still the specter of a new trial and so the show isn’t over yet.

This event was a testament to the power of a community of people coming together in a common cause.

One day, perhaps someone will write a story of this experience. It’s certainly been one of the more amazing events in my career.

Right now, because the case is going to a new trial, I still can’t discuss much of the case publicly.

It should be noted that there was a tremendous amount of work done by the forensic team that worked on this case with me on a completely pro bono basis. (The forensic team was provided a copy of the hard drive in question and performed a detailed examination for the defense, comparing what was found on the drive against the trial testimony.). This team included Glenn S. Dardick, Ph.D., Eric Sites (Sunbelt Software), Robin Stuart, Alex Shipp (MessageLabs), Joel Folkerts, and Joe Stewart (SecureWorks). They deserve so much credit for the technical work done for the defense.

There was also a vast amount of work done by others. I don’t like thank-you lists, because inevitably, someone important gets left out, But here’s a start: Walter Hooper, who started the fire in support of Julie and should be credited for much of this effort; Herb Horner, the defense expert witness, who never backed down; Nancy Willard, who rallied relentlessly to Julie’s side; Frank Krasicki, PC World’s Steve Bass, Brian Boyko, Lindsay Beyerstein, Brian Krebs of the Washington Post, and the Hartford Courant’s Rick Green, all of whom advocated for Julie publicly and brought her situation to the attention of millions; Eric Howes, who got this case to the attention of some very important people; Randy Abrams at Eset Labs; Merja Lehtinen, the “other” substitute teacher in the school that fateful day, who continued to rally to Julie’s cause; Ari Schwartz at the CDT for making important introductions; the many computer science professors who, out of their own funds, took out a full-page advertisement in Norwich’s newspaper in support of a re-examination of the technical details of the case; the many people who gave Julie and Wes critical morale encouragement, financial assistance, advice and support; and the many, many bloggers and journalists who covered this case and brought it to the public’s attention. And to anyone I’ve missed, you know who you are and your efforts are genuinely appreciated. (I’m blogging on the show floor at TechEd and doing the best I can here.)

And, of course, there’s the defense team, composed of William Dow, Clint Roberts and a whole background cast. There’s a whole story there too, but for now, many of the lawyers who worked on this case choose to remain Fabian for now. Let me just say this: Julie had some of the best legal minds available working on her case – a real “dream-team”.

For now, I’m just happy that Julie has been given a second chance to prove her case.

Alex Eckelberry

Hi all, Adam Thomas here from the Spyware Research team.

We continue to receive reports of attacks claiming to be “Internal Revenue Service Complaint” or Better Business Bureau complaints. In fact, Alex just received this message below:

As we have mentioned before, malware authors have been embedding Trojans inside of .RTF documents. This particular attack however contains a link to download the “complaint documents”:

http://business-complaints.com/{removed}.doc.exe

It is interesting to note that this malware fails to execute unless a specific DLL is present on the system: QTINTF.dll – This DLL is used and installed by Borland Delphi applications. Considering this, we are not too sure how effective this particualr attack will be. I will note though that Alex actually used to be an employee of Borland.

With the correct DLL present, the Trojan is able to execute. An instance of Internet Explorer is launched and your browser is pointed to a web page informing you that the complaint is closed and to disregard and further notifications :

The Trojan then collects stolen data (URL’s visited and data from web forms) using a Browser Helper Object (BHO). This data is then uploaded to these two domains:

hxxp://business-complaints.com/
hxxp://here4life.org/includes/

Of course we will continue to monitor this ongoing situation and keep you all informed whenever we have more information.

One final note: The IRS has asked that anyone who receives a suspicious email such as this, to please forward the email to them: phishing@irs.gov

Adam Thomas

UPDATE: The malware authors have modified their code. As a result, the Trojan no longer requires the aforementioned DLL in order to run.

Brian Krebs from The Washington Post has a really good article about Julie Amero posted on his Security Blog here.

Judge Hillary Strackbein said 40-year-old Julie
Amero was entitled to a new trial “because a witness the state presented as a computer expert, a Norwich police detective, provided ‘erroneous’ testimony about the classroom computer,” according to the Hartford Courant.

“This is a case of a little bit of knowledge being too much,” Amero’s attorney, William Dow III told Security Fix. “The state’s witness was not qualified to offer the opinions he did and further examination by the state showed that the witness was just wrong. Thankfully, the judge understood that.”

Lots more, check it out.

Cheers,
Eric Sites, CTO

You can see video of Julie Amero outside of the courthouse at Fox61.com in the video player section.

Julie Amero leaves the New London courthouse this morning escorted by her husband, Wes Volle, left, and Todd Fernow, the head of the Legal Clinic at the University of Connecticut Law School.

A New London Superior court judge this morning overturned the conviction of Julie Amero, who was found guilty of exposing Norwich schoolchildren to pornography on a computer, and has granted Amero a new trial.

Judge Hillary Strackbein said the state had conducted further forensic information that the jury had not heard at the trial. The information, according to defense experts, was that the computer had generated pornographic popups and that Amero, a substitute teacher, was not at fault. Amero had been convicted of four counts of risk of injury to a minor and faced up to 40 years in prison.

She has has been the subject of national attention as of result of the conviction, and seemed relieved after Attorney William Dow explained the judge’s ruling.

“I have a great team behind me and I feel very comfortable with the rulings,” she said before getting into a car with her husband and leaving.

“It was a porn trap,” said Chip Neville, a retired computer sciences professor who had petitioned the office of the Chief State’s Attorney to review the verdict.

“We’re all exposed to this. We wander into the wrong site innocently.”

Link…

Cheers,
Eric Sites, CTO

NEW LONDON — A Superior Court judge Wednesday granted a new trial for Julie Amero, 40, a Norwich substitute teacher whose faulty computer spewed pornographic images in her seventh grade classroom.

“A great weight has been lifted off my back,” said a tearful Amero.

The new trial ordered by Superior Court Judge Hillary B. Strackbein comes after a campaign on Amero’s behalf by computer security experts around the country, who offered evidence showing that Amero’s computer was taken over by malicious “spyware” that caused a rapid fire sequence of pornographic “pop-up” windows to appear on the screen.

In setting aside the guilty verdict, Strackbein ruled that the witness the state presented as a computer expert, a Norwich police detective, provided “erroneous” testimony about the classroom computer.

“The jury may have relied, at least in part, on that false information,” said Strackbein.

The motion for a new trial was filed on Tuesday by Amero’s attorney, William F. Dow. The motion said that evidence gathered after Amero was convicted in January of four counts of risk or injury to a minor casts serious doubt on her guilt.

The judge cited a forensic computer analysis conducted by the state police crime lab – conducted after the guilty verdict – to support the argument that the verdict should be set aside. She said the lab report “contradicts testimony of the state’s computer witness.”

At Amero’s trial, the state maintained that Amero failed to act to prevent her students from glimpsing at images of the pornography. Assistant State’s Attorney David Smith argued then that the evidence was “clear cut” that Amero was at fault because she caused the pornography to appear on the computer.

But today, Smith said state would take no position on Dow’s motion for a new trial, making it unlikely she will be tried again. Smith also acknowledged that erroneous information about the computer was presented during trial.

Amero, who was pregnant at the time of the incident on Oct. 19, 2004, faced as many as 40 years in jail following the January verdict. Her sentencing was postponed four times this spring as the state considered new evidence in the case.

Amero’s case became a hot issue for bloggers throughout the country, many of whom sharply criticized the guilty verdict. Strackbein criticized the bloggers today, saying they tried to “improperly influence” the court.

Link…

Just in from the “Norwich Bulletin Norwich“:

NEW LONDON – A New London Superior court judge this morning granted a defense request seeking a new trial for Julie Amero, the former Norwich middle school substitute teacher convicted of exposing her middle school students to Internet porn.

Acting on a motion by Amero’s attorney, William Dow III, Judge Hillary Strackbein placed the case back on a trial list.

Amero had faced 40 years on the conviction of four counts of risk of injury to a minor.

State prosecutor David Smith confirmed that further forensic examination at the state crime lab of Amero’s classroom computer revealed some erroneous information was presented during the trial.

Amero and her defense team claimed she was the victim of pop-up ads – something that was out of her control.

Judge Strackbein said because of the possibility of inaccurate facts, Amero was “entitles to a new trial in the interest of justice.”

After the brief court appearance, a smiling Amero stood next to her attorney.

“I feel very comfortable with the decision,” Amero said.

Dow commended the state for investigating the case further.

A new court date has yet to be scheduled. Amero has reentered a not guilty plea.

I think the new trial we go much differently.

– Eric Sites, CTO

The sentencing for the Julie Amero case is on for 10:00 AM EDT tomorrow (June 6th) at the New London, CT courthouse.

I am currently at Microsoft TechEd but will attempt to update this blog as soon as I get any information.

Our hearts and prayers go out to Julie and her family during this difficult time.

Alex Eckelberry

Update on the Zango lawsuit against PC Tools:

Zango’s request for a temporary restraining order against PC Tools has been denied.

In particular see pages 6-8, where the judge casts significant doubt on Zango’s chances for prevailing in its claims of tortious interfence and trade libel.

Alex Eckelberry
(Thanks Eric)

Apologies: The last post was a mangled mess because an early draft somehow found its way to being published. So if you see a post filled with more ludicrous typos and grammatical errors than usually found on this blog, blame the technology.

Alex Eckelberry

MyCleanerPC is an antispyware application that by all appearances, seems legitimate. It’s even reasonably well-rated. And it doesn’t do the types of extremely vicious behavior of rogue security products like SpySheriff or WinFixer.

However, Symantec Security Response recently released a technical note on the product, saying that it “may give exaggerated reports of threats on the computer. The program then prompts the user to purchase a registered version of the software in order to remove the reported threat.”

We have also been researching this product. On May 17^th, we noticed MyCleanerPC was being installed through a trojan downloader called gorpus.exe (which, incidentally, installs other apps, including Deskwizz and UCMore). Gorpus came through TopInstalls, an infamous outfit that is noted for their proclivity in installing software through exploits or loaded by other malware (of a similar ilk to IST, MediaMotor, Pacerd, EliteMediaGroup, and DollarRevenue).

However, just the previous week, we had found a different (and legitimate) company being installed by this same downloader. We immediately contacted this company and they were very aggressive in hunting the source down. After some research, they told us they believed it was related to an outfit called Verticlick Media/Vault Projects, LLC. Since this was the first and only instance we had seen of this company’s product being installed in such a manner, we put them on a probationary status and didn’t list them in our database (the company was also extremely aggressive and responsible in their approach to handling the problem).

So, when we saw MyCleanerPC being downloaded through this this very same trojan, we wondered if this might also be related to Verticlick, and contacted them. They responded, saying that they had stopped the offending affiliate.

Unfortunately, just a week later (May 25^th), we found that their software was being openly distributed by TopInstalls (meaning, openly listed on Topinstalls’ website, which they hadn’t been before).

This is not good. One can only charitably assume that MyCleanerPC got themselves into a pay-per-download deal which they really didn’t understand. However, they are an antispyware company, and to openly partner with TopInstalls (an outfit which a simple Google search will reveal as one with a terrible reputation) is a serious lapse in judgment. Now, the company is facing being listed in our database.

All of this highlights the necessity of being extremely careful in what affiliates one chooses to distribute products. Software developers can be tempted by huge download numbers (which they pay for), but if the result is product being installed without user consent, they risk being listed in antispyware definitions and, of course, accomplishing little or nothing in terms of attracting new, loyal users.

Alex Eckelberry

I’m sure you’ve seen the “you can open your car with your cell phone” emails going around.  It’s reportedly a hoax. 

But Chris Shunk over at AutoBlog swears it’s true and has a video he’s made.

Truth?  Hoax?  

It’s a complete load of balderdash.

Alex Eckelberry

Immersive Media is the company that has those little VW Beetles driving around taking pictures for Google’s new Streets feature (except for the SF bay area, which was done by Google themselves).  They’ve done, I believe, all the major US cities (a year ago they had 23 out of the 25 major cities).  So expect more cities to be added.  I’m just not looking forward to people being able to google my own house.

Curious as to how they do it? You can hop on for a ride at their website.  You can also see the car in action, and the software here.

Alex Eckelberry

Every company runs into obstacles. My company, Zango Inc., has encountered more than most. One minute we’re down, a dot-com crash victim; the next we’re up, augmenting our employee base 200 percent. Then we’re down again, the subject of a government investigation; then we’re back up, named as one of America’s Top 100 private media companies by AlwaysOn Media. Being at the helm of such a topsy-turvy company has taught me many valuable lessons, some of which I’ll share here.

Link here.

Alex Eckelberry
(Thanks Suzi)

It’s been covered in the blogsphere today, but if you missed it: Google’s new Street View is incredible. Limited coverage (for now).

Example here (via Battelle).

Alex Eckelberry

And a bonus from the DrudgeryReport:

GOOGLE MAPS SHOW ‘FACES’ ON STREETS, IN HOUSES…
ALSO LICENSE PLATES…
UPDATE: ‘OUTSIDE OF A STRIP CLUB AND CAUGHT ON GOOGLE?’…
ADULT BOOK STORE?
SEE STEVE JOBS HOUSE…

You’ve probably heard this one today — British film director Mike Figgis detained for five hours for saying “I’m here to shoot a pilot” when asked for his purpose in visiting the US. There’s debate as to whether or not it’s a hoax, but it’s been reported in the Guardian, AOL and elsewhere.

Whether a hoax or not, it still highlights the frustration people feel with our ridiculous security systems.

I personally have experience with this — I accidently used an expired drivers license on a trip in January. This, of course, now has me on some terrorist watch list and flying is now hell and I avoid it at any opportunity. The idiocy of this is beyond comprehension — every terrorist that’s ever attacked in the US has had completely valid credentials. And if I was a terrorist, do you think I’d be stupid enough to use an expired driver’s license to board a plane?

And the liquid thing — putting aside the ludicrous and junk science behind this, what’s to stop five terrorists from each bringing on 3 ozs and sharing it to get to 15 ozs, as this SNL skit point outs?

The list of nonsense goes on (Schneier has a very good overview of the situation during a recent talk at Macalester College and if you haven’t watched it, I highly recommend it).

Alex Eckelberry

Some idle Tuesday-afternoon humor: Slashdot has a post that “the Linux-sponsored Indy 500 car had a rough day at the track this weekend: it was the first car to crash on the track and finished dead last. Joost sponsored a car that came in a respectable seventh.”

No one was hurt, thankfully.

Of course, this brought forth quite a bit of geek humor. Some selections:

The immediately obvious: “It crashed because of a bad driver.”

The Vista Jab: “In other news the Windows Vista car was slow off the line, but the car looked good and the driver was heard screaming “accept” as the car lurched forward and stopped every time he used the accelerator.”

The Vista Jab #2: “You are trying to brake to avoid a deadly accident. Cancel or al…”

The obscure: “Turns out the driver crashed due to a race condition.”

The obscure #2: “I blame the WINE.”

The anthropomorphic: “The penguin couldn’t see over the dashboard.”

The anthropomorphic #2: “… meanwhile, the Microsoft car was seen slinking away from the scene with a guilty look on its face.”

And so on.

Alex Eckelberry