The Legacy Sunbelt Software Blog
The Great Years: 2004-2010
One wonders.
China has introduced regulations that make it illegal to run an email server without a licence. The new rules, which came into force two weeks ago, mean that most companies running their own email servers in China are now breaking the law.
Alex Eckelberry
A number of us here found this (admittedly sophomoric) ad for Firefox painfully funny on a number of levels.
Link here via John Murrell
Alex Eckelberry
Interesting.
…An important recent decision applies the law in a novel context: the case of an employee who, upon his departure from the company, destroyed company data.
The employer in the case was engaged in the real estate business. The employee’s job was to identify properties the employer might want to acquire, and he stored the relevant data on the company-owned laptop that he used. The employee quit to go into business for himself. Before returning the laptop to the employer, he deleted the data with the use of a secure-erasure program designed to prevent its recovery.
More here.
Alex Eckelberry
Use Microsoft Update instead. Our friends over at F-Secure brought up this point today and it’s a good one. Microsoft Update gives you everything that Windows Update does, with more — it checks for things like Office updates.
I have moved to using Microsoft Update myself and it’s much better.
Alex Eckelberry
The createTextRange() zero-day vulnerability has been patched in the latest round of security updates from Microsoft.
If you’re curious to see the exploit in action at one site, you can see this video here. In it, the AppWiz keylogger is installed.
Patrick Jordan
Senior Spyware Researcher
This was back in late March, but for some reason, I missed it. I’m completely appalled by this.
The IRS is quietly moving to loosen the once-inviolable privacy of federal income-tax returns. If it succeeds, accountants and other tax-return preparer will be able to sell information from individual returns – or even entire returns – to marketers and data brokers.
Link here.
Now, the preparer will supposedly have to get permission from the individual before sharing their data. But imagine some person walking into H&R Block and getting a tax return done, and along with a huge pile of things to sign, there’s a notice that their information may be sold to third party marketers. While my trusty blog readers would balk, not all people read the fine print.
I guess my earlier voiced thoughts on perhaps moving to an anonymous tax system may need to be revisited. In an electronic world, your personal information is increasingly at risk.
Alex Eckelberry
Interesting interview. Some snippets:
Q. What’s driven your interest in spyware and advertising on the desktop? Why is Yahoo! the focus of that interest?
A. There’s so much that can be done in terms of how to get onto users’ computers and what to do once your software is there. The concept is so complicated. There are a lot of things that can go terribly wrong, and there’s a lot of room for me to add value by cataloging what’s going on.
Speaking to the second question, time and time again, when I look in dark alleys, Yahoo! is there to be found. I didn’t pick Yahoo!. Yahoo! picked me.
Q. What comes to mind when I say “legitimate adware”?
A. Not much. It’s like “military intelligence” or something. Of the adware that I look at, very little would be installed by a thoughtful, careful informed consumer. It’s just a bad deal. Who wants to trade dozens of pop-up ads for a screen saver that only appears when you’re not even sitting at your computer?
Link here.
Alex Eckelberry
Software Online, a big spender with Direct Revenue, has settled with the Washington State AG.
In April 2006, the State of Washington sued SoftwareOnline.com for unfair business practices arising out of marketing of Software Online’s security software. Complaint (PDF) alleges misrepresenting the extent to which software is necessary for security or privacy, misrepresenting functions on advertisements (e.g. fake user interface ads, where an “x” opened a new ad rather than closing a window), misrepresenting uninstall, and misleading negative-option billing (automatic renewals and future charges). The State of Washington simultaneously announced a stipulated judgment and order (PDF) requiring payment of $40,000 of costs and fees, $400,000 of civil penalties (with $250,000 suspended on condition of complaince with other provisions of settlement). Judgment includes findings of fact as to Software Online’s deceptive practices, as well as conclusions of law as to Software Online’s liability. Settlement prohibits misrepresentation, directly or by implication, of the urgency or need for security products; utilizing fake user interface elements; showing pop-up or pop-under ads through a trial version; and various other deceptive practices.
As you may know, Paul and Robin Laudanski and I started PIRT recently, a project to take down phishing sites. It’s doing gangbusters and sites are getting shut down at a rapid clip (if you want to volunteer to be a takedown handler, we constantly need help — click here).
Well, sometimes it seems some ISPs just don’t care that much. Take the example of WebNames in Russia.
Here’s the email:
—– Original Message —–
From: “WebNames.Ru Support” <support @ webnames.ru>
To: “CastleCops PIRT Squad”
Sent: Wednesday, April 12, 2006 12:26 AM
Subject: Re: [PIRT #4291] Chase Phish site on your networkCastleCops PIRT Squad пишет:
CastleCops PIRT Squad Report 4291It has been discovered that a Chase phish is currently operating at
location(s):This domains will be checked and disabled in a two days [my emphasis]
—
Regards, Michail Egorov,
WebNames.Ru technical support
Two days? Huh? Hey WebNames, what’s up, you trying to protect somebody? These are still live, as I post this blog, stealing people’s money.
Alex Eckelberry
All this upset over the government trying to get search records from Google. But here is another government agency, the IRS, compelling PayPal to turn over records:
A federal court in San Jose, California, gave the IRS permission to ask PayPal Inc. — a company that enables online money transfers — for account information for American taxpayers who have bank accounts, credit cards or debit cards issued by financial institutions in more than 30 countries reputed to be tax havens.
I’ve not had bad experiences with the IRS personally. But income tax is so 20th century. It was, in fact, deemed unconstitutional by the Supreme Court in the early part of the 20th century, until an amendment had to be ratified just to make it legal.
How about something like the FairTax, that is strictly a tax on retail items with exemptions for the indigent?
Alex Eckelberry
No, I’m not talking about the musical. There was an article in the Oklahoma Gazette today that criticized a new antispyware bill being introduced by the Oklahoma Legislature that was written with the assistance of Microsoft.
If you click that “accept” button on the routine user’s agreement, the proposed law would allow any company from whom you bought upgradable software the freedom to come onto your computer for “detection or prevention of the unauthorized use of or fraudulent or other illegal activities in connection with a network, service, or computer software, including scanning for and removing computer software prescribed under this act.”
The bill, called the Computer Spyware Protection Act (HB 2083) does have some language which indicates that this may be is the case:
Sections 4 and 5 of the Computer Spyware Protection Act shall not apply to the monitoring of, or interaction with, the Internet or other network connection, service, or computer of an owner or operator, by a telecommunications carrier, cable operator, computer hardware or software provider, or provider of information service or interactive computer service for network or computer security purposes, diagnostics, technical support, maintenance, repair, network management, authorized updates of computer software or system firmware, authorized remote system management, or detection or prevention of the unauthorized use of or fraudulent or other illegal activities in connection with a network, service, or computer software, including scanning for and removing computer software prescribed under this act.
You can read the bill here and decide for yourself.
My feeling? We don’t need new laws. Believe it or not, we have laws that work just fine for spyware.
Adding new laws to combat spyware does two Bad Things:
1. Introduces the law of unintended consequences, such as may be the case here.
2. Creates the potential of creating a “safe-harbor” for adware companies and the like (remember, by the time these laws get into legislation, they are watered down by lobbyists, such as we saw with CAN-SPAM, a relatively worthless piece of legislation).
What we need is enforcement of existing laws, and we need to give the Feds more power to work across borders to nail pernicious spyware vendors.
And if there was one law I would really like to see introduced, it would be punishment for ISPs who knowingly or indirectly support malware sites on their networks. Why is it you can shut a site down immediately by invoking the dreaded DMCA, but not get it shut down immediately for providing malware?
Alex Eckelberry
(Thanks Eric)
A group of Jewish “sex commandos” are after porn sites, hacking into them and replacing offensive pictures with a picture of Rabbi Menahem Mendel Schneerson.
More here via the Inquirer.
Alex Eckelberry
I’m sure Marvel would not be too happy about this one.
Captain America used to promote an apparent rogue antispyware application.
IP Address: 66.230.138.193
IP Location: – Isprime Inc
Registration Service Provided By: SOMIC, INC
Contact: +7.8412487023
Domain Name: SPY-ELIMINATOR.COM
Registrant:
HAYTER MERCHANTS INC.
Gaspar Santimateo Brias
Jasmine Court, 35A Regent Street,POBox 1777
Belize City
null,NA
BZ
Tel. +420.775688660
Creation Date: 18-Mar-2005
Expiration Date: 18-Mar-2007
Domain servers in listed order:
ns1.setnames.net
ns2.setnames.net
Administrative Contact:
HAYTER MERCHANTS INC.
Gaspar Santimateo Brias (info @ i3dk.com)
Jasmine Court, 35A Regent Street,POBox 1777
Belize City
null,NA
BZ
Tel. +420.775688660
Status:ACTIVE
Senior Spyware Researcher
Did you know there’s a list of people and companies that you’re not supposed to buy from?
It’s here.
Washington Post article here via Bruce Schneier.
Alex Eckelberry
If you pass around Office documents (or many other types of files, including even digital camera files), make sure they’re clean of metadata before you send them out. FCW has an article out today which discusses this very issue:
A new front line of national and corporate security is emerging, and some of the most common document applications, including Microsoft Word documents and PDFs, are putting people on it without their knowledge. In the past several years, federal agencies and private-sector companies have released documents on the Internet that they thought did not contain sensitive content, but they actually did. That has led to embarrassment, scandals, firings and national security breaches when unintended readers discovered the hidden data.
The article discusses tools such as the free Remove Hidden Data tool, something useful to have in your arsenal.
Article link here via beSpacific.
Alex
In a bizarre story, Chris Julian (incidentally, a neighbor of someone I know) was apparently caught up in a 419 scam and started to fear for his life.
The Topanga Canyon resident found a distraught Christian Julian Irwin saying he feared he was being pursued by Nigerians who had contacted him in an Internet scam, sheriff’s Capt. Ray Peavy said.
Link here.
Alex Eckelberry
How to Use Content Advisor in IE 6.0
If you share a home computer with your kids, you can control access to web sites with Internet Explorer’s Content Advisor, by using rating systems or by specifying sites that users can or cannot view. Here’s how:
You can also create a supervisor password so others who use the computer won’t be able to change these settings: Click the General tab, then the Create Password button and type in and confirm your password.
How to Disable Office Online Featured Links
Microsoft Office 2003 includes the featured links in Microsoft Office Online that lets you view new and updated information about Office, but some folks prefer to disable this feature. You can do this by editing the registry. Here’s how:
You can also use the Help menu to modify Online Content settings. For instructions on this and other ways to control these settings, see KB article 891158 here.
How to help protect yourself from spoofed web sites and malicious links
Web spoofing is a tactic used by phishers to create web pages that look like those of a legitimate company or individual, usually for the purpose of getting you to enter information such as credit card numbers or passwords that they can then use for fraud or identity theft. IE 7.0 contains the anti-phishing filters to help protect you, but what can you do while you’re still using IE 6.0? KB article 833786 contains tips for steps you can take to protect against this threat. Link here.
“Access Denied” error when you try to open or save a file in Office
If you try to open or save a file in a Microsoft Office program such as Word or Excel, and you get an error message that says “Access Denied,” then the program closes unexpectedly, it may be an issue with permissions on redirected folders. You can resolve the problem by following the instructions in KB Article 891636 here.
Error Event occurs if you repeatedly restart the computer
If you restart your Windows XP computer several times, you may find an error event added to the System log that says the System Restore filter encountered the unexpected error ‘0xC0000035’. This happens because System Restore can’t successfully rename the Change.log file. You can work around the problem by turning System Restore off and then back on, but you’ll lose your existing restore points if you do this. For more information, see KB article 903264 here.
Having someone obsessed with you – whether out of anger or unwanted affections – can be a real ordeal, and it’s not just high-profile celebrities who find themselves dealing with a foe or “fan” who won’t let go. Even if the person doesn’t physically threaten you, the fact that someone is following you around, keeping tabs on what you do, and/or contacting you when you want to be left alone is annoying at best and can disrupt your life.
The Internet has opened up a whole new world of opportunities for those with a propensity for this sort of behavior. If you visit chat rooms, participate in discussion boards and email lists, have a web site or otherwise interact with other people on the ‘net, you may eventually find yourself the target of a cyberstalker. Someone who gets angry at you because of the political views you express on your webpage or a list message may start bombarding you with nasty email messages, or someone who likes your web page photo may start sending love letters.
That’s bad enough, but sometimes it escalates beyond online harassment – your stalker may be able to use online resources such as Zabasearch to find out your address and/or phone number. And once he/she knows where you live, if you own your home it’s easy in some places to look you up on the county property tax rolls, many of which are online. These sites include the value of your home, and sometimes also show the floor plans and photos of your home. And if your car happened to be sitting in the driveway the day the tax assessor’s personnel took the picture, your stalker may now know what kind of vehicle you drive and the license plate number. Oh, joy.
Most jurisdictions have laws against harassment and stalking, and these usually are worded to include online activities. For instance, The Texas Stalking By Electronic Communications Act, enacted in 2001, covers sending of any repeated electronic communications in a manner likely to harass, annoy, alarm, abuse, torment, embarrass or offend another. There are a few states that don’t yet have laws that specifically pertain to electronic harassment, but most do. To find out what the law is in your state, see the list of U.S. laws here.
Bills have also been introduced in Congress to make cyberstalking a federal offense, due to the interstate nature of Internet communications. In January 2006, a new Violence Against Women Act was signed into law that amends the federal telecommunications harassment laws in the Communications Act of 1934. The new law makes it a federal crime (punishable by two years in prison and large fines) to anonymously annoy another person using any device or software that can be used to originate telecommunications or other types of communications that are transmitted, in whole or in part, by the Internet.
If you’ve ever been the victim of harassment, this sounds like a good thing – but it has engendered a lot of controversy. Some legal experts argue that this will stifle freedom of speech on the Internet, making it illegal to post “annoying” or “offensive” criticism of a politician on a blog. There is indeed a difference between being offensive and harassing or stalking: someone who flames you on a mailing list is being offensive; someone who sends you dozens of hate mails privately is harassing. The new law doesn’t seem to distinguish between the two.
Others worry that even correctly written laws have a high potential for abuse. If a former boyfriend or girlfriend gets angry at you, he/she could use the emails sent during your relationship (perhaps editing them) and claim that they were unwanted. In fact, anyone who wanted to cause you trouble could send forged threatening or obscene messages to him/herself from a free web mail service and claim you sent them. Other laws, such as the domestic assault laws, have already been misused in this way and the potential for false accusations is even greater when fake evidence is so easy to create.
It’s a fine line to walk. How do we make the Internet a safe place without going too far and creating cures that are worse than the disease? What do you think? Should there be penalties for saying anything offensive about anyone, anytime? Should anonymous email be outlawed altogether? Should there be federal legislation addressing this or is a matter that should be left up to the states? Have you ever been the victim of cyberstalking – or of overly broad cyberstalking laws? Tell us your opinions.
Deb Shinder
Microsoft research has released a new tool, URL Tracer, which reveals third party domains:
When a user visits a Web site, her browser may be instructed to visit other third-party domains without her knowledge. Some of these third-party domains raise security, privacy, and safety concerns. The Strider URL Tracer, available for download, is a tool that reveals these third-party domains, and it includes a Typo-Patrol feature that generates and scans sites that capitalize on inadvertent URL misspellings, a process known as typo-squatting. The tool also enables parents to block typo-squatting domains that serve adult ads on typos of children’s Web sites.
Alex Eckelberry