Monthly Archives: February 2011

Free BufferZone Pro – Maybe The Best Surfing Virtualization Application At Any Price

Back in December, regular reader John W, pointed me to a free license giveaway for BufferZone, a virtualization application which creates an isolated environment called the Virtual Zone, while you surf the Internet.

Based on John’s recommendation, I wrote an informational only article, since I had not had an opportunity to test the application. I’ve spent some time in the interim testing this application, and there’s just one word to describe it – brilliant, exceptional, splendid, superb.

OK, that’s more than one word – but I’m more than just a little enthusiastic about this program. Best of all, this application is now free – as in FREE.

This is not 1985 when the only thing you had to worry about was the crud that might be on the floppy disks you exchanged with your friends. Today, your Browser is the conduit into your computer – that’s the route by which the majority of malware spreads, and intrusion attempts take place.

A case in point:

While surfing the Net, a user mistakenly accepts an invitation to install a scareware application but realizes, after the fact, that this is a scam. Operating in a “real” environment, the damage, unfortunately, would already have been done.

Operating in a “virtual” environment with BufferZone active, system changes attempted by this parasite would simply not occur.

So, controlling malware intrusion, while surfing the Net, through the use of a ‘”virtual” environment rather than operating in a “real” environment, makes sense given the escalating level of cyber criminal activity on the Internet.

From the developer’s site:

BufferZone Pro keeps you surfing, downloading, e-banking, sharing, chatting, and e-mailing to your heart’s content – basically, using the Internet as it should be used. The Virtual Zone gives you total freedom, peace and security on the Web. With BufferZone Pro, you can do absolutely anything on the Internet threat free.

With BufferZone, all programs or files that enter your computer through downloading, browsing, or uploading with external media devices, are redirected to a Virtual Zone (C:\Virtual). And, since any intrusion attempt occurs within this virtual environment, there’s nothing in that summary that I can disagree with. BufferZone’s Virtual Zone does protect a PC from all forms of known, or unknown, attacks originating from the Internet, or external devices.

It does so in a non intrusive way, and after initial setup, requires a minimum of user intervention – perfect for the average user. Installation is hassle free – it’s just a matter of  following the on-screen instructions.

image

BufferZone sits in the Taskbar and can be fully controlled from there.

image

Once the application is installed, and after a re-boot, you will be taken to the developer’s site (this is a one time occurrence), for a point by point introduction to Buffer Zone. The following screen captures (taken from the developer’s site), provide a clear explanation.

Clicking on any screen shot will expand it to the original.

image

image

image

image

image

image

image

In the last few months we’ve looked at operating system virtualization – Shadow Defender, Returnil Virtual System, Wondershare Time Freeze, and a number of other similar applications. As well as alternatives to OS virtualization – specific application virtualization running in a sandbox. For straight out ease of use while surfing the Internet though, BufferZone has become my favorite.

If you’re unsure as to whether you should operate in “virtual mode” while surfing the Net, then take this free security test at the developer’s site.

On my “unprotected” test machine, the following is the result of the simulated Trojan attack. The “stolen” files were on a non-system partition so the Trojan doesn’t restrict itself to just the (C:) drive.

image

Actually, I forgot to turn off ThreatFire, which picked up the attack in progress. This shows the benefit of a layered security approach.

System Requirements: Windows XP, Vista, Win 7 (32-bit).

Download at: the developer’s site (Trustware.com).

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

37 Comments

Filed under Software, Windows Tips and Tools, Internet Safety Tools, Online Safety, Anti-Malware Tools, Freeware, Safe Surfing, System Security, Online Banking, Interconnectivity, System File Protection, Free Security Programs, Don't Get Hacked, Windows 7, Windows XP, Windows Vista, downloads, cybercrime

Tech Thoughts Daily Net News – February 22, 2011

The 10 Best Ways to &*$% Up Your Computer – We expend bunches of keystrokes detailing how to recover from disaster, everything from sweeping spyware from your system to how to get your data back from the digital graveyard, but equally important is how to avoid potentially catastrophic scenarios in the first place. As the saying goes, an ounce of prevention is worth a pound of cure, or in in the world of PCs, hours of frustration.

Google Chrome’s New Beta: A Hands-On Tour – The latest beta for the Google Chrome browser is mostly about speed, thanks to a new JavaScript engine and an early taste of GPU-accelerated video. But Google has also introduced a few new features to make the user experience more pleasurable, including password sync and a revamped options menu. Let’s take a closer look:

Windows 7 Service Pack 1 Available Today – The wait is over, folks. If you’re not a TechNet subscriber and/or wanted no part of playing around with a non-final release of Service Pack 1 for Windows 7, then today’s your day. Microsoft today made good on its promise to deliver SP1 to the general public on February 22, though there’s a few things you should know before you go out and grab it.

Tech Thoughts Daily Tech News 2

New type of financial malware hijacks online banking sessions – A new type of financial malware has the ability to hijack customers’ online banking sessions in real time using their session ID tokens. OddJob, which is the name Trusteer gave to this Trojan, keeps sessions open after customers think they have “logged off”, enabling criminals to extract money and commit fraud unnoticed.

FBI: We’re not demanding encryption back doors – FBI’s top lawyer tells Congress the bureau is not calling for restrictions on encryption without back doors for police, an apparent retreat from its position last fall.

Cricket World Cup starts, scammers follow – The Cricket World Cup started on Saturday, and both the International Cricket Council and various security experts are issuing warnings to fans regarding likely cyber scams that will be following this popular event.

Over-Rating the Social Networks – Any John C. Dvorak column that features the word “cripes” is bound to be entertaining, and this latest one does not disappoint. Dvorak uses his 30 years of media experience to dismantle the influence of social networks. I think he has a point. Or does he?

Protect and Defend: 32 Ways to Secure Your Digital Life – For every freedom and convenience we enjoy in our digital lives, there are countless cyber do-badders looking for ways to exploit them. Fight back with these 32 ways to protect your digital life!

Company News:

 

Google Social Search Spreads to Fight Facebook – Google Feb. 17 said it will begin mixing its Social Search results throughout results pages based on their relevance, an effort to raise the profile of a feature that hasn’t drawn much attention.

Apple’s Subscription Policy is a Poison Apple – Apple’s new 30% cut of third-party subscriptions is a rotten deal whether trust-busters find it monopolistic or not. Surprise, surprise: Apple’s new approach to subscription services on the iPhone and iPad has attracted the attention of U.S. antitrust enforcers and European regulators.

Avast Antivirus 6.0 Combats Trojans With Virtualization – Czech security company Avast Software is adding virtualized security to the forthcoming version of its paid antivirus software.

IPhone Workers Still Sick After Chemical Poisoning – Guo Ruiqiang says he still feels sick more than a year after he suffered chemical poisoning while working on an iPhone production line. Guo was one of 137 workers U.S. tech giant Apple said was exposed to n-hexane, a chemical cleaning agent that was used at one of its supplier’s factories in Suzhou, China. The case was addressed in Apple’s most recent progress report on its suppliers, with the company saying that “all affected workers have been treated successfully.”

Off Topic (Sort of):

 

Can Anyone Afford an IBM Watson Supercomputer? (Yes) – After showcasing Watson’s ability to ingest Jeopardy questions and spit out near real-time answers, IBM is now preparing the supercomputer for a full-time gig as a data analytics engine for the medical community.

Cyber-Criminals’ Constantly Evolving Tactics Challenge Law Enforcement – A panel of cyber-security experts talked about the changing security landscape and how multinational collaboration is helping bring down some of these criminal syndicates. Despite the constantly changing security landscape with evolving threats and new tactics, there are several key victories in the fight against cyber-crime, experts said.

QR Code – Tracking service, News, Videos, Forum, Focus groups and more – The first and only all in one dedicated QR code website on the net. Find out everything you need to know about QR codes. (submitted by Dar)

Footwear, Fashion Driving RFID Growth – The radio frequency identification systems “allow apparel retailers to get a better handle on inventory, [thereby] reducing costs and preventing out-of-stock situations that result in loss of sales,” said ABI analyst Bill Arnold in a statement.

Today’s Quote:

 

What we think, or what we know, or what we believe is, in the end, of little consequence. The only consequence is what we do.”

–    John Ruskin

Today’s Free Downloads:

 

GameSave Manager – GameSave Manager enables you to easily backup and restore your game saves. The program directly supports nearly 500 popular PC games, which can be backed up without having to manually configure the software.It features include built-in Update Checker,backup validation, DropBox Support, Dynamic Restoring, Transfer gamesaves, and backup upon change.

Ad-Aware Free Internet Security 9.0 – The bottom line: One of the first applications built to find and remove malware and spyware, Ad-Aware’s reputation is well-justified. The latest version continues the publisher’s tradition of adroitly addressing user concerns, yet some annoyances remain.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Comments Off on Tech Thoughts Daily Net News – February 22, 2011

Filed under Internet Security Alerts, Tech Net News

Five Firefox Disposable Email Address Add-ons – Share An Email Address Safely

imageMost of us are familiar with this old line – “Free online registration is required – and oh yeah, give us your email address so that we can send you the activation code.” It’s almost inevitable that solicitations for additional products, or services, will follow – at a minimum.

Even on this site, if you want to leave a comment you must provide an email address. I do this in an effort to control comment spam. This past Saturday, for example, I had to deal with almost 600 spam comments – sheesh!

Fortunately, the only person who can see the actual email address on a WordPress Blog, is the Blog owner. This precaution effectively shuts out email harvesters. Still, I recognize that a certain amount of trust is necessary that I won’t sell, or profit, from a commenter’s email address.

My good buddy Paul Lubic, over at Paul’s Home Computing Blog, addresses this issue head on by appending “I don’t share your email address with anyone…no one; I hate spam too”, to every post. I know Paul, so I can vouch for the accuracy of this statement – he hates spam.

If you do too (and why wouldn’t you), and you’re a Firefox users, there’s an abundance of add-ons which can help to protect your Online privacy, reduce Spam, and still allow you to comment, register for newsletters, join forums, and so on – all anonymously.

Each application description has been taken directly from the developer’s Mozilla page.

Less Spam, please

You want to register, leave a comment or just have a disposable email address at hand ? But you want to be able to retrieve mail from time to time and to use always the same address for the same web site ?

This is the solution. Less Spam, please create a (partially) random email address for you, always the same for a given web site. It relies on services (without registration) such as YopMail, MailCatch, Humaility or Mailinator.

TrashMail.net

Create free disposable email addresses and paste them directly in forms. This helps to protect you from spam mails and could be useful when subscribing to forums or newsletters… The email addresses can be deleted at any time! This plugin uses the free TrashMail.net DEA service.

My-spambox

Create a temporary e-mailadress for 12 hours. Perfect when signing up on websites or forums and dont want to give away your personal e-mailadress.
All mails will be forward to your personal e-mailadress, after 12 hours the temporary e-mailadress will no longer work.

Spam Control

Spam control gives you easy-to-use control over who you give your email address to, and easy access to a number of spam fighting tools that help keep your inbox spam-free.

Spam Control adds a toolbar (which you can disable if you like) and a pop-up menu to Firefox. Whenever an input field has focus, you can use one of the buttons to automatically type an email address into the field, saving you having to type it or remember it.

Tempomail

As an anti-spam solution tempomail allows you to create a temporary email address redirecting each message to your mailbox for a given period of time. When this period of time expires, you will not receive any spam from the web sites on which you gave your temporary email address. Tempomail is not commercial and your email address will be stored in our logs only for legal archiving.

To create a temporary email address, just right click on a text field and select “tempomail” in the context menu. Then you’ll be asked for your real email address to which messages will be redirected during the time you selected. The temporary email address also appears in the text field as shown in the previews.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

11 Comments

Filed under Browser add-ons, downloads, Email, Firefox Add-ons, Freeware, Interconnectivity, Internet Safety Tools, Privacy, Software, spam, Windows Tips and Tools

Tech Thoughts Daily Net News – February 21, 2011

Online Bargains: How to Use Groupon and Its Competitors – Group-deal and flash-sale sites such as Groupon, LivingSocial, and Rue La La promise restaurant meals, brand-name goods, and great services at deep discounts. Here’s how to use these sites to your advantage.

iCopy – When you’re setting up a home office, chances are your budget doesn’t include springing for a photocopier. But it may include a scanner and a printer. If so, an open source utility called iCopy can help you get the copy machine you’ve always wanted.

New types of cookies raise online privacy concerns – The advertising industry has led the drive for new, persistent and powerful cookies, with privacy-invasive features for marketing practices and profiling. The EU cyber security Agency ENISA advocates that both the user browser and the origin server must assist informed consent, and that users should be able to easily manage their cookies.

Tech Thoughts Daily Tech News 2

Black Hat SEO, J.C. Penney, and the New York Times – Link-buying is a Black Hat, i.e. unethical, SEO (Search Engine Optimization) strategy becoming increasingly popular with big businesses.

The Top 5 Reasons to Buy a Tablet – Apple iPad, Samsung Galaxy Tab, Motorola Xoom–tablet PCs are flooding the market. But does anybody need one? We give you five reasons why a tablet is a useful tool.

Hackers Hit Canadian Government Sites – Malicious hackers who may be based in China fooled Canadian tech staff into providing access to government computers. In what the CBC described as an “executive spear-phishing” attempt, hackers used bogus e-mails to pass themselves off as senior executives to IT staff at the two federal departments and request passwords, while other staff received e-mails with virus-laden attachments.

Five Simple Ways To Get More Out of Google Apps – Hear from CIO Jeremy Lawrence, a Google Apps early adopter, on how Google Apps has positively affected his company, his future plans with it, and his top 5 tips to get the most out of it.

Company News:

 

Microsoft Claims Internet Explorer 9 RC Hits 2 Million Downloads – Microsoft is claiming its Internet Explorer 9 Release Candidate has hit 2 million downloads, roughly a week after the company first made the near-final version of its next browser version available to users.

Microsoft’s Bing Bar Includes Facebook, Controversial Feedback Feature – Microsoft’s updated Bing Bar includes some new features, including Facebook integration, as well as the optional feedback feature that sparked trouble with Google.

Off Topic (Sort of):

 

RollingStone: Why Isn’t Wall Street in Jail? – Nobody goes to jail. This is the mantra of the financial-crisis era, one that saw virtually every major bank and financial company on Wall Street embroiled in obscene criminal scandals that impoverished millions and collectively destroyed hundreds of billions, in fact, trillions of dollars of the world’s wealth — and nobody went to jail. Nobody, that is, except Bernie Madoff, a flamboyant and pathological celebrity con artist, whose victims happened to be other rich and famous people. (submitted by Dar)

Do Your Gadget Lights Harm Your Health? – Analysis: Those LED lights are more than annoying; evidence indicates they might be downright dangerous.

If Babies Can’t Learn Through Videos, Can Students? – Surprise, babies learn better through direct human contact. This is not good news for companies that produce video and computer- learning software for the diaper set. Software Analyst Jill Duffy wonders if this fact could also be true for older, in- school learners. Some interesting thoughts and video after the click.

Economies of Scale – Robert Barrows is optimistic about his line of video-screen-enhanced tombstones. Why? Because he thinks the numbers fall in his favor. “When I went to Google and searched for ‘How many people die in the United States everyday?’ there was a figure (I think it was according to the National Association of Funeral Directors) of about 5300 deaths per day, just in the United States. If just one tenth of one percent of the people who died wanted to have a video tombstone, that could result in sales of about five video tombstones per day.” (submitted by Dar)

Today’s Quote:

 

Those are my principles, and if you don’t like them… well, I have others.”

–   Groucho Marx

Today’s Free Downloads:

 

Stalled Printer Repair – Sometimes print jobs get stuck in the queue, and it’s not always obvious why. It could be the result of a driver issue, it could be because you’re using a Wi-Fi connection to the printer, and so forth. Even more vexing, Windows won’t let you delete a stuck print job, which blocks subsequent items from printing. Usually the only solution is a reboot, and no one should have to endure that kind of a hassle just to print a document.

Camfrog Video Chat – If you’re sick of hopping from one chatware program to another, looking for the perfect mix of video, audio, and text socializing, CamFrog might be what you’re looking for.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Internet Security Alerts, Tech Net News

Stay Malware Free (Hopefully!) – Scan With A “Live CD” Regularly

imageI’m regularly asked how often I scan my primary personal machine for malware. The answer is – as part of a layered security approach, I have a formal schedule which I stick to without fail.

Once a day, I quick scan the system drive with both Microsoft Security Essentials, and Malwarebytes’ Antimalware – making sure the databases are updated and current.

Running a quick scan with both these applications, takes less than 5 minutes. For example: Malwarebytes’ – 150,000 objects – 2 minutes and 30 seconds. Microsoft Security Essentials – 30,000 items – 1 minute and 18 seconds.

Much of today’s malware though, can be extremely difficult to identify and remove – despite a user relying on frontline antimalware applications to do the job. So, I don’t see any advantage in running full scans on a live system – instead, once a week I run a Linux-based antimalware application (a live CD), which scans from the outside looking in. Malware generally can’t hide if it’s not running.

I’ve come to rely on the following free live CDs, which I regularly alternate, to ensure (hopefully), I’m operating in a malware free zone.

Panda SafeCD

Click to see larger images

This useful utility comes in handy when you need to clean a malware infected machine. Or, as in my case, to ensure a machine is not infected. It is particularly useful for detecting and disinfecting malware infections which give regular AV products running within Windows a hard time.

Features include: Automatic detection and removal of all types of malware. Boot from CD or USB stick. Supports using updated signature files. Supports 13 languages. Supports both FAT and NTFS drives.

The download consists of an ISO. You can either burn this to a CD/DVD or alternatively, create a Boot USB stick by using something like the Universal Netboot Installer (UNetbootin).

Kaspersky Rescue Disk 10

image

Kaspersky Rescue Disk 10, is designed to scan and disinfect x86 and x64-compatible computers that have been infected. Particularly useful when the infection is at such level that it is impossible to disinfect the computer using anti-virus applications, or malware removal utilities, running under the operating system.

Note: Kaspersky Rescue Disk 10 can be run from a USB device.

Avira AntiVir Rescue System

image

Avira AntiVir Rescue System is a Linux-based application that allows you to access a system that cannot be booted anymore. Not only will this application scan the system for infections, but it can be used to repair a damaged system, or rescue data.

If you’re looking for an uncomplicated, reasonably quick booting alternative antimalware scanner/rescue CD, which will update the definition database automatically (assuming you’re connected to the Internet), any one of these freebies will do the job nicely.

In the constantly evolving world of cybercrime, all users are well advised to scan their computers regularly with an antimalware application that does not rely on the native operating system.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

24 Comments

Filed under 64 Bit Software, Anti-Malware Tools, downloads, Free Anti-malware Software, Freeware, Kaspersky, Linux, Malware Removal, Malwarebytes’ Anti-Malware, Panda Security, Software, USB, Windows Tips and Tools

Tech Thoughts Daily Net News – February 20, 2011

Google Chrome 10 beta – Faster JavaScript, GPU acceleration, and more! – Google has just released Chrome 10 beta (10.0.648.82 for all you perfectionists) and it brings with it a whole slew of new things to play with.

Cheat Sheet: 10 Tips and Tricks for Microsoft Word – Microsoft Word. The name’s practically synonymous with “productivity app.” If you’re reading this article at work (shame on you!) there’s a pretty decent chance you’ve got a Word doc open right now, and you probably think you’ve got a good handle on Microsoft’s word processor. We’ll bet you don’t know as much as you think you do.

Turning USB Sticks into WMDs – News Analysis: Viruses, worms and malware can be transmitted in many ways, and perhaps the most insidious is the USB stick.

Tech Thoughts Daily Tech News 2

Small Business Trends: Launching A New WordPress Blog: First Steps – Lisa Barone’s checklist for launching a WordPress blog includes: setting up an RSS feed, subscribing to your own feed, creating a favicon, changing your permalink structure and choosing WordPress plugins. (Don’t worry, she explains each one.)

5 Best Tax Prep Services and How They Measure Up – After testing five of the leading tax prep software packages for U.S. filers, we’ve deduced which one is easiest to use and will help get you the biggest refund (or at least file the most accurate return).

Internet Explorer should worry about Chrome, not Firefox: Blame Europe? – With Internet Explorer 9 set to be finalized in weeks, it is entirely possible that Microsoft should worry more about Chrome’s increasing marketshare, rather than focusing on its war with Mozilla.

The 10 biggest LinkedIn annoyances – As useful as LinkedIn can be for promoting your career or business and connecting with other professionals, users have voiced some major peeves. Tim Heard rounded up the top complaints

How to select a color scheme for your website – Using the Color Scheme Designer tool, Ryan Boudreaux shows you how you can use it to create a well-designed color theme for your website that is easy on the eye.

Company News:

 

Apple iPhone nano? Try iPhone budget – Remember all that chatter about how Apple was cooking up the iPhone nano as a way to target the masses? The New York Times has thrown ice water on the concept.

Motorola Xoom Tablet Will Cost $799 – Motorola’s answer to the iPad comes with a steep price tag and runs on Google’s Android platform.

Apple’s app subscription plan gets Feds interested: Time to retreat? – The Justice Department and Federal Trade Commission are reportedly eyeing Apple’s new App Store subscription plan. Will Apple back down?

AMD CEO Denies Smartphone Plans – AMD interim chief executive officer Thomas Seifert said Wednesday night that the company has no plans to enter the smartphone space at the present time, and the company was not developing a baseband chip.

Off Topic (Sort of):

 

How ‘OK’ took over the world – It crops up in our speech dozens of times every day, although it apparently means little. So how did the word “OK” conquer the world? (submitted by Dar)

Too much Facebook gets nun banished from order – Maria Jesus Galan had 600 Facebook friends. She liked to communicate with them, to spread good news. However, her Facebook habit has lost her something very dear–her habit. Galan, you see, spent 35 years inside the Santo Domingo el Real convent in Toledo, Spain. It’s an introspective place that doesn’t encourage its nuns to have too much contact with the outside world.

Dream Chaser Spacecraft Nearing Commercial Flights – A private-sector spacecraft, in development by Sierra Nevada Corporation, is on its way to proving to NASA it can bring passengers and cargo into low Earth orbit. Dubbed the Dream Chaser, the craft is meant to bring greater innovation to the transportation industry, both for cargo and for tourists. (submitted by Michael F.)

U.S. Military’s Cyber Chief Warns Of Eroding Technical Prowess – The U.S. Military’s top officer in charge of cyber security said that the country must invest more in so-called “STEM” programs – science, technology, engineering and math – to avoid being outflanked in a world where cyber offensive- and defensive operations are the keys to military victory.

Say What Top Five IT Quotes of the Week – Linux powers Jeopardy winner, Chambers blasts U.S. tax policy, an aggressive webOS roadmap and more!

Today’s Quote:

 

The truth is that there is nothing noble in being superior to somebody else. The only real nobility is in being superior to your former self.”

–   Whitney Young

Today’s Free Downloads:

 

Advanced SystemCare Free 3.7.3 – This utility offers a one-stop-shop for cleaning and maintaining your computer for better overall system performance. The interface is very simple, featuring only a few buttons, which makes it easy to get down to cleaning immediately (in fact, it automatically runs on start-up) and doesn’t confuse you with multiple steps.

Auslogics Duplicate File Finder – As the name implies, Auslogics Duplicate File Finder gives you a super-easy method for scanning any folder on your drive (or the entire drive itself) for duplicate files based on a number of different criteria. You can have the program match up files by name, size, or the date and time created (or a combination thereof). You can also specify the types of files you want the app to search for, which is useful if you know that your giant picture directory, for example, contains duplicate file names of images that you’ve resized to different dimensions.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

2 Comments

Filed under Internet Security Alerts, Tech Net News

Test Your Browser’s Security With Free Qualys BrowserCheck

imageData released this week, by Qualys, a security industry leader in vulnerability assessment and management, at the RSA Conference in San Francisco, continues to indicate that Browser plug-ins are frequently outdated and easily attackable.

Analysis of scanned data captured from 200,000+ Qualys BrowserCheck users’ worldwide, indicates that approximately 70% had a least one plug-in vulnerability.

No great surprise that Sun Java, and Adobe Flash and Reader, led the pack.

This research suggests, that you can load up your Internet Browser with every security add-on you like, but if there’s even one security hole – you’re still at risk.

Regular readers will remember that we’ve previously reviewed and recommended Qualys BrowserCheck, which will check your Web Browser for selected security holes in both the browser, and browser plug-ins.

BrowserCheck is itself a plug-ins, and like most plug-ins, it’s very easy to install. Simply visit the Qualys site; install the plug-in, revisit the Qualys site (if necessary) – and you’re all set to launch the test.

My first test run was on Internet Explorer 8, as the following screen captures show.

image

As the scan results indicate – my Internet Explorer 8 is in terrible shape. I should point out however, that I never use any version of Internet Explorer.

image

With Firefox running, the results looked like this.

image

It seems I’ve been bad, and not kept my java Runtime updated – the very plug which is most likely to be hacked! The only defense I have (and it’s a poor one at that), is – this is a test machine which is rarely connected to the Internet. As well, my PDF reader has an update available.

image

Continuing with the test, I clicked on the  “Fix it” button which immediately took me to the Java update site so that I could download the latest version of Java Runtime.

image

Following the installation of the Java update, I reran the test to ensure the vulnerable condition had been closed.

image

Fast facts: The following items are detected:

Windows OS support expiration

Browser version (IE 6.0+, Firefox 3.0+, Chrome 4.0+)

Adobe Flash Player

Adobe Reader 5.x and above

Adobe Shockwave Player

Apple Quicktime

BEA JRockit

Microsoft Silverlight

Microsoft Windows Media Player

Real Player

Sun Java

Windows Presentation Foundation (WPF) plug-in for Mozilla browsers

Additionally, you can test your currently installed Browser for security holes, by taking the free Browser Security test offered by Scanit, a technology company which provides services ranging from high-tech penetration testing over application source code review, risk assessments and management-level security audits, to security courses.

The test is fairly comprehensive and supports Internet Explorer, Mozilla Browsers (Firefox), and Opera. Additional components check for vulnerabilities in selected plug-ins, including Flash and QuickTime.

To test your Browser go to Browser Security test, and follow the simple instructions.

Note: This morning, I had some difficulty loading the Scanit site. Hopefully, this is not permanent.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

1 Comment

Filed under Application Vulnerabilities, Browser Plug-ins, Browsers, cybercrime, Don't Get Hacked, downloads, Freeware, Interconnectivity, Internet Safety Tools, Malware Protection, Online Safety, Safe Surfing, Software, Windows Tips and Tools

Tech Thoughts Daily Net News – February 19, 2011

7 killer feature hacks for Google Chrome – A series of easy to implement hacks to make Chrome work better for you, including cloud print and auto-incognito.

The Best Free iPod Touch Apps – Apple’s App Store stocks thousands of apps, but these are the 15 you need to turn your iPod touch into the ultimate mobile music, video, and communication machine. And they’re all free.

Tech Thoughts Daily Tech News 2

Scan Windows 7 System Files to repair errors – Despite our best efforts, Windows 7 system files will occasionally become corrupted. A simple scan can fix these system errors. (PDF)

Review: Joliprint PDF converter bookmarklet – Takeaway: With Joliprint, users can convert a Web page into a PDF on the fly without leaving their Web browser. Using Joliprint, a user can drag and drop the URL of a Web page onto their Favorites bar or in their bookmarks and, then when they are on a Web page they can convert it to PDF with just a click, drag, and a drop.

There’s no money back if your account is drained by malware – Phishing attacks on small and medium-sized businesses are on the rise with thousands of organizations falling victim. If a cybercriminal gets on to a computer with access to your business’ financial accounts they can withdraw funds and your business is out of the money. That’s it. Gone. See ya. Have a nice day.

A lesson to learn from the HBGary breach – As you might have already read, the HBGary and rootkit.com breach by Anonymous was not executed by using obscure techniques or unknown vulnerabilities – quite the opposite, in fact. Easy-to-crack passwords, their reuse, unpatched servers, a site vulnerable to SQL injection… It seems to me that these revelations are enough to put HBGary and HBGary Federal out of business and I wouldn’t be surprised if that happened in the end – for who will trust a security company that can’t secure their own assets?

Facebook users targeted by unimaginative phishing campaign – A phishing campaign targeting Facebook users is currently under way and lures users with messages coming from compromised accounts seemingly containing links to various Facebook applications. The users unfortunate enough to have clicked on the link will not be taken to the promised page, but to a phishing page resembling the social network’s login page

10 ways to e-publish with Linux – Takeaway: If you’re looking for a low-cost way to create, publish, and market an e-book, be sure to check out these Linux tools.

Company News:

 

The one big reason why iPad rivals can’t compete on price – The biggest disappointment of nearly every promising competitor to the Apple iPad has been the price tag. Learn the one trump card that allows Apple to out-price rival tablets. (submitted by Michael F.)

Google Launches One Pass Payment Service For Tablets, PCs – Google Inc launched a service to make it easy for publishers to sell digital versions of newspapers and magazines, undercutting a similar plan launched by Apple Inc, as both tech titans battle to dominate smartphones and tablet computers.

Microsoft bans Free Software on Windows Phone 7 – Whether it’s free as in beer or as in speech, apps with free software licenses are not welcome on the Windows Phone 7 marketplace.

Off Topic (Sort of):

 

In Application Security, Good Enough Isn’t – There’s the old joke about two hunters running from a lion, and the one runner says to the other: we can’t outrun the lion. And his buddy replied, “I don’t have to outrun the lion, I only have to outrun you.” Many, over the years, have applied the same logic to application security: If their software is ‘secure enough’ attackers will move on to easier targets.

Defcon 18 Pwned By the owner – What happens when you steal a hackers computer. (submitted by Dar)

Thousands of Tombs in Saudi Desert Spotted From Space – Little is known about the archaeology of Saudi Arabia, as the government has historically forbid aerial photographs of the landscape and religious sensitivities have made access tricky. But Google Earth is changing that. Satellite images available via the Web-based 3-D map program show that large portions of the country hold a wealth of archaeological remains that predate Islam and may be several thousand years old. (submitted by Michael F.)

Litterbox in the Sky – an app that lets cats take part in the funerals of their feline brethren. Creepy, yes, but it’s apparently an attractive theme, given its many variations. (submitted by Dar)

Today’s Quote:

 

Part of a best friend’s job should be to immediately clear your computer history if you die.”

–   Anonymous

Today’s Free Downloads:

 

WhatChanged 1.07 – WhatChanged is a system utility that scans for modified files and registry entries. It is useful for checking program installations.

ClamWin Portable – ClamWin Portable is the popular ClamWin antivirus packaged as a portable application, so you can take your antivirus with you to scan files on the go.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Comments Off on Tech Thoughts Daily Net News – February 19, 2011

Filed under Internet Security Alerts, Tech Net News

What’s Really Running On Your PC? Find Out With Free What’s Running 3.0

Regular readers are going to start thinking that along with my addiction to wine, women, and song, I must be addicted to writing reviews on Windows Task Manager replacements and the like.

This review is a little different though, since I’ve written it with the casual computer users’ needs in mind, rather than the more experienced user I usually focus on.

If you are a new or a casual computer user, What’s Running is a free application that can help you easily find what’s actually running on your computer. It presents a number of views, in a tabbed format, and each one relates to what’s really running on your machine.

Helpful definitions:

Let’s start with processes; the most basic concept – every program you start, or is started by the operating system, is a process. In the process view you can see all the processes easily.

Services are background tasks – keep in mind that a process can contain many services.

The modules are actual files with code and other data, that a process needs. Each process contains at least one loaded module.

Drivers are small programs loaded by the system, to handle hardware and specific system tasks.

IP connections are connections that your computer needs to make in order to send and receive data from the Internet.

Click on a graphic to expand to original.

Process View:

image

In the expanded view of this screen capture, you can readily see what’s running on the test machine. 52 Processes; 164 Services; 653 Modules; 48 IP Connections; 288 Drivers; and 6 Startups.

I’ve chosen to seek out more information on FWservice.exe by clicking on “Check info online, which returned the following from the developer’s site.

image

Each class of running component can be viewed in detail, by accessing the tabbed interface. Control functions are built-in by accessing the “right click” context menu.

Services View:

image

Modules View:

image

Internet Connections View:

What's Running

Startup View:

image

Drivers View:

image

Snapshot View:

image

Fast facts:

Processes – Inspect your processes and find all the relevant details that you need. Get performance and resource usage data such as memory usage, processor usage and handles. As well, you get details about what dll:s are loaded, what services are running within the process, and what IP connections each process has.

IP Connections – Find out information about all active IP connections in the system. Get a list of what remote connections each program has, and find out what applications are listening for connections.

Services – Inspect what services are running or stopped and  find the process for your services and inspect its properties easily.

Modules – Find information about all dll:s and exe:s in use in your system. For each module you can find all processes that have loaded the module. Also you can find the full path and immediately open the folder where the file is located.

Drivers – Find information about all drivers. For running drivers you can inspect the file version to find the supplier of the driver.

Startup – Manage all your startup programs. Disable, edit, delete, etc. Manage startup programs regardless of source (registry or Startup folder).

If you are a new or casual computer user, What’s Running is a terrific application that will help you become familiar with your computer; what drives it, and in an overall sense – how it works.

Once you become familiar with your machine, you can then start taking action, including stopping and starting processes and services, and preventing unwanted programs from running on startup.

Experienced users know, that applications such as What’s Running can be used as an aid in tracking down malware infections. As a new, or casual user, it won’t take long before you have the ability to do the same thing (if you become infected) – once you learn to harness the power of What’s Running.

System requirements: Windows 2000, Windows XP, Windows Vista, Windows 7.

USB compatible: During the install process, you have the option of a minimum install to a Flash Drive.

image

Download at: Developer’s site (whatsrunning.net)

Note: This application is classified as a Beta, but I’ve been running it for years (in one version or another – including this version), with no difficulties.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

4 Comments

Filed under Beta Software, Computer Tools, downloads, flash drive, Freeware, Portable Applications, Software, System Utilities, USB, Utilities, Windows 7, Windows Vista, Windows XP

Tech Thoughts Daily Net News – February 18, 2011

10 Must-Have Chrome Extensions – With so many Chrome extensions available, which should you get? We’ve picked out ten of our favorites that will let you do everything from speeding up your Web browsing, to checking Gmail and Google Calendar, grabbing videos and graphics from across the Web, and more.

Why One-Third of Americans Steal Wi-Fi – When a crime can be committed at the swipe of a touchscreen as opposed to crawling through a window, a sizeable minority of Americans admit to being okay with taking something that is not theirs. But an examination of the fine print is even more telling.

Tech Thoughts Daily Tech News 2

Lifehacker: How to Secure and Encrypt Your Web Browsing on Public Networks (with Hamachi and Privoxy) – When you’re browsing from a public Wi-Fi connection—like at your favorite coffee shop—anyone on that network can snoop on what you’re doing, with very few exceptions. So can the IT crew at your workplace. Today, we’re going to walk through setting up an encrypted proxy server on your home computer so you can secure your browsing session no matter where you’re connected, keeping your private data significantly more private.

New OpenOffice.org Suite Uninspiring but Adequate – Aside from the debates over community control, it’s difficult to come up with significant faults in the OpenOffice.org suite. It’s polished and rather user-friendly, runs on a wide range of platforms and is well-suited for any organization that doesn’t want to commit itself to Microsoft’s ecosystem.

Microsoft confirms Windows BROWSER protocol zero-day – A security researcher has released proof-of-concept code for an unpatched security vulnerability affecting all versions of Windows, prompting a warning from Microsoft that remote code execution…

The Best Free Online Project Management Software – You’re a small business looking to get organized. The technology’s out there, you know that. The problem is you can’t afford dedicated project management software. Or so you think. Luckily for you, I’ve waded through the Web to find four of the best options for small businesses on a budget. Forget cheap. It’s got to be free. You have the right to remain organized whether you run OS X, Windows 7, Red Hat, or some combination of the three, so I’ve only looked at online solutions.

Sun Java by far the most vulnerable plug-in – Wondering how secure your browser is? Today at the RSA Conference in San Francisco, Qualys CTO Wolfgang Kandek presented their research which clearly shows that browser security is alarmingly bad. Results show that browsers and plug-ins are frequently outdated and easily attackable. To make things worse, malware authors adapt quickly and most of their new attacks are against browser plug-ins.

Report: Canadian cyberattack traced to China – A recent cyberattack launched against the Canadian government apparently stemmed from China, according to CBC News.

Company News:

 

Sony’s Music Streaming Service: What Were They Thinking? – Sony is getting into the cloud-based music streaming game — but its plan of attack seems almost built for failure.

AVG Launches Online Security Audit, The Latest Weapon In War Against SMB – AVG, the global internet security firm, has launched its latest weapon in the fight against corporate cybercrime, the AVG Online Security Audit. The free audit will provide businesses with tailored reports on their security needs, helping them to understand and protect against the dangers of cybercrime.

Kaspersky Lab Delivers Protection For Small Offices – Kaspersky Lab, a leading developer of Internet security solutions that defend against computer viruses, spyware and all forms of malicious software, announced today the latest addition to the Company’s growing family of Internet security solutions. Kaspersky Small Office Security is an easy and complete way to secure small offices with premium Internet protection, central security management for all the PCs and servers, and the tools to keep every employee safe and productive.

Google to Merge Phone, Tablet Versions of Android – Google’s next version of Android, which has been called both “Ice Cream” and “Ice Cream Sandwich,” will combine the phone and tablet versions, Google executives said.

Off Topic (Sort of):

 

IBM Watson Wins Jeopardy, Humans Rally Back – IBM’s Watson is the new all-time Jeopardy champ. Are humans now in jeopardy?

10 Great Error Messages – A good computing day is an error-free day. Unfortunately, those are rarer than we would like. Have you seen any of these funny and original error messages lately?

‘Unfortunate’ views of Google Street View (photos) – German photographer Michael Wolf received an honorable mention in this year’s World Press Photo Contest for a series of images captured on Google Street View.

Download every Sports Illustrated 2011 Swimsuit photo with a simple Perl script – After the runaway success of last year’s Sports Illustrated Perl downloader, Download Squad reader and cameltoe connoisseur, Sparticus, has produced the Sports Illustrated Swimsuit Downloader 2011. It’s a simple Perl script that you can run on Windows, Mac and Linux — and before you know it, your computer will be positively overflowing with bikini-clad babes.

Today’s Quote:

 

It is well to remember that the entire universe, with one trifling exception, is composed of others.”

–   John Andrew Holmes

Today’s Free Downloads:

 

STOIK Imagic – STOIK Imagic is a large, feature-packed photo album, organizer, manager, and editor. It’s also a retouching tool, a calendar maker, a media cataloger, a video editor, and a drawing tool. In short, it’s a full-featured graphics suite with an emphasis on digital photographs. At 80MB, it’s a big download, but since it’s compressed, it’s a fast one, too, and setup is virtually automatic, including scanning your system for images. Anything else? You bet: it’s free.

HootSuite – The average, everyday Twitter or Facebook user likely won’t have much need for HootSuite, a Web-based social media management application. But power users–especially those who rely on and manage multiple Facebook pages and Twitter accounts for their business–may find this tool indispensible.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

5 Comments

Filed under Internet Security Alerts, Tech Net News