A Non Techie’s View Of Computer Security – Is He Right?

I’m often critical, on this Blog, of the typical computer user’s laissez-faire attitude toward computer security on the Internet.

I’ve never been shy in making the point that  it seems to me, no one wants to take responsibly for the abysmal state of Internet safety and security. Not governments; not software developers; and least of all Internet users’.

But, there’s a problem with this type of straight line thinking. Like many who have a high level of knowledge in various aspects of technology, including computer security, I occasionally forget that issues surrounding technology are rarely as simple as they sometimes appear to be.

Several years ago, shortly after I wrote an article  “Facebook – A Scam/Spam/Phishing Factory?”, Wendell Dryden, a fellow Blogger from Saint John, New Brunswick, Canada, commented on the Facebook article.

See what you think.

My perception is that most people still see the computer as a kind of entertainment device, with an attached cell-phone like feature. Computers are for playing, chatting, watching short clips, listening to tunes….

If people don’t take internet security (or pc maintenance) seriously, it’s because they don’t think of the computer as a serious device.

Some of this is related to our cultural laziness around safety and prevention. People are routinely reckless with automobiles, decline to clean out the lint catch, and mishandle loaded guns.

But, mostly, I think computers are thought of like television or boom boxes… fun while they work.

My frustration is with government, health and educational institutions that push people to use the internet as though it were as secure and straight forward as a hard-line telephone.

I also think an extra burden of responsibility should be placed on any company or organization that promotes, and then facilitates, monetary transactions.

In short, an outfit like Facebook has no business asking – or even allowing a place for – things like street addresses, date of birth or credit card numbers on its hyper-connective site. If people choose to post those things on their wall… well, that’s a different matter. But otherwise, there ought to be a legal responsibility to not ask for certain kinds of private information.

Idealistic, or what!

I tend to think that Wendell has a good grasp of some of the real issues surrounding the lack of concern for computer security that a typical user exhibits.

What’s your view?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Yahoo Instant Messenger Under Attack Again or Still?

A new variant of an old Yahoo Instant Messenger Worm spreading fast.

In business, when something works, why bother to reinvent the wheel. A little nip here; a little tuck there and hey – you’re still in business! No surprise then, when we see that cybercriminals subscribe to this business philosophy.

Programs such as MSN Messenger, Yahoo! Messenger, AIM, etc, are wildly popular with users who want real-time computer contact with each other, and so, they form a perfect attack vector for malware distribution.

Symantec, along with a number of other security providers, are warning users of Yahoo Instant Messenger specifically, they are being targeted by a new variant of an old IM Worm, identified by Symantec as W32.Yimfoca.

(Graphics courtesy of Symantec)

If you are a Yahoo Instant Messenger user, you need to be particularly cautious, at the moment, in saving what appears to be a JPG or GIF file, but in fact could easily be this malicious executable.

This threat drops a worm which will lead to the attacker taking control of the victim’s computer. Additionally, the Worm is programmed to attack those in the victim’s contact list.

Given the frequency with which instant messaging is used to distribute malware (recent statistics indicate almost 50% of worms use this method to spread), the following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

As with any other application you use on the Internet, having the knowledge that allows you to use it safely, and being aware of current threats, will make for a more positive experience when using these wildly popular applications.

Sensible tips for users to get the most out of these programs, securely and responsibly.

You need to be alert to the dangers in clicking on links or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files or links are genuine. Remember, if you click on those links or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Revealing confidential or personal information in these types of conversations can make you an easy target for Internet predators. For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however, do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs. The risk here goes beyond malware, as sadly, they could come into contact with undesirable, or even dangerous individuals.

Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software to help you do this.

Click here: “Keep Your Kids Safe With Free Parental Control Bar”.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

ZoneAlarm Pro 10 – Free Today Only!

Check Point Software will once again offer a free (a $40 value), one day only, download of their highly rated flagship product, ZoneAlarm Pro. This free offer will also include a one year subscription to updates, support, and services.

Note: The offer is valid from 6am PST 10/13/09 – 6am PST 10/14/09.

I recall that the last free offer from Check Point Software (November 2008), was extremely popular, so get there early and avoid getting caught in server overload.

Fast facts:

Powerful multi-layered security and protection

Operating System Firewall

Network Firewall

Program Firewall

Anti-Spyware, Identity Theft Protection

Simple to install (step-by-step installation wizard gets you up and running quickly)

Easy to use (color-coded guides and secure “out of the box” settings)

Triple Defense Firewall protects against hackers and spyware

Anti-Spyware scans for and removes spyware

SmartDefense service keeps your security updated with the latest Internet threat information

ID and Privacy Protection

Email Security which detects and quarantines malicious email attachments

Automatic Wireless Security which detects and secures wireless networks

System requirements: Windows 7, Windows Vista, Windows XP

Download at: Zone Alarm

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Avoid Worms – Instant Messaging Tips

I wrote earlier today about a new worm currently circulating on the Internet, which Panda Security identifies as the MSNWorm.GU.

This worm uses MSN Messenger, and other chat applications, to spread. It infects systems silently, and without any visible symptoms.

Infection occurs when the victim clicks on a download link contained in a message received from a contact. Clicking on the link installs the worm on the target system, and the infection begins.

So, is there anything unusual about this worm; is it just a one off occurrence? Not at all – instant messaging, unfortunately, is a primary channel used by cyber-criminals to distribute malware. In fact, recent statistics indicate almost 50% of worms use instant messaging applications to spread.

Regrettably, from a security perspective these applications can present considerable security risks. Security risks increase  substantially when these programs are used to share files, folders, or in some cases even entire drives.

As with any other application you use on the Internet, having the knowledge that allows you to use it safely, and being aware of current threats, will make for a more positive experience when using these wildly popular applications.

The following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

You need to be alert to the dangers in clicking on links or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message.

Check with your contact to be sure the files or links are genuine. Remember, if you click on those links or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Revealing confidential or personal information in these types of conversations can make you an easy target for Internet predators. For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however, do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs. The risk here goes beyond malware, as sadly, they could come into contact with undesirable, or even dangerous individuals.

Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software to help you do this.

Click here: “Parental Control Bar”

On the whole, the best protection against Instant Messaging threats involves having good antivirus and firewall protection to guard your security at all times. Elsewhere in this Blog, you can read an article on free security software and download those you might find useful.

Click here: “Best Free Security Applications”

For information on how Skype has become open to scamming, read the article Skype says I’m infected with malware … by my tech wizard friend Techpaul.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

How Low Can You Go? – ZoneAlarm Internet Security Suite $9.95 on April 14 – Twenty Four Hours Only

Twice in the last year, Check Point Software, the developers of the popular ZoneAlarm Firewall has had free specials on offer.

ForceField and ZoneAlarm Pro, both of which are highly rated flagship products could be had on a free, one day only, download.

Now comes news that on April 14, 2009, Check Point will offer their highly regarded ZoneAlarm Internet Security Suite for $9.95. This offer will only be available beginning at 6:00am PDT on April 14, and will run for 24 hours only.

In keeping with its “good corporate citizen image”, Check Point will donate half of the proceeds to TechSoup Global, “a nonprofit organization devoted to making technology and technology education available and affordable to other nonprofits and libraries all over the world.”

I recall the last free or reduced price offer from Check Point was extremely popular, so get there early and avoid getting caught in server overload.

To save a bundle on this bundle checkout Check Point Software’s special promotion page.

From the Check Point Software site:

Firewall: Proactively protects against inbound, outbound, and program attacks while making you invisible to hackers.

Inbound & Outbound – monitors and blocks threat traffic in either direction.

Full Stealth Mode – makes you invisible to hackers.

Kill Controls – instantly disable malicious programs.

Passes Independent Leak Tests* – to verify complete blocking, see test results.

Antivirus: Award-winning antivirus stops, blocks, and removes attacks before they infect your PC.

Advanced Antivirus Engine – deliver the broadest and deepest protection that stops malicious software that other systems ignore.

New Scan Modes – run faster, deeper, and provide customization options.

Kernel-Level Virus Prevention – protects at the operating system level.

Fastest Updating Signature List – detects and stops even the most recent viruses that others miss.

Inbound and Outbound MailSafe – quarantines suspicious attachments, stops harmful messages before viruses transmit to your computer.

Anti-Spyware: Award-winning anti-spyware automatically prevents, blocks, and removes spyware.

Spy Site Blocking – prevents accidental visits and malicious communication with spyware sites.

Kernel-Level Spyware Prevention – protects at the operating system level.

Dual-Engine Scan – catches certain kinds of spyware like adware that others ignore

Fastest Updating Signature List – detects and stops even the most recent spyware.

Total ID Theft Protection: Uniquely combines offline ID protection services with online PC-based technologies to stop thieves from stealing your identity.

PC-Based ID Protection – utilizes a combination of anti-spyware and web browser security to block, remove, and disable programs designed to steal your identity.

Daily Credit Monitoring – monitors your credit reports daily with email alerts and reports, and notifies you if there have been changes, which is often an indication of identity theft (US only).

Fraud Alerts & Monthly Reports – provided to you.

Victim Recovery Service – provides free telephone counseling to guide ID theft victims through resolution and recovery (US only).

Additional Layers: Integrates multiple layers of advanced protection for unsurpassed security.

Anti-Spam, Anti-Phishing – filters out annoying and potentially dangerous spam.

Parental Control – filters and blocks inappropriate websites in over 30 categories; scans uncategorized websites to determine appropriateness.

Wireless PC Protection – automatically detects wireless networks and secures your PC from hackers’ threats wherever you’re connected – at home or on the road.

Privacy Protection – manages and blocks pop-up ads, online profiling, cookies, and cache.

SmartDefense™ Service – provides real-time security updates, quick response to breaking threats, and leverages threat data from the vast community of users to protect your PC from the latest attacks.

Fast, Safe, & Easy: New interface delivers a simple overview, One-Click “Fix It” buttons, and customization controls for more advanced users.

One-Click Fix It Interface – provides simple overview, 1-button fix if security is off, and easy access to instant upgrades and updates.

Millions of Programs Pre-Set – automatically configures security settings for millions of programs.

Auto-Learn Mode – automatically configures security settings based on your behavior so you don’t have to.

Game Mode – one-click control temporarily suppresses most security alerts and prevents them from interrupting your fun while maintaining protection for your PC.

My Zone – hosts additional security tools, helpful information, and support including LiveChat so you can easily get the most out of your ZoneAlarm products.

Free Upgrades & Online Customer Support for 12 months from date of installation.

Uninstalling and Installing AntiVirus Software…

Antivirus software are complex programs designed to identify, neutralize or eliminate malicious content that invade your computer. Many people over a period of time will change from one brand of antivirus software to another. Antivirus software is big business and today there are many flavors and options available.

For example; there are (3)-three “FREE (for personal use)” reputable antivirus packages that are widely recognized (see below). I prefer any one of these over the major brand antivirus software packages due they are light on system resources, and are not bloated. As a matter of fact, I cannot remember ever having a commercial (paid for) version of an antivirus program on any of my computers at home.

The points of this article is to educate you to the fact that there are FREE antivirus software options available and that follow-up research may be required to “completely” uninstall (remove) antivirus software from your system in the event you desire to install another antivirus program.

Antivirus software, when running on your system, is hooked into many areas (i.e. registry, file system, resident memory, etc…) and uninstalling it can leave debris behind that can cause other systemic issues.

Antiviruses are like viruses; they can be hard to get rid of… To prove my point, I researched (9)-nine antivirus programs and found that every one of them had supplemental removal instructions or tools, in addition to following the typical Add/Remove console process found in Windows.

I have listed the sites below for convenience and reference. During this research I also found that locating this information was often buried deep in their sites and was not readily accessible.

Antivirus Programs – Uninstall Information & Links

Norton Removal Tool – The Norton Removal Tool uninstalls all Norton 2009/2008/2007/2006/2005/2004/2003 products, Norton 360 and Norton SystemWorks 12.0 from your computer. If you use ACT! or WinFAX, back up those databases before you proceed.

McAfee Consumer Products Removal tool (MCPR.exe) – uninstall or reinstall supported McAfee consumer products using the McAfee Consumer Products Removal tool (MCPR.exe)

Avast! uninstall utility – Sometimes it’s not possible to uninstall avast! the standard way – using the ADD/REMOVE PROGRAMS in control panel. In this case, you can use our uninstallation utility aswClear.

Avira AntiVir – Normally the Avira Registry Cleaner removes all entries that were created by AntiVir. In this way, it prepares your system for the installation of a new AntiVir version.

BitDefender Uninstall Tool – There are two methods of uninstalling BitDefender from your computer: using the system tools and using the special uninstall tool provided by BitDefender.

Kaspersky’s Antivirus Removal Tool – Some errors might occur when deleting Kaspersky Anti-Virus product via Start > Control Panel > Add\Remove Programs. As a result the program will not be uninstalled or will be partially uninstalled. The removal tool is required to remove a variety of their products.

F-Secure Internet Security (and antivirus) – Should you decide to uninstall, F-Secure does not provide its own uninstaller. You must use the Microsoft uninstaller found in Add and Remove Programs within the Command Console. After a reboot we found no Registry files, but we did find several program and log files in an F-Secure directory tree on the root drive.

Trend Micro Antivirus – Trend Micro Support to remove Trend Antivirus plus AntiSpyware from my computer?

AVG – Open the directory with AVG Free Edition installed in and run the SETUP.EXE file or download the current installation file of AVG Free Edition from here and run it to start installation process. A window with following options will be displayed during the installation process: Add/Remove Components, Repair installation or Uninstall.

This is a guest post by Rick Robinette, who brings a background as a security/police officer professional, and as an information technology specialist to the Blogging world.

Why not pay a visit to Rick’s site at What’s On My PC.

Uninstalling and Installing AntiVirus Software…

This is a guest post by Rick Robinette, who brings a background as a security/police officer professional, and as an information technology specialist to the Blogging world.

Why not pay a visit to Rick’s site at What’s On My PC.

Antivirus software are complex programs designed to identify, neutralize or eliminate malicious content that invade your computer.  Many people over a period of time will change from one brand of antivirus software to another.  Antivirus software is big business and today there are many flavors and options available.

For example; There are (3)-three “FREE (for personal use)” reputable antivirus packages that are widely recognized (see below).  I prefer any one of these over the major brand antivirus software packages due they are light on system resources, and are not bloated.   As a matter of fact, I cannot remember ever having a commercial (paid for) version of an antivirus program on any of my computers at home.

The points of this article is to educate you to the fact that there are FREE antivirus software options available and that follow-up research may be required to “completely” uninstall (remove) antivirus software from your system in the event you desire to install another antivirus program.

Antivirus software, when running on your system, is hooked into many areas (i.e. registry, file system, resident memory, etc…) and uninstalling it can leave debris behind that can cause other systemic issues.  Antiviruses are like viruses; they can be hard to get rid of…  To prove my point, I researched (9)-nine antivirus programs and found that every one of them had supplemental removal instructions or tools, in addition to following the typical Add/Remove console process found in Windows. I have listed the sites below for convenience and reference.  During this research I also found that locating this information was often buried deep in their sites and was not readily accessible.

Antivirus Programs
Uninstall Information & Links

Norton Removal Tool – The Norton Removal Tool uninstalls all Norton 2009/2008/2007/2006/2005/2004/2003 products, Norton 360 and Norton SystemWorks 12.0 from your computer. If you use ACT! or WinFAX, back up those databases before you proceed.

McAfee Consumer Products Removal tool (MCPR.exe) – uninstall or reinstall supported McAfee consumer products using the McAfee Consumer Products Removal tool (MCPR.exe)

Avast! uninstall utility – Sometimes it´s not possible to uninstall avast! the standard way – using the ADD/REMOVE PROGRAMS in control panel. In this case, you can use our uninstallation utility aswClear.

Avira AntiVir -Normally the Avira Registry Cleaner removes all entries that were created by AntiVir. In this way, it prepares your system for the installation of a new AntiVir version.

BitDefender Uninstall Tool – There are two methods of uninstalling BitDefender from your computer: using the system tools and using the special uninstall tool provided by BitDefender.

Kaspersky’s Antivirus Removal Tool – Some errors might occur when deleting Kaspersky Anti-Virus product via Start > Control Panel > Add\Remove Programs. As a result the program will not be uninstalled or will be partially uninstalled.  The removal tool is required to remove a variety of their products.

F-Secure Internet Security (and antivirus) – Should you decide to uninstall, F-Secure does not provide its own uninstaller. You must use the Microsoft uninstaller found in Add and Remove Programs within the Command Console. After a reboot we found no Registry files, but we did find several program and log files in an F-Secure directory tree on the root drive.

Trend Micro Antivirus –  Trend Micro Support to remove Trend Antivirus plus AntiSpyware from my computer?

AVG – Open the directory with AVG Free Edition installed in and run the SETUP.EXE file or download the current installation file of AVG Free Edition from here and run it to start installation process. A window with following options will be displayed during the installation process: Add/Remove Components, Repair installation or Uninstall

Free ZoneAlarm Pro – One Day Only!

Update: November 18, 2008

Yesterday, when I wrote the following article, it was just a rumor that ZoneAlarm Pro would be free today. It’s not just a rumor anymore – the offer is legitimate. This morning, as a test, I downloaded a copy of this highly rated security suite.

On August 12, 2008 Check Point Software, the developers of the popular ZoneAlarm Firewall, offered a free, one day only, download of their then, newly released product ForceField.

Rumor has it that Check Point Software will again offer a free, one day only, download of their highly rated flagship product, ZoneAlarm Pro.

I’ve been told, by numerous sources, that this offer will be available on November 18, 2008 from 9 AM EST, until 9 Am EST November 19, 2008. It seems pointless, to me, to keep a promotion secret until the last minute but….

This free offer will also include a one year subscription to updates, support, and services.

I recall that the last free offer from Check Point Software was extremely popular, so get there early and avoid getting caught in server overload.

Fast facts on ZoneAlarm Pro:

Powerful multi-layered security and protection

Operating System Firewall

Network Firewall

Program Firewall

Anti-Spyware, Identity Theft Protection

Simple to install (step-by-step installation wizard gets you up and running quickly)

Easy to use (color-coded guides and secure “out of the box” settings)

Triple Defense Firewall protects against hackers and spyware

Anti-Spyware scans for and removes spyware

SmartDefense service keeps your security updated with the latest Internet threat information

ID and Privacy Protection

Email Security which detects and quarantines malicious email attachments

Automatic Wireless Security which detects and secures wireless networks

(Click pic for larger)

System requirements: Windows XP, Me, 2000, 98SE

Go to: ZoneAlarm – at the time of writing, this is the most likely download page. If this proves not to be the case, then checkout the home page for redirection.

Free ZoneAlarm ForceField – Save $30 – Today Only (8/12/08)

Cyber-crooks continue to pursue their strategy of infecting web search results by utilizing custom-built websites designed to drop malicious code on computers. As well, the manipulation of legitimate pages in order to infect users with malware continues to escalate.

When a potential victim visits one of these sites the likelihood of downloading malicious code onto the computer, by exploiting existing vulnerabilities, is high.

To address this security vulnerability, amongst many others, Check Point Software, the developer of ZoneAlarm Firewall, has just released what amounts to a sandbox application.

ForceField is a virtualization system that sandboxes your browser, isolating it from the computer, ensuring that any incoming unsolicited software (spyware, malware and the like), that you download, is trapped in the virtualized environment.

In addition ForceField offers protection against hijacking of your start page, new and unwanted icons on your desktop, drive-by downloads, browser exploits, phishing attempts, spyware and keyloggers and more.

To get your free version of ForceField (one year license for one PC ), visit the ZoneAlarm ForceField promotion site (www.zonealarm.com/patchtuesday), between 6 a.m. PDT on Tuesday, August 12, and 6 a.m. on Wednesday, August 13.

Quick facts:

Block unauthorized downloads and malicious software installations

Protect your identity by blocking phishers and stopping keyloggers

Browse the internet in complete privacy–erases all cache, cookies, history and passwords

Run it with your existing security software–it’s fast, lightweight, and easy to use

Safety Tips For Instant Messaging

Programs such as MSN Messenger, Yahoo! Messenger, AIM, etc, are wildly popular with users that want real-time computer contact with each other. The danger, from an Internet security perspective, occurs when these programs are used to share files, folders, and in some cases entire drives.

Given the frequency with which instant messaging is used to distribute malware (recent statistics indicate almost 50% of worms use this method to spread), the following is a series of sensible tips for users to get the most out of these programs, securely and responsibly.

You need to be alert to the dangers in clicking on links or downloading files from sources that are not known to you. Even if the files or links apparently come from someone you know, you have to be positive that it really was this person who has sent the message. Check with your contact to be sure the files or links are genuine. Remember, if you click on those links or run those attachments without confirmation, you run the risk of letting malware into your computer.

Use only secure passwords and be sure to change them regularly. The longer and more varied they are – using a variety of different characters and numbers – the more secure they will be.

Revealing confidential or personal information in these types of conversations can make you an easy target for Internet predators. For added protection when using a public computer, ensure that you disable any features that retain login information to prevent other users from gaining access to your instant messaging once you leave.

It’s virtually impossible to avoid publishing your email address on the Internet, however do so only when absolutely necessary. Cyber criminals are always on the lookout for accounts to target.

Above all, if you are a parent, take exceptional care with the access that your children have to these programs. The risk here goes beyond malware, as sadly, they could come into contact with undesirable or even dangerous individuals. Elsewhere in this Blog, you can read an article on protecting your children on the Internet and download free software to help you do this.

Click here: Parental Control Bar

On the whole, the best protection against Instant Messaging threats involves having good antivirus and firewall protection to guard your security at all times. Elsewhere in this Blog, you can read an article on free security software and download those you might find useful.

Click here: Best Free Security Applications

For information on how Skype has become open to scamming read the article Skype says I’m infected with malware… by my tech wizard friend Techpaul.