Dec 23 to 27th, 2004 - Global disaster in 2029

With a diameter of about 1500 feet and a 1-in-300 chance of impact, the 2004 MN4 Asteroid was the first to hit 2 on the Torino scale December 23rd. It soon went up to 2.2% and then on the morning of Dec. 27th, 2.7% (1-in-37) chance of impacting the Earth on April 13, 2029 (a Friday the 13th no less -- I'm not kidding) ... by the same night (the 27th) astronomers were tracking it very closely and its orbit finally established outside the cone of probability of being likely to hit the Earth. It's still one of three tracked bodies with a Torino rating of 1, but odds are down to 1-in-56,000.

Dec 22, 2004 - Asteroid really came in under the radar

Although small (about 16 feet in diameter), a previously unknown asteroid zipped inside Earth's orbit, hidden in an astronomical 'blind-spot', and passed by just under the orbit of our geostationary satellies. It went through on the 19th, but no one found it for another couple days. This size asteroids aren't a real threat since they would burn up in the atmosphere, but bigger ones are out there.

Dec 21, 2004 - Soldier killed in Iraq, family can't read his email

CNN reports that Marine Justin Ellsworth - 20, who was killed by a roadside bomb in November, had a yahoo email account, which the family wants to read and remember him by; however, Yahoo will not release or transfer the account. While I grieve with the Ellsworth family regarding their double loss of their son and his last written words, this illustrates the need for people keep records of passwords used in some safe place (i.e. fire safe or safety deposit box) so that what you leave behind is accessible to your family and loved ones.

Dec 20, 2004 - Wal-Mart offers a laptop for under $500

C|Net News let us know about the Balance laptop from Wal-Mart which is priced under $500. How did they do it? They used hardware from a couple years ago and avoided Microsoft products. Seriously though, it doesn't look half bad. It comes with Linspire, a version of Linux which is very like Windows, and OpenOffice which will trade files with the MS Office suite (Word, Excel and Powerpoint) ... if it played DVD's and had wireless networking (available in another Balance laptop for $548), it would be fantastic. Unfortunately, Linspire and Linux in general is still a little tricky about getting WIFI working due to difficulty in finding drivers and has legal issues in playing DVD's -- however, it's easy to play DVD's if you aren't concerned by this.

Dec 17, 2004 - Retiring Astronaut warns not to keep all of Earth's 'eggs' in one basket

The Huston Cronicle has an interview with the astronaut John Young. He was on the mission to see the back side (aka 'dark side') of the Moon, walked on the Moon and commanded the first mission of the space shuttle Columbia. He brings some interesting statistics and thoughts on why space explorations and off-world bases are so important to the human race. The statistics run that the human race on Earth has a 1-in-455 chance of being exterminated (that would include you personally I bet) in the next 100 years ... that's 10 times the chances of someone dying in a plane crash. He also mentioned that the techniques and technology developed in exploration and off-world bases could be used here on Earth in the event of one of these global calamities (super volcano, comet or asteroid impact) to preserve humans from complete extinction.

Dec 16th, 2004 - Microsoft to offer security program

CNN reports MS may charge extra to fix problems with IE browser hijacking. The Beta testing is underway (screen shots here) with the initial public version expected in about 30 days. Variously called "spyware", "adware" and "browser hijacking", it acts like a virus in many ways, but it's point of infection is through the web browser automatically loading a change in 'preferences' when visiting a website -- especially at sites offering 'free' money advice, wallpaper or games. Usually you first notice it when the wrong websites come up while surfing, a sudden surge of pop-up windows or your system slowing to a crawl. There are a lot of arguments both ways for whether it should be free or not, and I can see both sides, but if they hadn't tied Internet Explorer in so tightly with Windows, we wouldn't be having this problem -- it would probably be a different problem entirely :)

Dec 03, 2004 - Anti-Spyware NOT to use

PCWorld rates 7 anti-spyware programs that you should avoid. They're all commercial programs ($20, $30 or $40 each) and much worse than Spybot S&D (which is free). One, MyNetProtector, costing $40 ADDED spyware upon installation and only removed a single cookie. Also discussed in article is the growing amount a legislation being passed to fight it ... of course, I'm seeing more instead of less.

Dec 02, 2004 - Phishing Scams more elaborate

Phishing is an e-mail falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. This was pretty rudimentary in the past, but has quickly gotten more sophisticated.
First with fake websites that were very accurate copies of the real ones.
Next they added a trick that made your browser show you the address of the website they copied while you were really connecting to the copy, much harder to detect until IE was patched to make this immposible.
Now, you connect to the actual website, but the information you type in goes elsewhere. An article in InformationWeek on the new Phishing scams which are getting more elaborate and hard to detect. It is now possible to steal personal information and bank account info by infecting your Windows machine via email and then monitoring your entries when connecting to your bank days or weeks later.
Again, using Firefox is a good defense since it uses different calls internally and is less likely to cooperate with the phisher.

Nov 30, 2004 - Still haven't applied SP2 to your XP system?

An article in USA Today's Money section tells us that Unprotected PC's can be hijacked in minutes Most attempted attacks fail, but not only are unpatched systems more suseptible, but they are being attacked with 100 times more frequency. Your computer just has to be connected to the Internet, no surfing, clicking or email reading required. An XP system with SP1 installed was attacked an average of 341 times per hour, compared to XP with SP2 which only saw 3.4 per hour. A firewall reduces this even further. Once hijacked, the computer is likely to get grouped with other compromised PCs to dispense spam, conduct denial-of-service attacks or carry out identity-theft scams.

Nov 23, 2004 - More on Spyware

A recent study compares 20 anti-spyware programs with an eye to catching the latest threats and removal.

[My at-a-glance summary (prices as of today 11/23/2k4)]

1. [72.47%] GIANT AntiSpyware $29.95
2. [55.29%] Webroot Spy Sweeper $29.95
3. [54.35%] Lavasoft Ad-aware SE Personal $26.95
4. [40.24%] SpywareStormer [No price listed]
5. [39.76%] Intermute SpySubtract Pro $29.95
6. [38.35%] PC Tools Spyware Doctor $39.95
7. [37.65%] Spybot Search & Destroy (Donations Accepted)
8. [35.29%] ZeroSpyware 2004 $29.95
9. [33.18%] SpywareNuker 2004 [No price listed]
10. [32.71%] Xblock.com X-Cleaner Deluxe $39.95
11. [27.76%] NoAdware (Donations Accepted)
12. [20.94%] BPS Spyware & Adware Remover $29.00
13. [20.71%] XoftSpy $39.95
14. [17.18%] Spyware C.O.P. $19.95
15. [15.76%] Aluria Spyware Eliminator* $29.99
16. [15.29%] OmniQuad AntiSpy $29.99
17. [14.35%] SpyHunter $29.99
18. [12.24%] Pest Patrol $39.95
19. [10.59%] SpyKiller 2005 $39.95
20. [ 1.88%] McAfee AntiSpyware $29.99

My old standby, Spybot S&D, only came in 7th, but it's still the top free option. Things to note about this,:

1. If the program removed things it shouldn't have, potentially breaking programs you WANT, I penalized it as if it had missed 5 (425 point possible, so a little over 1% per false positive -- McAfee did this 31 times and Pest Patrol 30, the others had few, none in the top 7 programs)
2. Aluria recently signed an agreement with a spyware company and is not longer marking those products as spyware/adware -- nice huh?

Nov 10, 2004 - Firefox 1.0 is out!

I know I've talked about it before, but you don't know how many calls I get about Internet Explorer not working -- come to think of it, maybe you should keep using IE, it's job security for me :)
Anyhow, LinuxInsider has this article by Boston Globe writer Robert Weisman. It goes into the history and explosive growth in popularity of the little browser that could. IE has had a 95% browser market share since 1999, but Firefox is growing fast and accounts for about 6% now. According to one source, Microsoft's IE team had shrunk to almost nothing, and now they're up to 100 people as MS scrambles to regain it's grip.

Oct 18, 2004 - Spyware running rampant

Is your computer running slower lately? Is it acting weird? Maybe you always come up with some site that's trying to sell you something as your home page. It may be not be a virus or problem with Windows or Internet Explorer; it may be spyware.
Dell says 90% of computers are now running spyware (read the whole story) and they trace 20% of support calls back to spyware. It was between 1-2% in August last year. Dell is also offering help for $39 per incident in fighting spyware, which I thought was a little pricey, but demand has outstripped their capacity.
GetNetWise has a Spotlight on Spyware which has some good information and resources. Most major ISP's, like AOL and Earthlink provide free services to their customers. Not mentioned is my favorite, Spybot Search & Destroy you can download from C|Net.
GetNetWise is touted as a public service and has some good advice and slick graphics, but they're ultimately run by corporations who might not always be altruistic. For instance, the RIAA is a part of the coalition, while they simultaneously support 'protecting' music cd's by having them secretly load a driver on your computer to effectively break it making it unable to read the cd properly. The difference between this and spyware installing surreptitiously is a pretty fine shade of grey.
Another step you can take to protect you from a lot of the online dangers is to stop using Internet Explorer and move to Firefox.

If you're using a version of Windows other than XP, this is even more important since MS will not be releasing the newest security updates for IE except for those running XP -- read more at C|Net.

Sept 3, 2004 - XP SP2 CD Update

I recently told you that a XP SP2 Update CD can be ordered for free from Microsoft's Download Center, but it does take 4-6 weeks. I should ammend that to say that it tells you 4-6 weeks after you order. I Ordered mine on Aug 26th (Thursday) and recieved it today (Sept 3, Friday). Eight days is pretty good for free.

Aug 30, 2004 - Windows should be secure by 2011

Microsoft Security Program Manager Stephen Toulouse was recently interviewed in Wired Magazine. When asked about their now 2 year old focus on security, comments "it's more of a 10-year timeline." He also tells us he runs Firefox.

Aug 26, 2004 - XP SP2 News

Service Pack 2 for XP is available through Windows Update, while it's an important update and recommended, it may have opened a new door for viruses, worms, and hackers. PC Magazine says that the Windows Security Center (WSC) can be monitored and spoofed easily. So when your new WSC says that your antivirus is working and the firewall is on, it just means that some program told the WSC database that these were true, not that they really are on. Microsoft poo-poo's the concerns expressed, but only time will tell how big a problem this will turn out to be.

Aug 20, 2004 - The Vigilant and Efficient TSA

What if I told you that a man who has to fly frequently as part of his job had repeatedly (5 times) been stopped and questioned, nearly missing flights because of his first initial and last name are on the TSA's secret "no-fly" list? And it took 3 weeks of phone calls to get it straightened out?
Pretty bad, huh? How about if the man I mentioned is Senator Ted Kennedy (D-MA)? If it takes possibly one of the most well-known and influential Senators in the country 3 weeks, imagine how long it would take you or me. Yeah, I feel safer.
Read more about it in this SF Gate Article.

Aug 17, 2004 - Installing XP? You have 20 minutes.

The Internet Storm Center has published a graph showing average survival times for unpatched, unprotected windows systems connected to the Internet. It dropped from 40 minutes last year to 20 minutes. You can order an XP SP2 Update CD from Microsoft's Download Center (free, no charge for S&H, but it does take 4-6 weeks). Unfortunately no CD images available for download.

Aug 12, 2004 - Ad Blocker for Firefox

I don't actually mind quiet little banner ads, but lately it's been floating java windows that obscure part of the article text I'm reading, or box ads that flash, or spin, or otherwise are way too busy. In my opinion, the only reason something should blink is if it makes sense in context:
Schroedinger's Cat is NOT dead. (Physics Joke)
One of the cool things you can do with the Mozilla and Firefox browsers is add extensions to do things like check your email or do dictionary lookups or in this case, block ads. Ad Blocker uses lists of patterns that you give it to block anything coming from matching addresses. If you already have Firefox, just click here to install it. To get started quickly, after you install it and restart Firefox/Mozilla, you can download my patterns and import it via Tools -> AdBlock -> Preferences -> Adblock Options

July 9, 2004 - Security Patch for Mozilla/Firefox

Natch, I tell everybody to use Firefox and they find a security issue. So far, there aren't any known exploits 'in the wild', but they have a patch out (less than 24 hours - open source is FAST) or you can just go download the latest versions.

June 30, 2004 - Still Using Internet Explorer? (Again)

Tom Liston, a volunteer at the SANS (SysAdmin, Audit, Network, Security) Institute worked over the weekend to find out what a suspicious compressed file was doing that had been submitted by a visitor as being found on their company's network. It was a "Browser Helper Object" which was 'helping' by capturing session info like usernames and passwords used for a dozens of major banks including citibank before the SSL encryption and sending it on to be the author(s). Interested in a career in computer security? Read Tom's full report on the incident, try to follow along and remember, Tom's a volunteer, you have to be really good to make a living.

P.S. - Oh yeah, none of the antivirus software will detect this yet, and since it's piggy backing on Internet Explorer, firewalls won't catch it either.

June 25, 2004 - Still Using Internet Explorer?

US-CERT, the United States Computer Emergency Readiness Team, released an advisory that not only is there an un-patched security problem with IE, but exploits have been found 'in the wild' where just visiting compromised websites can load a program on your computer which will attempt to find user information, passwords, email and creditcard numbers which are then emailed to the malicious coders. A non-technical article is in the Washington Post. One solution advised is to use my favorite browser: FireFox. It's fast, it's small, it keeps all your old favorites/bookmarks, blocks pop-ups and protects your personal information ... but it doesn't make Julianne Fries.

June 7, 2004 - New worm - same old security problem

A new worm, using the same opening as the recent Sasser worm, named Korgo has appeared and already has 6 variants. Symantec (Norton Anti-virus) upgraded it to a level 3 threat at the end of last week. You can download their scan and fix tool here. Mcafee's Stinger does not yet detect and remove this one, but it may by the time you read this. If you're curious, Mcafee does have this nifty World map showing virus reports which may not have a real-world use, but is still fun to play with. If you're updated windows in the last month, you should be safe. It uses the same security hole in LSASS which is fixed in KB 835732 (MS04-011) Also like Sasser, you don't get it from email, but directly from other machines on the Internet. So, North Contry Cable Internet customers are in little or no danger since we're behind an IP masquerading Firewall -- meaning other computers can't talk to yours unless your computer talks to them first.

June 4, 2004 - Number of new viruses hits 30 Month High

Sophos antivirus reports 959 new virus definitions for the month of May, the highest since Dec 2001. Make sure your antivirus program is getting updates at least once a week.

June 1, 2004 - The Northern Lights

I haven't seen this yet from my place in VT, but I want to. This projection of the North Pole shows the amount of aurora activity ... basically, if the part of the country you're in is covered in orange or red and the sun's down (sun's position shown by the red arrow), you should be in for a show.

May 11, 2004 - Sasser suspect arrested

Police in Hanover Germany ( CNN story ) have arrested an 18 year old young man suspected of being involved in the recent Sasser worm. This is the first success of Microsoft's $5 million bounty fund for virus and worm authors. MS has a standing reward of $250,000 for the authors of other major viruses and worms like MyDoom, Sobig and Blaster. There are also claims from the German law enforment agency, Baden-Wuerttemberg, that the suspected author of the phatbot worm was arrested, but details are slim, and all the articles I've found so far are in German - translations are available, but machine translations still have some distance to go.

May 5, 2004 - Sasser worm

This one appeared on Saturday (May 1st) and spread extremely quickly. It only infects WinXP and Win 2000. For more info: [ McAfee | Norton ]. It doesn't spread by email, but directly PC to PC using the Internet or local network. Tools are available to remove it : [ McAfee Stinger | Norton removal tool ] Over the weekend, several large corporations as well as private PCs were reduced to uselessness. The patch is available from Microsoft.

Apr 19, 2004 - Is your computer spying on you?

According to Earthlink the average is almost 28 spyware programs per PC. You can get a free scan from Earthlink's website. In my top 10 tools for everyone's PC is Pat Kolla's Spybot Search & Destroy, it will not only find these programs, but will describe what they do, remove them, bock against future infection, and it keeps archives to let you restore any changes if you find you really needed something installed after all -- but I've never had to use the last feature.

Apr 14, 2004 - April security notices from MS

Either 20 or 4 (depending on how you count them) new secrity flaws announced for April. The Microsoft security bulletins are: MS04-11 , MS04-12 , MS04-13 and MS04-14. Each with links to the specific updates for every version of windows. There are a lot of updates for the home user, and some pretty major concerns for systems running commercial websites. This article at Techweb goes into more detail.

Mar 30, 2004 - Firefox browser

Before Internet Explorer there was Netscape, and before Netscape there was Mosaic(1993). Out of Netscape came Mozilla then, out of Mozilla came Firefox which is has been getting great reviews and is a joy to use. Firefox allows you to open links into tabs, which is faster and more stable than opening more and more windows.

Mar 22, 2004 - Witty Worm

Worm targets computers running unpatched protection/firewall programs. Witty Worm attacks PC 'protected' by RealSecure (Desktop, Guard and Sentry) and BlackICE (see link for specific versions). An infected system will look for other machines to infect and randomly overwrite the hard-drive in small doses.

Mar 18, 2004 - Polybot/Phatbot

Spreads over network (not email), Polybot/Phatbot looks for systems with easily guessed passwords, infects the system then tries to find others to infect. Worm will reroute some network addresses to prevent anti-virus updates. Some reports of a payload which overwrites the first few disk sectors, rendering the machine un-bootable.

Feb 27, 2004 - Netsky W32.Netsky.C

Another worm cashing in on MyDoom. Looks like it checks to see if the system is infected, then copies itself in and disables MyDoom. Netsky has a bewildering array of possible subjects, text body and attachment names. Like the orginal worm, Netsky requires someone to execute the attachment to infect the system.

Feb 11, 2004 - MyDoom3 W32.HLLW.Doomjuice Worm

A more true worm than its predecessor, this variant only infects systems already infected bu the orginal MyDoom (below), DoomJuice scans for a port left open by MyDoom, and takes over and spreads itself without the need for email.

Jan 28, 2004 - MyDoom W32.Novarg.a Worm

Email will have one of the following subjects: test, hi, hello, Mail Delivery System, Mail Transaction Failed, Server Report, Status, Error. Attachment will have one of these extentions: .bat, .cmd, .pif, .scr, or .zip If run, the attachment will infect your computer, setting up backdoor access and searching for any email addresses on your system to spread itself to. See more and get fix at Symantec Security. It's also been found to be set to massively attack SCO between 2/1/2k4 and 2/12/2k4. SCO has offered a $250K bounty for author's arrest.

Jan 24, 2004 - FDIC Email Scam

A new, well crafted, email scam. The email looks official and is free of the usual puncuation and spelling issues. It states that the FDIC (Federal Deposit Insurance Corp - Bank Insurance) is cooperating wiuth Homeland Security and the USA Patriot Act and requests that the recipient go to a (disguised) webpage to enter lots of sensitive personal information. Using a known bug in Internet (still no fix), the webpage looks like it's www.fdic.gov, but is, in fact, a server in Pakistan. More details at CNet News. Also see the Special Alert from the FDIC.

Jan 19, 2004 - Beagle (Bagle) Worm

W32.Beagle is another mass mailing worm. Claims to be a program from a friend, really brings up the built in windows calculator to distract you, while it searches for more email addresses to spread itself. See the Symantec/Norton Antivirus Page. This worm requires that you click on the file to activate, so as has been said before, if you aren't expecting a file from someone, DON'T open it. NAV definitions of Jan 18, 2k4 or newer is immune to this worm.

©2003-2008 - Clint Grimes
Feel free to lift code for personal use, but contact me before any publication.