Thursday, June 29, 2006
Microsoft has released Internet Explorer 7 Beta 3. Microsoft previously announced that it was not planning to add any new features to the beta 3. However, after reading several beta 2 testers' comments, they have added some new functions, including drap and drop tabs, horizontal navigation in zoom view, and a more robust RSS features.
Earlier this year, the Veteran Affairs office reported that one of its employee had his laptop and an external hard drive stolen. Unfortunately, the devices contained personal information for millions of veteran. Thankfully, the computer has been recovered but no details were given as to how.
Wednesday, June 28, 2006
In security news, you always hear about an exploit discovered in Windows or Mac OSX but you rarely hear anything about Linux. Linux users should not think that they are immune to Internet attacks. Linux needs firewall and antivirus applications to ward off attacks as well.
Tuesday, June 27, 2006
Are Home PC's firewalls uneffective? I hope not but security firms think otherwise.
Sunday, June 25, 2006
Many Internet users are under the false impression that their presence on the net is invisible; unfortunately, that is far from the truth. Recent news headlines detailed how the US government has been conducting warrant-less wiretapping on Americans. Earlier this year, news broke that the federal government had approached the three largest Internet search engines, Google, MSN and Yahoo!, and asked for an assortment of information from their databases. While Yahoo! and MSN acquiesce, Google resisted and ultimately took it to court. The court ruling was a partial victory for Google, Google was ordered to give an abbreviated list of items requested by the federal government. But, the US federal government isn’t the only entity which is gathering information on net users. The previous mentioned three search engines are also gathering information on net users.
Usually, the search engine gathers information about the search queries a user enters and what websites they visit. The information is then used to present relevant ads to the user. Google’s biggest source of income comes from their ads, which are displayed on the search result page. Yes, this might sound innocuous but why have anyone or any company monitoring your presence on the Internet. In the real world, I doubt many people would enjoy having someone shadowing them. Nor do I expect people to allow someone to read their mail. Yet, all these things are happening on the Internet. For example, every time you visit Amazon, Amazon will record what items you visited and, the next time you visit their site, they will target you with relevant items. Gmail scans users’ messages and display relevant ads on their site. Yahoo! uses web beacons to track your movement on the Internet. Also, Yahoo! surrendered information to the Chinese government that lead to the arrest of several civil activists.
There have been several court rulings which support the federal government right to monitor activity on the net. In one of the most recent rulings, ISP’s are required by law to retain records of their customers’ activity on the net for at least two years.
Needless to say, net users need to keep up to date on issues regarding their privacy on the net. Though it is impossible to stealth all of activity on the net, there is nevertheless ways to keep it to a minimum. I will be exploring these items in the coming posts.
Friday, June 23, 2006
Thursday, June 22, 2006
Search battle just starting, Yahoo says | InfoWorld | News | 2006-06-21 | By Sumner Lemon, IDG News Service
"'Anything that requires human expertise, where you would value the opinion of your neighbor, your friend, your mentor, people you trust in different contexts -- that's the real opportunity,' Horowitz said."--infoworld.com
Though Google might be the search engine king, Yahoo! plans to challenge it. While traditional searches are based on navigation, Yahoo! is trying to add a human element to searches. For example, del.icio.us is a social bookmarking service wherein an individual can discover what fellow users find interesting.
Wednesday, June 21, 2006
There are accusations from security firms that Microsoft is engaging in predatory pricing, wherein a company (i.e. Microsoft) is selling their products at a price which is substantially lower than its competitors and, once the competitors dropout, then the company raises the prices. In a capitalistic economy, more competitors translate to more choices for consumers. Competition leads to better price offerings for consumers. Microsoft entrance into the Internet security market is causing waves with other established security firms.
"Eckelberry notes that Microsoft has priced its products 50 percent below the security market leaders like McAfee and Symantec. Predatory pricing occurs when a dominant firm sells its products at a loss to drive competitors out of business, and is then able to raise prices beyond standard market rates." --Betanews.com
Tuesday, June 20, 2006
If you have ever installed software on to your PC then you have probably seen a End User License Agreement (EULA). A EULA is a legal contract between you, the user, and the maker of the software. The terms of EULA explain how the software can be installed and used. In addition, the EULA will explain what software will be installed. Unfortunately, there are many companies which bundle their software with adware and/ or spyware (eg. 180Solutions). As the old saying goes “there is no such thing as a free lunch.” To pay for the development of a particular software, the developer oftentimes partners with an advertisement company. The developer is happy because he gets a percentage of the profits from the ads. And, the advertisement firm is happy because he can bundle his adware with an attractive piece of software. The ad firm hopes that users will be so quick to download and install the software that they will be oblivious to the bundled adware. And, for the most part, they are right. For example, Daemon tools, a popular CD emulator, is bundled with WhenU toolbar. On close inspection of the EULA, in fine print, the user is informed that the software is bundled with adware and by installing the software they agree to have the adware installed as well. Technically, the law is on the side of the advertisement firms.
Users who installed the software usually don’t inspect the EULA; rather, they click away. It is no small surprise; the EULA is written in legal jargon only a lawyer could understand. Thankfully, you don’t need to be a lawyer to find out if a particular EULA hints of adware. Our friends at Javacoolsoftware have developed the EULAlyzer (www.javacoolsoftware.com/downloads.html). EULAlyzer will scan a EULA and display any segment of the agreement which suggests the installation of adware or any other suspicious programs. It is very simple to use. All you need to do is copy and paste the agreement onto EULAlyzer and analyze. Viola, you are done.
Anyone who plans on installing software, especially “freeware,” will benefit by using EULAlyzer. A pinch of prevention is better than a pound of trouble.
This another case of a teenager minor who was sexually assaulted by someone she met on MySpace, a very popular social network on the Internet. I do agree with the mother of the victim that MySpace can and should take greater measures to protect its users. However, I do not believe MySpace should take all the blame. The teenager and her mother are also at fault. Teenager met the alleged attacker on the Internet. She voluntarily chose to met him. She did not inform her parents as to who she was spending time with nor did she disclosed her activities on the Internet. As for the mother of the victim, she carries the same amount of blame as MySpace. She wants MySpace to provide safety measures to its users but, as a mother, she is responsible for the safety of her daughter. She could have sat her daughter down and talked to hear about the dangers on the Internet. She could have asked her daughter to see what information she placed in her personal profile. She could have asked her daughter who she was going out with. This is another case were everybody carries some blame. I think they should move beyond the finger pointing and develop ways to secure the safety of minors on MySpace.
PayPal has reported that they have fixed a vulnerability on their website. Earlier this week, a vulnerability was discovered on their website which allowed hackers to redirected customers to a malicious website. Once on the website, customers were told that their accounts have been disable and to enable them they would need to provide their account information. The vulnerability involved cross scripting. Customers are urged to only enter personal information on websites with a paypal.com domain.
Since Sony's debacle with placing rootkits in their music CD's, the company has been trying to clean up its image. Today, Sony announced that it will be entering in to the online music market It hopes that the service will generate revenue via advertisement.
"The new service, called Musicbox Video, will stream videos in a Flash-based player that utilizes technology provided by Brightcove and includes playlists with top videos and genres. Sony BMG artist sites will also feature custom versions of the player, which requires no download." -- BetaNews.com
Sunday, June 18, 2006
A cross site scripting flaw is causing a lot of headaches for PayPal and its customers. The flaw allows hackers to redirect PayPal customers to a fraud site, where personal information, such as name, social security number and credit card information, can be harvested.
Saturday, June 17, 2006
Thursday, June 15, 2006
I’ve been using Yahoo! My Web 2.0 (http://myweb2.search.yahoo.com/) for over a year now. Yahoo! My Web 2.0 is a knockout social bookmarking service, similar to Del.icio.us and Blinkist. Using Yahoo! My Web, you can bookmark webpages and tag them for easy search. However, unlike Del.icio.us and Blinklist, Yahoo! My Web allows users to save cache copies of the webpage. I love this feature because there is no guarantee a webpage will remain on the Internet forever. User can search by tags and keywords.
Starting in June of this year, Yahoo! My Web has been updated and sports some new features and improvements on existing features. By the way, Yahoo! decided to drop the”2.0” because they were concerned people might confuse it with Web 2.0. In order to use the service, you need to open a free Yahoo! account. The best way to bookmark webpages is to install Yahoo! toolbar. Yahoo! toolbar supports both Internet Explorer and Firefox.
So, what’s new? Well, the Yahoo! My Web homepage prominently displays “Today’s Interesting Bookmarks.” In addition, you can search not only your bookmarked webpages but all bookmarked webpages. Search by tags and Yahoo! My Web will display the users who frequently use a particular tag. Hover your cursor over a user’s name and a popup balloon will appear. You can then easily add them to your contact list.
There was a time when Netscape was the premier web browser for the Internet. That all changed when Microsoft decided to include Internet Explorer in all of its Windows OS. Netscape fell out of favor with Internet users and IE soon became the de facto web browser for the world. Netscape was later acquired by America on Line (AOL). Ironically, Mozilla grew out of Netscape. Mozilla tried to rescurrect Netscape. Unfortunately, Mozilla experienced the same problems with Netscape. It was slow and bloated. But, Mozilla decided to dump everything and build from scratch. The result was Firefox. Now, AOL wants to build a new image for the Netscape portal. Instead of developing something totally new, AOL opted to emulate Digg. That's right, if you can't beat them then joined them.
Wednesday, June 14, 2006
It's old news now that identity fraud is on the rise. Every other day you hear how another database, containing names, social security and other personal info, has been compromised. Usually, it involves an employee who saved the information onto a computer notebook or other portable media and the labtop was later stolen. Though both federal and local governments have tried to stem the rise of identity theft, it is just not enough. The Internet is probably the biggest offender. Any hacker can surf the Internet and cull personal information that can be later used for fraud.
Tuesday, June 13, 2006
"The federal government defended its warrantless domestic surveillance program in court for the first time Monday, saying it is well within the president's authority but that proving that would require revealing state secrets" -- excerpt from Washington Post.
This is ridiculous. President Bush claims that he had the authority to order wiretapping of Americans but can not disclose proof because it would reveal state secrets. Isn't that convenient. How stupid does he think Americans are? Or more importantly, how stupid do American thinks he is?
Monday, June 12, 2006
There is exciting news brewing at Digg. Digg plans to expand beyond just computer and technology. There are interested in including information about health, money, law...etc. Many people voiced there concern about this expansion. Will Digg be successful in these areas?
There seems to be a worm spreading slowing through Yahoo! Mail. The worms spreads by sending itself to Yahoo! addresses found in the address book. The worm is a low risk. Yahoo! Mail users are urged to not open email messages from email@example.com and update there antivirus to the latest signatures. Yahoo! Mail beta doesn't seem to be affected.
Sunday, June 11, 2006
I am comfortable with the fact that Microsoft is using Windows Genuine Advantage (WGA) program to harvest information from our computer. There seems to be a lack of disclosure from Microsoft about this feature of WGA. I agree that anti-piracy is a worthy goal but there needs to be a line drawn as to how far Microsoft can go without invading our privacy.
Chances are your Internet connection is not optimize. This guide illustrates how to optimize your connection by tweaking the Windows registry. Most of the tweaks are for broadband connections and not dial up.
Here are two (2) small software programs to delete those stubborn files Windows won't allow you to delete.
Saturday, June 10, 2006
It is unsettling how the US government is keeping tabs on Americans. It seems more and more that civil liberties and privacy are being encroach upon by the federal government. The article urges the government to make changes to prevent abuse of these powers. Truth be known, there are already safety measures in place. The problem is that the government ignores them.
Friday, June 09, 2006
More than once, I’ve come across an article advising Internet users to stop using Internet Explorer (IE) and switch to an alternative web browser, such as Firefox, Safari, Opera or Maxthon. Oftentimes, they refer to the lack of features and security issues as reasons to switch over to an alternative browser. Hey, don’t get me wrong. I am a huge Firefox fan but I think IE still has a lot to offer. With the help of some tweaks to IE settings and installation of some Browser Help Objects (BHO’s), IE can be a solid web browser.
Let’s look at how we can address the lack of features problem. Oftentimes, critics of IE 6 complain that there is lack of: tab browsing, a RSS aggregator and a built in search bar. To address these concerns, I highly recommend the Windows Live toolbar, currently in public beta testing. The toolbar allows users to pick and choose which components to add. The available components include: tab browsing, rss detector, form filler, anti-phishing and the Onfolio plugin. The tab feature is rudimentary but functional. Users can create new tabs, close a tab or close all tabs, open a link in a new tab and open the homepage in a new tab. However, it doesn’t allow you to rearrange open tabs like you can in Firefox and Opera. In addition, you can’t undo closed tabs like Opera.
The toolbar’s RSS component detects if the current webpage offers a RSS feed. When ever there is a feed available, the detector’s icon lights up. With a simple single click, you can add the feed to your personalized Live homepage. But, if your browser homepage is not Live.com then this won’t work. However, you can still use the Onfolio plugin. Microsoft recently acquired Onfolio. Onfolio is an incredible research tool for gathering information from the Internet. Onfolio can capture portions of a webpage or the entire webpage and save it on to your hard drive (HD) for offline viewing. You can create folders and subfolders to organize your data. Onfolio is also a powerful RSS aggregator. In my opinion, Onfolio’s RSS component rivals that of Firefox’s live bookmarks and Opera’s RSS feed feature. Onfolio can search for available RSS feeds. Onfolio is a true RSS aggregator; it takes multiple feeds and combines them into a single feed. It allows you to add items into a “reading list,” so you can read articles at a later time
Users can also install the form filler component of the Live toolbar. The form filler can store multiple addresses, website user’s ID and passwords, and/or credit card information. It is a nice extra to have for convenience. You can also set a master password to secure all the other passwords. This is a nice touch for those who use a shared computer.
Windows Live toolbar comes with an anti-phishing feature. Unfortunately, these days most malware are crimeware, where the goal is to trick people in to divulging their private data. There is a long list of frauds and scams which use malicious websites disguised as genuine websites. The anti-phishing feature works in the background and alerts users to phishing sites. The tool is updated frequently.
There are many ways to optimize Internet Explorer security settings. To access IE’s security settings go to Tools > Internet Options > Security. Below are settings for Internet Explorer which will improve IE’s security.
Internet Security Zone set:
Download signed ActiveX controls: Prompt
Run ActiveX controls and plug-ins: Enable
Script ActiveX controls marked safe for scripting: Enable
Script ActiveX controls marked unsafe for scripting: Disable
Active scripting: Prompt
Allow paste operations via script: Disable
Scripting of Java applets: Disable
Trust Sites Security Zone set:
Download signed ActiveX controls: Enable
Run ActiveX Controls marked safe for scripting: Enable
Script ActiveX controls marked safe for scripting: Enable
Script ActiveX controls marked unsafe for scripting: Disable
Active scripting: Enable
Allow paste operations via script: Disable
Scripting of Java applets: Enable
Another free tool is Javacoolsoftware’s Spyware Blaster. This is a BHO for IE which works in the background to secure the browser. SpywareBlaster is not your typical antispyware program. Unlike antispyware scanners, SpywareBlaster does not remove spyware and adware; instead, it prevents the installation of spyware in the first place. SpywareBlaster (SB) supports Internet Explorer (IE), Netscape, Mozilla and Firefox. SB changes settings on these web browsers to prevent installation of known malware. For instance, SB adds thousands of websites to IE’s Restricted Sites; remember ActiveX controls are turned off for all restricted sites.
There are more features in this relatively small but powerful antispyware program. SB gives users the option of blocking tracking cookies, Flash ads, prevents changing of the homepage, backup and restores the Hosts file. There is an option of taking a snapshot of your computer when it is healthy so, when your computer is infected, you can restore settings from the snapshot. Javacool doesn’t mention what settings are stored in the snapshot.
There are two versions of SB a free version and a for pay version. The only difference between these two versions is that the pay version allows the user to automatic update SB’s definitions, while, in the free version, users must manually update.
Thursday, June 08, 2006
Google has released another new extension for Firefox. Google Browser Sync saves Firefox's cookies, history, open tabs and passwords on to Google's server. They can then be accessed from any other computer with an Internet connection.
Tuesday, June 06, 2006
Google has added another online tool a spreadsheet. It is the newest addition to the Google Labs family. It is a work in progress and, currently, there is only basic features available. With this latest online tool, one can't help but think Google is trying to develop its own office suite. For instance, recently, Google acquired Writely, an online word processor that can both import and export Word documents. Then there is also Gmail and Google Desktop Search. Microsoft should be concerned.
Monday, June 05, 2006
This is a great reference article for those who are interested in the performance of various popular web browsers. Many of the results debunk previous claims about the speed of certain browsers. For instance, Firefox is not faster than Internet Explorer 6; they are about the same. Opera is supposedly the fastest among those tested.
Sunday, June 04, 2006
In order to convert from MPEG-2 to MPEG4, we need two pieces of software, DVD43 and Nero Recode. DVD43 is a freeware. Unfortunately, Nero Recode 2 is not. Nero Recode 2 is part of the Nero 6 Ultra Edition. Thankfully, you can download a 30-day trial of Nero Recode 2 to experiment with it. Important, Nero Recode can not access video files from a copy protected DVD. That’s where DVD43 comes into play. DVD43 removes the copy protection, allowing Nero Recode to access the DVD’s video files. Double click DVD43 desktop icon and it will detect all the optical drives on your computer. Once completed, you will see a yellow frown face icon on your system tray. Insert the DVD into the DVD drive and DVD43 will remove the copy protection. The yellow frown face will change to a little devil’s face and then to a green smiley face. If you see the green smiley face then DVD43 successfully removed the copy protection. On rare occasions, DVD43 will not be able to remove the copy protection in which case the yellow frown face will remain unchanged.
Once you have removed the copy protection, you can start using Nero Recode 2. Warning, the process takes a long time. Be sure to set aside a couple of hours before starting a project. Important, the time it takes to convert is directly proportional to the level of compression (i.e. more compression = more time to complete). Follow these steps:
Launch Nero Recode 2 and select Recode DVDs and Videos to Nero Digital.
In the new window, click on Import Files.
Navigate to the video files. Select the files you want and click on Add Titles.
Nero Recode will start analyzing the Title(s). Wait until the analysis is completed.
When completed, make sure the Fit to Target box is checked.
Next, select the level of compression by clicking on the bar directly below the Fit to Target box.
If you don’t like any of the preset choices then choose custom and enter the desired level of compression.
Press Next. Choose the destination of the converted video files. You can choose a HD or any removable media. Under Target folder, enter a folder on your HD where the files will be stored temporarily.
Go hang out with your friends, do your laundry, jog around the park a couple of times or whatever until the process is finished.
Saturday, June 03, 2006
It has been firmly established that the National Security Agency (NSA), after 9/11, engaged in wiretapping of Americans. The NSA did not obtain a warrant from any judicial body that would allow them to legally wiretap Americans. There was no judicial oversight at anytime during the wiretapping. In addition, the NSA demanded telephone records from BellSouth, AT&T and Verizon. The Bush administration argues that the NSA was exempt from obtaining a warrant because doing so would reveal state secrets and compromise national security. The question is "who then decides when an action will would reveal state secrets and/or compromise national security?" The same people who are doing the wiretapping. What ever happened to the balance of power?
Friday, June 02, 2006
Thursday, June 01, 2006
Security software companies are worried about Microsoft. Microsoft officially launched Live OneCare this past Wednesday, May 31. Live OneCare offers full internet security and other system utilities under one single package. In addition, Microsoft continues to develop Windows Defender, their anti-spyware application. Windows Defender will be integrated in to Windows Vista, Microsoft’s next OS. Currently, users with an authentic copy of Windows can download and install Windows Defender for free. Bill Gates has assured PC users that it shall remain free even after the beta testing period. All these things are eating at security software makers’ profits. Symantec and McAfee have step up their efforts to compete with Microsoft. Not to be outdone, Symantec is developing Genesis, their version of Live OneCare. Genesis will provide all the services that Live OneCare provides. Genesis is still in development but the company expects to release the final version before the end of this year. McAfee has followed suit and released their own product called “Falcon.”
Eric Schmidt, Google's CEO, announced publicly that there are no plans to develop a Google web browser. Schmidt stated there already exists a fair number of competent web browsers already available - Schmidt mentioned Firefox and Opera. Though there might not be a Google browser in the near future, Goolge has been working very closely with Mozilla and Opera Inc. For example, the upcoming Firefox 2.0 will include Google's Safe Browsing Antiphishing feature. In addition, both Firefox and Opera have Google as the default search engine.