Archive for the ‘Spyware, Adware, etc.’ Category

Malware Silent Alters Wireless router settings!

Brian Krebs at his Security Fix column at the Washington Post reported last week:

Malware Silently Alters Wireless Router Settings

A new Trojan horse masquerading as a video “codec” required to view content on certain Web sites tries to change key settings on the victim’s Internet router so that all of the victim’s Web traffic is routed through servers controlled by the attackers.

According to researchers contacted by Security Fix, recent versions of the ubiquitous “Zlob” Trojan (also known as DNSChanger) will check to see if the victim uses a wireless or wired hardware router. If so, it tries to guess the password needed to administer the router by consulting a built-in list of default router username/password combinations. If successful, the malware alters the victim’s domain name system (DNS) records so that all future traffic passes through the attacker’s network first. DNS can be thought of as the Internet’s phone book, translating human-friendly names like into numeric addresses that are easier for networking equipment to handle.

Much more in the article!

We have always recommended changing your router’s default settings like username/password combination, as well as the standard wireless SSID and channel and applying the latest firmware patches for your router.

Also turn off UPNP (Universal Plug’N’Play) in the router. And use WPA security whenever possible for your wireless users to protect your network and keep nefarious users from spreading spam or other bad things through your wireless Internet connection.

And as one of the comments noted:

Besides a non-admin (limited user)* account and AV software, another effective defense against these types of malware is a blocking hosts file:

They also have a related blog that covers a lot of these types of malware tricks using codecs.

Thanks striker in this topic at Scot’s Newsletter Forums for the heads up on this one.

* Where possible (generally easier on Linux, Mac and Vista to run as a limited user than previous versions of Windows like WinXP, and earlier).

Unfortunately even printing can be a challenge in some versions of Windows (WinXP) depending upon the type of printer, if you are using a limited account.

However, if and when you can, either running as a limited user, or using a Linux LiveCD (LiveCD List) to surf the web would be a much safer way to surf the web in general, as well as making sure your router’s information has been updated as noted above regardless.

NOTE: If you adjust your settings on that LiveCD page, you can even find Linux LiveCDs for PPC Macs. I have tried and really like the Ubuntu LiveCD for the PPC Mac.

Next Mac OS X — 10.6 — at WWDC 2008? another big cat? end of PPC?

Well, it makes sense that 10.6 will be announced soon especially with Steve Jobs’ comments to the New York Times regarding major Mac OS X, but at WWDC 2008? Hard to say.

There is also the naming question brought up at Mac360 as well …some say the only big cat left is Lion. But even a cursory look at wikipedia’s big cat page would indicate that Lion isn’t the only one unless you go with strict ‘big cat’ names. A more expansive list also includes things like Cougar, Snow Leopard, Clouded Leopard and Cheetah (or Puma) (which Apple has been used already and broke the ice for the more expansive Big Cat naming for Mac OS X).

My guess would be Cougar. I would think that would be the most logical choice. Wait to use Lion till they move to an all Intel based Macs and maybe proved their dominance might be a better choice of timing to use “The King” Lion.

And if the RoughlyDrafted magazine/blog article was correct in 2007 about their thoughts on Unraveling the PPC Myth (linked in their Leopard and the History and Future of Mac OS X on PPC article noted above), then it’s not likely going to be with 10.6.

I tend to be leaning toward RoughlyDrafted being right on that score, at least after reading over the history of Apple again in those two articles.

Also, Ars Technica last year also didn’t give any real hope that ZFS would be in 10.5 — maybe have to wait for 10.6, but I don’t think so. Too soon. I think they will wait for the next one, 10.7? or whatever that will be called. Might as well wait to do ZFS when it goes to all Intel Macs makes more sense. Make the major change then.

So, I would say Cougar makes more sense at this time. No Lion King here yet…no MAJOR change to the underpinning….yet.

And really, if the truth be known about Cougars — the Cougars are nothing to sneeze at! And with this description: “This large, solitary cat has the greatest range of any wild terrestrial mammal in the Western Hemisphere,[3] extending from Yukon in Canada to the southern Andes of South America.”?? Doesn’t that sound like the desire of Apple with their next version of Mac OS X? To be the most broadly used Mac OS/computers?

Which also would indicate (to me) that they would not want to ditch PPC just yet either … like the RoughlyDrafted articles indicated.

I really think that Microsoft made that Mistake with Vista. And I really hope Apple will not make that same mistake. But who knows with the Entertainment Cartels whispering in their ears just like they did with Microsoft…

When the dust settles and if the Entertainment Cartels get their big Win (controlling when and where you can view content on every front from TV (HDTV, computers, etc.), and the Major OS makers have totally pissed off their real paying customers, we shall see what happens then. But I think we’ve already had about enough of that as evidenced by this ExtremeTech article entitled, “How the Hollywood Morons Can Beat the Pirates! (Thanks Adam for the link!!)

EDIT: Well, I guess I had a better opinion of Apple than I should have. Apparently, according to MacRumers, who was reporting on an article from Ars Technica, Apple has decided to turn PPC users away now after all. Oh, and it’s Snow Leopard, not Cougar. More like Nuclear Winter. Very unhappy Mac user here. What a crock!

Ed Bott breaths life back into a $2500 Sony Vaio “brick”

It takes a big hearted computer technician/journalist, Ed Bott to take this ‘$2500 brick’ (as Jeremy Toeman called it – check out the youtube video) back from the dead. (and how many people will have an “Ed Bott as Jeremy also said in the video on the page).

Ed Bott couldn’t even use the restore disks because of all the crapware that Sony put on it! So, basically he had to use a clean install from a Vista Retail version and then call Microsoft to validate it. And he also had to go looking for drivers for most of the hardware. He couldn’t just use the ones that had come with the Vaio because they were flakey!

And it’s not just this one from 11 months ago. Ed got another one direct from Sony. Thankfully it was more stable with Vista SP1 with all the crapware so he could at least get rid of the crapware and then update the drivers but even that experience wasn’t without incident.

Normal average users would not know how to do this! They will need a technician to do this stuff for them! It’s no wonder Jeremy Toeman and others like him were/are so upset with their new OEM computers running Vista!

From Jeremy’s blog posting: “Until a PC company follows any of this advice, Apple will continue to gain market share, and here’s why: Virtually all MacBook users today are happily recommending others to try MacBooks, with a predictable, reliable recommendation. PC users cannot as easily do the same. I had a great Vaio, then a terrible one. I’ve used Toshibas before (great – in the 90s), a Gateway (wasn’t bad), and 3 Dells now (one good, one bad, one ugly). But they are all vastly different.”

But OEM manufacturers weren’t the only problem from day one with Vista. It’s just the latest to surface. Vista had trouble with upgrades as well and that was uglier than the OEMs. And alot of that had to do with drivers — oh, and non-functional software! And don’t forget many gamers programs!

Even Ballmer recently stated that Vista was not done yet, errr, “A work in progress.”
This was much worse than the XP situation when it came out (which was pretty bad in itself). WinXP SP1, actually it was more SP2 that finally corrected things for WinXP. But the problems continue to plague many who try to upgrade to SP1 of Vista. Of course to prevent many of the problems resulting from upgrading to SP1. They are saying it’s best to upgrade FROM a clean install to have the best results.

I sure hope they do a better job with the next one (Windows 7) — but I am not holding my breath.

Even seemingly reliable e-mail vulnerable

Even seemingly reliable e-mail vulnerable to [unethical] hackers

“The bad guys are trying billions of random combinations … and finding new ways to break in,” says Gartner tech security analyst John Pescatore.

Crooks use flaws uncovered by fuzzing to create tainted files disguised to fool targeted employees. Earlier this year, individuals at several corporations were targeted to receive e-mail carrying an attached Excel file corrupted via a previously unknown flaw. Clicking on the file opened a worksheet with data relevant to the targeted worker; it also gave the attacker a beachhead to probe deeper into the company’s network. “The victims never really knew,” says VeriSign iDefense researcher Matt Richard, who discovered the attack.

In another attack, crooks installed a tainted QuickTime video file at several porn websites crafted to steal data from eBay and PayPal accounts, according to security firm Intego.

“It’s not just Microsoft,” says Secunia Chief Technical Officer Thomas Kristensen. “Crooks now use many different ways to gain control of computers.”

This is nothing new to many of us, but the fact that USA Today has even posted this article shows how pervasive the problem really is. And how easily people within companies, corporate or home office/small/mid sized businesses are being affected, as well as home users.

Social Engineering is alive and well. And although Windows computers are mainly targeted, no operating system is entirely safe.

However, to limit the problem to simply saying that email is the problem would be a disservice to the public.

With thousands of ordinarily safe websites hacked by unethical hackers, people don’t even have to open a dangerous email to have their computers infected with malicious tools that steal passwords, install keyloggers or other malware in order to take over the computer or spew spam, or open backdoors to pretty much do whatever they want. All behind the scenes. Often going unnoticed unless the computer becomes inordinately slowed to the point that it interferes with what the legitimate user wants to do on their computer.

There is an old saying, curiosity killed the cat … for many today, curiosity killed security, thoroughly.

On the other hand, it is also wisely reported at ImformIT in the article entitled, “Crime, War, and B.S. in the Electronic Universe“,

Unlike Chicken Little (and plenty of people in the media), Michael Kemp doesn’t believe that the sky is falling and our electronic connections will soon evaporate under attack by terrorists, criminals, and [unethical] hackers. But he does warn of a more insidious threat: By pandering to these fears, industry professionals may drive themselves right out of business.

And later in the article,

The U.S. Patriot Act has become a stick with which to beat security researchers and invade personal privacy alike. Also in the U.S., the Digital Millennium Copyright Act (DMCA) has been employed to criminalize even legitimate reverse-engineering (thanks to supposed copyright infringement), making a criminal out of Dmitry Sklyarov, and impeding research by cryptographers and security consultants alike. And what has the security industry done about these legal trends? Thus far, not a lot.

There are always AT LEAST two sides to a coin depending on which ‘dimension’ you refer to.

Overall, I think our best intelligence would dictate that we can not be naively clicking on anything that piques our fancy, or be too busy to think through before clicking or opening a file from email or on a website, or make sure that a file in an email truly is from the person we think it’s from, or assume that person has a virus-free computer, and making sure we virus check files with the latest virus definitions before opening them. Period.

We can’t assume, rightly or wrongly, that everything on a website is benign just because the organization is a good one. We have seen in the news that we can’t blindly trust every security site, bank site, sports site, news site, kid’s site, good cause site, etc.

Sometimes we seem to get caught by malware, when we were only doing what seemed reasonable — trusting a known good site.

We need a heads up on what search results appear to be safe and which ones do not appear safe or have some problems like good and bad downloads, or popups, or massive emails sent after visiting a particular site.

There are some really good security tools out there for many of the problems that we might come up against. They may not all be free, but they are available.

Fear is never a good thing. F.U.D. (Fear, Uncertainty, Doubt) is a big enemy to thinking individuals, communities and governments.

Rogue Flash ads pushing malware

Sunbelt Blog posted an article entitled Rogue ads pushing malware – how it works. Here’s the video that shows what’s happening:

At Sunbelt Blog’s website, Alex Eckelberry continues to talk about the Flash .swf ads that are being used to push all this malicious content after throwing the user back and forth all over the web utilizing techniques that are big with Web2.0 interactive and mashed up content:

This is not a trivial problem, and the most important thing for publishers to do is to be extremely careful when accepting new advertisers (and be wary of tricks these people use, like giving fake references), and then keep a close eye on the advertising as it’s running (and hopefully some good tools can be developed for publishers to use to check the content of ads for malicious redirects before posting).

Must read for all Web Surfers.

Legitimate sites like the Major League Baseball site that had at one time recently been unknowingly spewing this type of bad content which was infecting visitors’ computers (see the article) were just trying to keep their visitors/users interested using innovative Web 2.0 features — bringing in and displaying, aka Mashup (web application hybrid) content such as articles, news, videos, ads and more from various sources on the Internet. In the process, something occasionally happens on these legitimate sites. Bad things are being injected.

Thanks for the heads up Alex!

Beware: Facebook Widget installs Zango

Beware: Facebook Widget installs Zango:

Fortinet Global Security Research Team discovered a malicious Facebook Widget (officially, a “Platform Application”) actively spreading on the social networking site which ultimately prompts users to install the infamous “Zango” adware/spyware.

Antivirus/Anti-Malware programs block the installation and state it’s Zango as shown later in the article at Fortinet’s FortiGuard Center report.

Thanks to TeMerc @ Scot’s Newsletter Forums and Sunbelt Blog.

DirectX 10 Hardware Is Now Obsolete

A friend today was telling me about a situation with new video cards, DirectX 10, games like Bioshock that are really frustrating to Gamers.

The copyright holders/developers of Bioshock apparently have an activation revoke tool. And I am sure they are not the only ones!

Most gamers knew that they were waiting for the changes in Vista to make gaming work right in Vista, but I don’t think they expected this!

If you want proof of the abuses of copyright holders and software developers and how they are abusing their place in the world through Vista the Enabler, apparently Bioshock is one to take a peak at.

Say you have a gamer who buys the game. He currently has a GeForce 88xx PCIe video card on a Vista system. He runs Windows Update which in turn installs the new updates for DirectX 10…which apparently shuts off (for no apparent reason) the eye candy the card is fully capable of doing in the game, and had before the update.

Out of frustration, he buys the next version of video card that supports the new updates to DirectX 10 …. for $549!!!

Now he figures he can go back and play Bioshock and really get a great game going! But NO!!!! HE goes back to play Bioshock only to find his activation was revoked for a change in hardware!!!

So after the third time changing hardware, he now has run out of activation credits.

Now he has to purchase the game again.

Then I go to do some searches in Google to see if others are having this type of trouble, and low and behold Slashdot has this: DirectX 0 Hardware is now Obsolete.

DirectX 10 Hardware Is Now Obsolete
Posted by Zonk on Sat Aug 11, 2007 05:41 AM
from the shouldn’t-have-blinked dept.
Windows Graphics Hardware Games
ela_gervaise writes “SIGGRAPH 2007 was the stage where Microsoft dropped the bomb, informing gamers that the currently available DirectX 10 hardware will not support the upcoming DirectX 10.1 in Vista SP1. In essence, all current DX10 hardware is now obsolete. But don’t get too upset just yet: ‘Gamers shouldn’t fret too much – 10.1 adds virtually nothing that they will care about and, more to the point, adds almost nothing that developers are likely to care about. The spec revision basically makes a number of things that are optional in DX10 compulsory under the new standard – such as 32-bit floating point filtering, as opposed to the 16-bit current. 4xAA is a compulsory standard to support in 10.1, whereas graphics vendors can pick and choose their anti-aliasing support currently. We suspect that the spec is likely to be ill-received. Not only does it require brand new hardware, immediately creating a minuscule sub-set of DX10 owners, but it also requires

Lots of very interesting comments at Slashdot on this.

All those folks that said, you don’t know what you are talking about. That I can still do everything on Vista that I could on XP and Win2K … read it and weep.

I kept saying it is not now! It’s later. Vista is the Enabler. The copyright holders and developers will not want to ‘sqeeze’ too hard till they have a decent number of suckers, errrr, users on Vista before ‘squeezing.’

Of course this is really not the first time (see WGA and other DRM issues, etc), but somehow all the other times was some sort of fluke that quietly gets fixed, or oh, that’s just the way it is with Vista. But now things are starting to change for users, eh? How many users will be affected by this do you think?

What say ye, now?

By the way, thumbsup to ID Software and others who create their games for OpenGL so it can be ported easily to other OSes like Mac and Linux/UNIX. And not be hit by this Microsoft operating system centric DirectX lockin crap.

Thanks Charlie for the confirmation so I could go looking for examples of this!

Michael Dell finally gets it about preinstalled Trialware?

Michael Dell apparently said that preinstalled Trialware is costing the company a big hit in the support centers. Duh!

According to the article at ZDNet Blogs: Michael Dell: Anticrapware poster CEO? by Larry Dignan, states;

Dell CEO Michael Dell, speaking in New York City at its Vostro launch, sounded like a man almost ready to rid the world of trialware, which we call crapware. And there’s a good reason for that: Crapware costs Dell money on customer support.

OK, so it’s not exactly that Michael Dell gets it as to why most of us don’t want trialware/crapware on our computers that we buy from Dell, but he does realize it’s having an impact on their customers when an expired piece of ‘crapware’ no longer functions and your images don’t open any longer as they should, or your antivirus won’t update, or you start running out of hard drive space because a huge chunk of it is taken by trialware you never use!?!

Not to mention that much of it phones home, nags you, and some even leave pieces of itself running to monitor your use of their Trialware. And worst of all has taken over default actions for specific file types under the Windows operating system — such as image files. Sometimes those trialware programs take much longer to load a viewer than the standard Windows viewer for images as well…at least till the trial ends and you can’t open your images until you reset the settings for opening specific image file types. Which by the way, most brand new users would not know how to do. So the new users’ images appear to be held hostage by a program that wants their money before they can see their own images/photos again.

Oh, and then when they do a search online for problems opening file, they will likely be taken to another crapware program to install for another round. If they are lucky enough not to end up with some infected malware for their trouble to add insult to injury.

OK … so what you say?

And what about things like gaming centers that install WildTangent and a BUNCH of Internet Online games? Or the AOL or Earthlink or Broadband Offers? Some are just on the system and not installed but are installed the first time you mistakenly click on it.

While we are on the subject of games. Why did BeJeweled become a part of this crap?! And can you still get a copy of BeJeweled that doesn’t include Wild Tangent? Apparently not. Sad! What a great time waster that game was before they moved over to the dark side along with so many other game companies.

And don’t get me started on the monitors HP printers and other devices and image software programs that install Backweb or Backweb Lite. Or the Broadband providers who do the same thing.

The same can be said of so many providers of hardware device drivers/software disk bundled packages for printers, scanners, CDs, sound cards and more. Do they really need to install software to monitor users? Apparently many do. All you have to do is have a firewall that watches for outbound traffic and you’d know that.

Why do these companies think that you want all this CRAPWARE clogging up your brand new PC?

People’s computers are there own. Like any other piece of hardware devices they buy. Companies do not need to be spying on them for any reason. They do not need information on your computer, how many times you played the game.

The surveillance societies — that collectively these types of companies, as well as governments and music and movie companies are trying to create — are not healthy for a human population. As anyone who understands the human mind would tell them. But they don’t ask and don’t care.

Nor do TiVo users, satellite dish receiver owners, and more need to have their remote clicks reported to the mother ship.

But I digress…

Generally speaking, the only people that ‘think’ they want this crap are the brand new computer users who don’t know any better.

And why do the OEMs and other companies do this?

Because it makes them money! And until the CEOs at companies/corporations, like Dell, find that this becomes a customer service center hit for them, they will likely keep doing it.

Because it makes them money they traditionally haven’t listened to their customer base on this. But now it’s affecting them in the pocketbook .. they need larger call centers, or more customer service reps .. it’s costing them money.

The biggest problem is, that even having that crapware on your computer adds registry entries and files you don’t know about or where they are (some in system type folders), that may or may never be removed properly due to poorly done installers/uninstallers. Some make hooks into your operating system itself and are difficult to remove fully.

Nothing like that should ever be installed unless the computer owner specifically wants it on their computer .. and I can’t imagine why anyone would opt-in to have hundreds/thousands of megs of crapware/trialware/crippleware software on their computers that they may not want or need.

If these companies feel the need to make a little money for it to help offset the ‘great’ pricing of the computers, then provide a CD with the shareware/trialware/crippleware on it. Let the people decide whether they want to install them.

AND MOST IMPORTANT, MAKE SURE that the CD notes that these are NOT necessarily paid for full versions – they are to try the program out – that these trial versions may include the ability to phone home, send data over the Internet, track your usage even if anonymously, that they may take over file associations, be difficult to remove, etc., etc.

Let the user decide whether they want that crap on their computers!

What say ye? 😉

Rolling Stone: The Record Industry Decline

Rolling Stone‘s Brian Hiatt and Evan Serpick (with additional reporting by Steve Knopper and Nicole Frehsée) wrote a great piece in Rolling Stone’s news section entitled, “The Record Industry Decline.”

BTW: Happy 40th Anniversary Rolling Stone!!

The article rightly indicates that the real problem is mainly with the Recording Industry themselves. The article also sadly shows they still don’t seem to get it (with the exception of EMI who at least is trying to get it even though it likely scares them too).


The article talks about the music industry’s plummeting sales (down 16% this year alone so far), even as Universal/Vivendi dickers around with Apple over the contract with iTunes. Why? Control?! Where is their head at anyway?! Soon if they keep going the way they are going, there will have NO INDUSTRY anyway! So what are they worrying Apple about? They should be bowing down and kissing their feet for showing them “The Way.” Even more so now that Apple is showing them that they need to change to unencumbered digital files if they want to sell more.

Steve Jobs is right. If they want to renew the music industry, they need to give their customers what they want! They will have more money than they know what to do with even with filesharing! if they do that.

I have bought 1/2 a dozen songs in the last few weeks from EMI’s new 256KB iTunes Plus digital music library.

Why? Because they are high quality and unencumbered with DRM. I would probably buy more if they weren’t putting MY information in the downloads. I hate being spied upon as most folks do. That’s why I generally DO NOT BUY digital music except from eMusic where they are in unencumbered MP3 format.

And what do their customers want? They/We want what many Independent Artists have already been giving them, and what EMI has started giving them — high quality digital downloads that at least rival the CDs they could buy, unencumbered with DRM. Plain and simple.

Then they can stop criminalizing their customers and potential customers, and go after the REAL pirates — those who are copying their music to SELL for a profit.

Some times I really think everyone associated with the record labels in the Record Industry have neanderthal brains! OK, sorry EMI, I know you are trying!! It doesn’t take a rocket scientist to see what’s wrong and how to fix it.

DRM does NOT stop piracy. It stops paying customers from doing what they want (listening to their music on their various devices, and operating systems, etc.) with the music they have paid for!


Thanks to a fellow blogger

This morning I got a message from a friend, James M. Fisher, to let me know that it seems I am in a select group (Female Journalist in the Media) over at Bits from Bill. Kewl! 🙂

Since I read all the same Female Journalists Bill does, and hold them all in great esteem, I feel quite honored to be listed among them.

Thanks Bill, much appreciated for the mention here and here too!

I would also like to take this time to tell you how much I love Bill’s WinPatrol and having his Scotty dog on patrol! It’s a great program that is well maintained. WinPatrol is one of the must have items listed on my Resources page at Fran’s Computer Services.

It’s also great to see Bill point out the connections between signing up with online pharmacies, their ‘simple health questionaire,’ and the amount of spam that computer users could/will get from that responding to such email or search results in a recent piece entitled Just Say No to Online Drugs. I think many folks have no idea what they are getting into or the connection between the two.

As Bill says in the piece, “It can be bad enough trusting your information with reputable companies. Once you confirm your name and address with an illegal firm, you’re in big trouble.”

How true!

Tag Cloud

%d bloggers like this: