Archive for the ‘Spyware, Adware, etc.’ Category

Malware Silent Alters Wireless router settings!

Brian Krebs at his Security Fix column at the Washington Post reported last week:

Malware Silently Alters Wireless Router Settings

A new Trojan horse masquerading as a video “codec” required to view content on certain Web sites tries to change key settings on the victim’s Internet router so that all of the victim’s Web traffic is routed through servers controlled by the attackers.

According to researchers contacted by Security Fix, recent versions of the ubiquitous “Zlob” Trojan (also known as DNSChanger) will check to see if the victim uses a wireless or wired hardware router. If so, it tries to guess the password needed to administer the router by consulting a built-in list of default router username/password combinations. If successful, the malware alters the victim’s domain name system (DNS) records so that all future traffic passes through the attacker’s network first. DNS can be thought of as the Internet’s phone book, translating human-friendly names like example.com into numeric addresses that are easier for networking equipment to handle.

Much more in the article!

We have always recommended changing your router’s default settings like username/password combination, as well as the standard wireless SSID and channel and applying the latest firmware patches for your router.

Also turn off UPNP (Universal Plug’N’Play) in the router. And use WPA security whenever possible for your wireless users to protect your network and keep nefarious users from spreading spam or other bad things through your wireless Internet connection.

And as one of the comments noted:

Besides a non-admin (limited user)* account and AV software, another effective defense against these types of malware is a blocking hosts file:

http://www.mvps.org/winhelp2002/hosts.htm

They also have a related blog that covers a lot of these types of malware tricks using codecs.

http://msmvps.com/blogs/hostsnews/default.aspx

Thanks striker in this topic at Scot’s Newsletter Forums for the heads up on this one.

* Where possible (generally easier on Linux, Mac and Vista to run as a limited user than previous versions of Windows like WinXP, and earlier).

Unfortunately even printing can be a challenge in some versions of Windows (WinXP) depending upon the type of printer, if you are using a limited account.

However, if and when you can, either running as a limited user, or using a Linux LiveCD (LiveCD List) to surf the web would be a much safer way to surf the web in general, as well as making sure your router’s information has been updated as noted above regardless.

NOTE: If you adjust your settings on that LiveCD page, you can even find Linux LiveCDs for PPC Macs. I have tried and really like the Ubuntu LiveCD for the PPC Mac.

Next Mac OS X — 10.6 — at WWDC 2008? another big cat? end of PPC?

Well, it makes sense that 10.6 will be announced soon especially with Steve Jobs’ comments to the New York Times regarding major Mac OS X, but at WWDC 2008? Hard to say.

There is also the naming question brought up at Mac360 as well …some say the only big cat left is Lion. But even a cursory look at wikipedia’s big cat page would indicate that Lion isn’t the only one unless you go with strict ‘big cat’ names. A more expansive list also includes things like Cougar, Snow Leopard, Clouded Leopard and Cheetah (or Puma) (which Apple has been used already and broke the ice for the more expansive Big Cat naming for Mac OS X).

My guess would be Cougar. I would think that would be the most logical choice. Wait to use Lion till they move to an all Intel based Macs and maybe proved their dominance might be a better choice of timing to use “The King” Lion.

And if the RoughlyDrafted magazine/blog article was correct in 2007 about their thoughts on Unraveling the PPC Myth (linked in their Leopard and the History and Future of Mac OS X on PPC article noted above), then it’s not likely going to be with 10.6.

I tend to be leaning toward RoughlyDrafted being right on that score, at least after reading over the history of Apple again in those two articles.

Also, Ars Technica last year also didn’t give any real hope that ZFS would be in 10.5 — maybe have to wait for 10.6, but I don’t think so. Too soon. I think they will wait for the next one, 10.7? or whatever that will be called. Might as well wait to do ZFS when it goes to all Intel Macs makes more sense. Make the major change then.

So, I would say Cougar makes more sense at this time. No Lion King here yet…no MAJOR change to the underpinning….yet.

And really, if the truth be known about Cougars — the Cougars are nothing to sneeze at! And with this description: “This large, solitary cat has the greatest range of any wild terrestrial mammal in the Western Hemisphere,[3] extending from Yukon in Canada to the southern Andes of South America.”?? Doesn’t that sound like the desire of Apple with their next version of Mac OS X? To be the most broadly used Mac OS/computers?

Which also would indicate (to me) that they would not want to ditch PPC just yet either … like the RoughlyDrafted articles indicated.

I really think that Microsoft made that Mistake with Vista. And I really hope Apple will not make that same mistake. But who knows with the Entertainment Cartels whispering in their ears just like they did with Microsoft…

When the dust settles and if the Entertainment Cartels get their big Win (controlling when and where you can view content on every front from TV (HDTV, computers, etc.), and the Major OS makers have totally pissed off their real paying customers, we shall see what happens then. But I think we’ve already had about enough of that as evidenced by this ExtremeTech article entitled, “How the Hollywood Morons Can Beat the Pirates! (Thanks Adam for the link!!)

EDIT: Well, I guess I had a better opinion of Apple than I should have. Apparently, according to MacRumers, who was reporting on an article from Ars Technica, Apple has decided to turn PPC users away now after all. Oh, and it’s Snow Leopard, not Cougar. More like Nuclear Winter. Very unhappy Mac user here. What a crock!

Ed Bott breaths life back into a $2500 Sony Vaio “brick”

It takes a big hearted computer technician/journalist, Ed Bott to take this ‘$2500 brick’ (as Jeremy Toeman called it – check out the youtube video) back from the dead. (and how many people will have an “Ed Bott as Jeremy also said in the video on the page).

Ed Bott couldn’t even use the restore disks because of all the crapware that Sony put on it! So, basically he had to use a clean install from a Vista Retail version and then call Microsoft to validate it. And he also had to go looking for drivers for most of the hardware. He couldn’t just use the ones that had come with the Vaio because they were flakey!

And it’s not just this one from 11 months ago. Ed got another one direct from Sony. Thankfully it was more stable with Vista SP1 with all the crapware so he could at least get rid of the crapware and then update the drivers but even that experience wasn’t without incident.

Normal average users would not know how to do this! They will need a technician to do this stuff for them! It’s no wonder Jeremy Toeman and others like him were/are so upset with their new OEM computers running Vista!

From Jeremy’s blog posting: “Until a PC company follows any of this advice, Apple will continue to gain market share, and here’s why: Virtually all MacBook users today are happily recommending others to try MacBooks, with a predictable, reliable recommendation. PC users cannot as easily do the same. I had a great Vaio, then a terrible one. I’ve used Toshibas before (great – in the 90s), a Gateway (wasn’t bad), and 3 Dells now (one good, one bad, one ugly). But they are all vastly different.”

But OEM manufacturers weren’t the only problem from day one with Vista. It’s just the latest to surface. Vista had trouble with upgrades as well and that was uglier than the OEMs. And alot of that had to do with drivers — oh, and non-functional software! And don’t forget many gamers programs!

Even Ballmer recently stated that Vista was not done yet, errr, “A work in progress.”
This was much worse than the XP situation when it came out (which was pretty bad in itself). WinXP SP1, actually it was more SP2 that finally corrected things for WinXP. But the problems continue to plague many who try to upgrade to SP1 of Vista. Of course to prevent many of the problems resulting from upgrading to SP1. They are saying it’s best to upgrade FROM a clean install to have the best results.

I sure hope they do a better job with the next one (Windows 7) — but I am not holding my breath.

Even seemingly reliable e-mail vulnerable

Even seemingly reliable e-mail vulnerable to [unethical] hackers

“The bad guys are trying billions of random combinations … and finding new ways to break in,” says Gartner tech security analyst John Pescatore.

Crooks use flaws uncovered by fuzzing to create tainted files disguised to fool targeted employees. Earlier this year, individuals at several corporations were targeted to receive e-mail carrying an attached Excel file corrupted via a previously unknown flaw. Clicking on the file opened a worksheet with data relevant to the targeted worker; it also gave the attacker a beachhead to probe deeper into the company’s network. “The victims never really knew,” says VeriSign iDefense researcher Matt Richard, who discovered the attack.

In another attack, crooks installed a tainted QuickTime video file at several porn websites crafted to steal data from eBay and PayPal accounts, according to security firm Intego.

“It’s not just Microsoft,” says Secunia Chief Technical Officer Thomas Kristensen. “Crooks now use many different ways to gain control of computers.”

This is nothing new to many of us, but the fact that USA Today has even posted this article shows how pervasive the problem really is. And how easily people within companies, corporate or home office/small/mid sized businesses are being affected, as well as home users.

Social Engineering is alive and well. And although Windows computers are mainly targeted, no operating system is entirely safe.

However, to limit the problem to simply saying that email is the problem would be a disservice to the public.

With thousands of ordinarily safe websites hacked by unethical hackers, people don’t even have to open a dangerous email to have their computers infected with malicious tools that steal passwords, install keyloggers or other malware in order to take over the computer or spew spam, or open backdoors to pretty much do whatever they want. All behind the scenes. Often going unnoticed unless the computer becomes inordinately slowed to the point that it interferes with what the legitimate user wants to do on their computer.

There is an old saying, curiosity killed the cat … for many today, curiosity killed security, thoroughly.

On the other hand, it is also wisely reported at ImformIT in the article entitled, “Crime, War, and B.S. in the Electronic Universe“,

Unlike Chicken Little (and plenty of people in the media), Michael Kemp doesn’t believe that the sky is falling and our electronic connections will soon evaporate under attack by terrorists, criminals, and [unethical] hackers. But he does warn of a more insidious threat: By pandering to these fears, industry professionals may drive themselves right out of business.

And later in the article,

The U.S. Patriot Act has become a stick with which to beat security researchers and invade personal privacy alike. Also in the U.S., the Digital Millennium Copyright Act (DMCA) has been employed to criminalize even legitimate reverse-engineering (thanks to supposed copyright infringement), making a criminal out of Dmitry Sklyarov, and impeding research by cryptographers and security consultants alike. And what has the security industry done about these legal trends? Thus far, not a lot.

There are always AT LEAST two sides to a coin depending on which ‘dimension’ you refer to.

Overall, I think our best intelligence would dictate that we can not be naively clicking on anything that piques our fancy, or be too busy to think through before clicking or opening a file from email or on a website, or make sure that a file in an email truly is from the person we think it’s from, or assume that person has a virus-free computer, and making sure we virus check files with the latest virus definitions before opening them. Period.

We can’t assume, rightly or wrongly, that everything on a website is benign just because the organization is a good one. We have seen in the news that we can’t blindly trust every security site, bank site, sports site, news site, kid’s site, good cause site, etc.

Sometimes we seem to get caught by malware, when we were only doing what seemed reasonable — trusting a known good site.

We need a heads up on what search results appear to be safe and which ones do not appear safe or have some problems like good and bad downloads, or popups, or massive emails sent after visiting a particular site.

There are some really good security tools out there for many of the problems that we might come up against. They may not all be free, but they are available.

Fear is never a good thing. F.U.D. (Fear, Uncertainty, Doubt) is a big enemy to thinking individuals, communities and governments.

Rogue Flash ads pushing malware

Sunbelt Blog posted an article entitled Rogue ads pushing malware – how it works. Here’s the video that shows what’s happening:

At Sunbelt Blog’s website, Alex Eckelberry continues to talk about the Flash .swf ads that are being used to push all this malicious content after throwing the user back and forth all over the web utilizing techniques that are big with Web2.0 interactive and mashed up content:

This is not a trivial problem, and the most important thing for publishers to do is to be extremely careful when accepting new advertisers (and be wary of tricks these people use, like giving fake references), and then keep a close eye on the advertising as it’s running (and hopefully some good tools can be developed for publishers to use to check the content of ads for malicious redirects before posting).

Must read for all Web Surfers.

Legitimate sites like the Major League Baseball site that had at one time recently been unknowingly spewing this type of bad content which was infecting visitors’ computers (see the article) were just trying to keep their visitors/users interested using innovative Web 2.0 features — bringing in and displaying, aka Mashup (web application hybrid) content such as articles, news, videos, ads and more from various sources on the Internet. In the process, something occasionally happens on these legitimate sites. Bad things are being injected.

Thanks for the heads up Alex!

Beware: Facebook Widget installs Zango

Beware: Facebook Widget installs Zango:

Fortinet Global Security Research Team discovered a malicious Facebook Widget (officially, a “Platform Application”) actively spreading on the social networking site which ultimately prompts users to install the infamous “Zango” adware/spyware.

Antivirus/Anti-Malware programs block the installation and state it’s Zango as shown later in the article at Fortinet’s FortiGuard Center report.

Thanks to TeMerc @ Scot’s Newsletter Forums and Sunbelt Blog.

DirectX 10 Hardware Is Now Obsolete

A friend today was telling me about a situation with new video cards, DirectX 10, games like Bioshock that are really frustrating to Gamers.

The copyright holders/developers of Bioshock apparently have an activation revoke tool. And I am sure they are not the only ones!

Most gamers knew that they were waiting for the changes in Vista to make gaming work right in Vista, but I don’t think they expected this!

If you want proof of the abuses of copyright holders and software developers and how they are abusing their place in the world through Vista the Enabler, apparently Bioshock is one to take a peak at.

Say you have a gamer who buys the game. He currently has a GeForce 88xx PCIe video card on a Vista system. He runs Windows Update which in turn installs the new updates for DirectX 10…which apparently shuts off (for no apparent reason) the eye candy the card is fully capable of doing in the game, and had before the update.

Out of frustration, he buys the next version of video card that supports the new updates to DirectX 10 …. for $549!!!

Now he figures he can go back and play Bioshock and really get a great game going! But NO!!!! HE goes back to play Bioshock only to find his activation was revoked for a change in hardware!!!

So after the third time changing hardware, he now has run out of activation credits.

Now he has to purchase the game again.

Then I go to do some searches in Google to see if others are having this type of trouble, and low and behold Slashdot has this: DirectX 0 Hardware is now Obsolete.

DirectX 10 Hardware Is Now Obsolete
Posted by Zonk on Sat Aug 11, 2007 05:41 AM
from the shouldn’t-have-blinked dept.
Windows Graphics Hardware Games
ela_gervaise writes “SIGGRAPH 2007 was the stage where Microsoft dropped the bomb, informing gamers that the currently available DirectX 10 hardware will not support the upcoming DirectX 10.1 in Vista SP1. In essence, all current DX10 hardware is now obsolete. But don’t get too upset just yet: ‘Gamers shouldn’t fret too much – 10.1 adds virtually nothing that they will care about and, more to the point, adds almost nothing that developers are likely to care about. The spec revision basically makes a number of things that are optional in DX10 compulsory under the new standard – such as 32-bit floating point filtering, as opposed to the 16-bit current. 4xAA is a compulsory standard to support in 10.1, whereas graphics vendors can pick and choose their anti-aliasing support currently. We suspect that the spec is likely to be ill-received. Not only does it require brand new hardware, immediately creating a minuscule sub-set of DX10 owners, but it also requires

Lots of very interesting comments at Slashdot on this.

All those folks that said, you don’t know what you are talking about. That I can still do everything on Vista that I could on XP and Win2K … read it and weep.

I kept saying it is not now! It’s later. Vista is the Enabler. The copyright holders and developers will not want to ‘sqeeze’ too hard till they have a decent number of suckers, errrr, users on Vista before ‘squeezing.’

Of course this is really not the first time (see WGA and other DRM issues, etc), but somehow all the other times was some sort of fluke that quietly gets fixed, or oh, that’s just the way it is with Vista. But now things are starting to change for users, eh? How many users will be affected by this do you think?

What say ye, now?

By the way, thumbsup to ID Software and others who create their games for OpenGL so it can be ported easily to other OSes like Mac and Linux/UNIX. And not be hit by this Microsoft operating system centric DirectX lockin crap.

Thanks Charlie for the confirmation so I could go looking for examples of this!

Tag Cloud

%d bloggers like this: