Archive for the ‘World Wide Web’ Category

Bye, Bye, Facebook, Bye, Bye…

***NOTICE***

BYE, BYE, FACEBOOK, BYE, BYE

This notice is to my friends and family on Facebook

After this weekend (waiting only to give friends and family a chance to know what happened), I will be deactivating my Facebook account, and may ultimately be deleting it in the very near future if A LOT OF THINGS don’t change in the way that Facebook is ‘doing business.’

Facebook has a lot of gall to say Facebook users are not unhappy with their recent changes to Facebook privacy policy changes. I know many who are VERY unhappy with these changes, IF they even realize the changes being made.

To help folks realize what changes are being made, here are some links to do your own research:

Six Things You Need to Know About Facebook Connections (EFF)

Facebook security flaw makes private chats public (Network World)

Consumer groups hammer Facebook privacy violations in federal complaint (Macworld UK) – Facebook privacy violations stemming from recent feature changes

More EFF links over the last week or two on Facebook:

Facebook’s Eroding Privacy Policy: A Timeline

A Handy Facebook-to-English Translator

How to Opt Out of Facebook’s Instant Personalization

If you plan on maintaining your Facebook Account, you also might like to read the following article at ZDNet Blogs:

Contemplating FaceBook Hara-Kiri

Malware Silent Alters Wireless router settings!

Brian Krebs at his Security Fix column at the Washington Post reported last week:

Malware Silently Alters Wireless Router Settings

A new Trojan horse masquerading as a video “codec” required to view content on certain Web sites tries to change key settings on the victim’s Internet router so that all of the victim’s Web traffic is routed through servers controlled by the attackers.

According to researchers contacted by Security Fix, recent versions of the ubiquitous “Zlob” Trojan (also known as DNSChanger) will check to see if the victim uses a wireless or wired hardware router. If so, it tries to guess the password needed to administer the router by consulting a built-in list of default router username/password combinations. If successful, the malware alters the victim’s domain name system (DNS) records so that all future traffic passes through the attacker’s network first. DNS can be thought of as the Internet’s phone book, translating human-friendly names like example.com into numeric addresses that are easier for networking equipment to handle.

Much more in the article!

We have always recommended changing your router’s default settings like username/password combination, as well as the standard wireless SSID and channel and applying the latest firmware patches for your router.

Also turn off UPNP (Universal Plug’N’Play) in the router. And use WPA security whenever possible for your wireless users to protect your network and keep nefarious users from spreading spam or other bad things through your wireless Internet connection.

And as one of the comments noted:

Besides a non-admin (limited user)* account and AV software, another effective defense against these types of malware is a blocking hosts file:

http://www.mvps.org/winhelp2002/hosts.htm

They also have a related blog that covers a lot of these types of malware tricks using codecs.

http://msmvps.com/blogs/hostsnews/default.aspx

Thanks striker in this topic at Scot’s Newsletter Forums for the heads up on this one.

* Where possible (generally easier on Linux, Mac and Vista to run as a limited user than previous versions of Windows like WinXP, and earlier).

Unfortunately even printing can be a challenge in some versions of Windows (WinXP) depending upon the type of printer, if you are using a limited account.

However, if and when you can, either running as a limited user, or using a Linux LiveCD (LiveCD List) to surf the web would be a much safer way to surf the web in general, as well as making sure your router’s information has been updated as noted above regardless.

NOTE: If you adjust your settings on that LiveCD page, you can even find Linux LiveCDs for PPC Macs. I have tried and really like the Ubuntu LiveCD for the PPC Mac.

Flash Away! Youtube, et al, Time to move to Ogg video!

Adobe was bad enough before, now that they own Macromedia (Flash and Dreamweaver, etc.), they aren’t satisfied with owning the most expensive ‘must have’ unfortunately web software — they want more! They want a piece of you and me, and everyone!

Adobe Push DRM for Flash

The immense popularity of sites like YouTube has unexpectedly turned Flash Video (FLV) into one of the de facto standards for Internet video. The proliferation of sites using FLV has been a boon for remix culture, as creators made their own versions of posted videos. And thus far there has been no widespread DRM standard for Flash or Flash Video formats; indeed, most sites that use these formats simply serve standalone, unencrypted files via ordinary web servers.

Now Adobe, which controls Flash and Flash Video, is trying to change that with the introduction of DRM restrictions in version 9 of its Flash Player and version 3 of its Flash Media Server software. Instead of an ordinary web download, these programs can use a proprietary, secret Adobe protocol to talk to each other, encrypting the communication and locking out non-Adobe software players and video tools. We imagine that Adobe has no illusions that this will stop copyright infringement — any more than dozens of other DRM systems have done so — but the introduction of encryption does give Adobe and its customers a powerful new legal weapon against competitors and ordinary users through the Digital Millennium Copyright Act (DMCA).

Much more in the article!

I say that it’s time for the likes of Youtube.com et al to move to open source Ogg Video!

It’s so sad that when a previously free and open ‘proprietary’ standard gets ‘full of themselves’ that all of a sudden, it’s smash the users and providers till it breaks their backs!

Unfortunately, “Adobe now has an incentive to push the use of DRM: it’s only available to sites that use Flash Media Server 3 software, which starts at over $4,000 (with extra fees depending on the number of simultaneous streams).

As if that isn’t bad enough, “Users may also have to upgrade their Flash Player software (and open source alternatives like Gnash, which has been making rapid progress, may be unable to play the encrypted streams at all). Third-party software that can download Flash Video, like the most recent RealPlayer, will also break.”

There are lots of good reasons why DRM is not viable. And here are just a few of them from the article:

Finally, there’s a classic suite of arguments against DRM that will be as true for online video as they were for music. DRM doesn’t move additional product. DRM is grief for honest end-users. And there’s no reason to imagine that new DRM systems will stop copyright infringement any more effectively than previous systems.

More in the article.

Also, I think it is very deceptive. Allow folks to make use of a format till it’s ubiquitous! THEN!!! Encrypt it and lock it up! People will ‘THINK’ it’s all the same old Flash as always — very friendly as always. They will have no idea what hit them or their computers.

Totally disgusted about this. IF THEY WERE GOING TO START DOING THIS. They should have created a totally NEW DRM’d video delivery product with a new name so we users could avoid it like the plague, and kept Flash as it was. That would have prevented confusion about what this ‘new’ format was all about, as compared to the well-known Flash format, and just kept Flash as it was.

They quietly started this crap with Flash 9.x. But it’s not till some companies start making use of this new $4,000 DRM nightmare that folks will begin to really see the head of this monster.

I think Google‘s Youtube, et al should stop using Flash and go with an open source type of video delivery system. Maybe help the open source Ogg/Theora Video Projects or some of the others that EFF mentioned in their article.

High speed Internet brings entertainment home

High speed Internet brings entertainment home (speedmatters.org)

With the likes of NetFlix, Apple and others making movies available for download for rent and/or purchase, the digital divide seems to just be widening. I hope SpeedMatters is right … I hope this does expand what is considered true broadband … but more than that, I hope it wakes up telecoms and other broadband providers because as someone who doesn’t have a true broadband option, it’s really sad to see those of us who are still stuck in dialup and/or limited broadband abilities will not be able to take advantage of these new broadband to the computer or the TV offers.

In order to truly take advantage of these online entertainment options, consumers must be able to connect to truly high speed Internet. For many Americans, though, that’s is still not an option — yet another consequence of the digital divide.

One side benefit of this new flood of downloadable movie services is that it reemphasizes what true high speed Internet really is. As these movie services gain popularity, they may increase demand for high speed Internet and spur more extensive buildout. That way, entertainment uses of high speed Internet may mean that other important services — such as telemedicine, distance learning programs, and emergency communications — become available to more Americans.

One can only hope. I can’t even think about this option at home! I still have trouble bringing in many webpages!

Rogue Flash ads pushing malware

Sunbelt Blog posted an article entitled Rogue ads pushing malware – how it works. Here’s the video that shows what’s happening:

At Sunbelt Blog’s website, Alex Eckelberry continues to talk about the Flash .swf ads that are being used to push all this malicious content after throwing the user back and forth all over the web utilizing techniques that are big with Web2.0 interactive and mashed up content:

This is not a trivial problem, and the most important thing for publishers to do is to be extremely careful when accepting new advertisers (and be wary of tricks these people use, like giving fake references), and then keep a close eye on the advertising as it’s running (and hopefully some good tools can be developed for publishers to use to check the content of ads for malicious redirects before posting).

Must read for all Web Surfers.

Legitimate sites like the Major League Baseball site that had at one time recently been unknowingly spewing this type of bad content which was infecting visitors’ computers (see the article) were just trying to keep their visitors/users interested using innovative Web 2.0 features — bringing in and displaying, aka Mashup (web application hybrid) content such as articles, news, videos, ads and more from various sources on the Internet. In the process, something occasionally happens on these legitimate sites. Bad things are being injected.

Thanks for the heads up Alex!

Tag Cloud

%d bloggers like this: