KCNET NEWSLETTER 02/27/05 TECHNICAL PAGE
TECHNICALLY SPEAKING VIRUS AND OTHER STINKY STUFF INTERESTING SITES
Fixing Firefox Audience: All Firefox users on all platforms Firefox fix plugs security holes By Steven Musil, Staff Writer, CNET News.comPublished: February 24, 200 The Mozilla Foundation released on Thursday an update to the Firefox Web browser to fix several vulnerabilities, including one that would allow domain spoofing. The open-source project released Firefox 1.0.1 to fix, among other bugs, a vulnerability in the Internationalized Domain Names (IDN), a standard for handling special character sets in domain names that lets companies register domain names that appear to be the same in different languages. The IDN vulnerability allowed an attacker to create a fake Web site on a non-Microsoft browser in order to pull off a phishing scam. A spoofed link would seem to be a legitimate URL in the address bar of affected browsers. But instead of taking the victim to the trusted site, the link would lead to a phony Web site with a domain rendered as the same address under the IDN process. The updated browser will display the IDN Punycode in the address bar, preventing URL spoofing. Punycode is the encoding of Unicode strings into the limited character set supported by the Domain Name System and IDN. "Regular security updates are essential for maintaining a safe browsing experience for our users," Chris Hofmann, director of engineering for the Mozilla Foundation, said in a statement. Phishing attacks, which try to fool consumers into handing over sensitive information by creating legitimate-looking Web sites and e-mail messages, have become a central security concern recently. While vulnerabilities in Microsoft's Internet Explorer have been the focus of much of the concern, other browsers also have had their fair share of flaws. The update is available for Windows, Mac OS X and Linux at Mozilla.org. Firefox recently surpassed 25 million downloads, achieving that mark in 100 days. Mozilla, which released the free 1.0 program in November, said an average of 250,000 people download Firefox every day and more than half a million Web sites feature Firefox promotions. Mozilla, an open-source software foundation formed by Netscape, was spun off from Time Warner in 2003. Get the new version at: http://www.mozilla.org/products/firefox/ ************************************************
"Anti-adware Misses Most Malware" Here is a good comparison of Adware and Spyware Programs from Fred Langa in a recent Langalist. It gives an endoresement to the latest Free Microsoft anti Spyware program. By happy coincidence, noted computer author Brian Livingston covered anti-adware tools at the same time we were discussing them in recent issues "Spyware Hype Vs Real Threats" http://langa.com/newsletters/2005/2005-01-27.htm#2 . Brian's work, analyzing data produced by Eric Howes, an instructor at the University of Illinois, shows that "nearly every anti-adware application on the market catches less than half of the bad stuff." Brian's recommendation is to use multiple anti-malware tools, so each can catch what others miss; they can backstop each other. Long-time readers will recognize this approach as the same one we've recommended in this newsletter many, many times. But I'd arrived at that conclusion empirically and anecdotally; Brian now offers statistical proof to back up my less-formal, seat-of-the-pants conclusion. Howes' test results also show that Microsoft's free beta AntiSpyware, which we've previously recommended http://langa.com/newsletters/2005/2005-01-13.htm#2 is the current best of the bunch in antispyware tools. Brian and I both recommend Microsoft's AntiSpyware as one of the tools everyone should have; but beyond that, his recommendations differ slightly from mine in that he includes commercial tools in his top slots. I actually agree with Brian that the tools he recommends e.g. http://www.webroot.com/ , $30 are good, but I know that far more people will use tools if they're free or nearly so. That's why my primary list includes only freeware and donationware--- to help ensure that cost isn't an excuse to avoid using these important defenses. Brian's report appeared in his Windows Secrets newsletter; http://windowssecrets.com/050127/ . Definitely worth a look. BTW, my recommendations--- all free for personal use: Microsoft Antispyware: http://www.microsoft.com/athome/security/spyware/software/default.mspx Spywareblaster: http://www.javacoolsoftware.com/spywareblaster.html Spybot S&D: http://www.safer-networking.org/en/download/index.html Ad-Aware Personal Edition: http://www.lavasoftusa.com/software/adaware/ ***************************************************
Firefox reaches 25 million downloads This one from a staffer at Molly's CNET. By Alorie Gilbert Staff Writer, CNET News.com February 17, 2005, Look out, Microsoft. That's the message this week from the Mozilla Foundation, whose Web browser Firefox has surpassed 25 million downloads in 100 days. Mozilla, which released the free 1.0 program in November, says an average of 250,000 people download Firefox every day and more than half a million Web sites feature Firefox promotions. The group promotes the program as an alternative to Microsoft's Internet Explorer, which has become a target for computer virus writers and other security exploits. "What was just a small flame 100 days ago has since exploded into a phenomenal demonstration of the power of open source," lead Firefox architect Blake Ross wrote on a blog. "Tens of thousands of devoted users and fans are a powerful and capable force of change." Mozilla developed the program using donations and an army of volunteer programmers, many of whom are presumably bent on challenging the dominance of IE. People downloaded more than 8 million copies of the test version of Firefox before the November launch. Microsoft has been defensive about Internet Explorer, denying that it's more vulnerable to bugs than other browser programs. Yet the company made a surprise move this week, unveiling plans to release a new version of IE independently of an upcoming release of Windows so that it can more quickly fix security problems. The growing popularity of Firefox may have spurred the move, some industry observers said. Recent surveys show that Microsoft's market share in Web browsers, while still huge, is slipping. Mozilla, an open-source software foundation formed by Netscape, was spun off from Time Warner in 2003. **************************************************
Internet Explorer 7 Announced It may be simply an idea whose time has come. It may be that Firefox is making enough noise to raise some eyebrows in Redmond. Either way, it looks like IE7 is on its way. Today at the RSA Security Conference in San Francisco, Bill Gates announced plans for a new version of the world's most widely used Internet browser. Experimental versions of Internet Explorer 7 are expected to be ready for testing as early as this summer. The new and improved IE is apparently being developed with security being tops on the priority list. Measures to help users avoid ‘Phishing' scams, spyware and viruses are expected to addressed in full as Gates pointed out that Microsoft has dedicated nearly $2 billion of it's annual research and development budget on security. While Internet Explorer still holds in excess of 90% of the browser market share, the new Firefox browser continues to gain popularity largely from veteran surfers seeking a higher level of security. Some statistics show Firefox with as much as 5% of the browser market. While 5% may be a far cry from IE's 90%, it represents one of the strongest showings from a non IE browser in the past 10 years or so. http://www.webpronews.com/txt/ie7a.html IE 7 To Address Security Issues Yesterday, Microsoft announced the upcoming update of their web browser, Internet Explorer, which will be updated to 7. Promising better security, IE 7 looks to address the number of vulnerabilities contained by older versions of the browser. The new version is expected to more effectively combat spyware, malware, and phishing attacks. According to Microsoft, "[Bill] Gates announced Internet Explorer 7.0, designed to add new levels of security to Windows XP SP2 while maintaining the level of extensibility and compatibility that customers have come to expect. Internet Explorer 7.0 will also provide even stronger defenses against phishing, malicious software and spyware." Expect IE 7 to arrive in beta testing format this summer. ********************************************
A couple of Worldstart suggestions. What is the difference between a Taskbar and a Toolbar? Your taskbar is the long gray bar that sits at the bottom of your screen (you can move it to the top or either side of your screen though). It has the Start button, system tray, and possibly more on it. In addition, it's where your programs buttons sit. Here's a snapshot (reduced size):
Adding Shortcuts to the Taskbar I know, this is kind of a basic tip for you long time Windows users, but we've been getting a lot of questions on this lately. So, if you want to add icons to your taskbar, read on! OK, first we'll talk about getting the icons there in the first place. By default, win 95/98/ME/2000 users should see at least a few icons on their taskbar. The part of the taskbar where these icons sit is known as the "Quick Launch Toolbar". To add more icons to it, just drag them from the desktop or your Start button, Programs area.
XP Users: Sometimes XP, by default, has the Quick Launch Toolbar shut off. I don't know why they felt the need to do this, but they did. Anyhow, in order to use and drag stuff to it under XP, you might need to do the following: 1. Right-click the Taskbar and select Properties from the resulting menu. 2. A Taskbar and Start Menu Properties screen will materialize. Make sure you're on the Taskbar tab. 3. Uncheck the "Lock the taskbar" checkbox and check the "Show Quick Launch" checkbox.
Virus alerts: Paris Hilton, FBI, love Special to ZDNet Published on ZDNet News: February 23, 2005 Three sets of e-mails which promise either nude pictures of Paris Hilton, a scary offical-looking warning from the FBI, or a secret admirer who says "I love you" have appeared in the last two days. They all deliver a package that could grind networks to a halt. Fortunately, none of these will reach "Anna Kornikova" worm or "Love" bug proportions but they will take away hours of productive work time. Be on the lookout! Paris Hilton worm spreads An offshoot of the Sober worm that promises explicit pictures of the hotel heiress is on the loose, experts have warned. February 23, 2005 E-mail virus allegedly sent by FBI An e-mail warns recipients that the government has monitored their Internet use and that they have "accessed illegal Web sites." February 23, 2005 New 'I love you' virus emerges Borrowing a page from the "I love you" bug's book, Assiral tries to snow recipients with flattering words. February 22, 2005
IF YOU SUSPECT THAT YOU HAVE A VIRUS OR IF YOU HAVE NOT SUCCESSFULLY SCANNED YOUR DRIVES FOR VIRUSES LATELY... THESE NEXT SITES ARE FOR YOU. Free Virus scans. Computer Associates, a reputable and reliable anti virus developer introduced a new free program which allows anyone to do a virus scan without downloading any software or registering for an anti virus program. You must use Internet Explorer for access to Computer Associates and to perform the scan. This is a good one and very simple to operate The address is http://www3.ca.com/securityadvisor/virusinfo/scan.aspx
Trend Micro, more commonly referred to as Housecall, offers free virus scans and in most cases can fix damage down by a virus or worm that your computer may have contacted. The program works well. The first time one uses the free program it is necessary to download a small program. Trend Micro walks you through the process. Then the virus scans are quite simple for each return. Go to http://housecall.antivirus.com/ then choose the link "Scan without registering". Follow the directions.
You should disable any anti virus program that you have running. If you do not have a virus program I recommend that you use one of the programs offered above first and then download and install one of the free programs listed below or install any anti virus program you have purchased.
Free Anti Virus programs for download. Quite a few KCnet members use these programs and like them. Be careful if you download a virus program and you already have one installed on your computer. You need to at least disable the program already installed.
AVG Free AVG Free Edition is the well-known anti-virus protection tool. AVG Free is available free-of-charge to home users for the life of the product! Rapid virus database updates are available for the lifetime of the product, thereby providing the high-level of detection capability that millions of users around the world trust to protect their computers. AVG Free is easy-to-use and will not slow your system down (low system resource requirements). http://free.grisoft.com/freeweb.php/doc/2/lng/us/tpl/v5
Avast Avast has been "anti virusing" for quite awhile. The following info comes from their download page: Avast! Home is now free of charge for HOME users for NON-COMMERCIAL use. You can find more info here. http://www.avast.com/eng/down_home.html Note: This product is free for home non-commercial use after registration! HINTS: Click on the English Version Link and download the installation file. Then click on the installation file and follow the directions. You will need to return to the download page and click on the link to get the registration key. It will be sent to you in an email after you provide some registration information. This will give you 14 months of coverage including any updates which can be set to auto download. You can reregister for additional free coverage at the end of the 14 months. You will want to browse around and choose from the many options available for operation. This process will take some time and digging.
Another good free program is: http://www.free-av.com/ This one installs a bit easier than Avast.
Top 5 Viruses for February 11 to February 17 from Trend Micro.
1. WORM_NACHI.A 2. TROJ_WEBSEARCH.A 3. WORM_NETSKY.P 4. HTML_NETSKY.P 5. JAVA_BYTEVER.A
Here are a few sites of many that can help you determine if an email is a hoax or real.
http://www.quatloos.com/ http://www.snopes.com/ http://vil.nai.com/VIL/hoaxes.asp http://kumite.com/myths/ http://www.symantec.com/avcenter/hoax.html http://www.scambusters.org/VirusHoaxes.html http://www.sophos.com/virusinfo/hoaxes/ http://www.truthorfiction.com/
Welcome To Crossword Puzzle Games This web site offers 32,400 free crossword puzzles and fun tools for people who enjoy word games. Get some help with a puzzle or create your own, free. Crosswords are divided into four categories. Each category has a different grid size. This makes some easier and faster to solve than others. Crossword puzzles for every occasion. Large Crosswords (18x18 grid) Medium Puzzles (16x16 grid) Small Crosswords (14x14 grid) Extra Small Ones (12x12 grid) Each crossword puzzle grid is unique, there are no duplicates. All words used are dictionary words. Every effort was made to use only family friendly words, suited for all ages. http://www.crosswordpuzzlegames.com/
Google Fight This one from also from Amanda. This site is really cool! Put in any two keywords and have them duke it out. How do they win? Well, this site searches to see how many listings there are for the words and then the one with the most wins the fight. I put in tea vs. coffee and coffee won with a grand total of 53,500,000 results to tea's measly 37,200,000. You can also check out the last 20 fights by clicking the option for it on the side menu. This will show you what other words are fighting it out. Or you can choose the Classics. The Classics consists of the following: God vs. Satan Pen vs. Sword Tony Parker vs. Michael Jordan Those are just a few. Check out the rest by visiting the Classics. My favorite section though is Funny Fights. Here "Me" fights "Myself" and Me wins by a landslide (probably thanks to the Windows OS), or Alpha vs. Beta and Beta wins by a slimmer margin. You should check "Fight of the Month" too, where Pro vs. Con, The vs. One, while the Beatles and The Rolling Stones duke it out. To find out who comes out on top you'll have to visit the section and watch them battle it out. Pit your favorite words or people against each other, or even your favorite animals. I was surprised at the slim margin that Lion won over Penguin. This is just a lot of fun and you can keep it as versatile as you want by changing up what you use to fight it out. You should put names in quotes to get more exact results. From people, places, things, words—you name it—if it is on the web you can have it fight right before your eyes. http://www.googlefight.com/
Fun Site and informative Thanks to Joan Summerson Put your birth date in the pop up window after you click on the below link. What happens is pretty interesting. It's also amazing how quickly it computes!! Very cool. Send it on to all you think might like a bit of trivia!! Click here: http://www.frontiernet.net/~cdm/age1
The Vision for Space Exploration Blue Skies on Saturn Great graphics and text. You gotta see it. February 17: NASA's Cassini spacecraft has discovered another world with blue skies: Saturn. February 16: Far away from doctors and hospitals, astronauts in space are learning to give themselves checkups us Ultrasound for Astronauts February 10: Amusing one-minute videos from NASA answer some of the questions about space you were afraid to ask. Brain Bites - like How do you go to the bathroom in space? Amusing one-minute videos from NASA answer some of the questions about space you were afraid to ask. January 31: Driving, digging, mining: these are things astronauts will be doing one day in the sands of Mars. It's not as simple as it sounds. http://science.nasa.gov/
Veterans reunite to mark Iwo Jima battle DOUG SIMPSON Associated Press Posted on Mon, Feb. 21, 2005 LAFAYETTE, La. - Norman Baker arrived at Iwo Jima on Feb. 19, 1945, the first day of the invasion. It was clear and sunny. "It was a beautiful day," he said, recalling his time as an 18-year-old Seabee. "Then the mortars started in, and the artillery." That day turned into World War II's bloodiest battle in the Pacific. The dwindling group of American survivors gathered this weekend - 60 years later - in this Louisiana city and at reunions around the country. Most are now in their 80s; some lean on canes or their wives for support. They reunite every year to remember friends they lost, to share recollections of battle and to connect with the few who can comprehend what Iwo Jima felt like. "It was only after the battle was over that we realized how horrible it was," said Baker, of Delaplane, Va., now 79. "The casualties were terrible casualties. Men died horribly." He and thousands more Americans were unloaded on Iwo Jima's black-sand beach, then faced a blistering assault from the entrenched Japanese. It took the Americans 36 days to take the island. The dead: 6,821 Americans and 20,000 Japanese. More from this report: http://www.mercurynews.com/mld/mercurynews/news/breaking_news/10953494.htm?1c D-Day February 19, 1945 Shortly before 2am on Feb. 19, 1945, the Navy's big guns opened up on Iwo Jima again, signaling the beginning of D-Day. After an hour of punishment, the fire was lifted, leaving Iwo smoking as if the entire island were on fire. Both Americans aboard their transports and the Japanese in their caves looked to the skies now. One-hundred-ten bombers screamed out of the sky to drop more bombs. After the planes left, the big guns of the Navy opened up again. At 8:30am, the order, "Land the Landing Force," sent the first wave of Marines towards the deadly shores. Once ashore, the Marines were bedeviled by the loose volcanic ash. Unable to dig foxholes, they were sitting ducks for the hidden Japanese gunners. Heavy fire made it impossible to land men in an orderly manner. Confusion reigned on the beaches. The battle was unique in its setting. One hundred thousand men fighting on a tiny island one-third the size of Manhattan. for 36 days Iwo Jima was one of the most populated 7.5 miles on earth. Mt. Suribachi, the 550-foot volcanic cone at the islands southern tip, dominates both possible landing beaches. From here, Japanese gunners zeroed in on every inch of the landing beach. Blockhouses and pillboxes flanked the landing areas. Within, more heavy weapons stood ready to blast the attacking Marines. Machine guns criss-crossed the beaches with deadly interlocking fire. Rockets, anti-boat and anti-tank guns were also trained on the beaches. Every Marine, everywhere on the island was always in range of Japanese guns. The Japanese were ready. The invading US Marines fought above ground. The defending Japanese fought from below ground. The US Marines on Iwo rarely saw a Japanese soldier. Historians described U.S. forces' attack against the Japanese defense as "throwing human flesh against reinforced concrete." There were no front lines. . . . Captain Dave Severance, Easy Company Commander (the Flag Raising Company) ... Easy Company started with 310 men. We suffered 75% casualties. Only 50 men boarded the ship after the battle. Seven officers went into the battle with me. Only one--me--walked off Iwo." The battle was won by the inch-by-inch tenacity of the foot soldier. Don't miss this site. http://www.iwojima.com/
Return to Top of Page