We've received the sad news from Donna's husband that she passed away unexpectedly on December 13, 2011.

Donna has been a strong advocate for security and education for many many years and helped guide many in their interest of security on various forums. 

She will be missed by many.

 Her blog will remain as a tribute to her passion for security and her willingness to contribute to others.

(comments have been opened up on this post for a short time)

Other locations where tributes have been posted include:

http://www.calendarofupdates.com/updates/index.php?showtopic=35451

http://www.dslreports.com/forum/r26869669-sad-news-rip-donna-b

http://www.wilderssecurity.com/showthread.php?t=317926

http://myitforum.com/myitforumwp/2012/02/08/sad-day-donna-from-donnas-securityflash-has-passed-away/?utm_source=rss&utm_medium=rss&utm_campaign=sad-day-donna-from-donnas-securityflash-has-passed-away

http://www.broadbandreports.com/forum/r26869669-sad-news-rip-donna-b

Posted by admin | 40 comment(s)
Filed under:

A friend of mine asked if he should also install Google Chrome when updating DivX Plus Player.  I told him "no, it's not necessary. Uncheck all boxes for Chrome installation and other modification on the browser by Chrome".  I told him also to always do this action to other software updater or installer that will try to install a program that he don't want or require.

Since I have a DivX Plus Player that I haven't update myself (because I disabled automatic checking of DivX updates) and yup, there was an update:.  It is v8.1.3:divx

When I clicked "Next" button, I'm offered Google Chrome browser, as well.

divx2

 

Just uncheck those guys, unless you want to have Google Chrome, but I doubt you do because if you want it, you know where and how to get it yourself (by visiting Google Chrome website).  It's so sad that some software developers are doing the above "update practices".  It's just an UPDATE but there you are... offering another program that is not necessary to update a program.

Posted by donna | 1 comment(s)

Bright Hub have lots of new quizzes to test your knowledge.  Check out some of the quizzes :)

Example quizzes in Bright Hub:

Computer Security

  • Do You Know Computer Viruses?
  • How Safe Is Your Wi-Fi Connection?
  • How Secure is Your Computer?
  • Test Your Computer Security Skills With the Malware Open Challenge

Windows

  • A Quiz for Microsoft Word Professionals
  • Are You a Windows Expert? See How Much You Know
  • Are You an MS Office Expert? Test Your Knowledge
  • Think You Know Your Windows Computer?
  • New to Microsoft Word? Find Out How Much You Know!
  • So You Think You Can Use Microsoft Excel? A General Knowledge Quiz
  • Test Your Microsoft History Knowledge

Mac

  • Are You Up to Speed in Lion?
  • Test Your Knowledge of Apple History
  • Steve Jobs Said What?
  • Take the Mac Challenge: How Much Do You Know?
  • Test Your Computer Chops with Our Macintosh Guru Quiz
  • Test Your Steve Jobs Fandom: A Quiz

iPhone

  • Think you Know your iPhone? Take our iPhone quiz & find out
  • iPhone Games Quiz
  • There's an App For That
  • Apple and the iPhone

Good luck or shall I say, hope you'll get perfect score!

Posted by donna | with no comments

Quoted below is an unsolicited email with malware attached:

Subject:  Uniform Traffic Ticket (ID: 31534)

From:  New York State Department of Motor Vehicles

New York State — Department of Motor Vehicles

UNIFORM TRAFFIC TICKET (ID:77810),


POLICE AGENCY
NEW YORK STATE POLICE
Local Police Code 3

THE PERSON DESCRIBED ABOVE IS CHARGED AS FOLLOWS
Time: 7:25 AM
Date of Offense: 07/02/2011
IN VIOLATION OF NYS V AND T LAW


4 Description of Violation

SPEED OVER 55 ZONE

TO PLEAD, PRINT OUT THE ENCLOSED TICKET AND SEND IT TO TOWN COURT, CHATAM HALL., PO BOX 117

Screenshot of the spam:

5

This type of email is NOT new at all because I've seen similar spam last August.  The problem is the following:

  • End-users of popular web-based email services that only depend on free virus email scanner aren't always protected from downloading unsafe file.  An example is Yahoo! email which is using Norton Antivirus.  It failed to detect the malware attachment: 

1

2  3  4

Hopefully, people won't fall into executing the Uniform traffic ticket.zip or extract and execute the uniform traffic ticket.exe file.

6

Or else, they will have to remove Win32/Gamarue.B, a computer worm that can also spread through removable drives e.g. AutoRun virus, communicate to attackers server and download some files to the affected computer.

As you know already, Microsoft found out that their Malicious Software Removal Tool have detected 26.0% malware propagated through USB Autorun, 17.2% of malware have propagated through Network Autorun and 44.8% through user interaction.  More information of malware propagation in Volume 11 of Microsoft Security Intelligence report, released this month. 

The above email is one of the methods that a computer worm infects a computer and then spread to your network (home or office network).

Be very careful when receiving such email especially if you are in New York.  People who don't live in New York or U.S.A have more reasons to delete this type of email.

Posted by donna | 1 comment(s)

Finally.. I find time to download Windows 8 Preview.  Going to install it tomorrow and hope to see it work.  Will provide feedback, of course (if it's not reported yet). If you haven't download it and wish to try, get it at MSDN.

Are you using Windows XP? Get the Windows XP End Of Support Countdown Gadget.  Today, I have it installed as a sidebar gadget.  XP users still have many months to use XP :)  If your PC is still OK, keep using it but ensure it's up-to-date with available security fixes.  If you want a new PC, get Windows 7 or wait for Windows 8.

10-6-2011 4-45-29 PM

Posted by donna | with no comments

Even though I don't have an Apple product (except installing Safari browser when I need to write or test something about it in a Windows computer.  Some family members are using iPad or iPhone and I find it as cool gadgets but don't need or requite it right now), I'm sad to hear that Mr. Steve Jobs passed away that soon.  I mean, not only he was only 56 years old but he bid his goodbye as CEO only in August 24, 2011.  That's only a month and 11 days ago :(

This post is to remember you, Mr. Jobs and to thank you for contributing to the world -- some great and cool gadgets -- that my family members are happy (also they loved it) using.  Even a 3 year old boy in the family loves your iPad.  He just can't stop playing games, non-stop viewing his birthday photos/videos and also sketching anything after school or dinner (he is not allowed to use the iPad until he finished his dinner!).

10-6-2011 4-09-24 PM

Posted by donna | 1 comment(s)

If we want free antivirus program, we seems to only have few choices now --- Microsoft Security Essentials and Avast.. simply because the simple and great Avira AntiVir has gone to the dark-side by adding the unwanted ASK toolbar.  What is worst is it mislead users by saying it is "Avira Toolbar".  Glad my team and members at Calendarofupdates.com are fast to find it out last June and immediately stopped posting updates on Avira. 

Time to logon to my Windows 7 computer and remove Avira.  Will install MSE! 

Posted by donna | 5 comment(s)

Done reviewing Avast Internet Security program that includes SafeZone desktop (also known as SafeZone browser).  It's not cool because it will only use Google Chrome browser to browse the net.  It should not be "called as SafeZone desktop" but SafeZone browser only.  Google Chrome browser is integrated and I personally don't use or like Google Chrome.  Avast Internet Security doesn't install standalone Google Chrome browser on Windows but will be the browser if you bring up SafeZone feature. 

Read more at http://www.brighthub.com/computing/smb-security/reviews/112570.aspx so you'll know what else I don't like with SafeZone in Internet security program by Avast.  I think people who are using Google Chrome will have no problem with it.  I just hope Avast team will make that SafeZone browser feature to work to whatever is the default browser.  I know you can use Sandbox feature to virtualize other browser or application but it's not the Sandbox I'm talking about but the SafeZone.  I guess it has to do with their "partnership" by pushing Google Chrome (piggybacking in free Avast antivirus by bundling third-party installer on Avast installation package... and now it's integrated in paid software of Avast).  Geez.

Anyhoo, the AV of Avast has improved.

Posted by donna | 2 comment(s)

I downloaded the trial version of Avast Internet Security because I need to review it.  The test system didn't have that program before but the new trial version (supposedly 30 days) says the program has expired on March 19, 2011.  Today is March 26, 2011 which is is the day I install the trial version right after the download has finished.  I reproduced the issue by restoring my computer to previous "backup image".

Note that the backup image doesn't have or never had any antivirus program by any vendor because it's my test system's image.  The only security software on it is the built-in Windows Defender.

Alwil need to check their licensing server for their trial version users soon or you are trying to trick people to buy?  I hope it's not the latter.  Thinking smile

This is what I get the first try:

10

The second try (after I put restored the system from the backup image -- yup, formatted the C: drive before applying the backup image):

11

I tried clicking update for defs or program hoping that will sync correctly to their server but no joy.

So to anyone trying Avast Internet security program for 30 days and you get the above issue, you're not alone.  Don't simply buy if you only want to try or test.

BTW, the setup file was downloaded from Avast website which was served by http://www.avast.com/download-thank-you.php?src=http://files.avast.com/iavs5x/setup_ais.exe&product=IS&page=internet-security&locale=en-ww&avast=0 or http://files.avast.com/iavs5x/setup_ais.exe (don't click unless you want to download the file).

I tried also the setup file from CNET Download.com but it's same result.

UPDATE - March 27, 9PM GMT +8:  After another try (last try), the trial license is working now:

trial

And it is now showing correct date of expiration.  I did nothing but to put back again the old system image (backup) just like what I did earlier and install the trial version.

Posted by donna | with no comments

I know that I have not enter any blog entry here for few months already.  I can explain but most stuff is due to personal and work related.  Been writing still at Bright Hub, I moved home and you know, attending on the new home.  I call it home because it feels like home (I say feels like home only because there's a bit of issue that is coming again.. see below).  Also attending on small business that I need to face full time now (at least, after doing what I got to do at home and writing).  BTW, check out the newest review I submitted -- Diskeeper 2011 review :p

I know that I have not release an update to IP blocklist for Outpost, Online Armor, Kaspersky and IE programs but it's still here on my to do list.  Sorry Embarrassed smileabout the long delay but I'll be on it by April and will make sure that it'll be updated once a month from now on.

I know I have not been in forums but my you are all always on my mind.  I'll be there to apologize of course and interact with you again.  I just don't want to promise anymore on when...because it will only disappoint some friends and I don't want to disappoint them again and again.

I know that Windows 7 Service Pack 1 has been released but I have not install it because there's no time yet.  I'm not afraid to try installing Windows 7 SP1 since I have backup of entire drives, just in case anything goes south, north, east or west.  It's not offered to me anyway since I have not install many other updates for Windows especially the pre-requisite.  When to install Windows 7 SP1? This weekend, I think.

I know Comodo certificates have issue again.  All I want to say is "why there's no major account executive that only handles major and critical accounts?" Steaming madGeez.. I thought most company knows how to handle major accounts and not simply allowing anyone or third-party to handle important domains/accounts that can put millions of users' data AT RISK.  Yeah, they revoked it soon but that's not the question here but the one I already asked.  Even security experts question the way they allow affiliates or resellers to issue cert.  Nice story here about another Comodo fraudulent certs again.

This one.. I don't know when but it seem... going to happen:  moving to South Korea or the Philippines.  Whatever.... I'm just tired of moving.Steaming mad

Posted by donna | 1 comment(s)

And there is this.. blinking blue thingy which is so cool because it seems a bluetooth-enabled device or it is only the signal that the device is on.  Anyway, head over at http://iosafe.com/blog/uncategorized/win-our-new-product-easy-part-deux/ and start commenting even if you work as miner! :D

Posted by donna | with no comments

ioSafe, the maker of fireproof and waterproof hard-drives is going to unveil another gadget.  They are asking people to guess what it will be.  A clue was posted in the company's blog.

My guess is it's a 3.0 USB external hard-drive! FP and WF also, but I'm not sure.  I guess.. that's how guessing game/contest works.  Good luck to all and Congrats to ioSafe for the upcoming product!

Posted by donna | with no comments

Security researchers have demonstrated how it might be possible to place backdoor rootkit software on a network card.

Guillaume Delugré, a reverse engineer at French security firm Sogeti ESEC, was able to develop proof-of-concept code after studying the firmware from Broadcom Ethernet NetExtreme PCI Ethernet cards.

He used publicly available documentations and open source tools to develop a firmware debugger. He also reverse-engineered the format of the EEPROM where firmware code is stored, as well as the bootstrap process of the device.

Using the knowledge gained from this process, Delugré was able to develop custom firmware code and flash the device so that his proof-of-concept code ran on the CPU of the network card. The technique opens the possibility of planting a stealthy rootkit that lives within the network card, an approach that gives potential miscreants several advantages over conventional backdoors.

Chief among these is that there will be no trace of the rootkit on the operating system, as it is being hidden inside the network interface card. [...]

Delugré gave a presentation on his research at the hack.lu conference last month. A write-up of his research, along with slides on his presentation and a demo, was published on Sunday here.

http://www.theregister.co.uk/2010/11/23/network_card_rootkit/

Posted by donna | with no comments

Research In Motion denied reports in Indian media that it had received information from an Indian government official questioned by police Monday during an investigation into the leaking of information to telecommunications companies.

Ravi Inder Singh, a senior official in the country's Ministry of Home Affairs, was taken in for questioning on Monday, Delhi police sources said.

Special Commissioner of Police P.N. Aggarwal said on Tuesday that Singh had not been arrested, and investigations were still going on in the case. He declined to comment on the line of investigation.

RIM is currently in difficult negotiations with the Indian government, which has been demanding that law enforcement agencies be given the ability to intercept communications on RIM's network.

The government has given RIM until January to provide total access to communications on its BlackBerry Messenger service. It has also demanded access to RIM's corporate email and communications service, BlackBerry Enterprise Server

http://www.computerworld.com/s/article/9197779/RIM_denies_reports_that_Indian_official_snooped_for_it

Posted by donna | with no comments

Trend Micro researchers recently discovered attacks on the social networking site Multiply. The cybercriminals behind the said attack created new Multiply user accounts then sent malicious personal messages to other site users.

The personal message contains a greeting with the target?s Multiply user name and a video that the recipient is supposed to watch. Clicking the play button redirects users to the malicious URL http://yourtube.{BLOCKED}loring.com/video2/video.php?q=1289224873.

The page then asks the recipient to download a codec to view the video.

These sorts of attacks have been occurring for some time. Users should avoid downloading new codecs to watch videos posted online, as these are frequently malicious.

Screenshots in http://blog.trendmicro.com/malicious-video-spreads-via-multiply/

Cross-Border Korean Shelling Leads to FAKEAV

News outlets all over the world are talking about the recent cross-border clash between North and South Korea. The shelling, one of the worst incidents between the two countries in years, is naturally being used by the usual criminals behind fake antivirus malware.

Within hours of the incident, certain Korea-related search terms were already poisoned.

Note that the Google preview of the page shows the supposed content of the page. However, if the user clicks on the offered search result, they see these (familiar) pages.

http://blog.trendmicro.com/cross-border-korean-shelling-leads-to-fakeav/

Posted by donna | with no comments

A computer hacker who accessed personal data and photos from his mother's front room in a major e-mail scam has been jailed.  Father-of-five Matthew Anderson, 33, of Drummuir, Moray, who was part of an international gang, was caught after a Scotland Yard investigation.

He sent millions of worldwide e-mails which released a virus when opened, allowing remote control of computers.  Anderson was jailed for 18 months at Southwark Crown Court.

He admitted the Computer Misuse Act crime.  He was able to access private images, wills and confidential medical reports and CVs.

http://www.bbc.co.uk/news/uk-scotland-north-east-orkney-shetland-11818671  via Sophos.

Posted by donna | with no comments

Mozilla has fixed a bug in the way that its Bugzilla Web site and others handled certain errors, which could have been exploited to execute a man-in-the-middle attack against an unsuspecting user.

The bug was related to the way that the sites responded to certain requests from client machines when the clients specify an incorrect HTTP host header. The Bugzilla site holds a wild card SSL certificate that also is valid on Mozilla.org, and as a result when the sites respond to the request with the incorrect header, clients can be redirected to a non-HTTPS site for an error message.

"As a result, a network attacker can divert a client connection bound for any *.mozilla.org site to one of these servers and cause the client to receive an incorrect redirect. This is already a breach of the integrity that SSL is supposed to provide. But what is worse, since the redirect is to http://, the attacker can substitute arbitrary content and thereby perform XSS," Matt McCutchen wrote in an explanation of the certificate problem on Bugzilla.

More on attack scenario at http://threatpost.com/en_us/blogs/mozilla-fixes-site-error-handling-bug-112210

Posted by donna | with no comments

Introducing Anonymizer Nevercookie™, a FREE Firefox plugin that protects against the Evercookie API. The plugin extends Firefox’s private browsing mode by preventing Evercookies from identifying and tracking users.

Evercookie is a new, more persistent cookie form that enables the storage of cookie data in a number of different locations, such as Flash cookies and various locations of HTML5 storage. This allows websites to track user behavior even when users have enabled private browsing. Because an Evercookie stores data in locations outside of where standard cookies are stored, an Evercookie can rebuild itself unless users go through a number of steps to completely clear and reset their local storage.

Anonymizer Nevercookie simplifies this process and eliminates the manual steps required to completely remove Evercookies. And it does so without also removing all of the necessary cookies that a user actually wants to keep, such as those for browsing history and remembered logins. When Anonymizer Nevercookie is engaged along with Firefox’s private browsing mode, it quarantines an Evercookie and removes it after the browsing session.

Anonymizer Nevercookie was developed by Geoffrey Abbott, Lead Researcher at Anonymizer Labs.

http://nevercookie.anonymizer.com/

Pointing upThe plugin is currently in BETA.  Use at your own risk.

Posted by donna | with no comments

Google's new "Instant Previews" search tool is skewing traffic stats for sites using Google Analytics, creating page views before pages are actually viewed.

Rolled out across Google's search engine earlier this month, Instant Previews lets searchers, yes, preview sites before they visit them. Users click on a small icon that appears beside a search result, and this launches an image of the site in question on the right-hand-side of Google's results page.

As Google pointed out when "Instant Previews" was launched, Google is – in some cases – fetching these previews in real time. Soon after the tool's launch, webmasters posting to Google's help forums noticed that these pre-fetches were skewing Google Anayltics numbers. And as noticed by Search Engine Land, a Google employee later confirmed this with a post of his own.

The employee confirms that these real-time fetches are executing JavaScript used by Google Analytics, the company's own web analytics tool, and this is skewing traffic numbers. But he indicates that a fix is on the way. "We're working on a solution for this, to prevent Google Instant Preview on-demand fetches from executing Analytics JavaScript," the Google employee says. "I'm not sure about the timeframe, but I'll drop a note here when I have more to share. Thanks for your patience."

http://www.theregister.co.uk/2010/11/22/google_instant_previews_skew_web_analytics/

Posted by donna | with no comments

Electronic Communications Privacy Act violation alleged

A Texas man has fired a legal broadside against Gmail in a federal lawsuit that claims the Google service violates the Electronic Communications Privacy Act of 1986.

Keith Dunbar of Bowie County, Texas, claims that emails he sent from a non-Gmail service to Gmail users were scanned by Google algorithms without his consent. The algorithms are designed to serve Gmail users targeted ads based on the content of messages they receive.

“No consent from non-Gmail account holders is given prior to Google using the content of non-Gmail account holders for the purpose of delivering targeted ads and other related information to Gmail account holders,” the complaint, filed in US District court in Texarkana, Texas, stated. “Google does not inform non-Gmail account holders that it scans the content of their emails for the purpose of delivering targeted text ads and other related information to Gmail account holders.”

The complaint is seeking class-action status so other non-Gmail users may also joint the action. It seeks damages of $100 a day for each violation or $10,000, whichever is greater, and the disgorgement of profits made by Google as a result of the Gmail scanning.

“We haven't received a formal complaint and can't comment on specifics,” a Google spokesman wrote in an email on Monday. “To be clear though, Gmail – like most webmail providers – uses automatic scanning to fight against spam and viruses. We use similar technology to show advertisements that help keep our services free.  This is how Gmail has always worked.”

Indeed, internet law expert Eric Goldman, a professor at Santa Clara University School of Law, told InformationWeek that there were numerous calls to investigate Google for such behavior in 2004. “Frankly, after all the furor died down a half-decade ago, I had assumed everyone had moved on long ago,” he told the publication.

http://www.theregister.co.uk/2010/11/23/gmail_privacy_lawsuit/

Posted by donna | 1 comment(s)
More Posts Next page »