But here is the dirty little secret of browser security: Even if every Internet browser made today were completely bug-free, it wouldn't stop malicious hackers and malware. Why? Because the vast majority of successful malicious exploits today don't exploit buggy browsers, but rather unwitting end-users. That is, Web-based malware is successful because end-users are intentionally installing it! Most exploit code doesn't search for an unpatched vulnerability, but simply asks the user to install. - Roger Grimes, Infoworld
Spyware Sucks is accepting donations, with thanks.
Help us catch the bad guysUse Fiddler to capture evidence of browser hijackings
Get Safe Online will help you protect yourself against internet threats.
The site is sponsored by government and leading businesses working together to provide a free, public service.http://www.getsafeonline.org/
Thanks its working now if the uninstall directory ($NtUninstallie7bet2pmx$) deleted you can copy it from other computer then run the uninstall command.
Editor: Ashraf, I cannot recommend that this path be taken. The file versions stored in the $NtUninstall directory may be incorrect for your system - weird problems may appear elsewhere on your computer, and you may simply be deferring an ultimate reformat. If a need to be able to uninstall a beta is so important that such risks are taken, then the machine should not have been used for a beta in the first place :o(
Hi Again Sandi.... I must appologise... So far, no news back from the CS Guys on how to resolve this. I cant believe that I cannot get to the piccies and upload them manually even! Anyway... you are not forgotten.
Sandi: Aww heck :o( Ok, if we can't get this sorted I'll have to do what I can to recreate and reupload the screenshots this upcoming weekend. I hope I haven't deleted the more controversial malware ones - they'll be well nigh impossible to recreate. Thanks for keeping us informed Nick.
Which update were you referring to? The security patch update released Friday, May 26th?
Sandi: Hi Dave. I'm not absolutely sure what happened. We upgraded to Community Server 2.0 and then all the galleries were gone. I don't know if something went wrong, or if they were excluded from the upgrade, or accidentally deleted somehow. But, at least I have got my graphics back in a zip file on my local machine, but its going to take a decent slab of time to go through and upload them all and remap all the img src links. We'll get there though.
Sandi says: Traub was successfully prosecuted, and has to pay $2,000 for deceptively misleading victims, via Google ads, into believing they were purchased a Microsoft product, or Microsoft sanctioned product:http://msmvps.com/blogs/spywaresucks/archive/2006/12/05/374715.aspx
I wish you'd do a little research before making false allegations against some of the defendants. In your article you say: "What Chen and his co-accused (Seth Traub, of Portsmouth, N.H.; and Manoj Kumar, of Maharashtra, India) did was use Messenger Service (net send) alerts to fool victims into believing that their computers may be infected with spyware or other nasties" Unfortunately, while this may be true for Chen and Kumar, lumping Seth Traub of Portsmouth, NH with them was unfair and incorrect. Mr. Traub never used Messenger Alerts or Net Send to pass out unsolicited offers to download the Secure Computer Product. Rather Mr. Traub signed up as an affiliate through ClickBank and advertised the product through Google AdWords. I have done a lot of research on this subject because as a fellow web marketer who uses AdWords often, the lawsuit against other marketers like Mr. Traub was an eye-opening experience. At no time did Mr. Traub install or promote the product with the knowledge of the security leak. He also never sent messenger SPAM as the other defendants did. As soon as the aforementioned problem was brought to his attention, he removed his ad and issued a formal apology. He did what many of us, including myself, have done in the past - found a product which was selling well through an affiliate site (such as ClickBank or Commission Junction) and ran a simple AdWords campaign to promote it. I thought it was worth while to make that distinction.
Actually, it looks much better in vista with glass :) On xp, i'll take classic any day - I absolutely can't stand the luna theme.Sandi: {jealous} about Vista. Hopefully I'll get that loaded on an external drive this weekend.
I much prefer silver, to be honest, with olive a close second.. but I have to use the default theme for my column screenshots.. gets to be a pain swapping back and forth so often :o(
The malware affects IE too ya know!
Edit by Sandi: Your comment completely misses the point of the article.
He doesn't get it, he doesn't want to get it. Perhaps a different tack is required? The shame of it also that Plus! is quite a good little program! I've seen it go without the sponsor crap around and I like it! I have tried to deal with the aftermath of the sponsor twice recently and I hope the lesson was learned by the PC owners as we face a new version of Plus.
Sandi: To say I'm disappointed is an understatement. I shouldn't have to go chasing after Patchou to tell him about the latest malware being pushed by his sponsor program - its his responsibility to ensure that the advertisements served by his sponsor are safe. At least I haven't seen any adultfriendfinder advertisements this time around.
So, where was it? And when??? The system's success hinges on it.
Edit Sandi: There ain't none left... its all gone - sadly, when I took young Dean to a restaurant on the Friday night, all we drank was water... I'm becoming respectable in my old age
Respectable? I'm not so sure about that. Old??? Ummm ... no comment in this comment about that ... ;-)
Edit Sandi: You only get away with that 'cause I luvs ya.. and you can tell your lovely wife that I said that ;-)
What Scott McCracken said is exactly the truth. I know Seth from another Forum. The guy has no money and is broke! He started Affiliate Marketing in order to try and pay off some of his bills. He found that Spyware Adware program on Clickbank and decided to promote it. There are many Spyware and Adware programs on Clickbank. Unlucky for him, he decided to promote that one. He didn't even make that many sales with it! Then he gets the lawsuit papers served to him. He can't even afford to pay his rent and now he has a lawsuit on his hands?!?! Anyways, I spent just under $100,000 so far this year on Google Adwords advertising alone! And the year is only half done! I was really looking forward to the MSN Adcenter and was going to sign up and spend my advertising dollars with them as well. After the events around this lawsuit, there is no way that I'm going to sign up with MSN Adcenter and give Microsoft any of my Money! I know of several other Affiliate Marketers that are not even going to bother with MSN after this. Microsoft, you will lose a whole lot more than you will evern gain with this lawsuit! Seth has posted more info at his blog: http://lostsocks.blogits.com/
I think Sandi should get her facts right about citrix before publishing her misguided opinions to the world on her blog. As the previous poster said, Citrix has remote control built in, no need for VNC. And VPN is secure, that is why so many companies use it to connect to their corporate network from an external source. Just because YOU cannot understand citrix, does not mean it is no good.
Edit Sandi: This was the setup created for us by our previous IT company.
1. VPN into network2. Fire up IE as a published application.3. Navigate to Nfuse using IE.4. Log in *again* to remote desktop.
Give me RWW any day. All I need is a web browser and I can hook into my domain controller, my terminal server *or* any desktop machines.
Why pay all that money for Citrix when SBS2003 has all that I need built?
stalker
Edit Sandi: :) This is exactly the type of attitude that keeps my attention on MP! and the sponsor program. While MP! supporters continue to have such attitudes we know that there is no way we can depend on them to look out for the online safety of others.
hi Sandi we use citrix to publish 20 applications, many of which require different Oracle client versions, to 3000 internal users this allows us to: - run incompatible applications on a single client - simplify client administration by reducing the number of clients to upgrade - minimise network impacts during large client upgrades - facilitate hot-desking
Edit Sandi: Yes, but if your single Citrix server goes down, nobody can work. The chances of an entire suite of desktops failing is minimal. By assigning applications to desktops via Server Management on an SBS I can have a PC up and running in a very short space of time - simply add the PC to the network using connectcomputer, and all required applications are either automatically installed with no user interaction required, or an installation shortcut appears on the desktop.
Don't get me wrong, Citrix has its place in the right environment. The thing is, too often Citrix is recommended when it is *not* appropriate.
LOL. That might be a 'bug', not happened for me, but in general I think the whole search issue probably confuses average users and Google is paranoid that many wouldn't even think about making that setting without any urging. Incidentally, I was doing 'research' at the Messenger Plus forum, and they have the trick of making the search icon orange and adding their own search to the list in the pull-down - for a moment, I thought it had installed by itself, then realised I was merely being urged to tick the box (which disappeared after a re-start of IE). I didn't previously know that trick was a feature of IE7 either. Cue more user confusion/manipulation.
Edit Sandi: Ahhh, Messenger Plus! A programme that is high in my radar alerts. I lurk in that forum as well and noticed that behaviour. Its quite cool that the IE team is supporting OpenSearch, opening the door to such customisation, although I do worry that users' search pane options will become very top heavy; I've seen a file available for download that promises to install something like 200 search providers, which is getting beyond a joke, not to mention the detrimental effect of loading down the registry in such a way.
Indeed a nice touch, but not necessarily covering the issues that are most predominant in the groups. I'm currently in the growing camp that used safe mode to install beta 3 (still trying to figure out if that was a bad thing to do or not, LOL). I suppose by definition, betas weed out the issues that will affect most people so there is time left now to modify the help and advice on offer. Hope so.
Edit Sandi: Installing in safe mode would not be a bad thing, in fact its the safest way to install/uninstall a lot of software - no other services interfering and causing issues.
I have used lots of dif a/v and have never used one as lame as trend.If your in a program Trend will terminate it and all info or what you have been working on will be lost.If you run trend on your machine dont work on any thing important because your computer must revolve around trend micro.
Sandi: I think you may be confusing Trend with Norton and McAfee - I have not seen the sort of behaviour you describe with Trend
I know this is a really dumb question/problem... I downloaded IE 7 B3 but when I try to start the program, I get an error message that shuts down the app before it even gets going...
Sandi says: Details of the error message will be helpful.
If you have hit this page looking for a cure for your shockwave/flash problems... I've written an elegant work around for the eolas problem, if your server runs PHP. http://zaphodb.dyndns.org/eolassucks.php Hope this helps!
Edit Sandi: You might want to turn your speakers down/off first
Okay, let's see if I can help... 1. Outlook is running. Yeah, I can see that from my minimised tile, "Inbox - Microsoft Out..." - clearly, we need to disable that option in Outlook, which we do from ... hey, there's no way to disable it inside of Outlook! Fortunately, there's http://office.microsoft.com/en-us/assistance/HA011203051033.aspx, to tell us how to do it. Bad, bad, bad programmer. Unnecessary icon, with no option to disable it. 2. Windows Active Live MessengerX is running. Mmmyeah, that's useful enough - I'd leave it there. If you use Messenger enough that you need to run it, then you will use that icon there - and it isn't also in a minimised tile. 3. Wireless network. If only you could get the wireless button on your laptop to light up (I know I haven't figured out the magic to do that, yet), then you wouldn't need this. Should be unnecessary 4. You have something plugged in that you can unplug. Left-click once on it to see a list of devices and prepare them to be unplugged. A useful icon, but probably only rarely. 5. Some kind of webcam - do you need to know it's there? It's perched on top of your monitor, and surely you've got it configured to show a little mirror-image thumbnail of yourself when it's turned on, or you'll never know what you're exposing to the world. Unnecessary. 6. Wireless signal strength. Uh... two icons for wireless? Unnecessary. 7. "Network cable is unplugged". Unnecessary. 8. Phear the angry purple one-eyed god. 9. A speaker. Your volume controls on the keyboard (laptop) or speakers (desktop) should be sufficient for most of what you do with this icon. Surprisingly necessary, because generally, these volume controls are _not_ sufficient. 10. Soundmax, I think. Totally unnecessary. If you're into audio enough that you need a mixer tool, you're probably not using the cheap-*** sound mixer. 11. Intel graphics accelerator. Hmm... Press Ctrl-Alt-Down, see if anything wonderful happens. Otherwise, this, too, is totally unnecessary. 12. Too obscured by the copyright symbol for me to make any sense of it. Probably unnecessary. 13. Synaptics Touchpad tool. Get it off of me! This has been the cause of more crashes and hangs throughout my several years of laptop use than I care to consider. Kill it and use the system default. Unnecessary. Now, did that help?
Sandi says: You missed the Trend Micro client/server security agent icon. The angry purple one eyed god is my firewall.. it changes depending on what 'mode' I'm using. I say we have a competition to see who can find the computer with the greatest number of icons in the systray... I think I know *just* the machine that may win...
You are so bold to make this entire entry so bold ... ;-)
Sandi says: Better now? The composition window was giving me grief and refused to unbold.. only had time now to fix it
Just use Linux or Solaris and be done with these 'problems' !Sandi says:<yawn> When are the fan clubs going to stop with the simplistic "just use this and you're safe" misinformation?The illusion of invulnerability (Linux):http://msmvps.com/blogs/spywaresucks/archive/2006/05/10/94219.aspx
But but but.. Linux is *safe*:http://msmvps.com/blogs/spywaresucks/archive/2006/07/13/104654.aspx
A five second Google search for Solaris reveals:http://www.insecure.org/sploits_solaris.html
Yea, I tryed getting it into .zip but due to vistas security features it wont allow the executible to run. :( Blake
Edit Sandi: Apparently the problem is now fixed; give it another go?
Er, well, 1.5x Firefox and Thunderbird releases feature an updater for incremental patches. Mine found the updates quickly and updated in background. In the case of Firefox, the update (I had the most recent previous release) was achieved in under 600k, a mare fraction of a full download of the build. That's reasonable, surely? Of course, if your extensions won't run with the patch you find out after the upgrade!
Says Sandi: They don't seem to believe in making things easy .. following is a quote from the Patch Management Mailing List:
If you use a homegrown or third party patch management solution that uses file versions for scanning... Mozilla has decremented their fileversions in this release. Firefox.exe in the 1.5.0.4 release was at version 1.8.20060.50817. Firefox.exe in 1.5.0.5 is now at
1.8.20060.6376 (notice the change from .50817 to .6376). If you compare the version as a string, the number is higher (starts with a '6'
and not a '5'), but if you compare as a number, the new file version is less than the old.
I remember that experience well. My daughter actually managed to run down one of the kerbs. It was a young one but still nasty and almost got away.
Sandi says: <<LOL>> I have *so* got to show your comment to my son!
First of all, if you could read simple directions, you would know that siteadvisor works on the domain level. Try looking at http://www.siteadvisor.com/sites/vogservice.com
Sandi says: Site Advisor working on "domain level" has got nothing to do with real time scans versus non real time scans.
BTW, I checked out the Site Advisor report on vogservice.com:
http://msmvps.com/photos/spyware_sucks/images/106374/original.aspx
and then went to the site itself; the entirety of the code for that site, as displayed in IE7, at time of writing was:
<HTML><HEAD> <TITLE>PlaceHolder for vogservice.com</TITLE> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <meta http-equiv="Cache-Control" content="no-cache"></HEAD>
<BODY bgcolor=white>
<div align=center><font face="Arial, Helvetica">This is the placeholder for domain <b>vogservice.com</b>. If you see this page after uploading site content youprobably have not replaced the index.html file.</font><BR><BR><font size=-1>This page has been automatically generated by Plesk.</font></div>
</BODY></HTML>Second of all, you fail to acknowledge the negatives of link scanner - namely, that it takes a long time to scan a site in their virtual machine "real time", long enough that nobody would endure the wait before browsing to their usual sites.
Sandi says: Ok, so you're saying that somebody who is using that site because they want to be safe would not be willing to endure a wait.... ummm, nope, can't see that being a problem. If they want to be safe, they wait.
That being said, I've seen a series of failures by Link Scanner to detect a problem with known hostile sites; a failure that I am going to have to address with those behind the product. As it stands, I can't recommend the service as a cure-all or accurate when reporting sites are safe.
So, to summarise, Site Advisor has deficiencies in that it doesn't cover all the sites that are out there (malware sites appear, and disappear, quickly), and looking at the results for vogservice.com I just saw, Site Advisor may not always be up-to-date with current status of a page.
Imagine if the owners of a new site request a scan, then as soon as they are reported as clean, changing their site code to start using exploits. Site Advisor will continue to report the site as clean until it is retested.
Link Scanner will have the advantage over Site Advisor, being a real time scanner, if and when the results it generates are reliable, which isn't the case now.
I've yet to hear about any cases where a person, organisation, or business, has yet been held liable - or even taken to court - because of overly-permissive wireless use. Does it actually happen? I'd love to see the test case!
Edit Sandi: Just had an interesting discussion around the water cooler (so to speak) with some of the guys here at work about this, along the lines of:
1) Imagine that a person is aware that a "neighbour" is using his wireless network, but not aware that said neighbour is using that access to download kiddy p**n or spread viruses etc...
2) Imagine if the person is charged with committing above acts when it wasn't him, but the neighbour accessing wireless network.
3) Has this happened in Australia?
4) How would he prove his innocence? Would it make a difference if he did not actually commit the acts if he was aware that his network was being used by others?
I'll do some research - first work out what Act applies to the above, and then try to find out if anybody has found themselves in that sort of trouble. Watch this space
We know that wifi networks are being used... inappropriately... by voyeurs:http://www.theregister.co.uk/2003/11/26/wifi_hacker_caught_downloading_child/
I discovered that my internet explorer crashes very often since I installed KB918899 on my XP professional SP1 system and I had to uninstall it, but now I am more vulnerable because this is a critical patch. I also tested it out on a virtual pc machine and the bug appeared there also so I am 100%sure it is a problem with KB918899 for SP1 systems. Anyone here who has had the same experience ? I can't find anything on google since the patch is only a few days old but I'm sure more people will get into trouble with this patch. Microsoft why don't you test you patches better before releasing them !!! example of when IE crashes : when I type "BHO remove" in google and click on the first result
Sandi says: Can you please be more specific? What version of IE are you running, and exactly what is the error message? There should be a link in the crash window that gives you specifics of the files (modules) involved.
Can't evebn find the bloody Page menu! Where is it?
Sandi says: Look at the screenshot in my blog post or press the Alt key to open the Menu Bar. You can familiarise yourself further with IE7 by reviewing the information at www.ie-vista.com