Spyware Sucks : I ain't happy about this.....

I want my 4 hours damn it!!!

sandi — Thu, 13 Dec 2007 12:25:48 GMT

I see this:

I change to this:

I click on Postpone.... 10 minutes later I see this again:

I mean, for chrissakes, the minimum reminder is 10 minutes, so why am I being nagged within less than 5 minutes????

Sometimes I wonder why I don't just give up.

sandi — Fri, 23 Nov 2007 05:20:00 GMT

Check out this URL:
http://www.itnews.com.au/News/NewsStory.aspx?story=65660

See this quote towards the very end:

"In Australia earlier this month, a majority of Sensis websites including Whitepages, Telstra Bigpond and Yellowpages had to remove advertising on their site after a local security professional and Microsoft MVP discovered malicious malware embedded in the ads."

For whatever reason, IT NEWS decided to omit my name from that paragraph, despite specifically mentioning that a "local security professional and Microsoft MVP' were involved, and I am finding it impossible to comprehend why they would do so.

I have been fighting malware for years, long before it became the "cause de célébrité" with the popular press, and I've done it all for free - given up my days, my nights, and my weekends - never charging a penny, fighting the good fight, and running up one hell of a personal debt in the process, but when my name is dropped like this, I wonder why I try so damned hard to protect internet users at large from malicious banner advertisements and hacked web sites.

I don't want to be patted on the back every damned day, I don't, but if you're going to mention something I did, and mention what I am, please... don't leave my name out. It's unkind and it's unfair.

How NOT to ask for help

sandi — Sun, 12 Aug 2007 03:42:00 GMT

I kid you not - this is an email that I received - I presume "the site" that the correspondent complains of is www.ie-vista.com , because that is the site that was used to send the following diatribe: "The site stinks. It doesn't display...(read more)

HP need to update their PC images

sandi — Wed, 04 Jul 2007 00:09:00 GMT

I took delivery of a new dx7300 last week and turned it on for the first time yesterday to add it to the network.

First off, the PC was running Internet Explorer 6 - excuse me but IE7 has been out since last October!!

Secondly, the Google Toolbar was installed - YUCK!!! That was immediately removed.

Thirdly, the PC was *way* behind on security patches, as evidenced by having to install 75 operating system security patches (and IE7) via Microsoft Update.

Fourthly, unlike the many 7100 and 7200's that I have previously purchased, the dx7300 came with a restore partition instead of operating system disks - DOUBLE YUCK!!!

Next - Sun Java was out of date (version 5, update 6), and set to use unlimited disk space - and there was no Update tab or button in the Java Control Panel - I had to go to the Sun site and download an update manually and then remove the old version (the new version has an Update tab).

The HP Backup and Recovery Manager takes up more than a gig of drive space.

Oh, and by the way, if you have used the HP Instant Support Driver Check activex control you may want to update:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01077597
http://secunia.com/advisories/25918/

Finally, what's up with the Flash based advertising?? I hate it when you buy a PC and the manufacturer tries to sell you stuff via pop-ups.

No I don't want your Smart Desktop Management Service thank you:

No I don't want Symantec Antivirus thank you:

Dell backs down on bloatware

sandi — Sat, 23 Jun 2007 12:56:42 GMT

A while ago my boss (a Mac aficionado) pointed out the Mac v PC bloat video as just one more piece of evidence proving that Macs are better than PCs because, and I quote what he said, "Macs don't come with any of that crap".

Video in question:
http://movies.apple.com/movies/us/apple/getamac/apple-getamac-fat_480x376.mov

So here's the thing. How many people remember the various complaints and lawsuits Microsoft has faced over time because whatever third party software provider is crying because their software is not part of a standard Windows OEM build?

I find it amazingly ironic that, on the one hand, Microsoft is hammered for anti-competitive behaviour and unfair business practices (hello!! It isn't Microsoft that is restricting computers to "you get what you're given and you'll *like* it"), and on the other hand, we see stuff like the video advertisement put out by Mac about bloat.

PC says "it's all this trial software; they packed my hard drive full of all this software; all these programmes that don't do very much unless you buy the whole thing or are just plain useless; it really slows me down; -sigh- you know how it is"

MAC responds "Well, actually I don't; MACS just come with the stuff you want like itunes, imovie, iphoto, iweb; it's all part of ilife"

Jeez, I tell ya, if Microsoft tried to restrict PCs to just their software (for example, if they tried to restrict PCs to a mythical software set such as pctunes, pcmovie, pcphoto, pcweb and pclife), just their hardware, just their whatever, the baying of the one-eyed hounds would be deafening.

Anyway, what triggered this rant? Oh yeah, Dell are patting themselves on the back because they're going to remove "bloatware" from their PCs - you know, the bloatware that companies went to court to to be able to include on new PCs - the bloat that people then complained about and MAC users made jokes about?

Cite: http://news.zdnet.co.uk/software/0,1000000121,39287685,00.htm

I quote from the article:

""When you configure a system on Dell.com, you [now] have the option of choosing "No software pre-installed" for things like productivity software, ISP software and photo and music software," wrote Michelle Pearcy, Dell's worldwide client software manager, in a blog.

Pearcy added that "no software" would become the default option on most XPS systems, and an option on Dimension desktops and Inspiron notebooks.

However, three types of software will remain mandatory. These include trial versions of antivirus packages, "because many of our customers simply expect their PCs to be protected at first boot and beyond", according to Pearcy.

Other mandatory software will include Acrobat Reader so users can view essential system documentation, and Google tools."

What the hell?? Google tools and Adobe Reader are mandatory???? Why the hell would Adobe Reader and Google tools be mandatory??? What about the other free PDF readers that are out there? Why aren't Dell users given a choice of PDF Reader software!! What if I want to be given the choice to use PrimoPDF? Or Nitro? Or pdf995? Or cutepdf? Or an open source PDFcreator or reader? It's anti-competitive I tell ya... anti-competitive!!! Bring out the hangman and stocks!!! Somebody call the EU!! -cough- Oh, sorry, we're not talking about Microsoft, are we... my apologies (yes I am being SARCASTIC damn it)

As for Google tools, how DARE Google have their stuff as mandatory after the tricks they have been playing lately:

Complaining about IE7's search bar - complaint rejected by the powers that be:
http://msmvps.com/blogs/spywaresucks/archive/2006/05/02/93180.aspx
http://msmvps.com/blogs/spywaresucks/archive/2006/05/18/95661.aspx

Did Google steal Yahoo's IE7 download page design?
http://msmvps.com/blogs/spywaresucks/archive/2006/12/12/414322.aspx

Feedburner users: give your data to Google or lose your account:
http://msmvps.com/blogs/spywaresucks/archive/2007/06/04/941419.aspx

Google announced that a member of its video team had sent the worm, W32/Kasper.A@mm, to members of a Google Video Blog discussion list. The worm wipes out files.
http://www.itnews.com.au/newsstory.aspx?CIaNID=41990

Google Desktop. When I say "no" I mean "NO!!!"
http://msmvps.com/blogs/spywaresucks/archive/2006/03/05/85482.aspx

And as for the other "mandatory" software, Adobe Reader - who remembers how Adobe forced MS to remove their PDF ability from Office 2007?
http://msmvps.com/blogs/spywaresucks/archive/2006/06/03/98950.aspx

NitroPDF is a hell of a lot cheaper than Adobe Acrobat anyway!! And their technical support is a hell of a lot better!!
http://msmvps.com/blogs/spywaresucks/archive/2006/07/12/104508.aspx
http://msmvps.com/blogs/spywaresucks/archive/2006/10/21/193880.aspx

I ask you, just who is the predatory business nowadays? I tell you, this stuff gets me nearly as angry as so-call Office Managers who are so inexperienced that they cannot tell the difference between "managing" or, more importantly, "mentoring" staff and "controlling" staff (but that's a story for another day).

feedburner users - give your data to google, or LOSE your account

sandi — Mon, 04 Jun 2007 09:09:46 GMT

Yep, that's right folks. As we know, Google have purchased Feedburner, and they have also decided that if you don't want Google to have your data, then you can't have it either.

I saw this notice today when signing in to Feedburner on a different computer to that which I normally use:

NOTE: Service of FeedBurner publisher accounts will not be interrupted as a result of the acquisition by Google. You will have a 14-day interim period ending June 15, 2007 to opt-out of allowing Google to service your account. If you take no action by June 15, 2007, the rights to your data will transfer from FeedBurner to Google. Opting out will terminate your user agreement with FeedBurner, permanently delete your FeedBurner account, feeds, and all related statistical data and history, and prevent the transfer of your data rights to Google. To opt-out, contact us via accountx@feedburner.com, provide your FeedBurner account Username, and request to have your FeedBurner account deleted. We will contact you at your registered email address to confirm your deletion request before completing it.

As you can see, if you don't specifically opt out (aka choose to delete your account), Google immediately gets the rights to your data. But I have some questions - what happens to users who have taken advantage of their Web browser's ability to save their username and passwords, or use a password manager to automatically sign in to Feedburner? What notification do they get? What about users who don't try to access their Feedburner account during this 14 day interim period? Too bad if you're busy exploring the Serangeti or something like that. For example, I'm heading off to Egypt, followed by Switzerland and France, later this year and will be without internet access for several weeks because I don't want to take my laptops into what are going to be some high-theft environments and I refuse to use Internet Cafes - and anyway, I deserve a holiday dagnabit, and my blog and sites simply can't complete with the attractions of the Pyramids, the Sphinx or Mont St Michel. If it just so happened that my trip was happening *now*, would my data be passed on to Google without warning even though I had not accessed my account?

A 14 day interim period is simply not long enough. Nor should Feedburner pass their user's data on to Google unless there is concrete evidence that the user has tried to access their account AND that they have viewed the opt-out notice.

As for the declared attitude of "give it to Google or we delete it" ... that sucks.

skype extras manager - an amazing resource hog

sandi — Mon, 04 Jun 2007 04:12:37 GMT

Check this out - yep, the "Skype Extras Manager" (skypePM.exe) is taking up an amazing 50% of CPU cycles, and 741,164K memory *even when Skype itself is shut down*, and slowing my very beefy Ferrari 5000 with an AMD Turion 64 X2 TL-60 2.00 GHz CPU and 2 Gig of RAM to an absolute crawl.

The build of Skype I was running, admittedly an older version, was version 3.0.0.205.

There is no obvious way to turn off Skype Extras in the interface, and I can't be bothered screwing with msconfig and whatnot, so I'm going to update to the latest version of Skype and simply not install the Extras Manager.

To avoid the Skype Extras Manager, run the Skype installer, click on the Options button, and deselect "Install Skype Extras Manager".

Alternatively, you can apparently go to ...\program files\skype\plugin manager\ directory (or program files (x86) on an x64 system) and run an uninstaller in there, but such an uninstaller did not exist on my system.

After upgrading (and *not* installing the Extras Manager) my laptop is back to what it should be, with the biggest resource grabber being the Desktop Window Manager at less than 27,000K.

741,164K of memory is a ridiculous amount for Skype's Extras Manager to be using (and yes, at times the count went even *higher). And, for the process to continue running after Skype is shut down, is also not acceptable.

Bad coding. Bad, bad, bad, bad BAD coding.

Telstra needs to listen dagnabit!!!

sandi — Tue, 29 May 2007 11:48:00 GMT

Frustration levels are high. *Very* high. And Telstra is the focus of said frustration.

We got home from work yesterday to discover that there had been a power failure, and that not only was our internet access (which is cable) not working, but Foxtel was down as well. The Foxtel digital box was reporting that it was unable to lock on to a signal, and the Cable Modem was reporting exactly the same thing.

Now, I'm *real* pedantic about protecting what is some very expensive electrical equipment in this house, therefore the entertainment equipment, and server and everything that hangs off it, are protected by UPS - sure, they're dinky baby UPS at only 700VA, but they're still the real thing - they even come with a $25,000 load protection guarantee. I knew that even if we had suffered the dreaded brown-out that my hardware was just fine thank you very much.

I already knew, if only because Foxtel was down, that the problem was not on my network, but I went through all the troubleshooting steps to no avail. The Cable Modem was simply unable to lock on to a signal - my logs were reporting that sm-server simply wasn't there. The Foxtel box was also unable to lock on to a signal.

Ok, so I phone Telstra to report the problem, and was on hold FOR A WHOLE HOUR before I got to a first level technician - a techician who then proceeded to tell me that nobody else in my area was having a problem (thanks to a "special" programme he was able to use to check who was on and offline in my area - "there are only half a dozen offline and hundreds still working" he tells me). After much back and forth I am told that the problem must be with our hardware (up to and including the grey box on the external wall to our house) and against my better judgment a technician was booked to attend meaning, of course, that one of us has to take the afternoon off work. We also booked a Foxtel technician to attend on the same afternoon.

I honestly wasn't surprised when we awoke the next morning to discover that our allegedly faulty hardware had miraculously repaired itself with no intervention on my part. Foxtel was still down when I left for work, but by the time the kids got home in the early afternoon it had also, miraculously, repaired itself.

Of course, because everything was working I had to phone Telstra to cancel the service call. I was on hold for nearly 45 MINUTES waiting to speak to a first level technician and cancel the service call - a cancellation which took, may I say, only a minute or two to organise - 45 MINUTES ON HOLD, 2 MINUTES ORGANISING THE CANCELATION. I ask you, is it any wonder I'm frustrated?

Let's contrast those hold times with our Foxtel experience. Yesterday when reporting the fault to Foxtel we were on hold for barely 2 MINUTES (compared to a hour with Telstra).. tonight, we were on hold with Foxel for barely 30 SECONDS (compared to 45 minutes with Telstra).

The Foxtel lady said to us tonight that Telstra "must have been doing repairs that they didn't tell us [Foxtel] about". Well, Telstra must have forgotten to tell their own technical support staffers as well!!

Then, to add insult to injury, I received a phone call from the Telstra techician while I was at work - "you have a service call booked for now" says he. "No I don't" says I.. "I cancelled it yesterday".

Jeez.

Julie Amero - for pity's sake, they've done it again

sandi — Sat, 19 May 2007 07:34:00 GMT

Edited to change subject line that was offensive to some

I honestIy can't believe this. Julie Amero's sentencing has been delayed, AGAIN, this time until June 6.

This is the fourth postponement of Julie's sentencing.

Can you imagine the emotional/psychological torture this woman is going through? She is a substitute teacher who was found guilty of four counts of risk of injury to a minor after a computer infested with malware started exhibiting porn pop-ups - the computer in question had no effective antivirus, antispyware or content filtering protection in place. She is facing up to 40 years in jail and, once again, has no idea what her fate is going to be.

This case has been a debacle and comedy of errors from beginning to end, and I am disgusted at the American legal system for allowing this miscarriage of justice to drag on and on and on. For pity's sake - sentence the woman or set her free. Stop putting it off.

For those of you unfamiliar with the Julie Amero story, Sunbelt has posted several articles:

http://sunbeltblog.blogspot.com/2007/01/my-editorial-on-amero-case-published.html
http://sunbeltblog.blogspot.com/2007/01/forensic-expert-on-amero-case-talks.html
http://sunbeltblog.blogspot.com/2007/01/computerworld-julie-amero-is-guilty.html
http://sunbeltblog.blogspot.com/2007/01/is-this-miscarriage-of-justice.html

Wayback Machine will no longer archive pages if owners object and the story of a weird Web site - www.profane-justice.org

sandi — Sat, 05 May 2007 10:04:00 GMT

I've worked in the legal field for close on 20 years, and keep an eye on various law-related blogs because of this. An article published on Overlawyered piqued my interest today - it talks about a lawsuit between Suzanne Shell and Internet Archive wherein Shell sued Internet Archive for archiving her site.

Original lawsuit: http://blog.ericgoldman.org/archives/waybackshell.pdf (sourced from http://blog.ericgoldman.org/archives/2007/03/can_a_spider_en.htm)

Overlawyered article: http://www.overlawyered.com/2007/05/wayback_machine_we_wont_archiv.html

The lawsuit has now settled according to a press release:
http://www.knowyourcourts.com/Shell/06cv01726/2007-04-25_pressRelease_.pdf (sourced from http://blog.ericgoldman.org/archives/2007/05/april_2007_quic.htm)

Overlawyered refers to an article dated 25 April by WebProNews which deepened my interest even more - the article discusses the lawsuit *and* other goings-on involving Ms Shell. WebProNews reports that in the original lawsuit Shell apparently accused Internet Archive of conversion, civil theft, breach of contract and violations of both federal racketeering and Colorado organized crime legislation.

WebProNews article: http://www.webpronews.com/topnews/2007/04/25/webmaster-settles-with-ia-goes-after-teenager

The accusations against Internet Archive are unbelievable enough in and of themselves, but WebProNews also reports that Shell contacted the FBI about, and also published on her site, the name, address and contact details of a 15 year old boy, Jeff Veillette, in retaliation for Jeff framing her Web site and daring Shell to take action against him. An amazing catfight between Shell and Veillette ensued.

WebProNews article about Internet Archive, Shell and Veillette:
http://www.webpronews.com/topnews/2007/03/19/internet-archive-v-shell-the-publicity-aftermath

WebProNews also questioned whether it is even legal to publicize the name, address and contact details of a legal minor.

Ok, this is all too weird. Who the heck is this Shell woman and what's the big deal about her site? I decided to take a look at www.profane-justice.org, only to be confronted by even more weirdness. (You will need to refresh the page to view it if you click on my link – at the time of preparing this edit Suzanne is trying to block attempts to access her site via links on Spyware Sucks - oh well, at least we know we have her attention - maybe she will remove the block once she realises we are on to her)

The Web page immediately triggered the following warning:

Why the hell does profane-justice.org want to access the Clipboard on my local PC? There is absolutely no legitimate reason that I can think of that justifies the Web site's attempt. I had never visited the site before, I was attempting to load the entry page.

It makes me wonder if Shell is trying to access the Clipboard so that she can check for her own site content, match that to IP address, and sue the ass out of whoever it is she discovers. Sorry Shell, but if that is why you are doing it, the end does not justify the means. Trying to access the Clipboard of all visitors is a major invasion of privacy,

The alert occurred again when I accessed this page:
http://users.wildblue.net/dsshell/html/faq.html
(Again, try refreshing the page if it does not load - at the time of editing wildblue.net was not trying to block visitos from this site, but who knows, that may change. Now that we have her attention, perhaps Suzanne would care to explain via a comment why her site triess to access a visitor's clipboard?)

Not only that, on several pages I saw this alert:

Which, if you clicked on cancel, resulted in this:

All right, we get it, you don't want anybody to copy your page content, but the question of HOW and WHY www.profane-justice.org (again, refresh to view the page if you use that link) is trying to access my Clipboard remains unanswered. I must consider the possibility that the site may have been hacked because there is no good reason to try and access the Clipboard of every single visitor to the site's entry page, even people who have never visited before and have had no opportunity to attempt to copy content on the page that, to be completely frank, is of no great interest to me in the first place.

I right clicked on the entry page to view the source code in an attempt to work out how/why profane-justice.org is trying to access my Clipboard, and saw this:

Ok, that's not a problem. The standard fix for such an error is to add the Web site to IE's restricted zone, neutralising the scripting that blocks access to the page's source, so that's what I did. I then reloaded the page, only to be confronted by:

Sorry, but I have to say that the actions of profane-justice.org and its owner are just too weird. It is a Web site that:

has gone to great lengths to protect copyright
attempts to access the Clipboard of visitors (a privacy risk for visitors)
blocks access to the page source
has publicized the contact details of a 15 year old legal minor,

and it's owner has accused Internet Archive of violations of both federal racketeering and Colorado organized crime legislation. I wonder if Ms Snell will get all up-in-arms about my comments, my capturing screen shots of her alert messages and the page that appears if you add her site to IE's Restricted Sites zone - if she does get huffy again, it would be wise of her to bear in mind that I'm not a 15 year old boy and that I am much harder to bully.

BTW, for those of you that may be interested, when you are considering the use of copyright material you should always keep in mind the doctrine of Fair Use.

Advertising advertising everywhere... even in the ladies' loo...

sandi — Sun, 22 Apr 2007 03:10:00 GMT

Now I really *have* seen everything.

Yesterday was 'hair and nails' day, so off I went to my local shopping centre for some well earned pampering. Imagine my amazement when I noted a new piece of equipment in the ladies' loo - the hand dryer had been replaced with a new fangled, fancy schmancy piece of equipment with built in monitor screen. The darned thing plays an advertisement every time somebody dried their hands. Apparently it's called an iVision.

The volume is too damned loud for such a small area - you can hear it in the corridor outside the ladies' toilets for chrissakes.
The rotten thing plays the same advertisement over and over and over.

When I consider the iVision, and the recently announced trial use of cell phones during Qantas flights, I'm begin to wonder what bastions of peace and quiet we are going to be left within a few years. One of the things I truly enjoy about travel by plane is the fact that, at least for a while, I am out of reach, and I am also safe from some guy (and yes, it is invariably a guy) talking over-loudly on his cell phone about something that is of world shattering importance to him, but of absolutely no interest to me. Yes, at the moment the trial is restricted to text and email, but I predict that voice calls will eventually be allowed.

The iVision

Scraping the bottom of the Reality TV barrel

sandi — Sat, 14 Apr 2007 04:16:00 GMT

"A British reality television program to be filmed in Australia this winter will force fat children to hunt for food with Aborigines.

In 'Fat Kids Can't Hunt' 10 fat youngsters will live with Aboriginal tribesmen in Australia for a month.

If the children want to eat, they must follow the strict rules of the Aborigines, eating plants, grasses and fruits as well as trapping, killing and cooking any animals or insects they find.

If they do not eat the bush tucker, they go hungry."

Source: http://www.news.com.au/story/0,10117,21555791-2,00.html

Is it any wonder I can feel my IQ melting away whenever I sit down in front of the aptly named "idiot box"? I fail to understand how Endemol Producer Bridget Sneyd can truly believe that this new show is going to help those kids "address their dysfunctional relationship with food once and for all" when so much depends on *what* that dysfunction is. Will this show teach them the reality of unrealistic portion sizes? Or energy input versus energy output? An understanding of nutrition? The psychology behind food choices? Comfort eating? Stress eating? Distress eating? What about *why* they are succumbing to comfort, stress, distress eating? Will the show teach them that whatever changes they may make, these changes must be for the rest of their lives - and do all in the space of a month? Under the guidance of Aboriginal tribesmen instead of qualified counsellors?

How often do "reality" shows revisit their victims (sorry, stars / participants) after a few years back in the real world? Not very often. Why? Because far too often the "good" that these shows claim to be doing is no more than a illusion.

Ironically the advertisement next to the news article was for, believe it or not, Weight Watchers!

Prosh Day today - but the students involved are not winning any friends

sandi — Tue, 03 Apr 2007 23:54:00 GMT

Today is PROSH Day (information here). PROSH is an annual charity supported by the UWA Student Guild and The University of Western Australia.

Unfortunately what started out as a fantastic charity event years ago seems to be corrupting more and more as time goes by thanks to the deteriorating behaviour of the students involved. My experiences this year, when leaving the Perth train station and walking to work, were by far the worst yet.

I knew we were in for trouble when I heard the Transperth staff at the train station broadcasting an announcement asking the Prosh sellers to stop blocking the exits, and warning that if they did not comply they would be removed.

Then there were the announcements asking specific students to leave the platforms - it is illegal to try and sell wares on Transperth property unless you are an actual stall/store holder, and these students know this, but it doesn't stop them from trying their luck anyway.

To leave the station I had to force myself through an unruly mob of about 20 yelling, costumed, university students who were blocking the overpass, and were so determined to get people to buy their Prosh paper they were shoving it in people's faces and physically blocking the exit.

Even after I managed to exit the train station (and to be honest, the students' behaviour was frightening - these kids have no idea of the concept of personal space) I continued to be accosted on every street corner and arcade entrance, and even berated by one overzealous seller dressed like a ninja.

Only one group was polite - on the corner of Pier and Hay Street. My compliments to those young Canadians - they had manners - but unfortunately by the time I reached their corner my frame of mind was such that I had no intention of donating to Prosh.

The university students involved in this morning's events should be ashamed of themselves, take a good hard look at their behaviour and realise that the actions and words that I saw today will turn people away from Prosh. As a whole Perthites are very generous charity givers, but do not expect support if you yell and shove your wares in our faces.

You know you're getting famous when somebody steals your stuff

sandi — Tue, 03 Apr 2007 12:54:00 GMT

So I spotted something in a Technorati search the other day... a site hosting www.ie-vista.com via a frame in a remote site, with a banner advert plastered across the top of the screen, the only goal being to earn easy cash from *my* hard work.

I hate that somebody is making money off my sweat and tears;
I hate that the banner ads in question could place visitors at risk, whether it be via a winfixer infiltration or worse.

So anyway, if you want to stop your site being stolen in such a way, here is what you do - it's called Frame Breakout. You need to add the following code to the <head> section of your site, remembering that if your site uses frames things are going to get *way* more complicated, but you can code exclusions if need be.

Anyway the code:

For those you of you with more complicated sites, this article may be of assistance:
http://javascript.about.com/library/blfrm1.htm

So, to the bastards who tried to steal my site and make money from my work by hosting www.ie-vista.com via frames and an usercash.com URL I have this to say:

BITE ME!!

Please say it isn't so - Canadian killed by poison pills bought on the net

sandi — Sun, 25 Mar 2007 08:21:00 GMT

Source: http://www.canada.com/topics/bodyandhealth/story.html?id=ada62a41-2482-4bf2-bb34-cc00c5ead4a9&k=43298

"The public is being warned about the dangers of purchasing medicine on the Internet following the death of Quadra Island resident Marcia Bergeron. The 57-year-old apparently died of poisoning after purchasing pills through an online source, said Vancouver Island regional coroner Rose Stanton. A toxicology report showed that Bergeron's anti-anxiety medication and sedative were laced with dangerous mineral traces, Stanton said. "The pills had traces of uranium, strontium, selenium, aluminum, arsenic, barium and boron," said Stanton."

My God, this really does put the Winfix problem into perspective, doesn't it. Sure, Winfixer rips you off with its false positives, tricking you into handing over $$ to fix a computer infestation that doesn't exist, but at least it won't kill you.

Note the further comments in the article:

"Bergeron's medications, confiscated by the coroner, were generic pills in plastic bags with nothing to identify them. There was no information about proper dosage, and no printed materials. "There's no drug name, there's no dosage information -- that's dangerous," said Stanton. "I think the risk is very high that someone else could suffer the same fate." Stanton said that the website Bergeron used had fake endorsements from medical agencies. "These fake sites look very realistic," Stanton said. "They would fool a lot of people. And they mention the names of organization and companies that don't exist." Stanton said the fake sites set up for very short periods of time -- often just a few days -- then shut down to avoid the authorities, and often set up again under a different name."

What are we going to do about what "the Internet" is turning into? What happened to the brave vision of the past where "the Internet" would empower us, help us learn, expose us to alternative viewpoints and cultures, and allow us to communicate with loved ones far away and share knowledge... is that all going to be lost to the criminal element? We can't protect everybody, and reality is that "the Internet" is accessible to so many people now that would never have dreamed of accessing it not so many years ago. Computers have gone down in price, Internet availability has gone up, broadband is more and more widespread, internet cafes abound for those who do not have computers, and even when we are on the move we can get online via hotspots. More and more and more people are surfing, but they are not being educated about the dangers out there, and I am struggling with the question "whose responsibility is it" and "what can we do going forward"?

The catchcry "AOL killed the internet" came to be because of the lack of education and detrimental behaviour of that company's inexperienced, netiquette illiterate subscribers (http://catb.org/~esr/jargon/html/S/September-that-never-ended.html). Now we are seeing a danger far worse than a deterioration in the quality of conversation in newsgroups. We are having to face the danger of a criminal element taking advantage of the innocence and naivity of who-knows-how-many millions of users who simply do not know better, and have nobody sitting next to them to guide, protect and train them as they step out into an online world with very few safeguards or protections from shysters, fraudsters and crooks. And now, somebody has died.

I don't know if Marcia Bergeron is the first person to die under such circumstances, and I feel a great fear that she will not be the last.

Doctors' surgeries have a quota? Since when?

sandi — Sun, 25 Mar 2007 07:30:00 GMT

Ok, so my youngest offspring, my daughter, is unwell and showing all the signs of having developed an ear and sinus infection. We headed down to the medical surgery that our family has been using for more than 20 years to see about treatment. Ours is not a family that goes to the doctor at the sign of the slightest sniffle, but this time, going on the pain she is in, and the symptoms she is exhibiting, it seems that this time antibiotics may be required.

We arrived more than hour before scheduled closing time, only to be confronted by a locked door and a sign that says "We have reached our quota. 25/03/07".

Huh? What quota? Number of patients seen quota? Hours allowed to stay open quota? Staff payroll quota? We don't know.

Things have been deteriorating ever since my GP's medical surgery was bought out by Mayne Health (now known as Symbion Health). Opening hours have been cut back. Bulk billing has stopped. And now we see this rubbish about mysterious "quotas".

I want to go back to the days when medical surgeries were owned and run by traditional family doctors - these big multinationals have different priorities.

Ok, so this time the spammers got me to open an email, damn them

sandi — Tue, 20 Mar 2007 11:54:00 GMT

The subjectline of the spam was "The anti phishing thing in IE makes getting to a web page feel like Im on dialup - when Im on cable."

Gosh darn it, I'm an IE MVP, of course I'm going to open something that looks like a plea for help from an IE user....

Not happy.

WARNING: Winfixer and Errorsafe being distributed via MSN Messenger banner advertisements

sandi — Sun, 18 Feb 2007 04:28:00 GMT

Part of this article may fall to the bottom of screen on smaller displays - scroll down if this happens to you.

Edit: I should point out that MSN Messenger's proper name is now Windows Live Messenger.

Pushers of the malware known as winfixer managed to infiltrated a provider of advertising content for MSN banner ads. The dangerous ads appeared in the Windows Live Messenger contact pane, as well as in banner ads on groups.msn.com. The incidents were reported to secure@microsoft.com and they and the MSN ads team investigated and removed the ads.

Microsoft have issued an official statement as follows:

"Microsoft was notified of malware that was being served through ads placed in Windows Live Messenger banners. As a result of this notification we immediately investigated the reports and removed the offending ads, as this is a violation of our ad serving policy. We can confirm that the ads are no longer being served by any Microsoft system. We apologize for the inconvenience and are reviewing our ad approval process to reduce the chance of an occurrence such as this happening again. To help customers protect their PCs from malware threats, Microsoft recommends customers follow our Protect your PC guidance at www.microsoft.com/protect." - Whitney Burk, Microsoft.

I was originally warned that this is happening by none other than Patchou of Messenger Plus! fame on Thursday 15 Feb 2007 at 7:33:00 am Perth time. I received a second report from Johan Brune that confirmed what is happening at 11.56am Perth time, 18 February (about 3 and a half hours ago) and I have now been able to reproduce the problem on my own machine. It says a lot for Patchou's integrity that he was willing to write to me and warn me about this problem despite our history. I have been extremely critical of him and his Sponsor Program in the past and have said some very nasty things at times, yet despite all that we have been able to maintain an open dialogue which has borne important fruit - Patchou was the first person to report the winfixer infiltration to me.

Brief warnings appeared on www.mess.be and at Neowin (http://www.neowin.net/index.php?act=view&id=38176) after Patchou got in touch and while I was still investigating and trying to confirm the problems, but they contain little in the way of screenshots or detailed information. Also, the articles report that the Free PC-Secure banners trigger dialogue windows, which is not my experience, or the experience of anybody that I have contacted to duplicate my tests and verify the problems.

So far I have seen two ways that the bad guys are using to try and get Winfixer on to a machine via MSN Messenger banner advertisements - one involved a pop-up alert that appeared with no user interaction - the other needs the user to click on the banner advertisement and visit a Web page, then manually download an installer.

The most dangerous banner advertisement looked like this screenshot on my system - nothing happens if you try to click on the banner advertisement BUT when the banner advertisement disappears when the ads are rotated, something worse happens.

When the banner advertisement is rotated (or, as in my case, I refresh the banner advertisement in an IE window) the classic Errorsafe pop-up window appears WITH NO USER INTERACTION REQUIRED - note the URL in the addressbar - it is the URL for the banner advertisements that appear in the MSN Messenger contact pane and proves that the advertisement is being served up by rad.msn.com

Screenshot here:
http://msmvps.com/photos/spyware_sucks/images/591117/original.aspx

Do not click on OK or Cancel when you see such windows! I clicked on the red close button to shut the dialogue box and then saw this - a classic winfixer tactic. I strongly recommend that you do NOT click on the OK button:

Screenshot here:
http://msmvps.com/photos/spyware_sucks/images/591121/original.aspx

The second banner advertisement that I have seen and which does not trigger a dialogue box looks like this - the user must click on the banner for anything to happen - further screenshots of the same banner advertisement are at the end of this article:

When the user clicks on the banner advertisement they end up at this Web site:

I downloaded the free PC scanner offered by that Web site and then uploaded it to VirusTotal for scanning - these are the results - WINFIXER again.

This is very bad news for users of MSN Messenger, and for MSN and Microsoft. Those who read my blog regularly know that I have devoted a lot of time to fighting Winfixer, writing about how those behind Winfixer have attempted to infect victims via the Messenger Plus! Sponsor Program (for which Patchou has taken a lot of heat for years, not only from me, but from many other quarters), as well as Activewin and MySpace.

I am struggling to express how upset, and disappointed, and worried, I am that this has happened. For years I have been holding up MSN Messenger banner advertisements as an example of how advertisements can be safely served up to end users without putting them at risk of malware. Now, everything has changed. Users have been put at direct risk through no fault of their own and they can't avoid the MSN banner advertisements when the contact pane is open without using a third party hack that is ethically wrong to use.

This simply shouldn't have happened. The people behind secure@microsoft.com have been extremely responsive and open with me about what they're doing to fight back, and are working on the problem as I write, but experience how shown me that if the bad guys behind winfixer can get in once, they'll continue to do so - they are sneaky, and dishonest, and know every trick in the book to slip in under the radar.

How hard is it to avoid winfixer advertisements once they infiltrate a network? In the end, Circle Distribution (who supply the advertisements for the Messenger Plus! sponsor program) found it necessary to edit their users' HOSTS file to block known Winfixer URLs. Right Media, who supply CiD with their content, and were also reported as being responsible for serving up winfixer advertisements to MySpace users, seem to be unable to stop those behind winfixer from getting in and haven't appreciated my criticism of them now that I have turned my focus away from CiD and Messenger Plus and concentrated my criticisms higher up the advertisement food chain.

I had a brief discussion with Bob of ActiveWin when I was in Las Vegas about the winfixer problems on that site, but do not know what steps they may have taken to protect their visitors. As for MySpace - forget it - just block the site and have done with it.

I'll update this blog via the comments section as information is made public. If history repeats itself, Microsoft and MSN are going to have a hell of a time getting rid of winfixer - the bad guys behind that product are nothing if not persistent. I don't know how the hell they managed to infiltrate the rad.msn.com network, and I am extremely disappointed, and worried, that they have been able to do so. MSN Messenger must have millions of users, all of whom are at risk of infection fromn the malware.

I strongly recommend that all users of MSN Messenger ensure that their antivirus and antispyware applications are up to date. Do not click on any buttons in pop-up windows that you may see, and do not believe Web sites that report that they have found a problem on your computer - seriously, how the hell would they be able to tell?

Do not click on OK or Cancel buttons in the pop-up windows. Close the window using the red x close button.

I also strongly recommend that MSN Messenger users download and install Mike Burgess's HOSTS file to help block winfixer and other bad guys. You can find Mike's famous HOSTS file here:
http://www.mvps.org/winhelp2002/hosts.htm

As I mentioned earlier, there are third party add-ins that remove the advertisement pane from MSN Messenger as mentioned in the Neowin thread. I have always spoken out against such tools when I believed that MSN Messenger advertisements were always safe, but now I have to seriously consider whether I should start recommending them. All will depend on whether MSN and Microsoft are able to successfully block the winfixer malware advertisements from here on in. Patchou has written to me to advise that the anti-ad patches may not work anyway. He says that many of the patches just hide the IE control, it's still running so users will still get the messageboxes and what follows them so if anything it may make the situation even worse, hiding where the pop-ups may be coming from.

MSN Messenger are also advertising screensavers, but they are more traditional adware and don't use dirty tricks like the pop-up windows that winfixer are infamous for. I still recommend that you avoid such free software which invariably comes bundled with foistware such as toolbars and/or adware that generates pop-ups and stuff like that.

Further free PC scanner banner advertisement screenshots...

Travelling home from the CES - Qantas needs to pay more attention to catering and cabin maintenance

sandi — Sun, 14 Jan 2007 08:56:00 GMT

As my regular reader(s) know, I went to Las Vegas for the Consumer Electronics Show and a Windows Vista Lab courtesy of Microsoft (Microsoft paid for flights, I paid for accommodation).

Although the frequency of my travel has reduced over the past 6 months or so, I am still a Gold Frequent Flyer with Qantas and they were kind enough to upgrade me to business class for the Melbourne to Los Angeles, and Los Angeles to Melbourne legs of my trip. I purchased an upgrade to business using points for the Perth to Melbourne leg. I did have the opportunity to purchase a points upgrade to business class for the final Melbourne to Perth leg, but they could not guarantee me a meal so I decided to stay in economy because I had an exit row seat anyway.

Now, the international legs of my travel with Qantas were wonderful, but the local flights, even in business class, revealed problems with catering, and cabin maintenance.

For the business class Melbourne to Perth leg I chose the salmon for my meal. When it arrived it was badly overcooked, dried out and hard - certainly not what I would expect from a business class meal - it was nearly inedible.

For the Melbourne to Los Angeles leg the controls for my Qantas Skybed were not working properly. The seat would only move an inch at a time, instead of reclining or raising smoothly, and the control buttons had to be pressed over and over and over before I could position the seat to my satisfaction. But, that being said, the food was sublime. The gentleman sitting next to me also had problems. The entertainment system in his seat was not working and the steward had to organise for the system to be reset for his seat, at which time it started working.

The flight from Los Angeles to Melbourne was the most successful of the lot. This time the seat worked, and the food was fantastic as well. But, that being said, the laptop power at my seat was not working - both powerpoints worked when first plugged in, but then the power slowly faded away. I had to move to another seat which did not have power problems to get my work done. Also, the tube of moisturizer in my Business Class travel pack had leaked, and what was left was dried out and unuseable.

My final leg, from Melbourne to Perth (this time in Economy class), revealed more problems with Qantas catering. The bread roll that I was given was stale and hard, there was only half a dozen tiny bits of beef in my hot meal, and the mashed potato was the sloppy consistency of overwatered, reconstituted potato powder. Everybody seated nearby had the same complaints about the bread rolls. I know that times are tight, and that airlines have to cut costs, but serving up bread rolls that are so stale they are only edible if soaked in the pre-mentioned sloppy mashed potato is simply not acceptable.

I then decided to watch the movie, but there was a problem with the sound service. Only one side was working on the headset, and the volume control in the armrest was not working, so I was left to try and watch the movie with the sound blaring at full volume into only one ear. I tried another headset but the problem continued. I tried reversing the way that the headset was plugged in and all that did was move the blaring sound to the other ear. Having been spoilt by the Bose style sets in business class I decided to forgo deafness and not watch the movie.

The trip from Melbourne to Perth, with the bad food and not being able to watch the movie, could have been long and boring except for the fact that I had some fun company. I was seated next to a gentleman by the name of Steve Wall whose wife and friend were also sitting nearby. Steve and his wife were great company, and I had a ball demonstrating my Ferrari 5000 laptop and Windows Vista to them.

My Ferrari is running Vista Ultimate so I was able to show Steve and his wife virtually everything, including Media Centre. My only regret was I did not have Dreamscene installed so I could not demo that.

I had a great time demonstrating Vista to people who have never seen it before, on a system that is powerful enough to do everything I asked of it (and I think Steve may want to buy a Ferrari now).

Apparently Steve will be telling the guys at work that he met me on the plane and got to see one of the infamous blogger Ferrari 5000s as well as Windows Vista in all of its glory. Just so these guys know that he's not telling porkies, here's a photo of Steve that was taken on the plane using the camera that is built in to the laptop

BTW, Steve and his wife run a mining spare parts business called Critical Spares which has a Web site at www.criticalspares.com and yes Steve, I can confirm that the site works just fine in IE7

Always pay attention when you install software updates, otherwise you may end up with unwanted add-ins (and foot-in-mouth-disease)

sandi — Sat, 13 Jan 2007 04:23:00 GMT

It would be real nice if Andy Beal and his comrades in arms in various online news sites would concentrate more on accuracy, and less on sensationalism. If there is one thing that is sure to raise my hackles, it is misinformation, and grudging "updates".

There was an article posted on marketingpilgrim.com today, with the by-line "Exclusive - Yahoo Using Dirty Tactics to Switch Google & Firefox Users?"

The article states "Over email, Jarrod Hunt of Text Link Brokers explained how a recent upgrade to Yahoo Messenger includes an innocuous “auto-update” option. When the user gives Yahoo permission to “update” – what they think is just Yahoo Messenger – the updater downloads IE 7 (which we already know to be buggy) and then proceeds to hijack many browser preferences – including search engine settings."

This is what happened. "Jarrod" uses Yahoo Messenger. Yahoo Messenger prompted Jarrod to install an update. Jarrod agreed. Jarrod went with the default install. Jarrod ended up with an updated Yahoo Mesenger, but he also ended up with the Yahoo Toolbar, his home page was changed, and his search engine defaults were changed. Jarrod accused Yahoo Messenger of installing IE7.

Yahoo Messenger does NOT install IE7, and it took a comment posted more than 8 hours after the article went live stating "This story is a lie" for Jarrod to finally decide to check what version of IE he actually had installed, something that I suggest he should have done in the first place.

So what went wrong for marketingpilgrim? How could they get something so wrong, and allow an article with such a basic technical inaccuracy to go live?

First, Jarrod saw that he had tabbed browsing and he assumed that he had IE7, not realising that it was the Yahoo Toolbar that was creating the tabs as we can see from a comment that he posted more than 9 hours after the article went live that said "I’m looking at the version number in IE. It’s still IE6. I assumed that the new “Tabs” I was seeing were because of an upgrade to IE7. I have had IE6 for years now, and did not plan on upgrading. The new tabs I am seeing are part of Yahoo’s new toolbar. Don’t I feel like an Ass."

Ok, so maybe we can forgive Jarrod his knee-jerk assumptions when he saw the changes on his system. He is obviously unfamiliar with IE7. But why the heck would he automatically assume he has IE7 just because he has tabs? For example, the MSN toolbar gives IE6 users tabs and there are lots of skins and add-ons out there that give IE6 tabs. Not only that, the IE7 GUI changes are far more than just adding tabs to the Web browser as you can see if you check out the screenshots at www.ie-vista.com.

Putting aside the GUI issue, I am also concerned that if Jarrod is unfamiliar with even the basics of IE7 such as what it looks like, then how is he in a position to make an informed judgment about whether or not IE7 should or shouldn't be installed? I see a need for some research on Jarrod's part because IE7 brings with it very important security benefits - IE7, for example, was NOT vulnerable to virtually all of the exploits disclosed since it went into beta last year.

Andy Beal, on the other hand, is harder to forgive. It seems he did not check his facts before publishing the article. Did he write to Yahoo and ask for their comments BEFORE going live? Did he wait for a response? Did he install Yahoo Messenger to make sure that he could confirm the bona fides of Jarrod's complaint before going live?

Third, IE7 is not "buggy". There have now been over 100 million installations of IE7, and if marketingpilgrim's claims about IE7 being buggy were true then my sites, my forums and the newsgroups would be flooded with complaints. Instead, we are seeing no more than the normal problems that occur when software is updated - it is not technically possible to cover all scenarios, and problems do slip through (such as the printing bug a minority of users are having problems with), but that is no reason to advise *everybody* to avoid IE7. Reality is that users are far more likely to be part of the majority who have no problems, than the minority that do.

I've just checked the "IE7 is buggy" column that the article links to - it is dated 1 February 2006 and discusses a BETA of IE7 for chrissakes - not only that, it seems that the author tried System Restore *before* going to, you guessed it, Add/Remove Programs, to remove IE7 - he did things ass-backwards. Web sites not displaying properly? That's not an IE7 bug - its actually a problem caused by IE6 in that the affected sites were using various hacks to get around IE6 problems - problems that no longer exist in IE7. IE7 introduced many improvements to CSS compliance, and got rid of some long-standing, often complained about rendering bugs. We knew that there was going to be problems for site owners that used various IE6 specific hacks, and we did all we could to warn site owners during the beta, but it seems the author of that article would prefer the IE6 rendering faults to remain rather than be fixed? As for the 30 blank browser sessions, they are easily fixed, being a simple file type association mis-set.

Please let me make this perfectly clear. I hate software bundling, and have said so on this blog many times. I hate it that so many free products try to install toolbars or change my Web browser settings, whether it be Yahoo Messenger, or MSN Messenger, or Adobe Acrobat, or Sun Java or the myriad other products that try to do the same thing. The CNET article is right insofar as the default install of Yahoo Messenger changes your Web browsers home page and search engine settings an adds a toolbar and the Yahoo Messenger installation does NOT make it clear that these things will happen. It should NOT be necessary to select 'customise your install' or 'custom install' before you can see the tick boxes for the additional changes. But that being said, my strong dislike for bundling does not cancel out a similarly strong dislike for misinformation.

If you want to see what happens when Yahoo Messenger is updated, check out this video - for me, at least, the video quality sucks, but at least you can hear the commentary:
http://news.com.com/1606-2-6144280.html