Thursday, August 19, 2004

 

Cracktalk Newsletter 8-19-4

Crack Talk 8-19-4

Terry Blount

tblount@mchsi.com


I'll probably be sending out the newsletters on Friday for a while.

~~~~~~~~~~




According to the Internet Storm Center, an unpatched Windows PC
connected to the Internet will last for only about 20 minutes before
it's compromised by malware, on average. That figure is down from around
40 minutes, the group's estimate in 2003.

The drop from 40 minutes to 20 minutes is worrisome because it means the
average "survival time" is not long enough for a user to download the
very patches that would protect a PC from Internet threats.
http://zdnet.com.com/2100-1105_2-5313402.html


Internet security firm MessageLabs said one in every 12 emails it
scanned between January and June contained a virus designed to infect
computers and often cause havoc. MessageLabs said 63.5% of emails
scanned on behalf of its customers in the first half of the year was
spam. This is up from 37.9% during the same period last year

~~~~~~~~~~



Watch out for Freddie

This is the monster of all browser hijackers. Like the villain of
Nightmare On Elm Street, it can't be killed.

This new 'kruegerware' can steal your homepage, lock you permanently to
a pornographic site, or ship all your Google queries to a dubious
ad-driven alternative.

This type of program doesn't just wreak havoc, they cause computers to
crash or slow down so much you can't use them. By locking in their own
main search page, the kruegerware, and other hijacking, authors can
generate hundreds of thousands of dollars in referral commissions.

Kruger can avoid detection by spyware programs, and even if you think
you've got rid of it, it usually returns, like Freddy, to haunt you.

The resurrection instructions are buried deep within the code for
Microsoft Windows, making removal extremely difficult for even
technically savvy users. And once kruegerware reinstalls itself on a
"cleaned" machine, the nightmare continues.

http://abcnews.go.com/sections/SciTech/US/nightmare_spyware_040818-1.html
http://newpaper.asia1.com.sg/top/story/0,4136,67508-1,00.html

Steps to protect yourself from becoming a victim of kruegerware:
http://abcnews.go.com/sections/SciTech/US/nightmare_spyware_040818-3.html

There is NO CURE yet...

FIRE, stakes and silver bullets won't work. There's only one sure way to
get rid of persistent spyware, including browser hijackers: Completely
rebuild your operating system and software, a process that takes the
better part of a day.

Most computer manufacturers simplify this by including an 'image' CD set
of Windows and the rest of the programs that came with your computer.

Before you run this restore disk, copy or back up all your data files,
because the restore disk will wipe out changes that have been made to
your computer since you bought it.

Allow a couple of hours to download the updates to Windows that weren't
on the original disk, and still more time to restore settings.



There are some good utilities from Seememe Software - http://seememe.com
(Diagnose Window, IE Manager, Windows Utilities and Junk Remover (on the
120 gig drive too) that are good for cleaning up Windows and IE spyware,
scum ware and hijacking. I tested the IE Manager (also on Cream 46 -
SeeMeMe.IE.Manager.v2.0) and it returned IE to it's original state,
removing the Google tool bar and other addons I had intentionally
installed. I tried their Registry Firewall but it killed almost every
program I tried to load when it was running. I reported the errors
and maybe they will get it fixed. This kind of protection is probably
the future of Windows security. Permission to install anything on an OS
should be required and protected from stealth installations. That is why
I have encouraged everyone to run the Startup Monitor I've written about
so many time. Here is another program like it that's worth checking
out. I'm running both for a while.
http://www.diamondcs.com.au/index.php?page=regprot

~~~~~~~~~~


I took some time to experiment with several of the packet sniffers on
the last 120 gig drive. I was hoping to catch the url for a music feed.
One program grabbed a url (that looked like the ones we once had) but
when I tried it Windows Media Player opened with an error code. I also
tried the ip address the music was coming from but when Windows Media
Player loaded I got the same error message.

If someone can figure out how, or show me how to find these direct feeds
again let me know. It's interesting to view how much is going on and
where it's going to when you are surfing the internet.

~~~~~~~~~~


New Tool Identifies 'Phishy' Web Sites

WholeSecurity tool can spot fraudulent Web sites used in online cons The
new product, called Web Caller-ID, can detect Web pages dressed up to
look like legitimate e-commerce sites. http://www.wholesecurity.com/

Phishers also spoof domain names, as well as URLs and legitimate Web
sites, to trick people into divulging passwords, credit card numbers and
other personal information.

The Institute for Spam and Internet Public Policy (ISIPP) launched a new
service to help businesses whose domain names have been hijacked by
spammers. ISIPP helps them evaluate and take charge of suing spoofers
for trademark infringement.
http://www.internetnews.com/xSP/article.php/3395771

~~~~~~~~~~


The Norwegian hacker famed for developing DVD encryption-cracking
software has apparently struck again this time breaking the locks on
Apple Computer Inc.'s wireless music streaming technology.

Jon Lech Johansen released on his Web site defiantly named "So Sue Me" a software key that helps to unlock the encryption Apple uses for its
AirPort Express, a device that lets users broadcast digital music from
Apple's online iTunes Music Store on a stereo that's not plugged into a
computer.
http://story.news.yahoo.com/news?tmpl=story&cid=528&ncid=528&e=6&u=/ap/20040815/ap_on_hi_te/dvd_kid_apple

~~~~~~~~~~


Blogs: The Marketing Killer

Weblogging -- or blogging -- is taking social networking to new heights.
And with the improvements to the technology, the personal journals are
now supplying tens of millions of bits of information every day. Now
multi-million dollar corporations looking for cheap and effective ways
of getting their message out are using the technology to their
advantage. http://www.internetnews.com/ent-news/article.php/3394841

~~~~~~~~~~


MSNBC.com started an online classifieds site
http://classifieds.msnbc.com/

Basically they are indexing newspapers for jobs and real estate much
like Froogle indexes vendor's prices for hardware.

They just use eBay and cars.com and other major sites to find
autos/merchandise and match.com for personals... like other portals....
and you have to actually subscribe (and pay) to use those services.

This is a VERY lame effort for a multi-billion dollar company. This page
could have been set up in a couple hours by anyone who has ever created
a homepage.

~~~~~~~~~~


Online Music Price War

RealNetworks has halved the price of its music downloads in an
aggressive attempt to boost its share of the online music market. The
company is offering songs for $0.49 each, down from the usual $0.99.
http://news.bbc.co.uk/1/hi/business/3572436.stm

~~~~~~~~~~


Windows update causes headaches for at least 200 applications.

SP2 impacts Unreal Tournament 2003 Games, security software and popular
business programs are clashing with Microsoft's long-awaited security
update for Windows XP. eBay has posted a notice saying that some of the
features of its eBay Toolbar program will cease to function after users
install SP2. (http://www2.ebay.com/aw/marketing.shtml#2004-08-13215905)
http://support.microsoft.com/default.aspx?kbid=842242


XP SP2's security uses DEP but its useless on new Intel processors.

DEP - (Data execution prevention) uses the CPU to mark all memory
locations in an application as non-executable, unless the location
explicitly contains executable code. This way, when an attacking worm or
virus inserts program code into a portion of memory marked for data
only, an application or Windows component will not run it.

If you purchased a computer since February that doesn't support DEP (for
example, any non-Itanium Intel-based PC), you've purchased a computer
that is unable to take advantage of the latest SP2 security feature.
From a security perspective, it could be argued that you purchased an
obsolete system. http://zdnet.com.com/2100-1105_2-5310417.html

Ok... but on the bright side... SP2 does fix about 1,000 problems that
Microsoft has listed here:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;811113

~~~~~~~~~~


If You Are Too Weak to Just Say NO

Give this address to a spammer or someone who is bugging you for your
email address and when they write they get back a rejection reply...
telling them you don't want to have anything to do with them.
YourName@papernapkin.net

Should they insist on getting your phone number there are rejection
hotlines in about 30 major cities:
http://www.wired.com/news/culture/0,1284,64612,00.html?tw=rss.TOP

~~~~~~~~~~


Internet Heading to Light Speed

A new nanotechnology that eliminates network bottlenecks could help
create a web surfers' paradise that is 100 times faster than today's
internet.
http://www.wired.com/news/technology/0,1282,64584,00.html?tw=rss.TOP

~~~~~~~~~~


New High-Speed Wireless Format

A group of technology companies including Texas Instruments Inc.,
STMicroelectronics and Broadcom Corp., will propose a new wireless
networking standard up to 10 times the speed of the current generation.
http://www.reuters.com/newsArticle.jhtml?type=technologyNews&storyID=5989565&src=rss/technologyNews§ion=news

~~~~~~~~~~


Although Microsoft neglected to include msconfig in Windows 2000, you
can run it by copying the files onto your Windows 2000 computer from a
Windows XP computer.

Using msconfig saves you the trouble of digging in the Registry or a
half dozen other places for basic settings. You can control what
programs and services load at startup for diagnostic purposes, as well
as settings in the System.ini, Win.ini, and Boot.ini files. Use it to
either look for an entry that shouldn’t be there (e.g. a virus) or, more
commonly, to turn off some program that insists upon setting itself to
load at startup when you install it.

~~~~~~~~~~


This is truly revolutionary!

http://www.emachineshop.com/

The Internet Revolution Meets the Industrial Revolution

A new program lets people design 3-D objects like car parts and door
knobs in metal or plastic then order them online. You can sit at your
home computer, draw up some parts, submit them and 30 days later they
are on your doorstep, all without human contact.
http://story.news.yahoo.com/news?tmpl=story&cid=528&ncid=528&e=2&u=/ap/20040818/ap_on_hi_te/online_manufacturing

~~~~~~~~~~


Energy of the Future Flows into Downtown Toronto

Air cooled by the frigid waters deep in Lake Ontario started bringing
relief to buildings in downtown Toronto on Tuesday after the valves were
symbolically opened on the multi-million-dollar project.

The project, which is believed to be the first of its kind in North
America, could be cooling significant parts of the downtown by the time
the heat and humidity hits Toronto next summer.

This is clean, renewable, reliable energy. Compared to traditional
air-conditioning, Deep Lake Water Cooling reduces electricity use by 75
per cent and will eliminate 40,000 tons of carbon dioxide, the
equivalent of taking 8,000 cars off of the streets of Toronto.
http://www.theglobeandmail.com/servlet/story/RTGAM.20040817.water0817/BNStory/National/

~~~~~~~~~~


Give us back our pot!

A group of 38 California medical marijuana patients filed legal motions
on Tuesday asking the federal government to give them back their pot
worth nearly a million dollars.
http://www.reutershealth.com/archive/2004/08/17/eline/links/20040817elin023.html

~~~~~~~~~~


Brian Writes:

Some people like me have been looking for codecs to play certain video
files and here is what will help us all out!
http://www.free-codecs.com/download/ACE_Mega_CoDecS_Pack.htm

The mega codec pack is 44 MB of codecs for damn near everything you
could want to play. I have also used the ever-popular K-lite Codec pack
as well, which is a nice alternative to this one with a smaller
footprint.

~~~~~~~~~~


Genetic Savings & Clone enriches the lives of pet lovers through
superior cloning technologies. Cat cloning available today; dog cloning
available in 2005. http://savingsandclone.com/

~~~~~~~~~~


New Cars Never So Affordable

The average American has never had a better opportunity to purchase a
new car or truck. According to the Comerica Bank Auto Affordability
Index in the second quarter of 2004 it took 20.6 weeks of median family
income to purchase a new vehicle compared to 21.1 weeks in the first
quarter. This is the lowest level in 25 years. Those enormous
incentives, continuing low interest rates and what some consider an
improving economy all factor into the statistics.

~~~~~~~~~~


After much criticism over the release of Microsoft's "lite" edition of
Win XP Microsoft's spokesman says:

"We have designed an operating system that enables first time users to
perform their most popular tasks, such as e-mail, accessing the web,
writing documents and entertainment, and that provides a lot of
assistance and guidance in getting started with using their PC."


Hummm.... sounds like Windows 95.... which you can get FREE when you
buy a $20 mouse: http://www.softwareandstuff.com/s_ba_os_mswin95.html

Or for about $43 you can get a legal copy of Win ME:
http://www.kingpda.com/xcart/customer/product.php%3Fproductid%3D2902&fr=AI5hp0hKernyQ9meiVZRKm7xUbPS7V_MVXyjS7-irHAxAAAAAAAAAAA

~~~~~~~~~~


Wireless networks could soon be running 10 times faster than they do
now. Competing technology groups are proposing different ways to speed
up the data rates of wi-fi which could reach 540 megabits per second.
http://news.bbc.co.uk/1/hi/technology/3561808.stm

~~~~~~~~~~


1,747 Miles Per Gallon
http://www.latimes.com/technology/la-me-wheel17aug17,1,697907.story

~~~~~~~~~~


Cellular Connects With Home Phone

You can save/eliminate long distance phone charges using your land line
with cell phone free minutes.
http://www.chicagotribune.com/technology/chi-0408140183aug14,1,4548191.column

But don't pay $140 for the cradle.... they are available for $18
http://froogle.google.com/froogle?sourceid=navclient&ie=UTF-8&q=Cellsocket&scoring=p

~~~~~~~~~~



Illustrated guide for buying, selling, maintaining, fixing cars.

This is an excellent site folks!

http://www.samarins.com/

~~~~~~~~~~


I wish I could take credit...

I've written a couple times to surpluscomputers.com complaining about
their high shipping fees.... now I see "free shipping" on several of
their products... mostly light weight stuff like software, flash cards
or expensive stuff like LCD monitors. Maybe if a lot of people start
getting on their case they'll do away with shipping fees. They have
cheap crt monitors but shipping for them is $35 and up. It's worth
checking the site now and then. The best deal I found was Logitech
QuickCam Express USB Camera 2 Pack $23.99 + $6 shipping. The best thing
about this deal may be that you could throw away the cameras and still
have 2 good usb cables worth about $15. http://surpluscomputers.com/

~~~~~~~~~~


Movielink.com - Rent Any Movie For Just $0.99.

Movielink is a newer service that allows you to download movies to watch
on your computer. After you download them you usually have between
25-30 days to start watching it. After you start viewing you can watch
it as many times as you like in a 24 hour time span. Great for taking a
trip with the lappy or even a movie for home. New customers can use
code FIRST99 (exp. 9/30/04). Registered users can use coupon code
LINK99 (exp. 8/31/04) or EQ99 (exp. 10/15/04) and you can watch any
movie for just $0.99

~~~~~~~~~~

Fun Unclogging Drains

Explosive sink and toilet plunger is a gift from the gods
http://www.boingboing.net/2004/08/16/explosive_sink_and_t.html


~~~~~~~~~~


Targus PA605U Noise Reduction Headphones $10 These are good. I have a
set myself that I paid $30 for. You don't need a rebate to get this deal
either. http://www.amazon.com/exec/obidos/ASIN/B00008KJ31/

~~~~~~~~~~


100 DVD-R or +R Azo $23

Meritline has GreatAZO 4X DVD+R or DVD-R Blank Media 4.7GB DVDplusR
Disc, 100 for Only $23 after Coupon "Techbargains-azo4off"
http://store.yahoo.com/meritline/great-azo-dvd-r-blank-media.html

~~~~~~~~~~


My oldest son is taking a welding class his senior year in high school
and the cost of supplies, boots etc came as a shock. But learning a
skill like welding is good to have. I have found it useful many times.
I have an older flux welder but thought about looking around for the
newer welders that uses the wire feeds and found that Harbor Freight is
currently offering 2 models at half price:

http://www.harborfreight.com/cpi/ctaf/displayitem.taf?Itemnumber=44567
http://www.harborfreight.com/cpi/ctaf/displayitem.taf?Itemnumber=06271

~~~~~~~~~~

The End

Comments: Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?