Tag: Tips & Hacks

Categories
News

Anonymous Posting Made Illegal in South Korea

image 1 Problems of Internet slander or bullying are very common these days, and governments across the globe are struggling to find ways to deal with them. For this very reason, South Korea brought in a new lawsuit called “Cyber Defamation Law” effective since April 1, 2009. According to this lawsuit, posting “anonymously” online is ILLEGAL. South Korea wants to ensure that people are more responsible while posting content online and are accountable for what they say.

According to this lawsuit:

“Any Internet user commenting or uploading to a website that has over 100,000 unique visitors a day MUST append their real name to the comments they make. Sites must identify whether they meet the number of visitors threshold. If they do, the registration process must require the visitor wishing to post something to enter his national identification number.”

According to the Internet Defamation Blog, the Cyber Defamation Law could have been a reaction to the “dog poop girl” story.

ADVERTISEMENT
  • A woman failed to clean up, after her dog defecated on a public transit.
  • Someone took pictures of this and posted them on the Internet.
  • The result:
    • She became a public outcast
    • Had to quit school
    • Had to move away from her home!!!

Do you think that such a Cyber Defamation Law should be implemented in other countries as well?

I personally feel there’s no harm in revealing your identity. If someone has to post something online, he/she might as well reveal who they really are. If what’s being posted is not “ethically wrong”, then what’s there to hide?

(Source: Internet Defamation Blog)

Categories
Reviews

Firefox add-on for Better Privacy

image 1 Even if you regularly clean your history and cookies from your Firefox browser, you will end up leaving all kinds of traces behind on your machine, allowing someone else to easily track your actions online.

One of the ways to manage this problem is by using Firefox add-ons that help remove traces and cookies in your local computer. But Flash-based streaming videos, advertisements, and controls that are nearly ubiquitous on the web these days are still left behind untouched. That’s why BetterPrivacy add-on comes in handy.

BetterPrivacy is a free download and works wherever Firefox does.

What is BetterPrivacy?

ADVERTISEMENT
  • Super-Cookie Safeguard which protects from usually undeletable LSO’s (Flash-Cookies) or DOM Storage Objects.
  • It blocks long term tracking on Google, YouTube, ebay and many other domains.

With the help of this add-on, you can get rid of those hidden, never expiring objects. You can set your browser to always clean your Flash cache and DOM objects automatically. However, those of you who wish to manage all cookies manually have the option to disable the automatic functions.

Click here to download your BetterPrivacy add-on.

Link: BetterPrivacyAddon

Categories
News

Windows 7 and the War of Software Piracy

clip_image002[15]With the release of Windows 7 RC, cyber-criminals have already started to monger it! There have been reports of illegitimate distributions of Windows 7 RC that have infected the user’s computers with malware. This could lead to potential identity theft, system failures and unrecoverable data loss. Not just that, it also costs the world economy more than 45 billion dollars annually.

Windows 7 has anti-piracy guards that show pop-up boxes to warn people when unauthorized copies of software are spied on computers.

Joe Williams, general manager, Worldwide Genuine Windows at Microsoft, says:

“Ensuring that customers can trust the product they are using is particularly important since pirated software can contain malware and can threaten a user’s personal privacy and information. In fact, in the last few days we’ve seen reports of illegitimate distributions of the release candidate of our latest Windows operating system, Windows 7, being offered in a way that is designed to infect a customer’s PC with malware. This is why it’s so important for customers to get their copies of Windows from a trusted source.”

ADVERTISEMENT

Microsoft’s primary goals:

  1. To enable Windows to protect itself by detecting when attempts have been made to tamper with the technology
  2. To improve the experience of activating the product easily and, when necessary, to understand and resolve any issues they might face.

There have been many instances where customers want to buy genuine software (and believed they did!) only to find out later that they were victims of software piracy. Microsoft has been focusing its anti-piracy efforts on protecting customers and partners from the evolving risks of counterfeit software and increasingly sophisticated piracy scams.

(Source: Microsoft)

Categories
News

More security issues with Google Chrome

clip_image002Very recently, I had written about Security Problems with Google Chrome and how a FIX had been released to resolve the issue. But it appears that within a span of two weeks, Google Chrome has been updated with two more security patches, to fix a pair of vulnerabilities, one being critical and the other high risk.

Vulnerabilities

  • Critical: An attacker might be able to run code with the privileges of the logged on user.
  • High: An attacker might be able to run arbitrary code within the Google Chrome sandbox.

Silent Updates

ADVERTISEMENT

Google Chrome is released as a silent update, meaning that the browser patches itself without the user’s knowledge.

Google Chrome Security Fixes

CVE-2009-1441: Input validation error in the browser process

A failure to properly validate input from a renderer (tab) process could allow an attacker to crash the browser and possibly run arbitrary code with the privileges of the logged on user. To exploit this vulnerability, an attacker would need to be able to run arbitrary code inside the renderer process.

ADVERTISEMENT

Mitigation: An attacker would need to be able to run arbitrary code in the renderer process.

CVE-2009-1442: Integer overflow in Skia 2D graphics

A failure to check the result of integer multiplication when computing image sizes could allow a specially-crafted image or canvas to cause a tab to crash and it might be possible for an attacker to execute arbitrary code inside the (sandboxed) renderer process.

Mitigation:

  • A victim would need to visit a page under an attacker’s control.
  • Any code that an attacker might be able to run inside the renderer process would be inside the sandbox

(Source: GoogleChromeReleases)

Categories
News

Adobe Security Updates on May 12

untitled Last month, Adobe’s Product Security Incident Response Team (PSIRT) announced potential vulnerability in Adobe Reader 9.1 and 8.1.4 and had urged users on all platforms to disable JavaScript.

Since then, many have been eagerly awaiting Adobe security patches so that the issue can be fixed. Adobe has set a May 12 date for the delivery of patches to fix the vulnerability in its Adobe Reader and Acrobat software products.

PSIRT says:

“We are in the process of fixing the issue, and expect to make available product updates for the relevant supported Adobe Reader and Acrobat versions and platforms by May 12th, 2009.

ADVERTISEMENT

Additionally, we have confirmed the second vulnerability (CVE-2009-1493) for Adobe Reader for Unix. This issue will be resolved in the upcoming Adobe Reader for Unix updates. Currently, we have not been able to reproduce an exploitable scenario for Windows and Macintosh, but we will continue to investigate.”

Adobe Upcoming Updates:

  1. Window updates for Adobe Reader versions 9.X, 8.X, and 7.X
  2. Window updates for Acrobat versions 9.X, 8.X, and 7.X
  3. Macintosh updates for Adobe Reader versions 9.X and 8.X
  4. Macintosh updates for Acrobat versions 9.X and 8.X
  5. Adobe Reader for Unix versions 9.X and 8.X.

In the meantime, continue to keep your JavaScript in Adobe PDF Reader disabled. To know how you could do that, read my earlier post: Disable JavaScript in Adobe PDF Reader!

If you still think Adobe Reader could be a “risk” to your machine, then do consider using an alternate program.

(Source: Adobe Blog)

Categories
News

ALERT! Malicious Swine Flu Emails on the Rise

clip_image002

Data thieves and spammers want to make the most of every situation. After the sudden and unfortunate outbreak of Swine Flu, looks like the cybercriminals want to capitalize on this situation too.

Since the outbreak of the flu, online data stats across the globe suggests that people have been hitting the internet in frenzy looking for Swine Flu related information.

Capitalizing on this, the cybercriminals have been sending infected files to the masses via emails, keying off curiosity about Swine Flu.

ADVERTISEMENT

One such email has a PDF attachment titled: Swine influenza frequently asked questions.pdf.

Clicking on the PDF runs a data stealing program on your computer. If you see this, delete it from your inbox.

There are many more such emails doing their rounds. These messages (related to Swine Flu) try to get you to click on tainted web links. Instead, you end up installing various malicious programs on your computer. Many times, you even get directed to websites selling fake pharmaceutical drugs.

Symantec and Cisco Ironport recommend immediate deletion of email messages with these subject lines:

ADVERTISEMENT
  • Swine flu worldwide
  • Swine flu in the USA
  • US swine flue fears
  • First US Sine flue victims
  • Swine flu in Hollywood
  • Salma Hayek caught swine flu
  • Madonna caught swine flu
  • US swine flu statistics
  • NY victims of swine flu
  • First US swine flu victims
  • Will swine flu attack USA?
  • US swine flu fear

Symantec’s Mayur Kulkarni writes:

There is another spam campaign underway that is also using headlines related to the swine flu outbreak, but the messages don’t contain any URLs or attachments. The intention of this type of campaign is to spread fear, uncertainty, and doubt (FUD) among email users. Some of the headlines used in this particular type of email spam have been hoisted from various news agencies, and examples are listed below:

  • Mexico on edge as reports of swine flu cases climb
  • UK monitoring swine flu outbreak
  • UK probes ’17 swine flu reports’
  • Global panic as swine flu spreads to Europe
  • US declares emergency as Mexico flu death toll rises
  • Probable Mexico swine flu death toll – 103: minister
  • Swine flu case confirmed in Spain
  • Are you worried about flu outbreak?
  • World moves to contain flu spread
  • U.S. tries to get a handle on flu outbreak
  • World ‘well prepared’ for virus
  • World flu epidemic fear rises, Mexicans take refuge
  • Twenty swine flu cases confirmed in U.S.
  • Mexico flu sparks worldwide fear
  • Suspected Mexico flu toll hits 81
  • Mexico flu ‘a potential pandemic’
  • 81 feared dead from swine flu in Mexico
  • Swine flu epidemic fear grows, world on alert
  • U.S. acts swiftly to contain swine flu outbreak
  • Family alert to swine flu illness

Whether Swine Flu manages to reach all corners across the globe or not, but its internet versions definitely seems to be on the mission to spread a different kind of “infection” altogether! Watch out! Don’t let it reach you.

(Source: USAToday | Symantec)

Categories
News

Facebook’s NewsFeed RSS removed due to security issues

image

Here’s a quick update for all Facebook users. Facebook has shut down its RSS NewsFeed application.

They had recently launched a new application that converted their News feed into RSS feed that could be subscribed to and accessed outside of Facebook.

But apparently, it violated Facebook’s privacy controls, and now it’s gone.

I think in a way it’s good to know that Facebook is concerned about the user’s privacy. Letting out your friends content and updates to a public place is not the best thing to do.

clip_image002

Read Write Web however believes that this Facebook feature was very useful and shouldn’t have been removed. Click here to know how and why.

Facebook is yet to respond back with an official statement. We will have to wait for a little longer to get more details on this subject.

(Image Credits: RWW)

(Source: RWW)

Categories
Reviews

AppRemover: Get rid of the stubborn security software!

clip_image002Have you been struggling to remove that security software from your machine and it just won’t budge? When you are looking to replace one security program with another, it becomes imperative to un-install the earlier security program before installing the new one, in order to avoid conflicts between two similar applications.

This can be a tricky deal! Completely getting rid of an application off your machine often is a challenge.

This is where AppRemover comes in handy. AppRemover is a FREE application (for personal, non-commercial, use) that completely removes applications and extraneous files left behind on a machine. Now you could thoroughly uninstall security applications such as Anti Virus and Anti Spyware from your computer.

When to use AppRemover?

ADVERTISEMENT

Use AppRemover when:

  1. You are replacing one security application with another
  2. Two similar security applications standstill your computer
  3. The built-in uninstall process of the program fails
  4. You have forgotten the application password

It’s easy to use!

  1. Download the file
  2. Double click on the AppRemover icon
  3. AppRemover will uninstall any detected antivirus and antispyware applications on your computer

clip_image004

Operating Systems it supports:

  • Windows 2000
  • Windows 2003
  • Windows XP (32 / 64 bit)
  • Windows Vista (32 / 64 bit)
  • Windows 2008
  • Windows 7 beta

Click here to download AppRemover.

If you have more questions in mind, click here

(Source: AppRemover)

(Image Credits: AppRemover)

Categories
News

Beware! Phishing scam on Facebook

facebook phishingHas anyone faced a hoax issue on Facebook yet? If you have a Facebook account, then be a little careful. There has been a major spur of phishing attacks on Facebook to steal usernames and passwords and spam your friends.

How is it being done?

Facebook’s mail system is being used by the attackers to send messages to the users, enticing them to go to – fbaction.net – a site that duplicates Facebook’s log-in screen.

image

The word has been around that Facebook has blocked this URL and this has hopefully brought an end to the entire nuisance.

Better safe than sorry…

It is still very important that we REMEMBER NOT TO LOG into a page that claims to be “Facebook” unless the URL is www.facebook.com. Wouldn’t hurt being just a little extra-cautious!

(Source: allFacebook)

Categories
News

Security Problems with Google Chrome?

clip_image003There was a security threat with Google’s web browser – Google Chrome. According to the Google Chrome Team, there was an error in handling URLs with a chromehtml: protocol. This allowed the attacker to run scripts of his choice on any page or enumerate files on the local disk under certain conditions.

Because of this problem, the attacker could endanger any user who browsed a malicious site using Internet Explorer and had Google Chrome installed.

As per IBM Rational Application Security Insider, this allowed a dangerous combination of new security vulnerabilities letting a malicious attacker to bypass the Same Origin Policy restrictions for any site using the victim’s Google Chrome.

ADVERTISEMENT

The dangerous impact:

  1. Cross-Site Scripting attack where the attacker could steal cookies, save form filler data, modify user-browsing experience and facilitate phishing attacks.
  2. Leaking of information: from the victim’s files and directories on the local file-system.

But, the good news is that a FIX has been released: Version 1.0.154.59 of Chrome and hopefully, all the security issues revolving around Google Chrome are under control now.

Link: Fix for Chrome

(Source: GoogleChromeReleases | IBM watchfire)