Articles

If you need help with a computer problem

If you are coming here for help with a computer problem then you need to post your issues in the forums. The forums can be accessed by clicking forums at the top navigation bar or clicking HERE.

Find the appropriate section then click "Start New Topic" button to start your post within that section.

Read story →    0 comments   

Independent A/V Evaluation Group

AV-Test.Org is an independent group evaluating the ability to protect, repair and the usability of many A/V (anti-virus) products.

During the 1st quarter of 2011 we have tested 22 security products in the areas protection, repair and usability. The "Protection" covers static and dynamic malware detection, including real-world 0-Day attack testing. In case of "Repair", we check the system disinfection and rootkit removal in detail. The "Usability" testing includes the system slow-down caused by the tools and the number of false positives. A product has to reach at least 11 out of 18 possible points in order to receive a certification. 17 products have fulfilled our requirements and received an AV-Test certificate. The test reports can be found here:]av-text.org
The TABBED data covers 2010/Q2 Win-7, 2010/Q3 Win/XP, 2010/Q4 Vista, 2011/Q1 Win7, 2011/Q2 Win-XP

Read story →    0 comments   

The shoemaker

The old story goes "Everyone in town has good shoes, except the shoemaker's children - - - he's too busy making shoes". Isn't that a hoot, oxymoron and just plain ironic!

Now using that as a backdrop, what are your expectations of vendors which sell (or give away, it doesn't matter) security products? Should they not be the bastions of "this is how we do it? We use our own tools and have trapped / blocked all infections from the Internet and so can you".

One would think that leading by example and providing templates and profiles for layered security, gateway controls for protection of intellectual property, securing email, in-house DNS services, and methods of controlling those ubiquitous USB devices would just naturally be the forefront of the vendor's promotional collateral.

However, what is the experience in the market place today; one security vendor has been fooled into creating fraudulent SSL certificates and another vendor's product has been hacked. This raises the question "if the vendors themselves can not protect their systems, then can anyone secure an infrastructure?"

Yea, we all know there is no sliver bullet to kill this vampire and without real demonstrable results, there is no success story to promote (sigh). But until we try to do better, nothing will change. Have you ever heard the definition of insane - - - Insanity is doing the thing over and over but expecting somehow to find a different result. Change comes with (sometimes) a great deal of struggle and sometimes even with pain, but without change - - are we not insane?

When you rehab a structure, one of the first things you do is to ensure that the foundation is stable and sound. Why invest time, effort and money on a superstructure when the foundation is on the verge of collapse? The 'foundations of the Internet', amongst others are the TCP/IP system itself, the DNS system and basic Email services. TCP/IP is undergoing the conversion to IPv6 and if IPSEC is mandated, the transport system will be much better. The DNS system is has a new incarnation, DNSSEC which will block the DNS cache poisoning and give everyone authenticated responses. As for Email - - todays' SMTP is just hopeless. It is built upon terrible assumptions (I trust you and you can trust me) and that's not sufficient in the 21st century. A whole new Email system is required and that WILL be painful, but unless we are narcissistic and love to fight spam every morning, we are just volunteering to be committed until we make that effort.

I wonder, going back to the leading by example "this is how we do it" statement, if this is an opportunity to create a consortium of vendors to solve root causes? Perhaps a laboratory might be created to work on real solutions rather than continuing insanely.

In case you're wondering, What seeded this rant, it was the Infoworld.com March 25, 2011 article by Robert Lemos

Quote

"As attacks on the security infrastructure increase, we must ask if the firms responsible for our safety can protect themselves, much less us"

Read story →    3 comments   

not obsolescence, but subsuming nature of iPhones

We've had iPods for music & pictures, game boys and mp3 players, but just look a the list of devices that the iPhone (and other smartphones) will soon subsume:

• Handheld GPS devices:- GPS apps for the iPhone now equal or outperform
  
  
• Portable game players:- App Store games are cheaper, more plentiful, and easier to obtain
  
  
• MP3 players:- iPod & iPhone out perform
  
  
• Portable DVD players:- no more carting the media around with you
  
  
• eBook readers:- advantages go to the eBook except when you own both
  
  
• Digital cameras:- not for serious photographers, but for casual use
  
  
• Portable recorders:- you can say goodbye to separate portable recording hardware. The iPhone is all you need.
  
  
• Wrist watches:- not as flashy as a Rolex, but not as expensive either
  
  
• Travel alarms:- by now, just an antique
  
  
• Portable calculators:- remember that HP11c? when's the last time you used it?
  
  
• and perhaps even, your wallet

Like to take this as my own keen observations, but the real article by Ted Landau, April 14, 2011 at MacObserver.com is where I got the insperation.

Read story →    0 comments   

The Hartford Insurance Company was Hacked

Hackers have broken into The Hartford insurance company and installed password-stealing programs on several of the company’s Windows servers.

In a warning letter sent last month to about 300 employees, contractors, and a handful of customers, the company said it discovered the infection in late February. Several servers were hit, including Citrix servers used by employees for remote access to IT systems. A copy of The Hartford’s letter was posted earlier this week to the website of the Office of the New Hampshire Attorney General.

Qakbot has been around for about two years. Once installed it spreads from computer to computer in the network, taking steps to cover its tracks as it logs sensitive data and opens up back doors for the hackers to access the network.

With 28,000 employees worldwide, the 200-year-old Hartford, Connecticut, firm is one of the country’s largest insurance companies.

The Hartford’s letters are going out to “users who logged onto an infected server (either through a Citrix session or support purposes)” between Feb. 22 and Feb. 28, 2011, The Hartford said in its letter.

“We do know that the virus has the potential to capture confidential data such as bank account numbers, Social Security numbers, user accounts/logins, passwords, and credit card numbers,” the letter states.

Read story →    0 comments   

Samsung confirms their laptops don

Wednesday security consultant's at network world claimed to have found evidence that Samsung was pre-installing a special keylogging program called StarLogger on brand new laptops. A well known tool in the hacker world, keyloggers do exactly what their name implies -- they log every keystroke a user makes, including passwords. More sophisticated versions can even email that information daily or hourly.

After the claims, Samsung's tech support had some confusion about the issue, which raised concerns through the computer industry overnight.

Today is a different story. Samsung has completely debunked those claims with evidence in their blog which can be found http://www.samsungtomorrow.com/1071

Samsung has issued a statement saying that the finding is false. The statement says the software used to detect the keylogger, VIPRE, can be fooled by Microsoft's Live Application multi-language support folder. This has been confirmed at F-Secure and two other publications.

Read story →    0 comments   

Microsoft to manage the world?

With many client systems to manage, perhaps in divergent locations, and add to that the server systems for the infrastructure,
it is not surprising to see the desire and need for a centralize control point in the enterprise environment. For those less familiar, this is where the enterprise downloads system and anti-virus updates and automatically distributes them to all the systems on some kind of schedule. This makes much more sense that having staff roam about the facilities and doing these task manually, or trusting the end-user to do them.[indent].[/indent]On Wednesday Mar 23, 2011, Microsoft has boldly announced that the
Microsoft System Center will now manage (get this) not only just the Micosoft product line, but from now on,
the enterprise can use Microsoft System Center to manage (gulp), Linux, Apple, iPhone and Andorid products![indent].[/indent]Wow! That gesture to assist the business user will certainly get attention, but would you take your Mercedes to a Ford dealer for maintenance? From time to time we may elect to take our vehcile to the neighborly Joe the Mechanic for trivial stuff, but when it gets serious, where do you go? Yea, I like Joe too and I get some good prices and great service, but there are things that the manufacture can do better due to more experience, reference material, parts availability and factory support.[indent].[/indent]IMO, this will be interesting to see the hype and or the success/failure blogs.

Read story →    2 comments   

Tablets Straining Nation's Wi-Fi

The recent explosion of smart-phones and tablets has been a huge boom for electronics makers like Apple, but some technology experts say all that communicating on those devices is putting a big strain on the nation's Wi-Fi computer networks.

Consumers are expected to snatch up 24 million iPad 2's this year, leading the tablet-tech boom that's keeping Americans informed, entertained, and untethered.

"I think people are looking for all the right devices that's connected all the time, that has great battery life, that comes on immediately, it's always on line and can be communicating constantly," says CNET executive editor Molly Wood.

But experts say unlike modern cell phone networks, many Wi-Fi hot spots at locations such as coffee shops and airports can only handle a handful of users at a time. As more people go online, the result can be the wireless equivalent of a traffic jam: everyone trying to use the same road at once and are no one getting anywhere quickly.

It was a problem Steve Jobs himself encountered last year when so many Wi-Fi users at his keynote speech effectively blocked his ability to demonstrate the latest features of the iPhone 4.

"We have all these technology companies pushing wireless gadgets. We need to have an infrastructure to support the use of those gadgets otherwise they're expensive paperweights," said technology analyst Larry Magid.

Tablets made by Apple, Motorola, Samsung and others use a lot of bandwidth, which is limited, and rely on internet access from networks at home, hotels, restaurants, medical centers and schools. But most Wi-Fi networks were built for a relatively small number of laptops -- not for dozens of media-rich, portable devices with video conferencing capabilities that are in continuous use by people who take them everywhere.

Companies like Ruckus Wireless are responding with "smart antennas" designed to improve reliability, and help users maintain their connection when scores of other tablets are in use are in the same area.

Service providers like Comcast and AT&T are also charging users additional fees if they heavily exceed a monthly cap on data. Chip makers are also tackling this overload issue, which is a supply and demand problem that's only expected to grow alongside sales of today's must-have gadgets.



Read story →    0 comments