Isidore's Corner moved

Isidore's Corner has moved to a new site with a new focus on Internet use among students and teachers. The new site continues to discuss computer/web related issues but with more of a focus on what type of research resources are available and less of a focus on computer security - though that is also relevant to research on the web.

New Worm Lures Users With 'Breaking News'

PCWorld.com - New Worm Lures Users With 'Breaking News'

The Kedebe-F worm is being sent by e-mails purporting to contain information about a government plot to kill John Paul II or other breaking news. Remember, the virus writers are constantly trying new tricks to fool you into clicking on their links. If you want the news, go to a news site - don't click on anything suspicious.

Basic Security Tools for PC users- 2005 update

Security Awareness for Ma, Pa and the Corporate Clueless: Basic Security Tools for PC users- 2005 update

Security Awareness for Ma, Pa, and the Corporate Clueless has released an updated list of recomended programs for protecting your PC. These programs are all free.

Secure Computing Warns Phishers are Exploiting MasterCard Breach; Fraudulent e-mails Seek to Exploit Anxiety of MasterCard customers

Secure Computing Warns Phishers are Exploiting MasterCard Breach; Fraudulent e-mails Seek to Exploit Anxiety of MasterCard customers

In the wake of the loss of forty million credit card numbers by Master Card, the unscrupulous are already trying to capitalize on people's fears by sending out e-mails claiming to require updated personal information. These e-mails are fraudulent. See the above link for more information.

Real Patches Critical Flaws in Player

BetaNews | Real Patches Critical Flaws in Player

Real Player has issued patches for several critical flaws that could be exploited to allow unauthorized individuals to execute code on your computer. So, if you use Real Player be sure to update your software. You can find more information on the above link.

IE pop-up spoof won't get patch

IE pop-up spoof won't get patch | CNET News.com

As noted on this blog earlier, many browsers have demonstrated a flaw allowing malicious web sites to secretly send pop up requests for personal information to you when you leave their site and go to a trusted web site. So far only Opera has patched the flaw. Firefox is working on a fix. IE does not plan to release a fix - so you're on your own. Maybe a fix will come with the release of IE7.

Until your browser is fixed, your best bet is to either avoid going to untrusted web sites - or turn off javascript. Be aware, though, that many sites rely on javascript to work properly.

You can read the attached article for more information and a link to the Secunia site demonstrating how the flaw works.

Adobe security problems

Security Hole in Adobe PDF Reader and Acrobat PDF Viewer, Warns Adobe - Reported by Aunty Spam's Net Patrol

Adobe Acrobat has released information regarding security problems with the Adobe Acrobat reader and PDF view. They are offering a free update for users of Acrobat or Reader 7.x. You can find more information and a link to the update site by clicking on the above link.

Computing Without Windows

PCWorld.com - Computing Without Windows

Increasing problems with Microsoft is causing computer users to look at alternatives - chiefly Apple and Linux. Both are far less likely to be affrected by spyware and viruses - primarily because they remain a very small percentage of overall computer operating systems but sometimes your favorite software will not work on either of these systems.

If you have been getting frustrated with your Windows PC, you may wish to take a look at a different operating system. The bottom line is that while Microsoft may dominate the computer world, it isn't the only game in town.

Spam Slayer: Slaying Spam-Spewing Zombie PCs

PCWorld.com - Spam Slayer: Slaying Spam-Spewing Zombie PCs

This blog has warned many times of the danger of your computer becoming a "zombie" sending out spam to other computers and generally causing problems for other users. This article goes more in detail into the problem and offers some advice on finding out whether or not your Internet address has been marked as being a source of spam.

PCWorld.com - Trojan Horse E-mails Suggest Trend Toward Targeted Attacks

PCWorld.com - Trojan Horse E-mails Suggest Trend Toward Targeted Attacks

The good news is that virus writers seem to be moving away from mass e-mail attacks that predominated in the past. The bad news is that virus laden e-mails are being more specifically targeted to their recipients in the hope of better lulling people into accessing their infected programs. So, while people may have grown wise to e-mails purporting to include "Live Girls!", they may not be so hesitant to open an attachment that says it is an important update from your company's computer department. As always, the only way to make really sure is to contact the sender before opening any attachment and making sure that they did indeed send the file.

Java flaws open door to hackers

Java flaws open door to hackers | CNET News.com

A new Java flaw has been reported in any computer or browser using Java which is most of them. A fix is being offered and can be downloaded from java.com. The flaw is classified as being "critical".

Beware Google Archiving Your Entire Google Search History - Reported by Aunty Spam's Net Patrol

Beware Google Archiving Your Entire Google Search History - Reported by Aunty Spam's Net Patrol

Many of us use Google, so this information about the type of data that Google stores could be of interest especially since the history contained within your browser and at Google could, in fact, be used in legal cases. So, remember that wherever you search, you leave a history.

Famous people used to spread viruses

TechWeb: The Business Technology Network

Many times viruses find the unfortunate by claiming to be pictures of famous people like Osama Bin Laden or Brittney Spears - often these virus laden e-mails promise shocking images such as "Osama Bin Laden captured!" or "Brittney Spears nude!". Of course, when you click on the attachment you get no pictures, you only get an infected computer.

So, the next time you get an e-mail purporting to contain exciting pictures it is best to delete it. If Osama Bin Laden is captured, you will see the pictures on a news site - and they will be free from viruses.

Microsoft Updates are out!

Microsoft has issued several updates for Windows and Outlook so if you use Windows head over to Microsoft Update right now! If you downloaded the Windows Update tool mentioned in this blog previously, it will take care of everything for you or you can just use the Windows update from your Start Menu. You will need to reboot your computer after you install the updates. Remember that because these fixes are now out the bad guys will quickly write malware designed to take advantage of those computers that are not repaired. Don't be a victim, update!

Russian company paying others to infect computers

InformationWeek > Malicious Code > From Russia With Malware > May 30, 2005

A Russian business is helping to spread the bane of malware by paying web sites to infect visitors with code designed to install adware, spyware, and trojans. This code takes advantage of problems with windows that have been fixed but only on computers that have had their windows updated from the windows update site.

While most businesses that have tried this in the past have been shut down, this site has not as of yet so keep your windows updated and avoid the bad sites such as adult oriented sites that are more likely to try to cause problems to your computer.

Major hacker arrested in England

ThisisLondon

Gary McKinnon, accused of breaking into US government computers and causing over a billion dollars of damage, has been arrested in England. Apparently he believed that the US was hiding evidence of UFOs and wanted to break into the computers to discover the proof. He also went a bit further and deleted several important files on the computers he hacked.

As the article notes, many of these computers were broken into because of failure to update windows and/or the using of easy to guess passwords. So, keep your Windows updated and try to use strong passwords of approximately eight characters in length with non-letter characters in order to keep your information and computer secure.

Symantec Hits Adware Firm with Preemptive Lawsuit

Datamonitor ComputerWire - Symantec Hits Adware Firm with Preemptive Lawsuit

In an important lawsuit affecting all computer users, Symantec is arguing that it has the right to use its spyware removal programs to block and remove such programs from computers. This is an important case because if spyware removal programs can be prevented from removing spyware we all end up at the mercy of spyware and adware programs.

ISPs found innocent of aiding zombie attacks in 'trial'

ISPs found innocent of aiding zombie attacks in 'trial' | InfoWorld | News | 2005-06-07 | By Grant Gross, IDG News Service

A mock trial discussing the problem of "zombie" computers looked at the responsibility that Internet providers have in preventing these computers which have been taken over by certain viruses from attacking other computers. Some want the Internet providors to prevent computers having such viruses from using their Internet service. Others say that for the providors to analyze customers computers for these viruses would lead to privacy violations for all customers.

I know that I don't want infected computers causing me problems, but I also don't want Internet providors looking over my computer without my permission.

Microsoft Releases Patching Tools

PCWorld.com - Microsoft Releases Patching Tools

Microsoft has released a new tool to make it easier to fix problems and get updates for Windows and Microsoft Office. You can download the tool from a link in the above article.

Firefox growing in Europe, too

Firefox growing in Europe, too | CNET News.com

Firefox continues to grow in popularity, particularly in Europe. It seems that Europeans have a greater general animosity to all things Microsoft and are so more willing to look at alternatives. It is unlikely that Firefox will supplant IE as the dominant browser but it is reaching the point where software developers will have to take it into consideration for their programs and web designers for their web pages.

CitiFinancial Starts Lost Data Notification

CitiFinancial Starts Lost Data Notification - Yahoo! News

CitiFinancial is reporting the loss of personal information of almost four million customers including social security numbers and payment histories. CitiFinancial says that they are notifying those customers affected but if you use CitiFinancial you might want to check to see if you are affected.

Professor charged with stealing students' IDs

CNN.com - Professor charged with stealing students' IDs - Jun 6, 2005

As I said before, it would be a good idea for education institutions to move away from using Social Security numbers for student identification - this example only serves to prove my point. No student is going to question giving social security information to their teacher - it happens all the time but the information cannot be guaranteed to be secure.

Firefox flaw

Secunia - Multiple Browsers Frame Injection Vulnerability Test

Secunia is reporting a flaw in Firefox that has been present for several years which allows a false web site to "inject" or put bad information in legitimate web sites if at least two windows are open in your browser. You can go to the above link to test your browser but the best advice to protect yourself until this is fixed is to have only one window or tab open if you are visiting a site that might ask your for personal information such as a banking site or Microsoft web site. This flaw will also affect users of Opera but not users of Internet Explorer.


I will let you know when this flaw is fixed.

New Gpic AIM Worm Invites Users to Look at Pictures on Google

New Gpic AIM Worm Invites Users to Look at Pictures on Google - Reported by Aunty Spam's Net Patrol

A new computer worm being sent through America Online's Instant Messager claims to be a picture but actually contains a virus program. You know the drill, keep the anti-virus updated and don't click on suspicious attachments and files.