New videos on the Mojave Experiment website
Windows Vista Team Blog.
Mojave: The Experiment Continues…
It’s been a couple weeks since we launched the Mojave Experiment, and the reaction in the blogosphere has been fascinating to watch. You should see my inbox - some of you really liked how the experiment helped you say “I told you so” to haters who’d just jumped on the bandwagon without trying for themselves. Others thought it was interesting but were skeptical about the validity of the project’s methodology, and others still questioned our sanity (not the first time) for doing the experiment in the first place.
Mojave- surprise, it was Vista
by certifiedbug on August 26, 2008
in Security
Users who retaliate to phishing attacks by telling off the phisher are being targeted with exploits designed to hijack their computers.
Joe Stewart at SecurityWorks Inc. The Phish That Bites Back
Mother’s advice not to talk back meant more than we ever knew. 
by certifiedbug on August 25, 2008
in Security
Microsoft® Malware Protection Center produced this article yesterday.
Manufacturing Fear
We’ve seen some particularly nasty malware recently that has prompted me to think about how people react to scare tactics and fear appeals. The kind of malicious software I’m thinking of in particular here is generally referred to as ‘rogue security software’, and it displays false and misleading messages regarding malware infections in order to convince affected users to perform a particular recommended action, which would normally involve ‘cleaning’ their machine in a particular way.
Read on:
http://blogs.technet.com/mmpc/archive/2008/08/25/manufacturing-fear.aspx
by certifiedbug on August 25, 2008
in Security
Bill Pytlovany posted that IAC/InterActiveCorp had asked him last week to reconsider adding their ASK toolbar to WinPatrol.
Again he declined.
It’s still surprising that programs like Zone Alarm, SpySweeper and Comodo Firewall install the Ask.com toolbar while other security programs still flag it as undesirable, suspicious or even adware.
What’s Wrong with Toolbars?
See Certifiedbug’s Tag Cloud for previous posts on toolbars.
Kenneth Doroshow, former executive at the Recording Industry Association of America (RIAA ), will join The Entertainment Software Association (ESA) as General Counsel in September 2008.
The ESA continues to attract and recruit the brightest individuals. Ken has remarkable expertise in the protection of intellectual property and an excellent understanding of the increasingly connected, dynamic, and innovative entertainment environment we live in,” said Michael D. Gallagher, CEO of the ESA, which represents U.S. computer and video game publishers. “The computer and video game industry will be well-protected with Ken’s guidance and I know he will help facilitate our growth to even greater heights.
http://www.theesa.com/newsroom/release_detail.asp?releaseID=29
by certifiedbug on August 24, 2008
in Security
Well it isn’t the Brit slang for what, WOT stands for ‘Web Of Trust’.
WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT provides you an extra layer of security by warning you before you interact with a risky website. It’s easy and it’s free.
I added WOT to my browsers Firefox and IE. The rogue program ‘XPAntivirus2008′ gave this alert.
Why is Site Advisor still rating XPAntivirus2008 as a ‘Green Site?
Really I give up on them.
Edit
Video and podcast: WOT colorblind accessible version.
by certifiedbug on August 23, 2008
in Security
by certifiedbug on August 22, 2008
in Browser
Opera 9.52 is a recommended security and stability upgrade.
The patch closes 7 holes in Opera for Windows, 5 holes in Opera for Mac OS X, and 6 holes in the Linux version.
Extremely Severe Advisory, Opera for Microsoft Windows.
When Opera is registered as a handler for a given protocol, it can be started by external applications. In some cases, being started in this way can cause Opera to crash. To inject code, additional techniques will have to be employed.
This vulnerability is fixed by upgrading to Opera 9.52.
Download
Changelog for Windows
by certifiedbug on August 20, 2008
in Security
Avert Labs reports a new fake toolbar you should be aware of.
Upon execution the file .exe displays the eBay toolbar EULA and the installation interface. But, there is a hidden agent which silently opens TCP port 3389 and creates a new account, ”eBayMember”, with Administrator privileges.
The account’s login screen is hidden so you will not notice it, but at that point the computer is owned by the remote attacker.
However, something grabbed my attention during the installation. Besides the 2ebaytoolbarsetup.exe process, the program also created the wscript.exe process and ran .vbs files–that is not common for the toolbar installation. So I looked into every file dropped by the installer. Then something caught my eye…
More Than a Toolbar
by certifiedbug on August 19, 2008
in Rogue
