Thursday, November 30, 2006

New WGA Tool for Windows XP

The Windows Genuine Advantage Team announced a new WGA Notifications Tool for Windows XP.
"In addition to updated anti-piracy capabilities, this update incorporates and improved user installation and validation experience. First there is a new installation wizard (below) that provides more context and information on how the program works. Second the installation wizard offers the configuration of an autoupdate feature so as we release new versions of WGA Notifications that can detect the most current forms of counterfeiting that information can be updated automatically. The wizard also includes immediate results, and improved information for people who's systems don't pass genuine validation."
This is an "opt-in" update that will initially be distributed only to systems running four known compromised product keys. According to the announcement, Microsoft plans to update the Windows XP WGA Notifications tool every 90-120 days.

Perhaps a helpful addition is the addition of a new result category which lets users know if the validation result was indeterminate. Resources are provided to troubleshoot the problem, hopefully with contact information for people with legitimate licensed versions of the operating system.

WGA Tool Announcement

Steve Ballmer: "Ready For a New Day"

Watch the live webcast as Steve Ballmer announces the business availability of Windows Vista, the 2007 Office system, and Exchange Server 2007 at a press conference in New York City.

View the live webcast:


The keynote will also be available for playback aproximately one hour after the end of the keynote and press conference.

Wednesday, November 29, 2006

Ed Bott: "Worst. Review. Ever." (Zune vs. iPod Division)

Ed Bott has spotted a number of other reviews that he as deemed pretty bad or essential non-reviews. However, the "best in class" in the Zune vs. iPod Division of worst ever was presented by the Chicago Sun-Times. That review hit the blog-o-sphere last week, providing fodder for the masses in rapid motion.

The problem, as disclosed by
Ed Bott today in Worst.Review.Ever (Zune vs. iPod division) is that the author of the scathing review in the Chicago Sun-Times of Microsoft's new Zune is more than just a bit biased. The bias is only one part of the problem. The author's "interest" in Mac and iPod seems to have been overlooked by the Chicago Sun-Times:
"Seriously, assigning longtime Mac and iPod zealot Andy Ihnatko to review the Zune is bad enough. But not informing your readers about his background is a thousand times worse. The Sun-Times’s bio for Ihnatko says only: 'Andy Ihnatko writes on technical and computer issues for the Sun-Times.'”
That is more than misleading. In my opinion, the Chicago Sun Times was negligent in not disclosing the author's "interest" in the iPod. The content of the review becomes irrelevant based on the deception in hiding the interests of the author.

As to Ed's suggestion that the Chicago Sun-Times ask Steve Ballmer if he wants to review the Mac OS X Leopard when it is released, that has possibilities. However, I would think he is too much a gentleman to undertake that task.

Decide for yourself:

Chicago Sun-Times: Avoid the loony Zune
Ed Bott's Windows Expertise: Worst.Review.Ever (Zune vs. iPod division)

Some Things I Like About IE7 -- So Far

Yesterday I wrote about A Few Things I Dislike about IE7 - So Far. Also note the update in that posting on opening a new tab, compliments of HT of Computer Defense.

I would be extremely amiss of me to not mention some things that I do like about IE7. In addition, I would not want to influence anyone's decision on whether or not to install IE7. By all means, if your operating system is compatible, I encourage you to install IE7 even if you use another browser for much of your web surfing.

Look and Feel
  • Granted, "looks are only skin deep" but I really like the looks of IE7. It may be a "gender-specific" thing, but it has a cool, clean look that I did not "feel" with IE6.

  • The Phishing Filter is great. It operates quietly in the background. You only know it is working if you have the Status Bar visible. It is easy to turn on and off. Yes, I admit it. I turned it off for a while last night. I was doing some research at Microsoft websites that had a lot of data on the page. Remember, I am on dial-up so I turned it off. It was simple to turn back on though when I was finished.

Quick Tabs
  • I can envision a number of situations times when Quick Tabs would come in handy. One in particular comes to mind and that is on-line comparison shopping. I don't know about everyone else, but when I am contemplating the purchase of something, I like to compare styles, features, and, of course prices. That means I end up with a lot of open tabs. It is easy to lose track of which site had the brand with a particular feature. Quick Tabs would make it much easier to locate.

  • I really like the way Feeds are integrated in the browser. It is easy to see at a glance which site has new information posted and a quick mouse-over shows the time/date of the last update and will also indicate the number of new items.

Lack of Consumer Confidence in On-Line Shopping

CRM Today provided a preview of the results of a Gartner Survey of 5,000 online U.S. adults in August 2006 reportingthat "Gartner Says Nearly $2 Billion Lost in E-Commerce Sales in 2006 Due to Security Concerns of U.S. Adults":

"Nearly half of online U.S. adults, or 46% of more than 155 million people, say that concerns about theft of information, data breaches or Internet-based attacks have affected their purchasing payment, online transaction or e-mail behavior. Of all the behaviors affected, online commerce (including online banking, online payments and online shopping) is suffering the highest toll."

The point that there is a significant number of people who have voiced concerns about identify theft, data breaches, and the like, illustrates that education is a major key to on-line safety. Certainly such knowledge is not a guarantee for protection. However, it is an indication that more U.S. consumers are at least aware of the dangers and that shoppers will use caution in selecting sites for on-line Holiday shopping.

Also included in the article is the Gartner recommendation that enterprises employ a two-prong strategy in order to increase consumer confidence and reduce fraud, thus keeping the crooks out.

Follow me on this, please . . .
  • In October, I wrote about two-factor authentication in Closing the Gates on Phishing with information on the problems of two-factor authentication, including the "man-in-the-middle attack", trojan attacks as well as phishing.
Now consider the following in conjunction with my three referenced posts:

'The two goals don’t necessarily call for the same technical solutions since the most-effective fraud prevention applications are often invisible to consumers and criminals,” Ms. Litan said. “A layered approach to solving security problems is the most effective. Companies should implement back-end fraud detection, stronger user authentication (beyond single factor passwords), transaction verification for high-risk transactions, and data masking/truncation of sensitive data that is shown on Web-based screens.'"

Although the layered approach Ms. Litan refers to will help allieviate fraud, in light of the browser vulnerabilities and inherent problems with two-factor authentication, there will still be too many consumers at risk. What is encouraging, however, it the increased awareness by consumers to the dangers in unsolicited email:
"Perhaps the biggest impact is a newfound and serious consumer distrust of e-mail. Nearly 70% of online consumers whose behavior has been affected by recent security incidents say that their concerns have affected their trust in e-mail from companies or individuals they don't know personally. Of these, more than 85% delete suspect mail without opening it."
Thus, once again the reminder -- if you do not know the sender, do not open the email and, by all means, do not open any attachments! Just as we tell our children to be aware of their surroundings and teach them about "stranger danger", so should we ourselves remember the same thing in connection with our on-line activities. If you are planning on doing on-line shopping for Holiday gifts, stick to the sites you know to be safe. See additional suggestions here.

Apple Updates for Mac OS X

Brian Krebs reported that 31 flaws were patched in by Apple in the update released yesterday. Included in the updates was a patch for a vulnerability in eMac, iBook, iMac, PowerBook G3, PowerBook G4, and Power Mac G4 systems equipped with an original AirPort card. The vulnerability is with built-in wireless cards that cana be exploited by attackers to install malicious software.

"Other fixes released today mend easily exploitable conditions, such as bugs that attackers could use to install malicious code just by convincing the user to visit a specially crafted site or font files. Among the many other updates included in this bundle are fixes for ClamAV (an antivirus program) for Mac OS X Server, as well as those to mend a slew of problems with the OS X utility used to unzip compressed files."

Anyone with OX X is encouraged to install the updates.

Tuesday, November 28, 2006

A Few Things I Dislike About IE7 -- So Far

I have been using Firefox for some time now. The main reason I switched is being on dial-up, I found Firefox much faster than IE on my computer. But, with the release of IE7, I wanted to give it a try.

Here are some of my preliminary findings -- many of which, I am sure, will be personal to me.

  • On my computer, the pages are still considerably slower loading with IE7 than Firefox.

  • Having gone the import/export bit before, I decided I wanted a clean slate when importing my nicely organized Firefox Bookmarks to IE7. I was at first pleased that the import was successful -- until I opened the folders. Everything is now in alphabetical order. Alphabetical order is fine for some purposes, but not when you have categorized bookmarks/favorites grouped together.
  • I noticed that very few of the favicons seem to work with IE7. Favicons are great for quick identification of a link.
Tabbed Browser
  • Finally, a tabbed browser with IE! One problem to start with. Unless I specifically right-click a URL and select "Open in New Tab", I end up with yet another window to deal with.
  • There doesn't seem to be a way to designate where new tabs open either. If requesting a "new tab" it opens at the end. A right-click on a URL and selecting open in a new tab results in it opened to the right of the current tab.

    Edit Note: Thanks to an email from "HT" at Computer Defense, who reminded me:
"The easiest way to open a link in a new tab in IE 7 is the same way that you would do it in Firefox... middle click (generally mouse wheel click) on the link."

Thanks, HT!
  • When I'm researching a log, I highlight text, right-click and select "search". A new tab opens at the "end" with the search results. After finishing the log review, I can right-click and select close right tabs.
  • What, no undo closed tab?

Oopsie -- A "No Brainer" Codec

Anyone following the blogs from members of the security community will be familiar with the regular announcements of yet another new codec. This time we get to have a bit of a chuckle at the no-brainer who rushed to put up the latest codec website.

Aptly named BrainCodec and sitting on a web domain of the same name, the image used was for the last new codec, GoldCodec. See it for yourself at Security Cadets Blog. Nice find, Jan!

By the way, are you getting tired of hearing about codecs? Good -- make sure that you don't fall for their tricks and download one.

Monday, November 27, 2006

Follow up to Data Privacy & Phishing Posts

Data Privacy

Yesterday I reported briefly about the breach of UK Data Protection laws in Banks to inform clients that personal data could be given to US authorities. More complete information is available as follows:


I was reminded about a not-for-profit site that is both a very good resource and has an excellent track record in collecting phishing emails. handles both U.S. and European phishing. Consider subscribing to the RSS.

From Sunbelt: Silver, Gold... but you're not getting platinum

You guessed it -- more codecs. There's now silvercodec and goldcodec but Sunbelt has prevented the use of for codecs. You guessed it, Sunbelt registered the name!

Stop over to the SunbeltBLOG for more information and to see the screen images. Also, be certain to read the comments.

And That's All She Wrote!

Regarding Bits from Bill: Vista Countdown:

"Like me, most of my Blogger friends took it easy this long weekend. I know I had more than my share of turkey and cranberry sauce. There was one exception. I can only guess they opened up a new Starbucks across the street from Corinne at the Security Garden. She’s been writing like crazy and has lots of news to share."

There was a purpose behind the madness. Some day I may explain but can assure you there is no Starbucks across the street from me.

In addition to all of the blogging, I was also "working the forums", providing help where I could. Interestingly, I received positive feed-back on specific help provided at an anti-spyware vendor site. Apparently the person I helped -- who has the top-of-the-line licensed software from that vendor -- was having conflict problems between that product and that of another vendor. The response from customer support to this individual was that he would have to choose between the two products and only run one of them.

Nice way to lose customers. I provided a solution for the person and the two products co-exist quite nicely now.

Sunday, November 26, 2006

Why consumers are angry with Microsoft over Zune

I reported earlier about problems with Zune customers have been having with the the new Microsoft Video Marketplace. Sadly, that is not the real problem with Zune. Besides preferring the smaller size of competitors; namely iPod, there have been issues with downloading the software.

More serious, of course, are issues of compatibility and usability. To start, don't try to download the software with Firefox. Like Microsoft Updates, only Internet Explorer 7 is acceptable. This will eliminate completely anyone with Windows 2007 (See Goodbye Windows 2000). By narrowing the market in this manner, consumers who may have purchased Zune will turn to iPod instead.

See other issues raised in "Why consumers are angry with Microsoft over Zune", but note the conclusion but keep in mind "Microsof's DRM Strategy":
"The point of all this is that Microsoft seems to have taken the one major thing that consumers don't like about iPod and iTunes - the DRM restricted closed system - and ignored all the good things."

Google, The Next Bank?

"According to Google's senior vice president for engineering and research Alan Eustace, the company's fundamental business strategy is "to organise the world's information and make it universally accessible and useful". While that may sound relatively benign, previous extensions into new markets have often proved controversial."
As reported at ITWire, it appears that the big question among financial professionals at a conference held by Forrester Research in London was whether all the data Google has amassed would allow Google to enter the financial market. After all, Google already has the Google Checkout payment service.

Would you "bank at Google"? I know that I wouldn't -- not just because I want to be able to step into the local branch bank if there is a problem, but also because Google already has too much personal data on people. This would position Google as an even larger target for hackers.

Microsoft’s DRM strategy

There are many people up in arms over Microsoft's DRM strategy. Having followed "BambisMusings" for some time, I have read her postings on this topic. (See "DRM, DMCA, Copy Protection".

Further to that has the McKenzie report. (No, not "the" McKenzie) published by ComputerWorld in "Vista and More: Piecing Together Microsoft's DRM Puzzle".

Roughly translated, DRM is related to copyright protection -- something that gets people as hot under the collar as does discussions of patents. I'm sure this will raise further discussions after Vista is finally on the market.

Protection from Phishing

Hopefully by now, everyone is aware of the phishing protection afforded by both IE7 and Firefox 2.0. Of course, the two browsers -- and their supporters -- will continue the battle on which does the best job at protecting users from phishes. Too many people have been hurt financially by the convincing phishes. So, in the meantime, while they battle it out, consider the add-ons listed in "Anti-phishing tools - keep you off the hook". 

When you do identify a phish, be sure to report it to

Shoutwire Considers “Digg” An Illegal Keyword But Accepts Profanities

I picked this up on Wayne Porter's blog. I tracked down the original report via the Digg link at CostPerNews:
"Shoutwire, a Digg competitor, won’t let you submit a story that includes the keyword “Digg.” A fan of the Shoutwire service sent me an email earlier tonight with the tip to try and submit the previous’ post here entitled “Pay Per Digg” to the service."
See the complete report at CostPerNews.

Censorship is no way to become a competitor. Instead, this method of doing business will turn people away from Shoutwire. If you agree, join Wayne Porter, myself and others and

Sofa Surfing on a Pepper Pad

The Pepper Pad looks like fun -- it is 6 by 12 inches wide and an inch thick. It has a small keyboard and a 7-inch touch screen. It is a much more comfortable size than a laptop and looks ideal for surfing the web while the commercials are playing during half-time of the big game.

Unfortunately, the reviews are not good for this Linux-based operating system, specifically touted as a "couch computer" for home use. It can even serve as a universal remote for the entertainment center. See the copyrighted review by Peter Svensson in "Review: Pepper Pad PC for Couch Potatoes".

Product information is available at

Banks to inform clients that personal data could be given to US authorities

Going back to a report in The Register, "Europe's central banks caught in US spy scandal", where the question arose as to whether the European Central Bank (ECB), as well as and others, had broken any data protection laws by not reporting when U.S. organizations were investigating bank records following 9/11:
"The central banks of the G10 countries might also be implicated in the scandal because they were told about the US snooping of transactions conducted by their indigenous firms five years ago when, in the wake of 9/11, the US Treasury first started poring through the world's financial transactions in search of terrorist financiers."
Finally a resolution, as reported at The Malta Independent Online:

"An EU working party looking into the SWIFT – US financial transaction privacy scandal has found that all European banks using the SWIFT service must inform clients that US authorities could be given access to their personal, banking and financial data as a result.

The so called “Article 29 Working Party” also found that any European bank using the Society for Worldwide Interbank Financial Telecommunication (SWIFT) for financial transactions also shares culpability, to varying degrees, for the wide-scale compromising of personal data and banking details."

Further reported:
"In its long-awaited report on an issue that has become yet another thorn in the side of EU-US relations, the Party concluded that 'the hidden, systematic, massive and long-term transfer of personal data by SWIFT to the UST in a confidential, non-transparent and systematic manner for years without effective legal grounds and without the possibility of independent control by public data protection supervisory authorities, constitutes a violation of fundamental European principles as regards data protection and is not in accordance with Belgian and European law'."
My thoughts? BRAVO! Yes, I understand and recall vividly 9/11 and the aftermath. However, I do not believe those events give my Government the right to steamroll over the rest of the world. After all, there were not only Americans killed that horrific day.

Goodbye Windows 2000

An interesting report by Bill Allin posted by Clif in today's edition of "Clif Notes". Mr. Allin's source in Microsoft has heard recently that Windows 2000 (W2K) is "on the chopping block". In part, the letter reads:

"MS Mole reports from a Microsoft meeting this week that the company has no plan to support the installation of Internet Explorer 7 with Windows 2000 or any earlier version of Windows. In his words, "Microsoft is trying to make Windows 2000 go away" without saying as much publicly. The MS screw is being steadily tightened so that everyone who uses Windows will have to use an up-to-date version because new Microsoft products will not run on earlier platforms."

I guess this should not be a surprise to anyone with both Windows Defender and IE7 not supported in W2K. Taking this thought a step further, Mainstream support for W2K ended 30 June 2005. Note, that extended support is still listed on the Microsoft Life Support page as 13 July 2010. I expect that Microsoft is hoping that without the advantage of IE7 and Windows Defender, there will be the added incentive to upgrade.

See the full letter in Windows 2000 Goodbye.

Warning: Ad-Watch + Installing IE7

As I had written in "My IE7 Experience", I was first prompted to download IE7 on 1 November. When the download started, I immediately too steps to prepare for installation. One such step involved using WinPatrol to disable Lavasoft's real-time monitor, Ad-Watch. This way I did not need to change any of the Ad-Watch settings with the restart I knew to expect with the IE7 installation.

Due most likely to my dial-connection, I did not get prompted for the actual installation of IE7 until three weeks later. As a result, I had forgotten that Ad-Watch was disabled until today when I wanted to check the GUI (Graphic User Interface) to get the correct language to provide help for someone. I easily re-enabled Ad-Watch through WinPatrol and then was immediately prompted with a number of registry changes to allow or disallow.

Included among the changes were the registry updates made when installing IE7. Fortunately, I was paying attention and allowed the changes. Had I not done that, I would definitely have had to re-install IE7 and could likely have had problems with the .lnk and .exe extensions faced by so many Ad-Watch users since Ad-Aware SE was released in August 2004.

As stated in the Lavasoft manual:
"You can lock the startup sections of your registry, block possible and actual browser hijack attempts, block suspicious processes, lock executable file associations, Block malicious cookies, block Pop-ups, and uses the all new CSI technology to protect you from unknown variants as well. Even if Ad-Watch is turned off and something DOES install onto your system, it will recognize it and will kill the process as soon as it has seen it when turned back on." {emphasis added}
In fact, Ad-Watch even prompted me to allow the registry change for itself!

This is the reason why I always recommend having "Automatic" turned off with Ad-Watch. Part of responsible computing is knowing what is happening on your computer.

Create a Rule with Lavasoft's Ad-Watch

One of the most frequently mentioned problems people have with Lavasoft's Ad-Watch is that it has blocked another process, such as anti-virus software update or a scheduled scan by another product.

The easiest way to solve that situation is through the creation of a Rule. It is really fairly easy to create a Rule with Ad-Watch but people seem to have problems deciphering the instructions in the Manual.
  1. Check that Event-History is turned on
    • Launch Ad-Watch
    • Select Options
    • Under "Event-History", select (green check) "Create Event-History"
  2. If you did not have Event-History turned on, wait until the next occurrence of the action you wish to create the rule for. Then open the Event History.
    • Select "Options"
    • Select "View Event History". Ad-Watch will launch the Event-History in Notepad.
  3. Look at the entry for the Key; i.e., something like "Key:Software\Microsoft\Windows\CurrentVersion\Run".
  4. Create a new Rule (Rules cannot be edited)
  5. Copy/paste the Key from Notepad.
  6. Look at the entry in Notepad for the Value and also add what is shown.
  7. Select Exact Match.
Pretty simple when you know how to do it.

Stolen Microsoft XBox 360's & Video Marketplace Difficulties

Unless the thieves are caught, there will be quite a supply of Microsoft XBox 360's on the black market in England for Holiday shopping! From Express and Star:
"More than one million pounds worth of Xbox consoles have been stolen from a Lichfield depot over the last four days, it was revealed today.

Police believe thieves are stealing the games machines to sell ahead of Christmas when they are in high demand. Thieves hijacked a lorry load of £750,000 worth of Xbox consoles on the A38 after it left a distribution depot in Fradley yesterday.

Police revealed today that another theft took place at the Hellmann Worldwide Logistics depot on Thursday morning when a £40,000 trailer containing £260,000 of Xbox consoles was taken.

Staffordshire Police spokesman Peter Stevens said: “They are in high demand and cost between £200 and £300."

This follows the technical difficulties experienced with the new Microsoft Video Marketplace for the favorite game machine. If you have run into similar problems, keep tabs on the official XBox Forums:

"As you know, we have been experiencing technical difficulties associated with the extremely high number of downloads from the Video Marketplace service over the past 24 hours. We understand these technical issues have resulted in a very unpleasant experience for our members, including extremely slow downloads or not receiving the content they purchased.

We’ve made progress over the past 24–hours, and the team is dedicated to fixing the issues and continues to work as fast as they can around the clock to get the service running as seamlessly as you have come to expect.

We strongly encourage all folks who have experienced an error message or did not receive a download they purchased to call customer support at 1-800-4MYXBOX."

Vista EULA (End User License Agreement)

There has been a lot of discussion in the media, on-line journals, forums and blogs about the EULA (End User License Agreement) for Windows Vista, the restrictions and particularly product activation..

Security Focus columnist, Mark D. Rasch, J.D. provides an in-depth review of the Vista EULA in "Vista's EULA Product Activation Worries". Mark Rasch is a former head of the Justice Department's computer crime unit, and now serves as a lawyer specializing in computer crime, computer security, and privacy matters in Bethesda, Maryland.

As explained in a key point by Mr. Rasch:
“ Does the Microsoft EULA adequately tell you what will happen if you don’t activate the product or if you can’t establish that it is genuine? Well, not exactly. It does tell you that some parts of the product won’t work - but it also ambiguously says that the product itself won’t work. Moreover, it allows Microsoft, through fine print in a generally unread and non negotiable agreement, to create an opportunity for economic extortion. ”
Thus, the EULA explains why the "Windows Vista Frankenbuilds Spotted in the Wild" will end up with limited utility. How will Microsoft achieve this? Through means such as published U.S. Patent Application, "Trusted license removal in a content protection system or the like." Claim 1 is illustrative:
"1. A method of removing a digital license from a client computing device, the digital license including an identification of a removal service that can authorize removing such license, the method comprising: the client selecting the license to be removed; the client selecting the service; the client constructing a challenge including therein a challenge license identification block (LIB) identifying the license to be removed, and sending the challenge to the service; the service receiving the challenge and storing at least a portion of the challenge in a database; the service constructing a response corresponding to the challenge and including therein a response LIB identifying the license to be removed and an identification of the service, and sending the response to the client; the client receiving the response and employing the response LIB from the response to identify the license to be removed; and the client removing the identified license upon confirming that the identification of the service in the identified license matches the identification of the service in the response."

Saturday, November 25, 2006

Microsoft Security Tips & Talk Blog

A relative recent addition to Microsoft activities is blogging on the various software programs and systems. I subscribe to quite a few of the MSDN blogs. Now there is a blog specifically created for the home computer user.

Security Tips & Talk provides guidance on how to protect your computer, laptop, PDA, etc. from spyware, viruses, etc. Learn about identity theft and protection from spam and phishing. Should you miss it here at Security Garden, you will also be able to keep track of Microsoft security updates. The blog is hosted by the Microsoft team that publishes the Security at Home site.

Recent posts include:

Popular Kaspersky Launches Technical Support Portal

From the Kaspersky Press Release:

"Kaspersky Lab has launched a new web portal for its technical support service. The portal shows visitors how to protect all types of IT systems, from PDAs and smartphones to file servers and mail systems. The portal also includes solutions to the most common technical problems, a user forum, and a system for sending requests directly to Kaspersky Lab technical support.

The portal also features a large, easy-to-use and up-to-date database of publications, statistics and technical articles on a variety of subjects, including protecting electronic information; and Kaspersky Lab products and their operating principles, as well as common errors related to their usage. The resource also notifies users of new publications.

The English version of the technical support portal can be found at

A Russian version is also available, and a German version of the new portal is planned for the near future."

The site includes help and information on "Fighting malicious programs",
"Personal Desktop Protection", "Mail System Protection", "Perimeter Protection" and more.

Another great service from Kaspersky.

VIsta Compatible Antivirus Software

Update 25 February 2007: See Vista Compatible Antivirus Software in Windows Vista Bookmarks for the most current information.

Although the list at Windows Vista RC1 Antivirus Providers is for Vista RC1, it is a starting point to determine whether the antivirus software you use on your computer is compatible with Windows Vista. Of course it is expected that most of the major companies are working hard to get to that point.

Sophos has joined the growing list of antivirus software programs that are Vista-compatible and joins Avast, shown below.

From the Sophos website in "Sophos protects Microsoft Windows Vista":
Sophos Anti-Virus for Windows 2000/XP/2003/Vista, version 6.5 includes:
  • Protection against viruses, spyware, adware and PUAs
  • Application control, which allows businesses to set their own policies regarding whether user groups are allowed to run software such as IM clients, VoIP, peer-to-peer file sharing and distributed computing projects
  • Behavioral Genotype™ Protection to guard against unknown threats
  • High performance scanning with Decision Caching
  • Central management and update features, using Enterprise Console
  • Automatic updates against the latest threats every 10 minutes

Customers using Sophos Anti-Virus for Windows 2000/XP/2003, version 6.0 will be updated to support Vista automatically, without any user intervention.

"While other security vendors aren't happy with how Vista has implemented its increased security, Sophos has been working closely with Microsoft and fully supports new functionality, such as Kernel Patch Protection (also known as PatchGuard)" said Richard Jacobs, CTO at Sophos. "Sophos Anti-Virus running on Vista provides unprecedented protection."

Here is the information on Avast

"With the public release of RTM version of Windows Vista in November 2006, ALWIL Software anticipates massive deployment of this new platform, especially among home users. These users appreciate new features of Windows Vista such as the new Aero interface, enhanced support for mobile computing, and improved full-text search, and now, thanks to avast! antivirus, users can also be thoroughly protected against malicious threats.

Note: The minimum version of avast! Home/Professional Edition compatible with Windows Vista is 4.7.892."

A Double-Edged Sword

There is a new Police and Justice Law in the U.K. which reads in part:

"Unauthorised acts with intent to impair operation of computer, etc
For section 3 of the 1990 Act (unauthorised modification of computer material)
there is substituted—

“3 Unauthorised acts with intent to impair operation of computer, etc.

(1) A person is guilty of an offence if—

(a) he does any unauthorised act in relation to a computer; and

(b) at the time when he does the act he has the requisite intent and
the requisite knowledge.

(2) For the purposes of subsection (1)(b) above the requisite intent is an
intent to do the act in question and by so doing—

(a) to impair the operation of any computer,

(b) to prevent or hinder access to any program or data held in any
computer, or

(c) to impair the operation of any such program or the reliability of
any such data,

whether permanently or temporarily.

(3) The intent need not be directed at—

(a) any particular computer;

(b) any particular program or data; or

(c) a program or data of any particular kind."
According to Computer Act!ve, this change to the 1990 Computer Misuse Act could place developers of some software tools as well as those warning of security flaws at risk of prosecution:
"The new Act will make a person guilty of an offence "if he supplies or offers to supply any article believing that it is likely to be used to commit, or to assist in the commission of, [a hacking offence]".

Richard Clayton, a security researcher at Cambridge University explained: 'A lot of tools are used legally for good purposes but they could also be used for bad. It is also possible that someone who publishes warnings about security flaws could be prosecuted.'"

I think it is too soon to be analyzing how the Courts will interpret the law.

Microsoft's AntiSpyware Tool Removed IE

According to a report at, a recently released Microsoft AntiSpyware software apparently detected Internet Explorer as spyware, and removed the program from their systems, according to a report at Oops!

Of course the report by BBSpot was intentionally not specific, with no indication as to whether the software was from Windows Defender or from the Malicious Removal Tool. From that alone the reader would realize it is a parity. Reading on, however, the reported quote made for a further chuckle:

"Elias Weatherbee, a Microsoft representative, said the program was "only in beta" and that "a fix was forthcoming."

"It shows how powerful our AntiSpyware program is," said Weatherbee. "Not only is it able to remove spyware from the system, but also the source of most spyware. Our competitors can't match that."

A representative from Lavasoft, which sells Ad-Aware another spyware removal program, complained that Microsoft was using its monopoly and knowledge of the operating system to 'offer features that others can't match.'"

"Tough shit," said Weatherbee.

Although a joke, can you imagine a competitor complaining about Microsoft using their knowledge of the operating system that others cannot match? Seems like truth and fiction do often run hand-in-hand.

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

Looking at the picture realistically -- joke aside -- the writing has been on the wall since Microsoft entered the anti-spyware detection and removal field. With real-time protection free, we may see a change in business swing away from smaller companies like Lavasoft. Customers are going to question the need to pay a license renewal fee for real-time protection such as Ad-Watch when such protection is free from other sources.

PortableApps Suite 1.0

Having recently treated myself to a 1 GB USB Flash Drive, I am excited to see the announcement about the release of the new PortableApps Suite. The suite is a collection of computer programs that you can carry around with you on a portable device and use on any Windows computer.

The Suite includes a web browser, email client, office suite, calendar/scheduler, IM client, A/V, backup and even the popular sudoku game. There is a pre-configured menu and all software is ready to run.

A special feature of the PortableApps Menu is that it works on any PC, Including Windows 95 (!) through Vista. It also works with Wine under UNIX. The PortableApps Menu will also work with other applications. All you need to do is place the exe files in a directory "next to" the PortableAppsMenu directory.

I am looking forward to experimenting with my new toy and expect I will be referring to the tutorials and software listings at the Gladiator Security USB Sticks & Portable Devices Forum.

Are Malware writers becoming "more professional"?

According Dave Marcus' prediction in Rene Millman's Malware writers becoming "more professional" in ITPro, mass virus outbreaks will be a thing of the past. Rather, there is evidence of professional and organized crime in malware creation:

". . . 'where development teams are creating malicious software, testing it and automating its production and release.' "

indicating further that:
35 per cent of all malware samples ever discovered had been collected in the last two years alone.
The past two years have been filled with rogue anti-spyware applications and the likes of the codec-infecting trojans. New variants are discovered daily. Another aspect to the increased numbers of malware samples, however, is that while the malware writers become more sophisticated, so also have those working to obtain samples and have them submitted to the anti-spyware/anti-virus vendors. The sad part of Dave Marcus' comments is that

"Malware has simply become a way to make money. It has taken virus authors in a different direction."
Will honesty and integrity win over money? Not likely as greed is a very strong incentive. The best way to win the battle against malware is education. Where my generation might have taken typing classes in "junior high school", children today learn about computers and computer games as early as pre-school. As our children are taught about "safe sex" in the schools, so must they also be taught about "safe hex". I suspect that while our children taught us how to operate the VCR, the children of today will be teaching their parents how to maintain the family computer.

Are Vista and Office 2007 Aimed at Business Users?

Since I work in an office, the headline "Microsoft's latest upgrade aimed at its business users" in the Delaware Online News Journal caught my attention and so I read on:

"Bill Hartnett got accustomed to the screaming. As Microsoft Corp.'s manager of software sales to financial services companies, Hartnett used to get pelted with complaints about the security and reliability of Microsoft's products.

Hartnett speaks openly about those dark days because he's sure they're well past. He and his colleagues contend the company is about to give businesses compelling reasons to not just tolerate Microsoft, but to be thrilled with it.

The occasion is the launch of crucial upgrades to Microsoft's most widely used and most profitable products. All at once, Microsoft is releasing a new Windows operating system, known as Vista; an update of the Office "productivity" package, which includes Word, Excel, Outlook and PowerPoint; and server software that handles behind-the-scenes functions."
Mr. Hartnett and others expecting a massive run by businesses to upgrade to Vista and Office 2007 will most likely be in for a disappointment. Although I expect I would find the enhancements to Office 2007 exciting and more productive, I wonder if I will even see them installed on my office computer before I retire.

The standard operating system where I work is Windows 2000. It is only as hard drives fail that they are replaced with Windows XP. Because the majority of the staff in the area where I work have W2K (new in 2001), that is what is on my office desktop, with XP on the test box.

There is a valid reasons for delays in the work place. In addition to "off-the-shelf" software programs, there are over 3000 custom applications in the company where I work. Testing each application for compatibility and making changes is a daunting challenge, particularly when those applications are tied to manufacturing and other critical processes in the work place.

Another reason for delays in upgrading is that having older computers in a large company means that more than just an upgrade is required. Rather, a complete replacement would be necessary since the older computers will just not be able to run Windows Vista. Replacing thousands of computers and operating systems can take years.

Thus, even though Windows Vista and Office 2007 may be aimed at business users, I expect it will be closer to two years after release before larger companies start the replacement process.

Friday, November 24, 2006

U.K. and US Security Sites

A special friend told me about NISCC - the UK's "National Infrastructure Security Co-ordination Centre." He was correct when he told me that it is "a veritable goldmine of information and should be bookmarked by anyone who has an interest in Computer Security, especially as it carries all the Microsoft security briefings."

Better than just the Microsoft security briefings, NISCC also includes security briefings and alerts from multiple vendors, all consolidated in a nice package by date on the Briefings page:

"Briefings contain general information such as details of software vulnerabilities and patches.

Briefings are compiled from a number of sources including the Internet, the Forum of Incident Response and Security Teams (FIRST), associated Computer Emergency Response Teams (CERTs) but more importantly the NISCC community itself. This gives us the ability to provide timely information concerning potential IT security problems that could affect the CNI.

Like many other CERTs, UNIRAS often redistributes computer security briefings authored by other CERTs, vendors and other groups concerned about IT security. For the best information about protecting your system it is recommended that you take account of security information from a variety of sources." {emphasis added}

It was that last sentence that got me wondering what kind of information is available in New York, my home state. That search led me to Cyber Security and Critical Infrastructure Coordination (CSCIC), which was established in September 2002 to address New York State's cyber security readiness and critical infrastructure coordination. I did not find a lot of information on New York State's "cyber security readiness and critical infrastructure coordination" but did locate a number of valuable resources, reproduced below for quick reference.

Parents are encouraged to check "Protecting our Children on the Internet". There are numerous links to sites with information for parents as well as pages with safety instructions for young children and teens.

References from CSCIC:

Government Security Sites National Information Sharing and Analysis Centers (ISAC's) Other Security Advisories and Resources Vendor Security Advisories Virus Warnings

Microsoft Goes After Phishers

At a European Union conference on identity theft in Brussels, Microsoft announced that they are helping law enforcers hunt down phishers and has has initiated 129 lawsuits in Europe and the Middle East. According to
Microsoft has involved itself because all of the 129 cases use either phony Hotmail or pages to trick users into handing over their private information.
That would make sense since both Hotmail and are Microsoft entities. Reuter's provides much greater detail in Microsoft brings 129 lawsuits against phishers, further explaining:
"Microsoft can initiate civil lawsuits even when it is not the target of identity theft, because legal systems in many countries allow anyone suffering from attacks to claim damages.
"There are damages to our ability to conduct business. There are damages to our trust with the consumer," Anderson said.
The U.S. company has an investigative team at its headquarters in Redmond, Washington, which uses Web-crawling software and customer complaints to find out where attacks are taking place. Old-fashioned investigative techniques are then used to discover the identity of the phishers.
Before legal action was taken, 253 cases were investigated. Most of the investigations and 50 of the criminal complaints were filed in Turkey. Germany was second with 28 criminal complaints and France third with 11."
That helps, but considering the true number of phishes, it is rather "small potatoes". It certainly raises the question as to why the banks and other targets of phishers are not doing more considering that it is their customers who are the targets.
The volunteers of CastleCops PIRT Squad are also working diligently to terminate active phishes. To view a Power Point presentation with 150+ slides discussing phishing, Rock Phish and how the volunteers of CastleCops PIRT squad tackle them download the Pirt.ppt. (The presentation also includes slides about CastleCops and CastleCops services.
Microsoft has a website devoted to anti-phishing. After submitting any "phishing emails" you receive to learn more about the Anti-Phishing Filter in IE7, go to Microsoft's Anti-Phishing Technologies website.

Zune Vista Incompatibility Seemingly Solved

While everyone was looking forward to seeing Zune, Microsoft's effort to compete with the iPod, it was rather a surprise to learn that it is not compatible with Windows Vista. Granted, Zune was released to the marketplace a mere week after Vista was released to manufacturing (RTM). I'm sure there were various adjustments made to Vista prior to RTM. In this case, it was unfortunate that Zune was considerably ahead of Vista.

As reported by David Weller, a Microsoft employee working as a Game Developer Community Manager, he is beta testing the Zune software for Windows Vista now and reported that it is working flawlessly.

Zune Resources:
  • Tutorials for Transferring Movie, .zip and .pdr files

Microsoft removes IE7 for Windows XP from WSUS

Fortunately, it is a long holiday weekend in the U.S. so there is time to adjust if IE7 was recently downloaded via WSUS for their network from the IE7.0 update rollup package released on 21 November 2006.

From the report at the problem with the 21 November 2006 is a resulting error dialog in Spanish after installation.

A replacement update rollup package will be available for synchronization early next week. For a work-around if this update has been scheduled for installation or via Automatic Update (AU), see the instructions at

Games for Windows

Just after I discovered the new prototype home page, I ran across another brand-spanking new Microsoft site -- Games for Windows -- just in time for the Holidays too!

The best thing about Games for Windows is that you have the absolute assurance that anything you select is absolutely safe for your computer. There is no chance of infection from any of the selections. What is helpful for parents is that a demo can be downloaded prior to purchase to ensure the game is age-appropriate for the children in the family.

Microsoft is looking for feedback on the new site. Go here to provide your likes and dislikes about the new site., A New Look

Have you seen the prototype for the new It isn't final yet, but an obvious improvement. These are the issues Microsoft web designers are currently aware of:

Known Issues:

  • Throughout the user interface we are still working on “fit and finish” adjustments that will improve the look and feel of the pages.

  • On the home page the spaces between lines of text are wider than they should be. These will be tightened up before the final release of the page.

  • If you are running Internet Explorer 6 and are in high contrast mode, some typefaces appear larger than they should.

  • When text size is set to Largest in Internet Explorer, parts of the page layout become broken, and content at the bottom of the page may not be viewable.

  • When your browser is in high contrast mode, the container that displays secondary navigation links has a transparent background, which makes the thumbnail graphics and links difficult to see. The container should have an opaque background that makes the graphics and links stand out clearly.

  • The container that displays secondary navigation links does not scroll with you as you move down a page, as it should.

  • When you reduce the size of your browser window, the container that displays secondary navigation links does not adjust itself accordingly as it should. As a result you may need to scroll to view all links.

With those issues aside, I think you will appreciate the updated look and feel of the new home page. Interestingly, displaying the current home page in side-by-side tabs in IE7, the Zune image doesn't display on the old page on my computer yet is beautifully displayed on the new page.

I like the cleaner, less cluttered look and hope the final transformation takes place soon.

MS KB 928388 - Time Zone Change Update

The Energy Policy Act of 2005 (Link is PDF) changes the start and end dates of daylight saving time (DST) in the United States. Starting in 2007, DST will start on the second Sunday in March and end on the first Sunday in November.

Microsoft released Knowledge Base Article 928388, "2007 time zone update for Microsoft Windows operating systems" addressing the time zone change.

The following files are available for download from the Microsoft Download Center: