Google Alerts Users 'Your Computer Appears To Be Infected'

Charles Ripley , BrandPost

Google launched a new awareness campaign to alert users whose PCs may be compromised with the “DNSChanger” malware. The DNS servers used by the malware will be shut down soon, and infected computers will no longer be able to communicate with the Web, so Google is doing its part to help users clean up and point their PCs to legitimate DNS servers.

In November of last year the United States FBI—in cooperation with Estonian law enforcement—tracked down and arrested the group behind the DNSChanger malware. With millions of infected systems around the world relying on the malicious DNSChanger DNS servers, the FBI chose to continue hosting them as legitimate DNS servers.

However, the FBI isn’t in the business of acting as an Internet Service Provider or DNS host, so as of July 9 the DNSChanger servers will be shut down. There are an estimated 500,000 systems still using those servers for DNS, and those PCs will no longer be able to reach the Web once the FBI pulls the plug.

Read more »

Microsoft Says Farewell to 'Aero' Interface

Microsoft announced that it is doing away with the “Aero” user interface that has been a trademark of Windows Vista and Windows 7. Windows 8 will instead move to embrace the new “Metro” user interface.

Windows 8 is developed from the ground up for a touchscreen experience. The Metro UI is familiar from the Windows Phone mobile operating system, and is particularly well-suited to touchscreen devices like array of Windows 8 tablets expected to debut later this year after the Windows 8 OS hits the street.

Microsoft introduced the Aero interface with the launch of Windows Vista in 2006. An exhaustive blog post from Microsoft explains, “These stylistic elements represented the design sensibilities of the time, reflecting the capabilities of the brand-new digital tools used to create and render them.”

Read more »

Why 'Do Not Track' Is a Double-Edged Sword

Twitter has finally caved to peer pressure and announced plans to jump on the “Do Not Track” bandwagon. While privacy advocates, and those creeped out by the thought of Twitter--or any other entity--monitoring online activity may breathe a sigh of relief, “Do Not Track” is far from perfect, and the tracking is not completely without value.

“Do Not Track” is actually implemented at the browser level, but it’s up to the sites and services doing the tracking--like Twitter--to recognize and honor the flag indicating that a user chooses not to be tracked. It’s one of the fatal flaws of “Do Not Track” as a privacy solution that unethical sites can simply ignore the flag and continue tracking your activity regardless of how your browser is configured.

Even when it works “Do Not Track” is not a very eloquent solution. It’s an opt-out approach that assumes up front that tracking is OK. It puts the burden on individuals to be aware that the tracking is occurring, understand where the controls are to enable “Do Not Track”, and make the effort to flip the switch to opt out of having their personal online activity monitored. It would make more sense to only track those who choose to opt-in to such a system.

Read more »

Pinterest Under Siege By Scammers

Charles Ripley , BrandPost

Have you joined the Pinterest revolution yet? Pinterest is the new hottest thing on the social networking scene. It’s so hot that it has drawn the attention of scammers and malware developers--offering fertile ground for finding unwary victims.

Pinterest is a virtual pinboard. It is essentially a means of categorizing and bookmarking visually. When in a traditional Web browser, you might bookmark a really cool classic car, or a recipe for a drink that sounds delicious, with Pinterest you “pin” thumbnail images of the things you like.

Pinterest is also a social network. You can search the various pins and pinboards across all of Pinterest, or follow other users’ pins like friends, family, or just people who seem to pin a lot of things you find interesting.

Read more »

Use the Facebook Privacy Controls You Have

Charles Ripley , BrandPost

One of the biggest issues people have with social networks is how or where their personal information is being shared. Updates to the Facebook privacy policy have some privacy advocates up in arms--perhaps for good reason. But, the irony is that many people who claim to be concerned about personal privacy don’t even use the controls at their disposal.

At the heart of the current debate are changes that Facebook has made in the interest of full disclosure ahead of its upcoming IPO. Some of the changes seem to suggest that Facebook could venture into a broader advertising network that extends beyond just Facebook. In that case, some information posted within Facebook could be shared outside of the social network on ads on third-party sites.

If you’ve ever used a tool like the Outlook Social Connector, though, you know that many people are inadvertently exposing a wide variety of personal information to the general public. The Outlook Social Connector links to Facebook and other social networks to integrate information about your contacts and display it in Outlook. Often, you are able to view status updates and personal information from people who aren’t even in your social network because their data is open to the public.

Read more »

Windows 8 RT Poses Security Dilemma

When Windows 8 hits the street later this year it will represent the boldest overhaul of the dominant desktop operating system to date. Aside from the Metro interface, one of the biggest departures from Windows tradition will be the addition of a new variant that runs on ARM hardware. While that opens up some new horizons for Windows, it may also put Windows 8 RT users at risk.

What’s the risk? Well, Windows users have been conditioned to have a healthy dose of skepticism when it comes to phishing attacks and malware, and they know they’re supposed to run security software to help detect and block threats. The problem is that legacy Windows software will not function on the ARM version of Windows. That means that consumers will have to purchase new or different security software for Windows 8 RT than they’re used to on their legacy Windows systems.

Windows itself will still be Windows, though. The operating system will still be a popular target for malware developers, and users will need to be able to defend their Windows 8 RT systems. Developers will have to develop new solutions specific to Windows 8 RT which will most likely result in fewer choices when Windows 8 RT launches. Its also possible that the features and capabilities of the Windows 8 RT version of a security solution may not match the traditional Windows version.

Read more »

Get Off the Vulnerability Patching Merry-Go-Round

Microsoft has designated the second Tuesday of each month Patch Tuesday for some time now. Patch Tuesday gives patch management a sense of predictability as opposed to the old system of just releasing critical updates randomly as they come up. The pre-defined patch release schedule is helpful, but it doesn’t change the fact that users are on a perpetual merry-go-round of patching.

For May, Microsoft released seven new security bulletins that fix a total of 23 separate vulnerabilities. One in particular--MS12-034--patches 10 different vulnerabilities spanning a broad range of Microsoft software. Adobe also joined the fray with security updates for Shockwave, Illustrator, Photoshop, and Flash.

Last month Microsoft released six security bulletins, and the month before that it was another six security bulletins. In five months Microsoft has already issued 35 security bulletins in 2012, and it often feels like a new Patch Tuesday rolls along before the dust has even settled from applying the patches from the last one.

Read more »