Triona's Tech Tips

There’s a big debacle going on in the tech world. It seems that CNet aka download.com, purveyors of downloadable software, took a very popular geek tool called Nmap and wrapped their version of the free installer with the installer for some junky browser toolbar. Two of my favorite tech sites, The Register and Sophos Naked Security, have good descriptions of the situation.

The author of Nmap is a well-known Net.denizen named Fyodor, who is justifiably steamed. His response:

“The problem is that users often just click through installer screens, trusting that download.com gave them the real installer and knowing that the Nmap project wouldn’t put malicious code in our installer. Then the next time the user opens their browser, they find that their computer is hosed with crappy toolbars, Bing searches, Microsoft as their home page, and whatever other shenanigans the software performs! The worst thing is that users will think we (Nmap Project) did this to them!”

He has an excellent point. I can tell you that any customer I’ve ever worked with would be irate indeed to have their computer messed up by a stupid junky toolbar they never wanted. But what should you, as a consumer, do about good software that comes bundled with junk?

Go to the original download source
Don’t rely on aggregate sites like CNet for your software. Instead, go directly to the web site of the program’s developers. You’ll often find a more recent version there, as well as better support options. This also eliminates the problem of poisoned search engine results when searching for programs (links that look legit but lead to virus-laden sites).

Look at the window before you click
In the Nmap case, the installer for the Babylon browser bar makes it look like you have to install it before you can install Nmap. When installing software, look very carefully for obscure checkboxes and buttons. Most of these installers stealthily install their junk by either making the opt-out checkbox hard to find, or by making the junk look like a necessary part of the install.

In the Nmap case, if you click Accept you’re only accepting the junk because this is the wrapper; you haven’t even gotten to the real installer yet. As Fyodor said, most people will click this then wonder why their Web browser isn’t working. Then they’ll have to find somebody who knows how to remove this kind of junk, because you have to remove ALL of it or it will continue to mess up your computer.

Make your voice heard
If you spot software that is bundled with junk, let the manufacturer know how disgusted you are. Keep your friends and colleagues informed by sending them a link to this article and letting them know about the menace of stealthy junk software.

You should not ever have to install a piece of junk to install the program you want – and if the program you want won’t let you do it any other way, find a different program. Shame on you, CNet. And kudos to developers like Fyodor who actually care about the end users.

(Photo of awesome Tron “I Fight For The Users” shirt from ThinkGeek. And no, I’m not getting any affiliate rewards for telling you that. I just like both the shirt and the store.)

We’ve got another off-schedule emergency update, this one for Adobe Reader and Acrobat. It applies to both Windows and Mac users and will be released sometime next week. I encourage you to check for updates (under the Help menu) and make sure you install this one when it comes out. You can read Adobe’s advisory here.

The new update will take version 9 users to version 9.3.3 and version 8 users to 8.2.3. However, if you’re still on version 8, I recommend you move to version 9. And if you’re on a previous version (like the omnipresent Acrobat Reader 7), you definitely want to move to version 9. Acrobat 7 was the standard for a long time but is now obsolete and can be used as a entry point for viruses.

In case you’re wondering, the difference between Adobe Reader and Acrobat is that the former allows you to read PDF files while the latter also lets you create them. Adobe Reader used to be known as Acrobat Reader and is still referred to as plain ol’ Acrobat. So, yes, these updates apply to you regardless of whether you have the full version of Acrobat or just plain Reader.

You can also visit this web site to find the latest versions of all your Adobe products.

Subscribe free to Tech Tips and receive bonus tips, tricks and product reviews. Click here to subscribe or send email to techtips-request-at-guidryconsulting-dot-com, subject “subscribe”.

Today Microsoft released an off-schedule update to fix a bug in Windows that could allow your machine to be infected simply by browsing a list of files with Windows Explorer. This emergency update applies to Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008. You can read the Microsoft security bulletin here.

Microsoft’s normal monthly updates arrive the second Tuesday of the month, otherwise known as Patch Tuesday. Off-schedule updates are typically only released in cases like this, where vulnerabilities are being actively exploited by viruses and malware. One particular virus is especially virulent. A variant of the Sality virus, it disables your security software and downloads more malware onto your computer.

If you have Automatic Updates enabled you’ll eventually get this update, but to make sure you are protected as quickly as possible visit update.microsoft.com and make sure you install update MS10-046 (aka 2286198).

I am seeing a rash of people whose Twitter accounts have been hacked. If you receive a DM (direct message) to your Twitter account saying “is this you???” with a shortened URL, DO NOT CLICK on the URL. Notify your friend via another means and encourage him or her to change Twitter passwords.

Note that it’s the person sending the DM who is the one hacked. But if you receive a message like this, it doesn’t hurt to visit twitter.com directly (DON’T click the DM link!) and change your password anyway.

It is vital to use strong passwords (mix of letters, numbers, upper and lower case, symbols where permitted; no plain dictionary words or easily identifiable names like your spouse, your kids, or your dog). You also need to use a different password on every system, even if you think it’s a pain to do so. If you use the same password in more than one place, the hacker then has entry into the rest of your accounts, like email, web sites and–heaven forbid–bank accounts. In fact, you might want to make an afternoon of it and change all of your passwords everywhere, which is a good thing to do on a regular basis. And don’t cycle passwords between accounts, you never know if one might be compromised. New passwords, strong passwords, different passwords for every system.

This particular worm has been around for a while but like all viruses tends to keep propagating. Be wary of suspicious links and use a site like ExpandURL to investigate shortened links before you click on them. When in doubt you are always better off manually typing in a Web address instead of clicking on a link. These scams are not limited to Twitter but can encompass any type of computer login.

Sony has recalled more than 69,000 desktop Vaio PCs and Vaio laptop docks due to an electric shock risk from the computers’ AC adapters. Sony’s web site provides details about the recall. Affected models include:

• All-in-one computers sold after September, 2007
  • VGC-LT series
  • VGC-JS240, VGC-JS250, VGC-JS270, and VGC-JS290 series
• Notebook docking stations sold after September, 2005
  • VGP-PRBX1
  • VGP-PRFE1

In similar news, Belkin has recalled some of its TuneBase in-car iPod dock due to a fire risk. Belkin’s web site has details about the recall. The affected models include the TuneBase FM with Hands-Free, TuneBase Direct with Hands-Free and TuneBase™ FM with ClearScan with model numbers as listed on the back of the product:

• F8Z441, F8Z441ea, F8Z442, F8Z442ea, F8Z176, F8Z176eaBLK

There are also reports, unconfirmed by Apple, of some Time Capsule backup modules failing after an average of 17 months. Disturbing, given that these devices are supposed to preserve your data. I recommend that everyone, not just Time Capsule owners, use multiple methods of backup. You can find out more on the timecapsuledead web site.

Through November 1st, 2009, new subscribers to the free email version of Tech Tips will receive a special tip sheet on Four Easy Ways To Protect Your Computer. Just click here to sign up.

This month’s Patch Tuesday gives us a plethora of critical updates for both Microsoft and Adobe Acrobat Reader (Windows and Mac). Now is a good time to verify that you have all the latest updates you need to keep your computer free of viruses and other malware.

The expected Microsoft patches include updates for Windows (including the latest version, Windows 7), Office, and Internet Explorer, plus Windows Server, SQL Server and several other products. You can read the advance notification here. If you have Automatic Updates enabled you will receive notice of these updates automatically, or you can manually check to make sure you are protected by visiting update.microsoft.com.

Adobe’s updates will include patches for Acrobat Reader. As I said before I encourage you to install version 9.1.3 if you haven’t already. You can check for updates within Reader by going to the Help menu and selecting Check For Updates, or you can download the latest version from Adobe’s site (but be sure to go to Help, Check For Updates afterwards since Adobe doesn’t always offer the most recent version for download). You can read about the Adobe updates here. Please note that these updates apply to both Windows and Mac.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.

Apparently the phishing scam that netted usernames and passwords for thousands of Hotmail accounts was wider than previously thought. The latest news indicates that Gmail, AOL, Comcast, and Yahoo! users, among others, may also be affected.

My advice to everyone is to make today Password Change Day. Get out there and change the passwords for all of your accounts. Use a combination of numbers, letters and symbols (where allowed) and be sure to use a different password on every system. Again, you can follow my password tip sheet (PDF) for guidelines on creating strong passwords.

I am often asked, “what does it matter?” accompanied by the protestation, “I don’t have anything important in my email anyway.” I would like to respond that you should care if:

• You want to avoid identity theft. Many people use the same password or set of passwords for all systems. If someone gains access to your email password, even an old one, they will try to use it to get into your other, juicier accounts, like your bank. And they will probably succeed.
• You hate viruses. Most viruses are distributed through compromised computers (called zombies).
• You hate spam. Most spam is sent from compromised computers. Your email address book is a gold mine for spammers because it’s a list of guaranteed good email addresses.
• You want your computer to work properly. Nothing slows a computer down like being zombied (see above).
• You don’t want someone else surfing the Internet on your dime. If you use an email account from your Internet provider, the same password is used both for email and to authenticate you to your provider’s network. If you use a common dictionary word without symbols as the password–shazam! instant access.
• You don’t want to go to jail for someone else’s crimes. Take the above scenario and imagine that the person who’s hijacked your Internet account is dealing in pirated software or child pornography. Unless you can prove it wasn’t you (and that may be difficult), you could be held liable. People committing crimes on the Internet use other people’s accounts for exactly this reason.

Although some people advocate that you not write your passwords down, I say it’s okay as long as you keep the written record somewhere secure, like a locked drawer or safe. (NOT on a sticky note on your monitor or under the keyboard, please!) Excel spreadsheets and other computerized means of tracking passwords are not good ideas, because the first thing a virus will do is check for convenient lists of the rest of your passwords. You might as well hand out your passwords on your business cards. And no, password-protecting the spreadsheet doesn’t work either; those are cake to crack. Properly encrypted password managers do work, but I favor the old-fashioned paper approach, as long as it’s kept out of sight.

It really isn’t that difficult to maintain different passwords on every system. I’ve done it for decades. If we would all follow the basic, simple practice of secure password management, we could cut down on the viruses, spam and other problems that plague us all.

You should also be aware of the kinds of scams that caused these breaches in the first place. Try the SonicWall Phishing Quiz to test your skills on identifying phishing attempts, when a hacker emulates the login page of a site to con you into entering your username and password.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.

I tweeted (e.g. posted on Twitter) about this also, but wanted to make sure all my Hotmail users know to change their passwords immediately following a breach that resulted in at least 10,000 usernames and passwords being distributed online. It’s likely this is just the tip of the iceberg, so protect yourself by changing your password to something with a mix of letters, numbers and symbols, that is NOT in use on any other system. (Yes, I know, it’s a pain. But what’s more of a pain, multiple distinct passwords or getting your account hijacked?)

You can also see my password tip sheet (PDF) for help on choosing strong passwords.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.

As if scareware (fake antivirus software) via legitimate news sites wasn’t bad enough, now we’re getting a veritable swarm of malware (virus-like stuff you don’t want) via ad services sold to legitimate web sites by Google and Yahoo, among others.

The ad services, including DoubleClick, FastClick and ValueClick, offer infected ads that use malicious PDF files to inflict viruses via bugs in older versions of Acrobat Reader. You don’t even have to click on anything, merely visit a page with an infected ad. All you see is a window opening and closing as the PDF is launched. Remember, Google, Yahoo and the infected web sites are not going to protect you from this stuff. Your only option is to protect yourself.

Your best protections are using strong security measures and keeping your Adobe Reader (aka Acrobat) up to date. Meaning, if you’re not using the current version, 9.1.3 (and I know many of you are still on version 7 and earlier), you want to RUN not walk to Adobe’s site to download the latest version.

Installing Adobe Reader is similar to installing Flash. You’ll have to install Adobe’s Download Manager if you haven’t already, then download and install the Reader software. I’ve put the links for Acrobat Reader and Flash Player in the right-hand sidebar under Help For PC Users and Help For Mac Users.

Subscribe FREE to the email version of Tech Tips between now and October 14, 2009 and I’ll send your special gift: a tip sheet on Computer Housekeeping for PC and Mac.

More reports are coming in of scareware coming from major news sites including The New York Times and the Philadelphia Inquirer.

As I mentioned in my previous alert about scareware via Newsweek, it’s important to note that these scams can happen anywhere, anytime, even on the most reliable of sites. Please be careful, and bear in mind my recommendations on how to protect yourself from scareware.