Editor’s Dossier
Facing Up to Facebook
Greeting VSNers,
Welcome to November! In beautiful Tampa Bay it is a most welcome relief to the
heat of the summer.
Facebook appears to always be in the news. The controversy surrounding this
social media network is endless, whether it is on privacy issues, security or
safety for families and children. To their credit, Facebook addresses these
issues forthrightly. Not too long ago Facebook’s Chief Technology Officer Bret
Taylor related that the majority of the people using the social network have
privacy settings enabled. Privacy awareness is at an all-time high I would
think. You can read a bit more about what he had to say in Operations.
Deb Shinder digs real deep into Windows Remote Desktop Protocol (provides users
with an interface to another computer), this week in Deb’s Deep Dive.
Privacy seems to be taking a hit in London with police able to zero in on
conversations and even shut your mobile phone down. Read more in Dirty Tricks.
Enjoy the latest issue of VIPRESecurityNews. And remember stay safe out there.
Best,
Larry Jaffe
Editor VIPRESecurityNews
P.S. You can write to me at any time, I want to know how you feel about Internet
security and if you have any ideas for articles or subjects you would like us to
cover. Email me feedback@SunbeltSecurityNews.com
Eyes Only Your Viewpoint on Security Issues
Adobe Offends
I found that Adobe is a big offender regarding add-ons. When I go to update my
Adobe Acrobat & Reader, I have to look at screen carefully because somewhere,
usually in an upper corner is a checked box. Once it was a toolbar, IE9, this
time around it is Google Chrome which I do not want. Got caught once & had a
heck of a time uninstalling it. Maybe they think they’re doing us a favor, NOT.
Keep up the great work. – KS
Virus Calls
I read the article Microsoft calling… had to laugh as I had the same
experience this week… (I am in Cape Town). An Indian lady called to say that
she was from a company and that she had to warn all private computer owners that
Windows had contracted a virus and it was being downloaded with the updates.
She informed me that I just had to follow her instructions, i.e. go to Start
Menu… Well, I told her that I don’t know who she is and to please stop wasting
my time. She was very insistent and started repeating the whole tale again to
which I said Goodbye! Thanks for your newsletter. – SJ
Super Cookies – Not So Super
I’ve been reading about the increasing number of “super cookies” that can track
everywhere that one visits on their PC and then report this information back to
the planter of the cookie. Are there any plans in the works from
Sunbelt/VIPRE/GFI to treat these cookies like the malware that they are and
either eliminate them on scans or (preferably) prevent them from being planted
in the first place? – DK
Editor’s Note: Dodi Glenn, our fearless VIPRE Product Manager, weighed in on the
super cookie story. “Super cookies or “flash based cookies” can be removed by
using a free program called CCleaner (not an application created by GFI nor
supported by GFI). I personally do not believe that browser based tracking
represents as big as a threat as some have made it. In the event something
actually malicious, such as an exploit, initiates from a super cookie, we are
able to create a detection for it.
http://www.piriform.com/ccleaner
Verizon without Symbols
Re: the gentleman who has Bell Canada. I have Verizon as my internet supplier &
I too have a problem with their security. They will NOT allow passwords to use
Symbols, which would provide a strong password. They also limit you to a fairly
short P/W. The only thing to do is alter between Caps & Lower case & throw sum
numbers in-between. But how many people really do that? I had to fight with
customer service for over an hour to change my router (they provided it) P/W to
something other than the word “password”. They used that for everyone. Can you
believe it??? Obviously Verizon does not care about their customers’ security.
Love my weekly newsletters & read them faithfully. I often forward them to
friends & family. – KS
Operations: What You Need To Know
Facebook CTO Bret Taylor: Majority Use The Privacy Settings
Yes I am sure a few of you are not on Facebook, but from what I can tell the
vast majority of our readers are using the network. You can skip this section if
you are not. But if you are Taylor makes some poignant remarks about online
privacy and worth a read.
“The majority of people on Facebook have modified their privacy settings. I
think the people who use Facebook a lot are very, very aware of privacy
settings. They know exactly what their current boyfriend or ex can see. As our
service has grown, there’s a lot of increasing scrutiny on how we provide our
service. If we can make your privacy controls so transparent that you are
comfortable with sharing data on Facebook, that’s good. We certainly hope to
make the privacy settings as accessible as possible.
“Activity log is a new feature, part of our timeline. It’s a private page that’s
the backend of your timeline, all content you’ve shared on Facebook for all
time. You can browse it, and navigate by time. It’s a single place on Facebook
where you can see all your information. If we can give people granularity over
the control of sharing data, the more these products will see. If you’re going
for a job interview, you can go back and change photos of yourself posted in
college. A lot of that was there before but we made it more accessible.”
http://www.allfacebook.com/facebook-cto-bret-taylor-2011-10
Free Malware Removal
Malicious software is tricky and sometimes, these critters get through all your
layers of protection. However, did you know that we will remove malware that has
gotten into your computer for free? All you need is a valid subscription to
VIPRE and our team of malware removal specialists will get the bad guys out. Our
team will assist any customer that becomes infected while under VIPRE’s
protection. Just go online and fill out the support form and a member of our
Malware Removal Team will get back to you right away. You don’t have to pay for
this incredible service.
VIPRE Support
Free Support
Like our Malware Removal Team above our Support Team is also at your service.
You don’t have to call in or send emails or wait in line, just fill out our
support page and you will automatically create a support “case”. So should you
be experiencing technical issues with your GFI product please feel free to fill
out a support request and a technician will be happy to assist you.
VIPRE Support
Stay on top of all the real-time threats: GFI Malware Research Labs
Deb’s Deep Dive
Taking a closer look at Windows Remote Desktop Protocol (RDP)
You might be one of those Windows users who has come across the Remote Desktop
Connection client in the Accessories folder of the Start menu, briefly wondered
what it was, decided it didn’t pertain to you, and moved on. You might be one of
the many who have used the Remote Desktop Protocol (RDP) without realizing it -
when getting or providing assistance with computer problems using the Remote
Assistance feature that first appeared in Windows XP and has been included in
subsequent versions of Windows. You might be one of us who uses RDP daily to
access the desktop of another computer on your home or office local network (for
example, to run a program on your upstairs game room computer from the computer
in the bedroom or kitchen). Or you might be an RDP power user who connects to
your home computer’s desktop over the Internet from work or a hotel room.
Remote Desktop is a wonderful feature that can add convenience and even save you money.
You can set up one powerful system to run processor or memory hungry
applications and instead of having to duplicate that setup in other locations,
use low-powered, inexpensive machines to connect to it. The Remote Desktop host
machine does all the work, and the experience is almost like being there. You
can, for example, have all the features of Windows 7 and its apps when working
on an old XP computer. You can even install a RDP client on your tablet or
mobile phone (and it doesn’t have to be a Windows-based phone or tablet – there
are apps for iPad/iPhone and Android, too), and run your computer’s desktop from
those devices. Or you can connect from a Linux or UNIX computer using an open
source command line program called rdesktop or a
graphical RDP client program called tsclient.
(The “ts” stands for Terminal Services, the server
implementation of RDP that was first introduced in Windows NT and allows
multiple client connections with separate desktops).
There are few caveats for using RDP in a home or small office setup (without a
terminal server). Only the Professional and above editions of Windows can be
Remote Desktop hosts, although you can use the Home editions as clients to
connect to them. You will need to leave the host computer turned on, and of
course, you have to have permissions set to allow you to connect to it. And
there are some security issues involved, especially when you use RDP over the
Internet.
You’ll get the best Remote Desktop experience if you use the latest version of
the Remote Desktop Connection client, v7.1 (which is added to Windows 7 by
Service Pack 1), or at least v7.0 (which comes with Windows 7). This version
lets you get the Aero Glass UI on your remote desktop and it also gives you true
multi-monitor support and Windows Media Player redirection. You have to be
connecting from a Windows 7 client computer to get these advanced features,
though.
Another reason to use the latest version of the Remote Desktop Connection client
is security. Old versions don’t support the highest levels of encryption.
Starting with v6.0 of the RDC client, you can use Secure Sockets Layer/Transport
Layer Security (SSL/TLS) for authentication, along with Federal Information
Processing Standard (FIPS) grade encryption for connecting to a Vista or Windows
7 desktop (previously you could only do this when connecting to a Windows Server
2003 SP1 server or above). There are also third party products that can be used
to create a Secure Shell (SSH) tunnel through which you can connect to a Remote
Desktop Session.
There have been vulnerabilities discovered in the Remote Desktop Protocol
itself, so it’s important to make sure that when you enable RDP on a computer,
you also keep it current on security updates. Remote Desktop can help you do
more, but you should always follow standard security best practices to ensure
that it doesn’t open you up to risks.
‘Til next week,
Deb Shinder, Contributing Editor
Dirty Tricks
London’s Met Police Uses ‘Blanket Tracking System’ To Intercept/Remotely Shut
Down Mobile Phones
London’s Metropolitan Police, headquartered at Scotland Yard, has been accused
by privacy campaigners of violating citizens’ privacy and civil liberties, after
it was discovered that the police service had acquired military-grade
surveillance equipment to track and if necessary, disable mobile phones.
Read More
Facial Recognition Software Could Reveal Your Social Security Number
According to a new study which will be presented August 4 at the Black Hat
security conference in Las Vegas, technology has made it possible to identify
and gain the personal information of strangers by using facial recognition and
social media profiles like Facebook.
Read More
Adobe to Plug Flash-Related Webcam Spying Hole
Adobe Systems is working on a fix for a Flash-related vulnerability that could
be used by Web sites to surreptitiously turn on a visitor’s microphone or
Webcam.
Read More
Is Your Phone Spying On You?
Did you opt in to constant surveillance just because you bought a smartphone?
The answer is “somewhat,” but at least when it’s your own device doing the
tracking you can do something about it. In this episode of Device & Conquer,
I’ll lay out how your phone can track you, dispel a few myths about that, and
about GPS satellites, and give you a few tips for taking back what privacy you
still have.
Read More
Java Update Plugs 20 Critical Security Holes
Oracle has shipped a critical Java update to fix at least 20 security
vulnerabilities, some serious enough to cause remote code execution attacks.
Read More
Making Search More Secure
We’ve worked hard over the past few years to increase our services’ use of an
encryption protocol called SSL, as well as encouraging the industry to adopt
stronger security standards… As search becomes an increasingly customized
experience, we recognize the growing importance of protecting the personalized
search results we deliver. As a result, we’re enhancing our default search
experience for signed-in users. Over the next few weeks, many of you will find
yourselves redirected to https://www.google.com (note the extra “s”) when you’re
signed in to your Google Account. This change encrypts your search queries and
Google’s results page. This is especially important when you’re using an
unsecured Internet connection, such as a Wi-Fi hotspot in an Internet cafe.
Read More
Zone – Cool Products & Other Stuff
I am always looking for some hot stuff to share with our readers maybe you are
too. Hit me back at feedback@counterspynews.com.
Blue Angels
Cockpit footage taken from the backseat of a Blue Angels jet during an airshow.
This looks like so much fun:
Watch Video
Life of Flowers
Watch and listen to “Life of Flowers” and see if it doesn’t makes you smile:
Watch Video
Tablecloth Trick
“Hi, this is Michael – and this is Sven. And today we show the ultimate trick.”
Watch Video
Flying High
I want to tell you about a guy named Jeb Corliss. He has a most unusual
occupation as a professional BASE jumper, skydiver, and wingsuit flyer. He has
jumped from sites including Paris’ Eiffel Tower, Seattle’s Space Needle, and the
Petronas Twin Towers in Kuala Lumpur, Malaysia. This stuff is pretty amazing
folks – better strap on your own seatbelt.
Watch Video
NASA Studying Ways to Make ‘Tractor Beams’ a Reality
Tractor beams — the ability to trap and move objects using laser light — are
the stuff of science fiction, but a team of NASA scientists has won funding to
study the concept for remotely capturing planetary or atmospheric particles and
delivering them to a robotic rover or orbiting spacecraft for analysis.
Read More
Little Bot of Horrors: Insect-Eating Robots Act As Venus Flytraps
Robots might bake cookies or vacuum your rugs, and that all sounds very nice.
But what do you think about robots trained to eat living organic matter, as in
machine versions of the carnivorous Venus flytrap?
Read More
How Google’s Self-Driving Car Works
When word spread that Google was testing a self-driving car, the technology was
heralded as the transportation wave of the future. Programmed with optimal fuel
efficiency and safety in mind, the company claimed that it can reduce car
accident by half. But despite some nifty navigational chops, beneath it all,
isn’t it still a heartless, calculating robot making some potentially life or
death decisions?
Read More
Recent Comments