Computer Tips -Tech Info

Author: Avery

  • F-secure list of sober virus urls

    When the news was first out that an antivirus firm (f-secure) had cracked the psuedo-random algorithm that the sober worm uses to determine where to download “updates” from, they said that they had previously notified German authorities where the free hosting sites were located so that they could deal with the sites. I did find that they have announced a list of the addresses for the January 5th update (and the January 6th as well.)

    (more…)

  • Microsoft may pay for search users?

    Infoworld has an interesting article this afternoon, that suggests that Microsoft may pay users of their MSN search out of the ad revenue that Microsoft earns from their new adertising service. Speaking of Google, Bill Gates says…

    But they don’t share these advertising revenues with the end users who help them get the revenue, Gates said. “Google keeps all of the money with itself,” he added.

    (more…)

  • How much is a 0-day vulnerability worth?

    ZDnet has this article today of an ebay auction for information on a Microsoft Excel vulnerability that the auction-seller had notified Microsoft of.

    An online auction of a “brand new vulnerability” in Microsoft Excel had reached about $60 when eBay pulled the item late Thursday.

    A seller using the name “fearwall” started the auction Wednesday evening at 1 cent. It was up to $56 on Thursday afternoon with 21 bids placed, and eBay quashed the auction soon after that.

    (more…)

  • 10 things to do before hooking a Linux PC up to the net

    An editor at tech republic gave a challange not too long ago to Linux users to step up and offer articles along the lines of the top 10 things to do before hooking a linux pc up to the internet. Click to read the first of these submissions (I don’t know if there will be more featured, but more are viewable here.)

    (more…)

  • DRM => spyware

    Freedom-to-tinker once again has continued analysis of the whole Sony DRM mess. They basically have taken a look at the ways of protecting an audio cd. Active protection (using software to prevent the duplication of music) is currently the main practical solution if you’re pursuing DRM. But what’s interesting is how much in common they have with spyware writers.

    (more…)

  • More details on Sober worm

    There’s a bit more detail in this betanews article on the sober worm. They basically say that the next expected “release” is January 8th, that f-secure has cracked the “code” of the worm. You see it appears that the URL’s that new versions of the worm are downloaded from are not hardcoded, but “psuedorandom” and they’ve cracked the algorithm the worm uses.

    (more…)

  • More on Firefox 1.5 “vulnerability”

    I put vulnerability in quotes because it’s looking less like a problem. (Correct me if I’m wrong.) Here’s the situation. Both Sans and Mozilla have failed to duplicate the crash although have duplicated extremely slow browser performance. Here’s the official response from mozilla.org…

    We have investigated this issue and can find no basis for claims that variants of this denial-of-service attack can cause an exploitable crash, and no evidence for this claim has been offered. There does not appear to be any risk to users or their computers beyond the temporary unresponsiveness at startup.

    (more…)

  • The origins of the internet

    The internet was developed essentially with a couple of goals in mind. One of those goals was to have a distributed means of communications that would be resilient to nuclear attack. The idea was this, if we have traffic, (data) that can take one of several paths to a destination, then a fatal attack on one of the communication hubs does NOT have to take down the whole connection. Anyway… there’s an article over at the Register with an interview with one of the individuals that had this groundbreaking idea.

    (more…)

  • Two critical fixes from Microsoft on December patch Tuesday

    December’s rendition of Microsoft’s monthly Patch Tuesday will feature two critical security fixes. The malicious software removal tool will also be updated…

    Additionally, Microsoft will issue two non-security high-priority updates through Windows Update and Software Update Services, and three non-security high-priority updates through Microsoft Update and Windows Server Update Services. It is standard Microsoft procedure to not disclose the nature of the updates beforehand for security reasons.

    (more…)

  • Most home pc users lacking on PC security…

    Surprise!!… ummm wait, no… This article has come out while I’ve been in the midst of cleaning up a Windows ME pc that has been “0\/\/ned” (owned/controlled…) by someone other than the owner for a bit over 15 months. The system had NO antivirus, no firewall (no antispyware) and used dialup for internet. (That much said, this is probably the most infected dialup system I’ve seen… 30-100 virii, 230+spyware remnants/etc.) Anyway…. the article from cnet news claims that a recent survey found 81% of home pc users lacked either

    at least one of three types of critical security–a firewall, updated antivirus software or anti-spyware protection

    (more…)