Computer Tips -Tech Info

Author: Avery

  • Registrars not verifying contact information on domains?

    According to a GAO report one of the reasons that phishing and scam websites are because of a lack of enforcement and policing by registrars of accurate contact information. According to their study over 5% of sites had been registered with false data. ~2.5% had been registered with incomplete information. These findings come from a random sample of 300 domain names that they then did lookups on the domains.

    (more…)

  • Google indexing weirdness

    In looking at my Google Analytics info…. I checked on the Northcarolinagenealogy.net site’s stats and found that it’s really dropped since about Friday or Saturday from decent traffic to next to nothing. (20 visitors a day now.) The first thing I noticed was no google.com referrers…. So, I started looking and sure enough the last Google search visitor arrived Friday. So, I started investigating further site:northcarolinagenealogy.net brought up nothing (as did site:www.northcarolinagenealogy.net).

    (more…)

  • Outlook express pet peeve #375

    Migrating Outlook Express data from one machine to another. Addresses are easy to export… file export Address Book gives a good option to CSV (comma seperated value) output. Which is a nice common denominator. (WAB/PAB output wouldn’t hurt.) But, File, Export, Messages only let’s you dump your Outlook Express messages into Exchange/Outlook. (!) Now, this is a pet peeve I’ve had for sometime with Outlook Express. There are just too many places to tell people to look for their data.

    (more…)

  • Microsoft (MSN) virtual earth becomes Live Local

    The Virtual Earth project at MSN will become local.live.com competing with other local search tools from Google and others. There will be some new features. It looks as though one is a 45 degree angle view of most large cities. Directions to a point by just clicking on the map (no address needed). It sounds like there are some interesting features here. Good to see some competition happening in the maps/local search space.

    (more…)

  • Firefox 1.5 vulnerability

    Incidents.org has reported on the first announced vulnerability with Mozilla Firefox 1.5 since it’s release. The vulnerability is along these lines. History of visited sites is kept in a file called history.dat IF a URL for a visited site is long enough it will cause a buffer overflow and denial of service. (After visiting such a url, the browser will crash on each attempted start. (until history.dat is deleted.))

    (more…)

  • Internet Explorer 7 to have tighter security zone settings

    One of the changes Internet explorer 7.0 will see is a tightening of restrictions on the zone settings. Currently, there are four security zones for web sites: Internet, Intranet, Trusted Sites and Restricted Sites. Explorer tries to autodetect if a site is within the intranet (which becomes more trusted), or the internet (which becomes less trusted. The problem is this detection can be tricked and so, malicious websites can run in a less restrictive zone.

    (more…)

  • Sony releases XCP remover

    Sony has had a busy day… they’ve released software to remove the XCP DRM program that was the start of all the recent SONY DRM rootkit controversy. Of course, the original DRM software had multiple problems in it’s concept AND implementation, the uninstallers and patches since have also had problems. Today I’ve seen reports that Sony’s uninstaller for the SunnComm MediaMax DRM software (the OTHER approach sony uses for copy protection) has some serious problems.

    (more…)

  • Samba (Windows) domain controller using ubuntu linux

    There’s a good how-to at (where else) howtoforge.com on the topic of setting up ubuntu Linux (with samba) as a Primary domain controller for your network of windows machines. This uses tdb instead of LDAP and is suitable for networks with up to 250 users. The advantage here is that it’s simpler to setup than LDAP integration. Of course, samba for simple file/print sharing is fairly easy to setup, the domain controller “stuff” is usually a bit tricker.

    (more…)

  • Interesting vector for browser vulnerability exploit…ebay

    incidents.org has received a tip on an ebay item that contained some malicious script…

    ISC reader Gareth Attrill pointed us to an eBay auction that has some escaped HTML code that sneaks in a link that tries to get a trojanized .jar (usage.jar) file loaded on anyone who loads the listing. The latest .dat for McAfee immediately detected (and deleted) the code as Exploit-ByteVerify. The lister most likely managed to bypass other protections that otherwise prevents this kind of code from being inserted into item listings. Both eBay and the ISP that is hosting the malware have been notified.

    (more…)

  • Sunncomm/Mediamax software fix FLAWED

    Once more in the continuing story…. According to freedom-to-tinker, the “fix” released today for the SunnComm/Mediamax DRM software (the “other” DRM software on sony/bmg discs). Is fatally flawed. The problem the software initially poses is much worse than the company lets on in their release and their advise is…. 1) don’t play a mediamax protected disc in your pc. 2)don’t use the fix, 3) don’t use the old uninstaller.

    (more…)